| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: click and continueWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.12.2012, 13:28
| #1 |
 |  click and continue Hallo, ich habe mir wahrscheinlich ein Malwareprogramm eingefangen. Es fällt mir seit einiger Zeit auf, dass Texte als Link markiert sind, die gar keine Links sind (z.b. auf meiner eigenen Website), diese leiten auf irgendwelche Sexseiten und Suchmaschinen Ich habe einen Suchlauf mit Malwarebytes durchgeführt. Es kommt zu folgendem Ergebnis: Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.27.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 geht dich nichts an :: GEHTDICHNICHTSA [Administrator] Schutz: Aktiviert 27.12.2012 13:19:47 mbam-log-2012-12-27 (13-19-47).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 232641 Laufzeit: 4 Minute(n), 8 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 6 HKCR\CLSID\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\ProgramData\Bcool\bhoclass.dll (PUP.DownloadnSave) -> Keine Aktion durchgeführt. (Ende) |
|
27.12.2012, 13:41
| #2 |
| /// Malware-holic   | click and continue Hi,
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
27.12.2012, 14:46
| #3 |
| | click and continue Die Seite OTL ( auf den Link geklickt) wird nicht gefunden
__________________Not Found The requested URL /OTL.exe<br /> <br /> was not found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. |
|
27.12.2012, 16:31
| #4 |
| /// Malware-holic | click and continue Hi da ist noch ein zweiter Link.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.12.2012, 17:18
| #5 |
| | click and continue OTL Logfile: OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 27.12.2012 16:53:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\geht dich nichts an\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,89 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 32,88% Memory free
7,77 Gb Paging File | 4,75 Gb Available in Paging File | 61,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 131,96 Gb Total Space | 28,40 Gb Free Space | 21,52% Space Free | Partition Type: NTFS
Drive F: | 1,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive Q: | 15,62 Gb Total Space | 5,37 Gb Free Space | 34,39% Space Free | Partition Type: NTFS
Computer Name: GEHTDICHNICHTSA | User Name: geht dich nichts an | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.12.27 16:53:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\geht dich nichts an\Downloads\OTL (2).exe
PRC - [2012.12.27 16:50:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\geht dich nichts an\Downloads\OTL (1).exe
PRC - [2012.12.05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.11.08 13:52:56 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012.10.16 09:38:18 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.08 10:12:11 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.28 17:31:12 | 000,692,432 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) -- C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
PRC - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
PRC - [2012.05.15 16:26:56 | 001,528,120 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\SimpleTap\SimpleTap.exe
PRC - [2012.05.10 05:44:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.10 05:44:21 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.03 15:05:56 | 000,183,808 | ---- | M] () -- C:\Programme\Protector by IB\ExtensionUpdaterService.exe
PRC - [2011.10.06 14:03:06 | 000,209,920 | ---- | M] (Lenovo, Japan, Ltd. ) -- C:\Program Files (x86)\Lenovo\RapidDrive Advanced\LenovoRapidDriveAdvancedService.exe
PRC - [2011.08.31 19:03:00 | 000,087,400 | ---- | M] (Lenovo) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
PRC - [2011.08.31 19:03:00 | 000,062,824 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
PRC - [2011.08.11 11:04:16 | 000,328,552 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011.07.25 23:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2011.07.12 09:17:06 | 000,138,680 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ZOOM\TpScrex.exe
PRC - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\micmute.exe
PRC - [2011.07.12 08:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011.06.29 22:07:30 | 000,082,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
PRC - [2011.05.31 10:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2011.05.31 10:48:34 | 000,040,808 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2011.05.31 10:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe
PRC - [2011.05.25 17:07:46 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.05.25 14:21:32 | 000,281,960 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\AutoLock\ALCKRESI.exe
PRC - [2011.04.14 13:24:26 | 000,410,984 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
PRC - [2011.04.14 13:22:42 | 000,361,832 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
PRC - [2011.04.14 13:22:28 | 000,263,528 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
PRC - [2011.04.14 13:22:26 | 000,124,264 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
PRC - [2011.04.07 13:29:44 | 000,594,984 | R--- | M] (Ericsson AB) -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
PRC - [2011.03.14 12:04:14 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2011.02.24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011.01.17 02:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.01.17 02:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.10.27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.08.31 13:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010.03.11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010.01.28 12:47:44 | 001,737,464 | ---- | M] () -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
PRC - [2009.11.30 19:09:16 | 000,258,048 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
PRC - [2009.08.15 05:38:20 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.05.27 22:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
PRC - [2008.01.10 12:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2012.12.05 02:15:15 | 012,456,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012.12.05 02:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
MOD - [2012.12.05 02:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012.12.05 02:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012.12.05 02:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012.12.05 02:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012.12.05 02:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012.12.05 02:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2012.11.15 03:15:42 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\1352c3e5dd49f3bf8c2f8e106ceb79fb\WindowsFormsIntegration.ni.dll
MOD - [2012.11.15 03:15:17 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d0dc33658e23a6f960c46a5beab7ecf\System.Management.ni.dll
MOD - [2012.11.15 03:14:16 | 000,196,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\ae40aeae573219a0439def61b1d48b49\UIAutomationTypes.ni.dll
MOD - [2012.11.15 03:14:12 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\0d2c8da8749c683b47f01101c9ea26d5\System.Runtime.Serialization.ni.dll
MOD - [2012.11.15 03:14:10 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll
MOD - [2012.11.15 03:07:08 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c881e2d2ec912499834feb85c4c2e483\PresentationFramework.ni.dll
MOD - [2012.11.15 03:06:58 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll
MOD - [2012.11.15 03:06:50 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll
MOD - [2012.11.15 03:06:49 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cbb227c0a77a5b15a1255220984239f2\PresentationFramework.Aero.ni.dll
MOD - [2012.11.15 03:04:45 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\752225ca2585aa8f1c46b489e172e920\System.Core.ni.dll
MOD - [2012.11.15 03:04:42 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll
MOD - [2012.11.15 03:04:40 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll
MOD - [2012.11.15 03:04:40 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll
MOD - [2012.11.15 03:04:38 | 009,093,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll
MOD - [2012.11.15 03:04:34 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll
MOD - [2012.11.08 13:52:56 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012.10.16 09:38:18 | 000,566,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
MOD - [2012.10.16 09:38:18 | 000,134,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
MOD - [2012.02.20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.01.08 14:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011.06.01 05:37:24 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2011.05.19 13:04:34 | 000,066,856 | ---- | M] () -- C:\Windows\SysWOW64\SynTPEnhPS.dll
MOD - [2010.04.06 09:05:16 | 002,085,888 | ---- | M] () -- C:\Programme\Lenovo\AutoLock\cv210.dll
MOD - [2010.04.06 09:04:06 | 002,201,088 | ---- | M] () -- C:\Programme\Lenovo\AutoLock\cxcore210.dll
MOD - [2009.08.15 05:38:20 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
MOD - [2009.07.14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009.05.27 22:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
MOD - [2007.04.19 08:33:00 | 000,035,584 | ---- | M] () -- C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010.12.17 00:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2010.12.15 16:46:46 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2010.11.12 10:48:50 | 000,045,928 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.16 09:38:18 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.12 14:04:42 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.28 17:31:12 | 000,692,432 | ---- | M] (Star Finanz - Software Entwicklung und Vertriebs GmbH) [Auto | Running] -- C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe -- (StarMoney 8.0 OnlineUpdate)
SRV - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe -- (NIS)
SRV - [2012.05.10 05:44:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.10 05:44:21 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.03 15:05:56 | 000,183,808 | ---- | M] () [Auto | Running] -- C:\Programme\Protector by IB\ExtensionUpdaterService.exe -- (Protector by IB Updater)
SRV - [2011.10.06 14:03:06 | 000,209,920 | ---- | M] (Lenovo, Japan, Ltd. ) [On_Demand | Running] -- C:\Program Files (x86)\Lenovo\RapidDrive Advanced\LenovoRapidDriveAdvancedService.exe -- (Lenovo.RapidDrive.Advanced.Svc)
SRV - [2011.08.31 19:03:00 | 000,478,056 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc)
SRV - [2011.08.31 19:03:00 | 000,173,416 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc)
SRV - [2011.08.31 19:03:00 | 000,087,400 | ---- | M] (Lenovo) [On_Demand | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2011.07.27 21:04:48 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011.07.27 20:44:18 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011.07.25 23:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2011.07.12 08:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV - [2011.07.12 08:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2011.07.12 08:53:20 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2011.07.08 17:53:20 | 000,144,232 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV - [2011.06.29 22:07:30 | 000,082,544 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2011.05.31 10:48:36 | 000,059,240 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV - [2011.05.31 10:48:18 | 000,041,320 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV - [2011.05.26 00:21:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.05.25 17:07:46 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.04.14 13:22:28 | 000,263,528 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc)
SRV - [2011.04.14 13:22:26 | 000,124,264 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2011.04.07 13:29:44 | 000,594,984 | R--- | M] (Ericsson AB) [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.14 12:04:14 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2011.02.24 00:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011.01.17 02:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.01.17 02:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.12.18 15:50:36 | 000,962,848 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.08.31 13:56:16 | 001,028,096 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.11 14:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010.01.28 12:47:44 | 001,737,464 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe -- (BecHelperService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.10 12:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.10.16 09:38:18 | 000,030,568 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.07.06 03:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012.07.06 03:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012.06.07 05:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012.06.03 18:22:06 | 000,040,760 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2012.05.22 02:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012.05.10 05:44:22 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.10 05:44:22 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.18 03:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\symnets.sys -- (SymNetS)
DRV:64bit: - [2012.04.18 02:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.04.13 12:55:39 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.02.04 02:59:29 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.02.04 02:59:29 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.10.07 09:24:12 | 000,152,064 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2011.09.16 15:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.09.07 09:46:58 | 000,070,016 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\S3XXx64.sys -- (S3XXx64)
DRV:64bit: - [2011.08.31 19:03:00 | 000,031,344 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64)
DRV:64bit: - [2011.08.31 19:03:00 | 000,014,960 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2011.08.03 17:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.08.02 15:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.07.25 19:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309000.009\symds64.sys -- (SymDS)
DRV:64bit: - [2011.06.01 05:37:26 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.05.30 08:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C)
DRV:64bit: - [2011.05.25 17:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2011.05.19 13:06:46 | 001,442,352 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.04.13 14:08:54 | 000,483,400 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3Mdm.sys -- (Mbm3Mdm)
DRV:64bit: - [2011.04.13 14:08:54 | 000,430,664 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys -- (Mbm3DevMt)
DRV:64bit: - [2011.04.13 14:08:54 | 000,419,400 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3CBus.sys -- (Mbm3CBus)
DRV:64bit: - [2011.04.13 14:08:54 | 000,019,528 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Mbm3mdfl.sys -- (Mbm3mdfl)
DRV:64bit: - [2011.04.06 09:18:56 | 000,286,248 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WwanUsbMp64.sys -- (WwanUsbServ)
DRV:64bit: - [2011.03.06 12:52:22 | 012,264,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.04 18:18:42 | 000,166,016 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2011.02.28 15:24:12 | 000,101,416 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\l36wgps64.sys -- (l36wgps)
DRV:64bit: - [2011.02.09 06:48:56 | 001,577,600 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010.12.20 17:31:00 | 000,316,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010.12.18 08:58:00 | 000,425,000 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2010.12.18 08:57:34 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.12.18 08:57:34 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.12.18 08:57:32 | 000,162,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.12.18 08:57:32 | 000,145,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.12.15 16:45:16 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2010.12.15 16:43:00 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.12 10:48:30 | 000,039,024 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2010.11.05 15:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.19 08:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.07 06:09:36 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2010.07.01 11:09:50 | 000,224,488 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2010.07.01 11:09:50 | 000,039,016 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2010.02.23 20:25:30 | 000,030,248 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwussf64.sys -- (ecnssndisfltr)
DRV:64bit: - [2010.02.23 20:25:30 | 000,026,664 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwuss64.sys -- (ecnssndis)
DRV:64bit: - [2010.01.28 13:34:32 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.01.28 13:34:32 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.10.05 20:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.09 03:18:20 | 000,053,816 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DGIVECP.SYS -- (DgiVecp)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.01.10 18:34:52 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2012.05.12 09:19:23 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120511.021\ex64.sys -- (NAVEX15)
DRV - [2012.05.12 09:19:23 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120511.021\eng64.sys -- (NAVENG)
DRV - [2012.04.28 01:18:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120511.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.04.13 16:39:29 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.04.13 06:11:55 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012.04.02 22:39:56 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120507.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011.07.08 17:53:24 | 000,032,104 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Programme\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV - [2011.06.27 16:06:54 | 000,025,584 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\PC-Doctor\pcdsrvc_x64.pkms -- (PCDSRVC{127174DC-C366ED8B-06020200}_0)
DRV - [2010.01.28 12:35:24 | 000,010,240 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\mdvrmng.sys -- (mdvrmng)
DRV - [2009.10.26 09:43:18 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2009.10.26 09:43:16 | 000,117,152 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2009.10.05 20:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.03.13 13:47:34 | 000,013,840 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Programme\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp)
DRV - [2005.09.19 02:07:00 | 000,035,275 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TwkUsb2K.sys -- (CHIPDRIVE USB SmartCardReader)
DRV - [2004.08.25 14:06:00 | 000,185,611 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TWKSER2K.sys -- (TWKSER2K)
DRV - [2003.04.24 01:14:00 | 000,004,828 | ---- | M] (Towitoko AG) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\TWKMS.sys -- (TwkMs)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60441
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60441
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://search.fbdownloader.com/?channel=sfge202fbdgy14
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.fbdownloader.com/?channel=sfge202fbdgy14
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=111365&babsrc=SP_ss&mntrId=2097c247000000000000028037ec0200
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw={searchTerms}&tbid=60441
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://search.fbdownloader.com/search.php?channel=sfge202fbdgy14&q={searchTerms}
IE - HKCU\..\SearchScopes\{9F31F7DF-E690-4C20-9161-5673FBBF47CE}: "URL" = hxxp://search.softonic.com/MON00016/tb_v1?q={searchTerms}&SearchSource=4&cc=
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQuhVtwLZ&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\PROTECTOR BY IB\FIREFOX [2012.04.13 18:28:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012.04.13 06:46:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012.12.27 16:50:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012.02.03 18:24:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Protector by IB\Firefox [2012.04.13 18:28:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012.11.08 13:52:58 | 000,000,000 | ---D | M]
[2012.04.13 18:28:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.15 12:41:37 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\FBDownloader.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.de/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaappmhgaaggeoepicjahnbofmjacog\7.15.1.22466_0\background/registryAccess.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.412_0\npbrowserext.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.3.7_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: InoViewer Plugin (Enabled) = C:\Program Files (x86)\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Adblock Plus = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Protector by IB = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.412_0\
CHR - Extension: Porsche = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_0\
CHR - Extension: Bcool = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpilclpacieflhmobalmaccogiioldoo\1.0_0\
CHR - Extension: Skype Click to Call = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: Norton Identity Protection = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\
CHR - Extension: AVG Secure Search = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: Simple Adblock = C:\Users\geht dich nichts an\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo\1.0.3_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Protector by IB) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Protector by IB\Extension64.dll ()
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Protector by IB) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Protector by IB\Extension32.dll ()
O2 - BHO: (FBDownloader BHO) - {553318DA-D010-469E-84B1-496563CAE1BF} - C:\Users\geht dich nichts an\AppData\Local\fbDownloader\Extensions\FBDownloader.dll (HTTO Group, Ltd)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bcool Class) - {AD93E63B-00E5-4B08-A26D-672B743B6ED4} - C:\ProgramData\Bcool\bhoclass.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo)
O4:64bit: - HKLM..\Run: [ALCKRESI.EXE] C:\Programme\Lenovo\AutoLock\ALCKRESI.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Programme\CONEXANT\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IR_SERVER] C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe File not found
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O4 - HKLM..\Run: [ROC_roc_ssl_v12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [015E326E56C484A7B79C54B8DDA85BB3212D265E._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [DataMgr] C:\Users\geht dich nichts an\AppData\Roaming\DataMgr\datamgr.exe (HTTO Group, Ltd.)
O4 - HKCU..\Run: [LTT] C:\Programme\PC-Doctor\EnableToolbarW32.exe (PC-Doctor, Inc.)
O4 - HKCU..\Run: [Protector] C:\Users\geht dich nichts an\AppData\Roaming\SDIV 2.0\Prot\prot.vbs ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8:64bit: - Extra context menu item: &Preispiratensuche nach markiertem Text - C:\\Program Files (x86)\\Preispiraten6\\preispiraten.html File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &Preispiratensuche nach markiertem Text - C:\\Program Files (x86)\\Preispiraten6\\preispiraten.html File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B518E1F-5A88-44D9-907A-BF5C3E392F34}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{870C88B8-E502-4508-B830-2484CC717DC0}: DhcpNameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A766346C-CC8D-4180-A547-4C9C0E09851A}: DhcpNameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F93E76C0-C907-4528-8C1B-3502D8C1D398}: DhcpNameServer = 172.168.111.2
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk Q:\
O33 - MountPoints2\{bd3966c6-4e88-11e1-b64d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bd3966c6-4e88-11e1-b64d-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009.08.10 22:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\{d117988e-cbbf-11e1-9018-60d819ae5ac1}\Shell - "" = AutoRun
O33 - MountPoints2\{d117988e-cbbf-11e1-9018-60d819ae5ac1}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d11798a7-cbbf-11e1-9018-60d819ae5ac1}\Shell - "" = AutoRun
O33 - MountPoints2\{d11798a7-cbbf-11e1-9018-60d819ae5ac1}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d11798f3-cbbf-11e1-9018-60d819ae5ac1}\Shell - "" = AutoRun
O33 - MountPoints2\{d11798f3-cbbf-11e1-9018-60d819ae5ac1}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{ebe910bb-1532-11e2-b4fc-60d819ae5ac1}\Shell - "" = AutoRun
O33 - MountPoints2\{ebe910bb-1532-11e2-b4fc-60d819ae5ac1}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.27 13:18:42 | 000,000,000 | ---D | C] -- C:\Users\geht dich nichts an\AppData\Roaming\Malwarebytes
[2012.12.27 13:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.27 13:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.27 13:18:14 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.12.27 13:18:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.12.14 07:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.12.14 07:14:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.12.11 22:38:35 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012.12.11 22:38:15 | 000,000,000 | ---D | C] -- C:\Users\geht dich nichts an\YTD Video Downloader
[2012.12.11 22:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012.12.10 12:56:04 | 000,000,000 | ---D | C] -- C:\Users\geht dich nichts an\AppData\Local\{A6124C78-641E-49EF-B589-D3F511AB9467}
[6 C:\Users\geht dich nichts an\Documents\*.tmp files -> C:\Users\geht dich nichts an\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.27 16:55:38 | 000,031,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.27 16:55:38 | 000,031,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.27 16:52:15 | 000,664,868 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.27 16:52:15 | 000,625,010 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.27 16:52:15 | 000,135,004 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.27 16:52:15 | 000,110,648 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.27 16:52:14 | 001,527,868 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.27 16:49:00 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.12.27 16:48:27 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.27 16:48:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.27 16:47:54 | 3129,397,248 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.27 16:34:42 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.27 16:34:42 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.27 13:18:17 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.24 19:06:10 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.12.22 03:17:38 | 000,507,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.14 07:14:04 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.12.11 22:38:15 | 000,000,938 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.11.28 20:01:00 | 000,013,172 | ---- | M] () -- C:\Users\geht dich nichts an\Documents\peters.pdf
[6 C:\Users\geht dich nichts an\Documents\*.tmp files -> C:\Users\geht dich nichts an\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.27 13:18:17 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.11 22:38:15 | 000,000,938 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.11.28 20:01:00 | 000,013,172 | ---- | C] () -- C:\Users\geht dich nichts an\Documents\peters.pdf
[2012.07.19 11:07:59 | 000,073,832 | ---- | C] () -- C:\Windows\SysWow64\SuperFrameSplitter.dll
[2012.07.19 11:07:59 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\RTKDABMWare.dll
[2012.07.18 21:33:51 | 000,071,259 | ---- | C] () -- C:\Windows\Huawei ModemsUninstall.exe
[2012.07.18 21:33:50 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\drivers\mdvrmng.sys
[2012.05.06 14:34:56 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.04.20 13:47:30 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2012.04.13 18:41:04 | 000,146,341 | ---- | C] () -- C:\Windows\hppins06.dat.temp
[2012.04.13 18:41:04 | 000,001,247 | ---- | C] () -- C:\Windows\hppmdl06.dat.temp
[2012.04.13 18:16:17 | 000,000,107 | ---- | C] () -- C:\Users\geht dich nichts an\AppData\Local\fusioncache.dat
[2012.04.13 18:04:30 | 001,554,122 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.13 13:49:33 | 000,001,784 | ---- | C] () -- C:\Windows\HBCIKRNL.INI
[2012.04.12 19:19:54 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.04.12 18:51:49 | 000,000,000 | ---- | C] () -- C:\Windows\twkverck.dat
[2012.04.12 15:03:00 | 000,223,808 | ---- | C] () -- C:\Users\geht dich nichts an\AppData\Roaming\wanancsp.dat
[2012.02.04 02:48:44 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2012.02.03 18:13:13 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.02.03 18:13:13 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.02.03 18:13:12 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.02.03 18:12:22 | 000,034,463 | R--- | C] () -- C:\Windows\ConnectionProfiles.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.04.13 18:32:58 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\Babylon
[2012.07.18 21:34:04 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\Birdstep Technology
[2012.10.15 12:41:36 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\DataMgr
[2012.10.15 18:11:36 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\fbDownloader
[2012.12.24 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\FileZilla
[2012.10.15 12:41:36 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\HMN
[2012.04.12 14:40:13 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\Leadertech
[2012.04.12 15:17:36 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\Lenovo
[2012.09.12 10:38:26 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\metaspinner net GmbH
[2012.12.14 07:20:27 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\Octoshape
[2012.04.12 14:56:18 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\PCDr
[2012.10.16 09:38:24 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\pdfforge
[2012.04.12 18:05:50 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\PwrMgr
[2012.04.30 06:26:27 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\SCCmdr
[2012.10.15 12:41:37 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\SDIV 2.0
[2012.06.06 08:57:11 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\SmartStore
[2012.10.11 20:57:22 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\Windows Live Writer
[2012.06.03 18:24:17 | 000,000,000 | ---D | M] -- C:\Users\geht dich nichts an\AppData\Roaming\WMCore
========== Purity Check ==========
< End of report >
--- --- --- OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.12.2012 16:51:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\geht dich nichts an\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,89 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 28,69% Memory free
7,77 Gb Paging File | 4,62 Gb Available in Paging File | 59,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 131,96 Gb Total Space | 28,40 Gb Free Space | 21,52% Space Free | Partition Type: NTFS
Drive F: | 1,08 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive Q: | 15,62 Gb Total Space | 5,37 Gb Free Space | 34,39% Space Free | Partition Type: NTFS
Computer Name: GEHTDICHNICHTSA | User Name: geht dich nichts an | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11880922-ADCE-4780-8B48-54B26E913A6B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1A69EF75-A102-4331-93DB-07D23D528711}" = rport=139 | protocol=6 | dir=out | app=system |
"{3AB6F59C-C492-422E-9BD0-D4773FAC214A}" = lport=138 | protocol=17 | dir=in | app=system |
"{50BF8499-7C10-4A7B-AFD2-4A213C578774}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5D08688B-BA1A-4A4F-9DEA-5D33EF277B57}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{682732C7-49E4-47D3-9379-D3FA31B49B0F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{77862D94-285B-4EDA-8701-303B1F474F8C}" = rport=445 | protocol=6 | dir=out | app=system |
"{86795489-C69C-413B-8B4E-ED2412085401}" = rport=137 | protocol=17 | dir=out | app=system |
"{8E29DB3D-34C9-4784-9B9B-F0DD72153F35}" = rport=138 | protocol=17 | dir=out | app=system |
"{C540D36F-69AA-4974-8885-28992DF3B124}" = lport=137 | protocol=17 | dir=in | app=system |
"{CBA2F421-520C-4966-9904-D1D66369D1D0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CF98FD2E-7463-4F38-A614-0289C7C312A5}" = lport=445 | protocol=6 | dir=in | app=system |
"{EA4154C9-BF44-4646-BF1E-54815FE4B738}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FF93C17E-1A3D-4828-A358-6853C719527D}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041BC084-FD26-4BAB-B28B-D3BFDC50CBC7}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{1FFEF2FE-67D7-4D25-B8D7-A705D3BFDC2C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{25B08EDC-B787-4D77-A0A4-B8724F35ACE8}" = protocol=17 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{3387FEAE-BFEB-4F2E-A442-2346D80C5955}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4BB78432-C65A-4214-B8A2-8B0810861054}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{563D64F6-5E73-418D-A7E6-80A3966556A9}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{6CDACDCF-3BB1-4537-867B-E39396455861}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{79EA98AA-DD34-4E59-B964-DD8563AF3567}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7E9E97C3-7656-493D-B8A2-FB6323DC84BE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8DBEEA7A-3FBC-46B8-A8EF-8CFC5474DC3B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{952F97CD-1637-4A9F-B18E-DF908D8A2470}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9631392E-C71A-46EC-845C-6C2522902D84}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{98A2FD47-867E-485A-8D10-CEDD868821A3}" = protocol=6 | dir=in | app=c:\program files (x86)\arcsoft\totalmedia 3.5\totalmedia.exe |
"{A0369DCB-6CC9-4171-8DBA-0EE92B1ADFEA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A1619CBC-08D5-4D63-87F2-8D86682B411B}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{B2EC4555-DC8E-4059-98EF-83FFB7E8FD1B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C329FE82-9C4D-4079-9E0A-68AACF7A94A5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C508A406-3A7D-48E0-88D3-97E1A5572E92}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D16B6050-4E1C-4F6F-A223-DDEAAFDA49EA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{D509919A-25C2-4D31-B18D-5343D886928F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{EA1F5595-B309-4AAC-B2F6-B8016CCD078B}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 8.0\app\starmoney.exe |
"{EB23CC13-7A0F-497D-B63A-CB13490ECF7D}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 8.0\app\starmoney.exe |
"TCP Query User{193A907B-D9E0-4806-808A-9D6B10ABFBBF}C:\users\geht dich nichts an\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\geht dich nichts an\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{8D764975-E2AA-42E5-BB6D-9A654E641C09}C:\program files (x86)\smartstore\smartstore.biz 5\smbiz5.exe" = protocol=6 | dir=in | app=c:\program files (x86)\smartstore\smartstore.biz 5\smbiz5.exe |
"UDP Query User{7AE6DF1E-8D5F-4F2E-B71F-E437A447EB51}C:\users\geht dich nichts an\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\geht dich nichts an\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{DD0FBEF5-3914-4B60-8B11-7299A2A9D9E8}C:\program files (x86)\smartstore\smartstore.biz 5\smbiz5.exe" = protocol=17 | dir=in | app=c:\program files (x86)\smartstore\smartstore.biz 5\smbiz5.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel(R) PROSet/Wireless WiFi-Software
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Protector by IB 2.0.0.412
"{39A04221-294E-4D90-A0F2-CCB1EF15CB56}" = Lenovo Patch Utility 64 bit
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}" = ThinkVantage Fingerprint Software
"{57DD35E9-D9BB-4089-BB05-EF933C586CB3}" = Broadcom InConcert Maestro
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 268.71
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.71
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BF601122-9F0A-41A9-BA06-3158D9FB4B80}" = Lenovo SimpleTap
"{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1" = ThinkVantage AutoLock
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A" = Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011)
"0DD5528A211904214F70A66DE6ADBD378B21566D" = Windows-Treiberpaket - Intel USB (12/21/2010 9.2.0.1021)
"43B5066463CEBC83E99586A67037B6F9FC4193FE" = Windows-Treiberpaket - Intel System (11/20/2010 9.2.0.1016)
"466E9B20D871055D6D3CDA2CDD1D355E978A61AF" = Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11)
"6D23A494E9A245843FB8584D9307D3E328DF8613" = Windows-Treiberpaket - Intel (e1cexpress) Net (12/21/2010 11.8.84.0)
"8058FF31D7C7F4818DC176DAF53CD379968C86E4" = Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011)
"CNXT_AUDIO_HDA" = Conexant 20672 SmartAudio HD
"DDD8A532E361E9A878EBEF69C338B306810DF059" = Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)
"DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7
"EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"OnScreenDisplay" = Anzeige am Bildschirm
"PC-Doctor for Windows" = Lenovo ThinkVantage Toolbox
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"WinRAR archiver" = WinRAR 4.11 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B8AE7AF-E2AC-40AB-A1CF-3259101E81E8}" = SmartStore.biz 6
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{14F3F3DD-E409-4043-B4BF-1D0C3C17A1AA}" = StarMoney
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FCBD504-AB7D-4757-9A14-850348384B08}" = StarMoney
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20E7BC40-33F6-4A81-9D52-B58349326206}" = Bcool
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24E92E7A-6848-4747-A3EA-3AAC0576BE52}" = Lenovo Patch Utility
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2EA08A73-AAB9-44DA-8DE9-086D6F1FA6AB}" = StarMoney 6.0 S-Edition
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B2D9AAC-A6C5-47DD-9F78-4A85DA5B8F62}" = StarMoney 8.0
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DB21B2C-2BEF-44B4-B264-8EC2BC2369C6}" = ThinkVantage GPS
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74292F90-895A-4FC6-A692-9641532B1B63}" = ArcSoft TotalMedia 3.5
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CB0671F-2D9D-4604-93B8-AB00F9B1F85D}" = SCR201 PC/SC and CT-API Drivers Installation
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E537894-A559-4D60-B3CB-F4485E3D24E3}" = ThinkVantage Access Connections
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C411EF9-6EBA-46E3-8132-EDADF1CC0B16}" = SCR3xxx Smart Card Reader
"{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}" = Integrated Camera TWAIN
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A899DA1F-D626-401C-8651-F2921E3B4CB3}" = 3Connect
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A95D9DF7-CF34-421A-A1DC-936A49A4DAEA}" = Lenovo Mobile Broadband Activation
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA898D01-D4E3-43C6-8E25-70CA660B9F16}" = CHIPDRIVE extern/intern/micro treiber 3.1
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2CA6F37-1602-4823-81B5-0384B6888AA6}" = Integrated Camera Driver Installer Package Ver.1.1.0.1147
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B96DB037-DBEA-4186-9081-9CBD537F82E8}" = 3D-Viewer-innoplus
"{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}" = Rescue and Recovery
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D91AB4D6-2CA1-4427-91B3-BB31D3C6D4EE}" = SmartStore.biz 5
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = ThinkPad Energie-Manager
"{DDBB7C89-1A09-441E-AA0F-6AA465755C17}" = REALTEK DTV USB DEVICE
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E24EF71A-4ED5-4E7F-9021-D1ADE4CDA0AA}" = SmartStore Office 1.1
"{E2F2B987-F2BC-4969-95F2-92099486B811}" = StarMoney
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA9640BE-414E-4195-B53B-7905BF1A5A09}" = Mobile Broadband Drivers
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8F9F1AC-5CB0-4DBB-87FA-1A6BC4EA02E5}_is1" = RapidDrive Advanced Version 1.0.12
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}" = Message Center Plus
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"BabylonToolbar" = Babylon toolbar on IE
"CHIPDRIVE Smartcard Commander_CDInst21" = CHIPDRIVE Smartcard Commander
"FileZilla Client" = FileZilla Client 3.5.3
"Google Chrome" = Google Chrome
"Huawei Modems" = Huawei modem
"incredibar" = Incredibar Toolbar on IE
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition
"InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"Lenovo Welcome_is1" = Lenovo Welcome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"NIS" = Norton Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"ProInst" = Intel PROSet Wireless
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.12.2012 18:45:39 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7004
Error - 13.12.2012 18:45:39 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7004
Error - 13.12.2012 18:45:40 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.12.2012 18:45:40 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8002
Error - 13.12.2012 18:45:40 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8002
Error - 13.12.2012 18:45:41 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.12.2012 18:45:41 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9063
Error - 13.12.2012 18:45:41 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9063
Error - 13.12.2012 22:01:02 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.12.2012 22:01:02 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11729840
Error - 13.12.2012 22:01:02 | Computer Name = gehtdichnichtsa | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11729840
[ Lenovo-Lenovo Patch Utility/Admin Events ]
Error - 18.07.2012 16:34:44 | Computer Name = gehtdichnichtsa | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "hxxp://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches//AC.manifest.xml".
Error message: Der Remotename konnte nicht aufgelöst werden: 'download.lenovo.com'
Error - 18.07.2012 16:34:44 | Computer Name = gehtdichnichtsa | Source = Lenovo Patch Utility | ID = 1
Description = Connection failure while downloading manifest file hxxp://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches//AC.manifest.xml.
Error - 18.07.2012 16:34:44 | Computer Name = gehtdichnichtsa | Source = Lenovo Patch Utility | ID = 2
Description = Failed to connect to the server. Error message: Eine Ausnahme vom
Typ "Lenovo.LenovoPatchUtility.Exceptions.ConnectionFailureException" wurde ausgelöst.
Error - 29.10.2012 10:24:38 | Computer Name = gehtdichnichtsa | Source = Lenovo Patch Utility | ID = 1
Description = HttpFileDownloader failed to download the file "hxxp://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches//AC.manifest.xml".
Error message: Der Remotename konnte nicht aufgelöst werden: 'download.lenovo.com'
Error - 29.10.2012 10:24:38 | Computer Name = gehtdichnichtsa | Source = Lenovo Patch Utility | ID = 1
Description = Connection failure while downloading manifest file hxxp://download.lenovo.com/ibmdl/pub/pc/pccbbs/lpupatches//AC.manifest.xml.
Error - 29.10.2012 10:24:38 | Computer Name = gehtdichnichtsa | Source = Lenovo Patch Utility | ID = 1
Description = Exception occurred while searching for patch. Error message: Eine
Ausnahme vom Typ "Lenovo.LenovoPatchUtility.Exceptions.ConnectionFailureException"
wurde ausgelöst.
[ System Events ]
Error - 07.08.2012 09:44:21 | Computer Name = gehtdichnichtsa | Source = SCardSvr | ID = 610
Description =
Error - 07.08.2012 09:44:21 | Computer Name = gehtdichnichtsa | Source = SCardSvr | ID = 610
Description =
Error - 07.08.2012 09:44:21 | Computer Name = gehtdichnichtsa | Source = SCardSvr | ID = 610
Description =
Error - 07.08.2012 13:08:54 | Computer Name = gehtdichnichtsa | Source = DCOM | ID = 10000
Description =
Error - 09.08.2012 10:26:10 | Computer Name = gehtdichnichtsa | Source = SCardSvr | ID = 610
Description =
Error - 09.08.2012 10:26:10 | Computer Name = gehtdichnichtsa | Source = SCardSvr | ID = 610
Description =
Error - 09.08.2012 10:26:10 | Computer Name = gehtdichnichtsa | Source = SCardSvr | ID = 610
Description =
Error - 09.08.2012 10:26:16 | Computer Name = gehtdichnichtsa | Source = SCardSvr | ID = 610
Description =
Error - 09.08.2012 10:26:16 | Computer Name = gehtdichnichtsa | Source = SCardSvr | ID = 610
Description =
Error - 09.08.2012 10:26:16 | Computer Name = gehtdichnichtsa | Source = SCardSvr | ID = 610
Description =
< End of report >
Geändert von silkilein (27.12.2012 um 17:43 Uhr) |
|
27.12.2012, 19:53
| #6 |
| /// Malware-holic | click and continue hi passe deinen nutzernamen im folgenen Script an. dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user. wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts. • Starte bitte die OTL.exe • Kopiere nun das Folgende in die Textbox. Code:
ATTFilter :OTL
O4 - HKCU..\Run: [Protector] C:\Users\geht dich nichts an\AppData\Roaming\SDIV 2.0\Prot\prot.vbs ()
:Files
C:\Users\geht dich nichts an\AppData\Roaming\SDIV 2.0
:Commands
[EMPTYFLASH]
[emptytemp]
• Schliesse bitte nun alle Programme. • Klicke nun bitte auf den Fix Button. • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. • Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren. starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ --> click and continue |
|
27.12.2012, 20:33
| #7 |
| | click and continue der upload hat geklappt |
|
27.12.2012, 20:35
| #8 |
| /// Malware-holic | click and continue Danke download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.12.2012, 21:36
| #9 |
| | click and continue da ist kein Haken zu setzen, habe mal gescannt, den report kann man nicht kopieren habe jetzt mal nochmals malware laufen lassen, die 7 Objekte sind immer noch da hab das jetzt gefunden und den Haken gesetzt. wo finde ich das log? bei dem tdssKiller sind jetzt nach dem Neustart die 7 Threads weg, allerdings bei malewarebites sind sie immer noch vorhanden Was soll ich jetzt tun? Was bewirken diese Trojaner? Was spionieren sie aus? Es ist jetzt immer noch folgender Eintrag vorhanden Malwarebytes Anti-Malware (Test) 1.65.1.1000 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.12.27.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 geht dich nichts an :: GEHTDICHNICHTSA [Administrator] Schutz: Aktiviert 27.12.2012 22:08:01 mbam-log-2012-12-27 (22-08-01).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 230474 Laufzeit: 3 Minute(n), 42 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 6 HKCR\CLSID\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.DownloadnSave) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\ProgramData\Bcool\bhoclass.dll (PUP.DownloadnSave) -> Keine Aktion durchgeführt. (Ende) jetzt sind es sogar 2 trojaner mehr: Malwarebytes Anti-Malware (Test) 1.65.1.1000 Malwarebytes : Free Anti-Malware download Datenbank Version: v2012.12.27.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 geht dich nichts an :: GEHTDICHNICHTSA [Administrator] Schutz: Aktiviert 27.12.2012 22:21:59 mbam-log-2012-12-27 (22-21-59).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 430084 Laufzeit: 1 Stunde(n), 35 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 6 HKCR\CLSID\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AD93E63B-00E5-4B08-A26D-672B743B6ED4} (PUP.DownloadnSave) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC} (PUP.DownloadnSave) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB} (PUP.DownloadnSave) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\ProgramData\Bcool\bhoclass.dll (PUP.DownloadnSave) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\SmartStore\SmartStore.biz 5\SMResLib.dll (Trojan.Agent.GNI) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\SmartStore\SmartStore.biz 6\Bin\SMResLib.dll (Trojan.Agent.GNI) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) ich habe jetzt mal verschiedene Seiten geöffnet, das Problem besteht immer noch vor allem besteht bei dem Wort sucht und dem Wort Frau noch das Problem, das Wort sucht verweist auf click and continue zu irgendwelchen Suchseiten, das Wort Frau ist mit Sexseiten verlinkt |
|
28.12.2012, 15:25
| #10 |
| /// Malware-holic | click and continue Hi mach doch bitte einfach nur das, was da steht, und nicht irgendwas, wozu du nicht aufgefordert wurdest. hab ich zb gesagt, dass du beim TDSS killer was löschen sollst? Also, lesen bitte das nächste mal, und nicht irggendwas anderes tun. Öffne c: TDSS-Killer-Datum-Version.txt
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
29.12.2012, 15:51
| #11 |
| | click and continue sorry, 1. scan: 21:31:22.0456 6428 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 21:31:22.0706 6428 ============================================================ 21:31:22.0706 6428 Current date / time: 2012/12/27 21:31:22.0706 21:31:22.0706 6428 SystemInfo: 21:31:22.0706 6428 21:31:22.0706 6428 OS Version: 6.1.7601 ServicePack: 1.0 21:31:22.0706 6428 Product type: Workstation 21:31:22.0706 6428 ComputerName: GEHTDICHNICHTSA 21:31:22.0706 6428 UserName: geht dich nichts an 21:31:22.0706 6428 Windows directory: C:\Windows 21:31:22.0706 6428 System windows directory: C:\Windows 21:31:22.0706 6428 Running under WOW64 21:31:22.0706 6428 Processor architecture: Intel x64 21:31:22.0706 6428 Number of processors: 8 21:31:22.0706 6428 Page size: 0x1000 21:31:22.0706 6428 Boot type: Normal boot 21:31:22.0706 6428 ============================================================ 21:31:23.0361 6428 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:31:23.0377 6428 ============================================================ 21:31:23.0377 6428 \Device\Harddisk0\DR0: 21:31:23.0377 6428 MBR partitions: 21:31:23.0377 6428 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000 21:31:23.0377 6428 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x107EA800 21:31:23.0377 6428 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10AD9000, BlocksNum 0x1F40000 21:31:23.0377 6428 ============================================================ 21:31:23.0377 6428 C: <-> \Device\Harddisk0\DR0\Partition2 21:31:23.0377 6428 Q: <-> \Device\Harddisk0\DR0\Partition3 21:31:23.0377 6428 ============================================================ 21:31:23.0377 6428 Initialize success 21:31:23.0377 6428 ============================================================ 21:33:07.0158 7796 ============================================================ 21:33:07.0158 7796 Scan started 21:33:07.0158 7796 Mode: Manual; 21:33:07.0158 7796 ============================================================ 21:33:07.0485 7796 ================ Scan system memory ======================== 21:33:07.0485 7796 System memory - ok 21:33:07.0485 7796 ================ Scan services ============================= 21:33:07.0595 7796 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 21:33:07.0595 7796 1394ohci - ok 21:33:07.0610 7796 [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys 21:33:07.0626 7796 5U877 - ok 21:33:07.0641 7796 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 21:33:07.0641 7796 ACDaemon - ok 21:33:07.0673 7796 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:33:07.0673 7796 ACPI - ok 21:33:07.0688 7796 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:33:07.0704 7796 AcpiPmi - ok 21:33:07.0704 7796 [ DEECCADBD25F65D65293A09721B3A447 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe 21:33:07.0719 7796 AcPrfMgrSvc - ok 21:33:07.0735 7796 [ A7753804C6C66C9C80F4E29659FD721C ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe 21:33:07.0735 7796 AcSvc - ok 21:33:07.0813 7796 [ 76D5A3D2A50402A0B9B6ED13C4371E79 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:33:07.0813 7796 AdobeFlashPlayerUpdateSvc - ok 21:33:07.0844 7796 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:33:07.0875 7796 adp94xx - ok 21:33:07.0891 7796 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:33:07.0907 7796 adpahci - ok 21:33:07.0922 7796 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:33:07.0938 7796 adpu320 - ok 21:33:07.0953 7796 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:33:07.0953 7796 AeLookupSvc - ok 21:33:07.0969 7796 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys 21:33:07.0969 7796 Afc - ok 21:33:07.0985 7796 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 21:33:08.0000 7796 AFD - ok 21:33:08.0016 7796 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:33:08.0016 7796 agp440 - ok 21:33:08.0031 7796 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 21:33:08.0047 7796 ALG - ok 21:33:08.0047 7796 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 21:33:08.0063 7796 aliide - ok 21:33:08.0078 7796 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 21:33:08.0078 7796 amdide - ok 21:33:08.0094 7796 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:33:08.0109 7796 AmdK8 - ok 21:33:08.0109 7796 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 21:33:08.0125 7796 AmdPPM - ok 21:33:08.0141 7796 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:33:08.0156 7796 amdsata - ok 21:33:08.0172 7796 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 21:33:08.0187 7796 amdsbs - ok 21:33:08.0187 7796 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:33:08.0203 7796 amdxata - ok 21:33:08.0219 7796 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 21:33:08.0219 7796 AntiVirSchedulerService - ok 21:33:08.0234 7796 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 21:33:08.0234 7796 AntiVirService - ok 21:33:08.0234 7796 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 21:33:08.0250 7796 AppID - ok 21:33:08.0265 7796 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:33:08.0281 7796 AppIDSvc - ok 21:33:08.0281 7796 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 21:33:08.0297 7796 Appinfo - ok 21:33:08.0312 7796 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:33:08.0312 7796 Apple Mobile Device - ok 21:33:08.0328 7796 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 21:33:08.0343 7796 AppMgmt - ok 21:33:08.0359 7796 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 21:33:08.0375 7796 arc - ok 21:33:08.0390 7796 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:33:08.0406 7796 arcsas - ok 21:33:08.0421 7796 aspnet_state - ok 21:33:08.0421 7796 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:33:08.0437 7796 AsyncMac - ok 21:33:08.0437 7796 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 21:33:08.0453 7796 atapi - ok 21:33:08.0484 7796 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:33:08.0531 7796 AudioEndpointBuilder - ok 21:33:08.0546 7796 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:33:08.0562 7796 AudioSrv - ok 21:33:08.0562 7796 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 21:33:08.0577 7796 avgntflt - ok 21:33:08.0593 7796 [ A3B21D3CD9185734698AB4C5D7D8F182 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys 21:33:08.0609 7796 avgtp - ok 21:33:08.0609 7796 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 21:33:08.0640 7796 avipbb - ok 21:33:08.0640 7796 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 21:33:08.0655 7796 avkmgr - ok 21:33:08.0671 7796 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:33:08.0687 7796 AxInstSV - ok 21:33:08.0702 7796 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 21:33:08.0733 7796 b06bdrv - ok 21:33:08.0749 7796 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:33:08.0765 7796 b57nd60a - ok 21:33:08.0780 7796 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 21:33:08.0796 7796 BDESVC - ok 21:33:08.0843 7796 [ 553E94AE71D233C14A8C8B4AF9286ED0 ] BecHelperService C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe 21:33:08.0874 7796 BecHelperService - ok 21:33:08.0889 7796 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 21:33:08.0889 7796 Beep - ok 21:33:08.0921 7796 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 21:33:08.0952 7796 BFE - ok 21:33:08.0999 7796 [ 5B1FE9D351C284701C8051DA2AA81DF6 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120507.001\BHDrvx64.sys 21:33:09.0014 7796 BHDrvx64 - ok 21:33:09.0045 7796 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 21:33:09.0077 7796 BITS - ok 21:33:09.0077 7796 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:33:09.0092 7796 blbdrive - ok 21:33:09.0108 7796 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:33:09.0123 7796 Bonjour Service - ok 21:33:09.0139 7796 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:33:09.0139 7796 bowser - ok 21:33:09.0155 7796 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 21:33:09.0155 7796 BrFiltLo - ok 21:33:09.0170 7796 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 21:33:09.0170 7796 BrFiltUp - ok 21:33:09.0186 7796 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 21:33:09.0201 7796 Browser - ok 21:33:09.0217 7796 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:33:09.0248 7796 Brserid - ok 21:33:09.0248 7796 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:33:09.0264 7796 BrSerWdm - ok 21:33:09.0264 7796 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:33:09.0279 7796 BrUsbMdm - ok 21:33:09.0279 7796 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:33:09.0295 7796 BrUsbSer - ok 21:33:09.0295 7796 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 21:33:09.0311 7796 BthEnum - ok 21:33:09.0326 7796 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:33:09.0342 7796 BTHMODEM - ok 21:33:09.0342 7796 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:33:09.0357 7796 BthPan - ok 21:33:09.0373 7796 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 21:33:09.0404 7796 BTHPORT - ok 21:33:09.0404 7796 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 21:33:09.0420 7796 bthserv - ok 21:33:09.0435 7796 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 21:33:09.0451 7796 BTHUSB - ok 21:33:09.0467 7796 [ 8834F87A6A745872894DF8223201A6C3 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys 21:33:09.0498 7796 BTWAMPFL - ok 21:33:09.0498 7796 [ 9863D82ECBEC6106D377ED73680D99D8 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 21:33:09.0513 7796 btwaudio - ok 21:33:09.0529 7796 [ 3432DD66AE75AB2DE6D0527AD78DBFC7 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 21:33:09.0545 7796 btwavdt - ok 21:33:09.0576 7796 [ EB4AFE08FB39BB444F221D7D501E0915 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe 21:33:09.0591 7796 btwdins - ok 21:33:09.0607 7796 [ 382DC5A631CED0462EA09B7EB898BDBF ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 21:33:09.0623 7796 btwl2cap - ok 21:33:09.0623 7796 [ 13A9C2CEDD44C175E6CA39A536795CA6 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 21:33:09.0638 7796 btwrchid - ok 21:33:09.0654 7796 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys 21:33:09.0654 7796 ccSet_NIS - ok 21:33:09.0669 7796 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:33:09.0685 7796 cdfs - ok 21:33:09.0685 7796 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:33:09.0716 7796 cdrom - ok 21:33:09.0716 7796 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 21:33:09.0732 7796 CertPropSvc - ok 21:33:09.0732 7796 CHIPDRIVE USB SmartCardReader - ok 21:33:09.0747 7796 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 21:33:09.0763 7796 circlass - ok 21:33:09.0779 7796 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 21:33:09.0794 7796 CLFS - ok 21:33:09.0794 7796 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:33:09.0794 7796 clr_optimization_v2.0.50727_32 - ok 21:33:09.0810 7796 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:33:09.0825 7796 clr_optimization_v2.0.50727_64 - ok 21:33:09.0841 7796 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:33:09.0841 7796 clr_optimization_v4.0.30319_32 - ok 21:33:09.0857 7796 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:33:09.0857 7796 clr_optimization_v4.0.30319_64 - ok 21:33:09.0872 7796 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:33:09.0888 7796 CmBatt - ok 21:33:09.0888 7796 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:33:09.0903 7796 cmdide - ok 21:33:09.0919 7796 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 21:33:09.0950 7796 CNG - ok 21:33:09.0997 7796 [ DB6F09464C57606892BF6D2458483417 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys 21:33:10.0059 7796 CnxtHdAudService - ok 21:33:10.0059 7796 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 21:33:10.0075 7796 Compbatt - ok 21:33:10.0075 7796 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 21:33:10.0091 7796 CompositeBus - ok 21:33:10.0106 7796 COMSysApp - ok 21:33:10.0106 7796 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:33:10.0122 7796 crcdisk - ok 21:33:10.0137 7796 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:33:10.0153 7796 CryptSvc - ok 21:33:10.0184 7796 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 21:33:10.0215 7796 CSC - ok 21:33:10.0231 7796 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 21:33:10.0247 7796 CscService - ok 21:33:10.0262 7796 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe 21:33:10.0262 7796 CxAudMsg - ok 21:33:10.0293 7796 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:33:10.0309 7796 DcomLaunch - ok 21:33:10.0325 7796 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 21:33:10.0340 7796 defragsvc - ok 21:33:10.0356 7796 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:33:10.0371 7796 DfsC - ok 21:33:10.0387 7796 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys 21:33:10.0387 7796 DgiVecp - ok 21:33:10.0403 7796 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 21:33:10.0434 7796 Dhcp - ok 21:33:10.0434 7796 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 21:33:10.0434 7796 discache - ok 21:33:10.0449 7796 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 21:33:10.0465 7796 Disk - ok 21:33:10.0465 7796 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 21:33:10.0481 7796 dmvsc - ok 21:33:10.0496 7796 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:33:10.0496 7796 Dnscache - ok 21:33:10.0512 7796 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 21:33:10.0543 7796 dot3svc - ok 21:33:10.0559 7796 [ 277247B79DA2230D0C3AEB83E6CD8CA7 ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE 21:33:10.0574 7796 DozeSvc - ok 21:33:10.0590 7796 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 21:33:10.0590 7796 DPS - ok 21:33:10.0590 7796 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:33:10.0605 7796 drmkaud - ok 21:33:10.0637 7796 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:33:10.0668 7796 DXGKrnl - ok 21:33:10.0683 7796 [ CE4CFFD9F64B86BCEB1C343FC9924D72 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys 21:33:10.0683 7796 DzHDD64 - ok 21:33:10.0699 7796 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys 21:33:10.0730 7796 e1cexpress - ok 21:33:10.0746 7796 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 21:33:10.0746 7796 EapHost - ok 21:33:10.0839 7796 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 21:33:10.0917 7796 ebdrv - ok 21:33:10.0933 7796 [ F88F2E5806FC405B0FA94B7947A5875E ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys 21:33:10.0933 7796 ecnssndis - ok 21:33:10.0949 7796 [ C8CD88218EFC28F7E44A9892B3E97F4D ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys 21:33:10.0949 7796 ecnssndisfltr - ok 21:33:10.0964 7796 [ 0C3F9EFF8DDD9F9EB56D754B4620155F ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 21:33:10.0980 7796 eeCtrl - ok 21:33:10.0980 7796 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 21:33:10.0980 7796 EFS - ok 21:33:11.0011 7796 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:33:11.0027 7796 ehRecvr - ok 21:33:11.0042 7796 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 21:33:11.0042 7796 ehSched - ok 21:33:11.0058 7796 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:33:11.0089 7796 elxstor - ok 21:33:11.0105 7796 [ 8C0F9B877BC0B7FFD327EF55F9EFB642 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 21:33:11.0105 7796 EraserUtilRebootDrv - ok 21:33:11.0120 7796 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:33:11.0120 7796 ErrDev - ok 21:33:11.0151 7796 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 21:33:11.0183 7796 EventSystem - ok 21:33:11.0229 7796 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 21:33:11.0261 7796 EvtEng - ok 21:33:11.0276 7796 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 21:33:11.0292 7796 exfat - ok 21:33:11.0307 7796 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:33:11.0323 7796 fastfat - ok 21:33:11.0354 7796 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 21:33:11.0370 7796 Fax - ok 21:33:11.0370 7796 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 21:33:11.0385 7796 fdc - ok 21:33:11.0385 7796 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 21:33:11.0401 7796 fdPHost - ok 21:33:11.0401 7796 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 21:33:11.0417 7796 FDResPub - ok 21:33:11.0432 7796 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:33:11.0448 7796 FileInfo - ok 21:33:11.0448 7796 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:33:11.0463 7796 Filetrace - ok 21:33:11.0463 7796 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 21:33:11.0479 7796 flpydisk - ok 21:33:11.0495 7796 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:33:11.0510 7796 FltMgr - ok 21:33:11.0557 7796 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 21:33:11.0573 7796 FontCache - ok 21:33:11.0588 7796 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:33:11.0588 7796 FontCache3.0.0.0 - ok 21:33:11.0604 7796 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:33:11.0619 7796 FsDepends - ok 21:33:11.0619 7796 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:33:11.0635 7796 Fs_Rec - ok 21:33:11.0651 7796 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:33:11.0651 7796 fvevol - ok 21:33:11.0666 7796 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:33:11.0682 7796 gagp30kx - ok 21:33:11.0682 7796 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:33:11.0697 7796 GEARAspiWDM - ok 21:33:11.0713 7796 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 21:33:11.0760 7796 gpsvc - ok 21:33:11.0775 7796 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:33:11.0775 7796 gupdate - ok 21:33:11.0791 7796 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:33:11.0791 7796 gupdatem - ok 21:33:11.0807 7796 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 21:33:11.0807 7796 gusvc - ok 21:33:11.0822 7796 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:33:11.0838 7796 hcw85cir - ok 21:33:11.0853 7796 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:33:11.0869 7796 HdAudAddService - ok 21:33:11.0885 7796 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:33:11.0885 7796 HDAudBus - ok 21:33:11.0900 7796 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 21:33:11.0900 7796 HidBatt - ok 21:33:11.0916 7796 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:33:11.0931 7796 HidBth - ok 21:33:11.0947 7796 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 21:33:11.0947 7796 HidIr - ok 21:33:11.0963 7796 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 21:33:11.0978 7796 hidserv - ok 21:33:11.0978 7796 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:33:11.0994 7796 HidUsb - ok 21:33:12.0009 7796 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:33:12.0025 7796 hkmsvc - ok 21:33:12.0025 7796 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:33:12.0056 7796 HomeGroupListener - ok 21:33:12.0072 7796 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:33:12.0103 7796 HomeGroupProvider - ok 21:33:12.0103 7796 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:33:12.0119 7796 HpSAMD - ok 21:33:12.0150 7796 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:33:12.0165 7796 HTTP - ok 21:33:12.0181 7796 [ 8F9B0FC4EC3A8194BD4CBC5ED3E7ABEB ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 21:33:12.0197 7796 hwdatacard - ok 21:33:12.0197 7796 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:33:12.0197 7796 hwpolicy - ok 21:33:12.0212 7796 [ B45B3647BA32749B94FA689175EC8C26 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys 21:33:12.0228 7796 hwusbdev - ok 21:33:12.0243 7796 [ E935C8099F9196BF19224D9EE4808612 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe 21:33:12.0259 7796 HyperW7Svc - ok 21:33:12.0259 7796 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:33:12.0275 7796 i8042prt - ok 21:33:12.0306 7796 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys 21:33:12.0306 7796 iaStor - ok 21:33:12.0321 7796 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:33:12.0353 7796 iaStorV - ok 21:33:12.0368 7796 [ 29ED470689B7C597A9701D6A4C57A578 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys 21:33:12.0368 7796 IBMPMDRV - ok 21:33:12.0384 7796 [ BC7AF43EEC24E995D770EC92A441D5D8 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe 21:33:12.0384 7796 IBMPMSVC - ok 21:33:12.0415 7796 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:33:12.0431 7796 idsvc - ok 21:33:12.0462 7796 [ 4E9E0E5A3B0EFEB27491C26BE1D97FDA ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120511.001\IDSvia64.sys 21:33:12.0462 7796 IDSVia64 - ok 21:33:12.0743 7796 [ 66DC0CE2D1867B8178EAA0E11930DBD7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 21:33:12.0992 7796 igfx - ok 21:33:13.0008 7796 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:33:13.0008 7796 iirsp - ok 21:33:13.0039 7796 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 21:33:13.0086 7796 IKEEXT - ok 21:33:13.0101 7796 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 21:33:13.0101 7796 intelide - ok 21:33:13.0117 7796 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:33:13.0117 7796 intelppm - ok 21:33:13.0133 7796 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:33:13.0148 7796 IPBusEnum - ok 21:33:13.0164 7796 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:33:13.0164 7796 IpFilterDriver - ok 21:33:13.0195 7796 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:33:13.0211 7796 iphlpsvc - ok 21:33:13.0211 7796 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:33:13.0226 7796 IPMIDRV - ok 21:33:13.0242 7796 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:33:13.0257 7796 IPNAT - ok 21:33:13.0289 7796 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:33:13.0304 7796 iPod Service - ok 21:33:13.0304 7796 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:33:13.0320 7796 IRENUM - ok 21:33:13.0335 7796 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:33:13.0335 7796 isapnp - ok 21:33:13.0351 7796 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:33:13.0382 7796 iScsiPrt - ok 21:33:13.0398 7796 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 21:33:13.0398 7796 jhi_service - ok 21:33:13.0413 7796 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:33:13.0429 7796 kbdclass - ok 21:33:13.0429 7796 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:33:13.0445 7796 kbdhid - ok 21:33:13.0445 7796 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 21:33:13.0460 7796 KeyIso - ok 21:33:13.0460 7796 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:33:13.0476 7796 KSecDD - ok 21:33:13.0491 7796 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:33:13.0507 7796 KSecPkg - ok 21:33:13.0507 7796 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:33:13.0523 7796 ksthunk - ok 21:33:13.0538 7796 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 21:33:13.0569 7796 KtmRm - ok 21:33:13.0585 7796 [ C864875E87E6B790471516856FC1F5C2 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys 21:33:13.0585 7796 l36wgps - ok 21:33:13.0601 7796 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:33:13.0632 7796 LanmanServer - ok 21:33:13.0632 7796 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:33:13.0663 7796 LanmanWorkstation - ok 21:33:13.0663 7796 [ 56B74943929BC575914631EDC0E72220 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe 21:33:13.0663 7796 LENOVO.CAMMUTE - ok 21:33:13.0679 7796 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 21:33:13.0679 7796 LENOVO.MICMUTE - ok 21:33:13.0694 7796 [ 2BD420494B7B0EE762B758C5CC4963D4 ] Lenovo.RapidDrive.Advanced.Svc C:\Program Files (x86)\Lenovo\RapidDrive Advanced\LenovoRapidDriveAdvancedService.exe 21:33:13.0710 7796 Lenovo.RapidDrive.Advanced.Svc - ok 21:33:13.0710 7796 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys 21:33:13.0725 7796 lenovo.smi - ok 21:33:13.0725 7796 [ F9B51B2A5DA1222A910021C71E9EA559 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 21:33:13.0741 7796 LENOVO.TPKNRSVC - ok 21:33:13.0741 7796 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe 21:33:13.0741 7796 Lenovo.VIRTSCRLSVC - ok 21:33:13.0757 7796 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:33:13.0772 7796 lltdio - ok 21:33:13.0788 7796 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:33:13.0803 7796 lltdsvc - ok 21:33:13.0819 7796 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:33:13.0819 7796 lmhosts - ok 21:33:13.0835 7796 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 21:33:13.0850 7796 LMS - ok 21:33:13.0866 7796 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:33:13.0881 7796 LSI_FC - ok 21:33:13.0881 7796 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:33:13.0897 7796 LSI_SAS - ok 21:33:13.0913 7796 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 21:33:13.0928 7796 LSI_SAS2 - ok 21:33:13.0928 7796 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:33:13.0944 7796 LSI_SCSI - ok 21:33:13.0959 7796 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 21:33:13.0975 7796 luafv - ok 21:33:13.0975 7796 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 21:33:13.0991 7796 MBAMProtector - ok 21:33:14.0006 7796 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 21:33:14.0022 7796 MBAMScheduler - ok 21:33:14.0037 7796 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 21:33:14.0053 7796 MBAMService - ok 21:33:14.0069 7796 [ D8BA1ECBF0B9A4B4E1F3B7EB517D6C20 ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys 21:33:14.0084 7796 Mbm3CBus - ok 21:33:14.0100 7796 [ 01E60917101B309E15F30DA26ACF64F6 ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys 21:33:14.0115 7796 Mbm3DevMt - ok 21:33:14.0115 7796 [ 6350A2CA21FB7B14432EFFDC61863AED ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys 21:33:14.0131 7796 Mbm3mdfl - ok 21:33:14.0147 7796 [ 9FC3A8713D148E15D0472E1C44DD0FDA ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys 21:33:14.0162 7796 Mbm3Mdm - ok 21:33:14.0162 7796 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:33:14.0178 7796 Mcx2Svc - ok 21:33:14.0193 7796 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 21:33:14.0209 7796 MDM - ok 21:33:14.0209 7796 mdvrmng - ok 21:33:14.0225 7796 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 21:33:14.0240 7796 megasas - ok 21:33:14.0256 7796 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 21:33:14.0271 7796 MegaSR - ok 21:33:14.0287 7796 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 21:33:14.0287 7796 MEIx64 - ok 21:33:14.0303 7796 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 21:33:14.0303 7796 MMCSS - ok 21:33:14.0318 7796 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 21:33:14.0318 7796 Modem - ok 21:33:14.0318 7796 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:33:14.0334 7796 monitor - ok 21:33:14.0334 7796 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:33:14.0349 7796 mouclass - ok 21:33:14.0365 7796 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:33:14.0365 7796 mouhid - ok 21:33:14.0381 7796 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:33:14.0381 7796 mountmgr - ok 21:33:14.0396 7796 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 21:33:14.0412 7796 mpio - ok 21:33:14.0427 7796 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:33:14.0427 7796 mpsdrv - ok 21:33:14.0459 7796 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:33:14.0490 7796 MpsSvc - ok 21:33:14.0490 7796 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:33:14.0505 7796 MRxDAV - ok 21:33:14.0521 7796 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:33:14.0537 7796 mrxsmb - ok 21:33:14.0552 7796 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:33:14.0583 7796 mrxsmb10 - ok 21:33:14.0583 7796 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:33:14.0599 7796 mrxsmb20 - ok 21:33:14.0615 7796 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 21:33:14.0615 7796 msahci - ok 21:33:14.0630 7796 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:33:14.0646 7796 msdsm - ok 21:33:14.0661 7796 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 21:33:14.0677 7796 MSDTC - ok 21:33:14.0693 7796 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:33:14.0708 7796 Msfs - ok 21:33:14.0708 7796 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:33:14.0708 7796 mshidkmdf - ok 21:33:14.0724 7796 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:33:14.0739 7796 msisadrv - ok 21:33:14.0739 7796 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:33:14.0755 7796 MSiSCSI - ok 21:33:14.0771 7796 msiserver - ok 21:33:14.0771 7796 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:33:14.0786 7796 MSKSSRV - ok 21:33:14.0786 7796 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:33:14.0802 7796 MSPCLOCK - ok 21:33:14.0802 7796 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:33:14.0817 7796 MSPQM - ok 21:33:14.0833 7796 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:33:14.0849 7796 MsRPC - ok 21:33:14.0864 7796 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:33:14.0864 7796 mssmbios - ok 21:33:14.0880 7796 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:33:14.0880 7796 MSTEE - ok 21:33:14.0895 7796 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 21:33:14.0895 7796 MTConfig - ok 21:33:14.0911 7796 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 21:33:14.0927 7796 Mup - ok 21:33:14.0942 7796 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 21:33:14.0958 7796 napagent - ok 21:33:14.0973 7796 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:33:14.0989 7796 NativeWifiP - ok 21:33:15.0005 7796 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120511.021\ENG64.SYS 21:33:15.0005 7796 NAVENG - ok 21:33:15.0067 7796 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120511.021\EX64.SYS 21:33:15.0098 7796 NAVEX15 - ok 21:33:15.0129 7796 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:33:15.0161 7796 NDIS - ok 21:33:15.0161 7796 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:33:15.0176 7796 NdisCap - ok 21:33:15.0176 7796 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:33:15.0192 7796 NdisTapi - ok 21:33:15.0207 7796 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:33:15.0207 7796 Ndisuio - ok 21:33:15.0223 7796 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:33:15.0239 7796 NdisWan - ok 21:33:15.0254 7796 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:33:15.0270 7796 NDProxy - ok 21:33:15.0270 7796 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 21:33:15.0285 7796 Netaapl - ok 21:33:15.0301 7796 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:33:15.0301 7796 NetBIOS - ok 21:33:15.0317 7796 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:33:15.0332 7796 NetBT - ok 21:33:15.0332 7796 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 21:33:15.0332 7796 Netlogon - ok 21:33:15.0348 7796 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 21:33:15.0363 7796 Netman - ok 21:33:15.0379 7796 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 21:33:15.0426 7796 netprofm - ok 21:33:15.0426 7796 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:33:15.0441 7796 NetTcpPortSharing - ok 21:33:15.0629 7796 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 21:33:15.0816 7796 NETwNs64 - ok 21:33:15.0816 7796 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:33:15.0831 7796 nfrd960 - ok 21:33:15.0863 7796 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe 21:33:15.0863 7796 NIS - ok 21:33:15.0878 7796 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:33:15.0894 7796 NlaSvc - ok 21:33:15.0894 7796 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:33:15.0909 7796 Npfs - ok 21:33:15.0909 7796 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 21:33:15.0925 7796 nsi - ok 21:33:15.0941 7796 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:33:15.0941 7796 nsiproxy - ok 21:33:15.0987 7796 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:33:16.0050 7796 Ntfs - ok 21:33:16.0050 7796 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 21:33:16.0065 7796 Null - ok 21:33:16.0346 7796 [ E2C13F0BC48BBF7FEC12AEE77F3D3E26 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 21:33:16.0627 7796 nvlddmkm - ok 21:33:16.0643 7796 [ 2E6C975AE61742DC8A31B9E260D8AF1D ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys 21:33:16.0643 7796 nvpciflt - ok 21:33:16.0658 7796 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:33:16.0674 7796 nvraid - ok 21:33:16.0689 7796 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:33:16.0705 7796 nvstor - ok 21:33:16.0736 7796 [ ADE4D6E9335F1746016D3533F177C694 ] NVSvc C:\Windows\system32\nvvsvc.exe 21:33:16.0752 7796 NVSvc - ok 21:33:16.0814 7796 [ E9200F89EA2885B9B8151AA9D7B480EB ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 21:33:16.0845 7796 nvUpdatusService - ok 21:33:16.0861 7796 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:33:16.0877 7796 nv_agp - ok 21:33:16.0892 7796 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:33:16.0892 7796 ohci1394 - ok 21:33:16.0908 7796 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:33:16.0908 7796 ose - ok 21:33:16.0923 7796 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:33:16.0939 7796 p2pimsvc - ok 21:33:16.0955 7796 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 21:33:16.0986 7796 p2psvc - ok 21:33:17.0001 7796 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 21:33:17.0017 7796 Parport - ok 21:33:17.0017 7796 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:33:17.0033 7796 partmgr - ok 21:33:17.0048 7796 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:33:17.0079 7796 PcaSvc - ok 21:33:17.0095 7796 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{127174DC-C366ED8B-06020200}_0 c:\program files\pc-doctor\pcdsrvc_x64.pkms 21:33:17.0095 7796 PCDSRVC{127174DC-C366ED8B-06020200}_0 - ok 21:33:17.0111 7796 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 21:33:17.0126 7796 pci - ok 21:33:17.0142 7796 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 21:33:17.0142 7796 pciide - ok 21:33:17.0157 7796 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 21:33:17.0189 7796 pcmcia - ok 21:33:17.0189 7796 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 21:33:17.0204 7796 pcw - ok 21:33:17.0220 7796 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:33:17.0267 7796 PEAUTH - ok 21:33:17.0298 7796 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 21:33:17.0329 7796 PeerDistSvc - ok 21:33:17.0407 7796 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:33:17.0407 7796 PerfHost - ok 21:33:17.0438 7796 [ 52C9F4359AF4A25969B882AECC6F3BDA ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS 21:33:17.0438 7796 PHCORE - ok 21:33:17.0469 7796 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 21:33:17.0532 7796 pla - ok 21:33:17.0547 7796 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:33:17.0579 7796 PlugPlay - ok 21:33:17.0594 7796 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:33:17.0610 7796 PNRPAutoReg - ok 21:33:17.0625 7796 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:33:17.0625 7796 PNRPsvc - ok 21:33:17.0657 7796 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:33:17.0688 7796 PolicyAgent - ok 21:33:17.0703 7796 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll 21:33:17.0703 7796 Power - ok 21:33:17.0719 7796 [ 0BF1D6B41E4D4376BE4E4FA31D1A88C0 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE 21:33:17.0719 7796 Power Manager DBC Service - ok 21:33:17.0735 7796 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:33:17.0750 7796 PptpMiniport - ok 21:33:17.0750 7796 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 21:33:17.0766 7796 Processor - ok 21:33:17.0781 7796 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 21:33:17.0813 7796 ProfSvc - ok 21:33:17.0813 7796 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:33:17.0813 7796 ProtectedStorage - ok 21:33:17.0828 7796 [ A82C4C116EF96D5BE9B3BBC5A0FBE948 ] Protector by IB Updater C:\Program Files\Protector by IB\ExtensionUpdaterService.exe 21:33:17.0844 7796 Protector by IB Updater - ok 21:33:17.0844 7796 [ 0D8A7E27BB8697EE4191BD1094C30F01 ] psadd C:\Windows\system32\DRIVERS\psadd.sys 21:33:17.0859 7796 psadd - ok 21:33:17.0875 7796 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:33:17.0875 7796 Psched - ok 21:33:17.0875 7796 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 21:33:17.0891 7796 PSI_SVC_2 - ok 21:33:17.0906 7796 [ D20BF8B293EB90E3C4ED2F38B51948A1 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE 21:33:17.0906 7796 PwmEWSvc - ok 21:33:17.0953 7796 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:33:18.0000 7796 ql2300 - ok 21:33:18.0000 7796 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:33:18.0015 7796 ql40xx - ok 21:33:18.0031 7796 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 21:33:18.0062 7796 QWAVE - ok 21:33:18.0078 7796 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:33:18.0078 7796 QWAVEdrv - ok 21:33:18.0093 7796 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:33:18.0093 7796 RasAcd - ok 21:33:18.0109 7796 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:33:18.0125 7796 RasAgileVpn - ok 21:33:18.0125 7796 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 21:33:18.0140 7796 RasAuto - ok 21:33:18.0156 7796 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:33:18.0171 7796 Rasl2tp - ok 21:33:18.0187 7796 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 21:33:18.0203 7796 RasMan - ok 21:33:18.0203 7796 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:33:18.0218 7796 RasPppoe - ok 21:33:18.0234 7796 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:33:18.0249 7796 RasSstp - ok 21:33:18.0265 7796 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:33:18.0281 7796 rdbss - ok 21:33:18.0296 7796 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:33:18.0296 7796 rdpbus - ok 21:33:18.0312 7796 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:33:18.0312 7796 RDPCDD - ok 21:33:18.0327 7796 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 21:33:18.0343 7796 RDPDR - ok 21:33:18.0359 7796 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:33:18.0359 7796 RDPENCDD - ok 21:33:18.0374 7796 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:33:18.0374 7796 RDPREFMP - ok 21:33:18.0374 7796 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:33:18.0405 7796 RDPWD - ok 21:33:18.0405 7796 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:33:18.0437 7796 rdyboost - ok 21:33:18.0468 7796 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 21:33:18.0483 7796 RegSrvc - ok 21:33:18.0499 7796 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:33:18.0515 7796 RemoteAccess - ok 21:33:18.0530 7796 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:33:18.0546 7796 RemoteRegistry - ok 21:33:18.0561 7796 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:33:18.0577 7796 RFCOMM - ok 21:33:18.0577 7796 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys 21:33:18.0593 7796 risdxc - ok 21:33:18.0608 7796 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:33:18.0624 7796 RpcEptMapper - ok 21:33:18.0624 7796 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 21:33:18.0639 7796 RpcLocator - ok 21:33:18.0655 7796 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 21:33:18.0671 7796 RpcSs - ok 21:33:18.0671 7796 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:33:18.0686 7796 rspndr - ok 21:33:18.0702 7796 [ B88880586ACD3EDEFCD0F9C2A6C1EE27 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys 21:33:18.0717 7796 RTL2832UBDA - ok 21:33:18.0733 7796 [ 4C04300EE6A5E780FD4E2F0806AECA0E ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys 21:33:18.0749 7796 RTL2832UUSB - ok 21:33:18.0749 7796 [ 19FAA5E7CF3D5263F4E79450A03E50CA ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys 21:33:18.0764 7796 RTL2832U_IRHID - ok 21:33:18.0780 7796 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 21:33:18.0780 7796 s3cap - ok 21:33:18.0795 7796 [ 4F55BC63DCA859A6DEDC1106E0062135 ] S3XXx64 C:\Windows\system32\DRIVERS\S3XXx64.sys 21:33:18.0811 7796 S3XXx64 - ok 21:33:18.0811 7796 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 21:33:18.0811 7796 SamSs - ok 21:33:18.0827 7796 SAService - ok 21:33:18.0842 7796 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:33:18.0858 7796 sbp2port - ok 21:33:18.0858 7796 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:33:18.0889 7796 SCardSvr - ok 21:33:18.0889 7796 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:33:18.0905 7796 scfilter - ok 21:33:18.0936 7796 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 21:33:18.0998 7796 Schedule - ok 21:33:19.0014 7796 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:33:19.0014 7796 SCPolicySvc - ok 21:33:19.0029 7796 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:33:19.0045 7796 SDRSVC - ok 21:33:19.0061 7796 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:33:19.0061 7796 secdrv - ok 21:33:19.0076 7796 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 21:33:19.0092 7796 seclogon - ok 21:33:19.0092 7796 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 21:33:19.0107 7796 SENS - ok 21:33:19.0107 7796 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:33:19.0123 7796 SensrSvc - ok 21:33:19.0139 7796 [ 3DC3EC72952BD60C438E397781FF0572 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys 21:33:19.0154 7796 Ser2pl - ok 21:33:19.0170 7796 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 21:33:19.0170 7796 Serenum - ok 21:33:19.0185 7796 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 21:33:19.0201 7796 Serial - ok 21:33:19.0201 7796 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:33:19.0217 7796 sermouse - ok 21:33:19.0232 7796 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 21:33:19.0263 7796 SessionEnv - ok 21:33:19.0263 7796 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:33:19.0279 7796 sffdisk - ok 21:33:19.0279 7796 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:33:19.0295 7796 sffp_mmc - ok 21:33:19.0295 7796 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:33:19.0310 7796 sffp_sd - ok 21:33:19.0310 7796 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:33:19.0326 7796 sfloppy - ok 21:33:19.0341 7796 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:33:19.0373 7796 SharedAccess - ok 21:33:19.0388 7796 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:33:19.0419 7796 ShellHWDetection - ok 21:33:19.0419 7796 [ E2FC046D4EDABFE3B5EF7DA06406277D ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys 21:33:19.0435 7796 Shockprf - ok 21:33:19.0451 7796 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 21:33:19.0466 7796 SiSRaid2 - ok 21:33:19.0466 7796 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:33:19.0482 7796 SiSRaid4 - ok 21:33:19.0560 7796 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 21:33:19.0622 7796 Skype C2C Service - ok 21:33:19.0638 7796 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 21:33:19.0638 7796 SkypeUpdate - ok 21:33:19.0653 7796 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:33:19.0669 7796 Smb - ok 21:33:19.0669 7796 [ C5B1A19B14F19B08AE72FCB20A3075B6 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys 21:33:19.0669 7796 smihlp - ok 21:33:19.0685 7796 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:33:19.0700 7796 SNMPTRAP - ok 21:33:19.0716 7796 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 21:33:19.0716 7796 spldr - ok 21:33:19.0747 7796 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 21:33:19.0763 7796 Spooler - ok 21:33:19.0841 7796 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 21:33:19.0919 7796 sppsvc - ok 21:33:19.0919 7796 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:33:19.0934 7796 sppuinotify - ok 21:33:19.0965 7796 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS 21:33:20.0012 7796 SRTSP - ok 21:33:20.0012 7796 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS 21:33:20.0012 7796 SRTSPX - ok 21:33:20.0043 7796 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 21:33:20.0059 7796 srv - ok 21:33:20.0090 7796 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:33:20.0121 7796 srv2 - ok 21:33:20.0121 7796 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:33:20.0153 7796 srvnet - ok 21:33:20.0153 7796 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:33:20.0184 7796 SSDPSRV - ok 21:33:20.0184 7796 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys 21:33:20.0199 7796 SSPORT - ok 21:33:20.0199 7796 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:33:20.0215 7796 SstpSvc - ok 21:33:20.0231 7796 [ E4AEA6FC64A979375149B86882CA2100 ] StarMoney 8.0 OnlineUpdate C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe 21:33:20.0246 7796 StarMoney 8.0 OnlineUpdate - ok 21:33:20.0277 7796 [ 9F16DDF670705ECAE9169E6E3130E50B ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 21:33:20.0277 7796 Stereo Service - ok 21:33:20.0293 7796 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 21:33:20.0309 7796 stexstor - ok 21:33:20.0324 7796 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 21:33:20.0355 7796 stisvc - ok 21:33:20.0371 7796 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 21:33:20.0387 7796 storflt - ok 21:33:20.0387 7796 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 21:33:20.0402 7796 StorSvc - ok 21:33:20.0418 7796 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 21:33:20.0418 7796 storvsc - ok 21:33:20.0433 7796 [ 6EA2F517373771CAC5188E82617C9C0B ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe 21:33:20.0433 7796 SUService - ok 21:33:20.0449 7796 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:33:20.0449 7796 swenum - ok 21:33:20.0465 7796 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 21:33:20.0496 7796 swprv - ok 21:33:20.0527 7796 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS 21:33:20.0527 7796 SymDS - ok 21:33:20.0574 7796 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS 21:33:20.0589 7796 SymEFA - ok 21:33:20.0605 7796 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 21:33:20.0621 7796 SymEvent - ok 21:33:20.0621 7796 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS 21:33:20.0636 7796 SymIRON - ok 21:33:20.0652 7796 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS 21:33:20.0652 7796 SymNetS - ok 21:33:20.0699 7796 [ FFDD13B42D4B106AC9FAFBB0E1F7FAA5 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 21:33:20.0745 7796 SynTP - ok 21:33:20.0792 7796 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 21:33:20.0839 7796 SysMain - ok 21:33:20.0855 7796 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:33:20.0870 7796 TabletInputService - ok 21:33:20.0886 7796 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 21:33:20.0917 7796 TapiSrv - ok 21:33:20.0917 7796 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 21:33:20.0933 7796 TBS - ok 21:33:20.0979 7796 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:33:21.0057 7796 Tcpip - ok 21:33:21.0104 7796 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:33:21.0135 7796 TCPIP6 - ok 21:33:21.0151 7796 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:33:21.0167 7796 tcpipreg - ok 21:33:21.0167 7796 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:33:21.0182 7796 TDPIPE - ok 21:33:21.0182 7796 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:33:21.0198 7796 TDTCP - ok 21:33:21.0213 7796 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:33:21.0213 7796 tdx - ok 21:33:21.0229 7796 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:33:21.0245 7796 TermDD - ok 21:33:21.0260 7796 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 21:33:21.0307 7796 TermService - ok 21:33:21.0323 7796 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 21:33:21.0338 7796 Themes - ok 21:33:21.0369 7796 [ F5C7A3BAA91A5305EBC46EA441CD52F7 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe 21:33:21.0385 7796 ThinkVantage Registry Monitor Service - ok 21:33:21.0401 7796 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 21:33:21.0401 7796 THREADORDER - ok 21:33:21.0416 7796 [ 55B7FE3E1D3B616BDC4E9EA48D92D6E6 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys 21:33:21.0416 7796 TPDIGIMN - ok 21:33:21.0432 7796 [ F0684C62ED8FD3061CD488ECFC851022 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe 21:33:21.0447 7796 TPHDEXLGSVC - ok 21:33:21.0463 7796 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe 21:33:21.0463 7796 TPHKLOAD - ok 21:33:21.0479 7796 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 21:33:21.0479 7796 TPHKSVC - ok 21:33:21.0494 7796 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys 21:33:21.0494 7796 TPM - ok 21:33:21.0510 7796 [ 7165B5A9B4867F64A6D6935F57D4196B ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys 21:33:21.0525 7796 TPPWRIF - ok 21:33:21.0525 7796 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 21:33:21.0557 7796 TrkWks - ok 21:33:21.0557 7796 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:33:21.0572 7796 TrustedInstaller - ok 21:33:21.0588 7796 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:33:21.0588 7796 tssecsrv - ok 21:33:21.0603 7796 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:33:21.0619 7796 TsUsbFlt - ok 21:33:21.0619 7796 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 21:33:21.0635 7796 TsUsbGD - ok 21:33:21.0650 7796 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:33:21.0650 7796 tunnel - ok 21:33:21.0697 7796 [ D3D473C0DD8BAC37FADD6419362907E2 ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe 21:33:21.0728 7796 TVT Backup Service - ok 21:33:21.0744 7796 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys 21:33:21.0744 7796 TVTI2C - ok 21:33:21.0759 7796 TwkMs - ok 21:33:21.0759 7796 TWKSER2K - ok 21:33:21.0775 7796 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:33:21.0791 7796 uagp35 - ok 21:33:21.0806 7796 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:33:21.0822 7796 udfs - ok 21:33:21.0853 7796 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:33:21.0869 7796 UI0Detect - ok 21:33:21.0869 7796 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 21:33:21.0884 7796 UleadBurningHelper - ok 21:33:21.0884 7796 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:33:21.0900 7796 uliagpkx - ok 21:33:21.0915 7796 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:33:21.0915 7796 umbus - ok 21:33:21.0931 7796 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 21:33:21.0947 7796 UmPass - ok 21:33:21.0947 7796 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 21:33:21.0978 7796 UmRdpService - ok 21:33:22.0056 7796 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 21:33:22.0103 7796 UNS - ok 21:33:22.0118 7796 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 21:33:22.0149 7796 upnphost - ok 21:33:22.0165 7796 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 21:33:22.0165 7796 USBAAPL64 - ok 21:33:22.0181 7796 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:33:22.0196 7796 usbccgp - ok 21:33:22.0212 7796 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:33:22.0227 7796 usbcir - ok 21:33:22.0227 7796 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:33:22.0243 7796 usbehci - ok 21:33:22.0259 7796 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:33:22.0274 7796 usbhub - ok 21:33:22.0274 7796 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:33:22.0290 7796 usbohci - ok 21:33:22.0305 7796 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:33:22.0305 7796 usbprint - ok 21:33:22.0321 7796 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:33:22.0337 7796 USBSTOR - ok 21:33:22.0337 7796 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 21:33:22.0352 7796 usbuhci - ok 21:33:22.0368 7796 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 21:33:22.0383 7796 usbvideo - ok 21:33:22.0383 7796 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 21:33:22.0399 7796 UxSms - ok 21:33:22.0415 7796 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 21:33:22.0415 7796 VaultSvc - ok 21:33:22.0430 7796 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:33:22.0430 7796 vdrvroot - ok 21:33:22.0461 7796 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 21:33:22.0493 7796 vds - ok 21:33:22.0508 7796 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:33:22.0508 7796 vga - ok 21:33:22.0524 7796 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 21:33:22.0524 7796 VgaSave - ok 21:33:22.0539 7796 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:33:22.0571 7796 vhdmp - ok 21:33:22.0571 7796 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 21:33:22.0586 7796 viaide - ok 21:33:22.0602 7796 [ 94BB24C999C97C7B31AC154559C9ECEE ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe 21:33:22.0602 7796 VIPAppService - ok 21:33:22.0617 7796 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 21:33:22.0633 7796 vmbus - ok 21:33:22.0633 7796 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 21:33:22.0649 7796 VMBusHID - ok 21:33:22.0664 7796 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:33:22.0680 7796 volmgr - ok 21:33:22.0695 7796 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:33:22.0695 7796 volmgrx - ok 21:33:22.0711 7796 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:33:22.0742 7796 volsnap - ok 21:33:22.0758 7796 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:33:22.0773 7796 vsmraid - ok 21:33:22.0805 7796 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 21:33:22.0867 7796 VSS - ok 21:33:22.0898 7796 [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe 21:33:22.0914 7796 vToolbarUpdater13.2.0 - ok 21:33:22.0914 7796 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 21:33:22.0929 7796 vwifibus - ok 21:33:22.0929 7796 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 21:33:22.0945 7796 vwififlt - ok 21:33:22.0961 7796 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 21:33:22.0961 7796 vwifimp - ok 21:33:22.0992 7796 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 21:33:23.0023 7796 W32Time - ok 21:33:23.0039 7796 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:33:23.0039 7796 WacomPen - ok 21:33:23.0054 7796 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:33:23.0070 7796 WANARP - ok 21:33:23.0070 7796 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:33:23.0085 7796 Wanarpv6 - ok 21:33:23.0117 7796 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 21:33:23.0195 7796 WatAdminSvc - ok 21:33:23.0226 7796 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 21:33:23.0273 7796 wbengine - ok 21:33:23.0288 7796 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:33:23.0304 7796 WbioSrvc - ok 21:33:23.0319 7796 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:33:23.0351 7796 wcncsvc - ok 21:33:23.0351 7796 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:33:23.0366 7796 WcsPlugInService - ok 21:33:23.0382 7796 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 21:33:23.0382 7796 Wd - ok 21:33:23.0413 7796 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:33:23.0460 7796 Wdf01000 - ok 21:33:23.0460 7796 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:33:23.0491 7796 WdiServiceHost - ok 21:33:23.0491 7796 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:33:23.0507 7796 WdiSystemHost - ok 21:33:23.0522 7796 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 21:33:23.0538 7796 WebClient - ok 21:33:23.0553 7796 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:33:23.0585 7796 Wecsvc - ok 21:33:23.0585 7796 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:33:23.0600 7796 wercplsupport - ok 21:33:23.0616 7796 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 21:33:23.0616 7796 WerSvc - ok 21:33:23.0631 7796 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:33:23.0631 7796 WfpLwf - ok 21:33:23.0647 7796 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:33:23.0647 7796 WIMMount - ok 21:33:23.0663 7796 WinDefend - ok 21:33:23.0678 7796 WinHttpAutoProxySvc - ok 21:33:23.0694 7796 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:33:23.0725 7796 Winmgmt - ok 21:33:23.0772 7796 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 21:33:23.0850 7796 WinRM - ok 21:33:23.0865 7796 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys 21:33:23.0881 7796 WinUsb - ok 21:33:23.0912 7796 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 21:33:23.0943 7796 Wlansvc - ok 21:33:23.0959 7796 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 21:33:23.0959 7796 wlcrasvc - ok 21:33:24.0021 7796 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:33:24.0068 7796 wlidsvc - ok 21:33:24.0068 7796 WMCoreService - ok 21:33:24.0084 7796 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 21:33:24.0084 7796 WmiAcpi - ok 21:33:24.0099 7796 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:33:24.0115 7796 wmiApSrv - ok 21:33:24.0131 7796 WMPNetworkSvc - ok 21:33:24.0146 7796 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:33:24.0146 7796 WPCSvc - ok 21:33:24.0162 7796 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:33:24.0177 7796 WPDBusEnum - ok 21:33:24.0193 7796 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:33:24.0209 7796 ws2ifsl - ok 21:33:24.0209 7796 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 21:33:24.0224 7796 wscsvc - ok 21:33:24.0224 7796 WSearch - ok 21:33:24.0287 7796 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 21:33:24.0349 7796 wuauserv - ok 21:33:24.0365 7796 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:33:24.0365 7796 WudfPf - ok 21:33:24.0380 7796 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:33:24.0396 7796 WUDFRd - ok 21:33:24.0411 7796 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:33:24.0427 7796 wudfsvc - ok 21:33:24.0443 7796 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 21:33:24.0458 7796 WwanSvc - ok 21:33:24.0489 7796 [ AA0A3A08A501237CD5BC4CFBFB64B3D6 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys 21:33:24.0489 7796 WwanUsbServ - ok 21:33:24.0521 7796 ================ Scan global =============================== 21:33:24.0521 7796 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 21:33:24.0552 7796 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll 21:33:24.0583 7796 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll 21:33:24.0599 7796 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 21:33:24.0630 7796 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 21:33:24.0630 7796 [Global] - ok 21:33:24.0630 7796 ================ Scan MBR ================================== 21:33:24.0645 7796 [ 5D535071221FC633A0143C79B1427D6D ] \Device\Harddisk0\DR0 21:33:24.0957 7796 \Device\Harddisk0\DR0 - ok 21:33:24.0957 7796 ================ Scan VBR ================================== 21:33:24.0973 7796 [ 7F96230CA639474ED5ED5510A6D83F4E ] \Device\Harddisk0\DR0\Partition1 21:33:24.0973 7796 \Device\Harddisk0\DR0\Partition1 - ok 21:33:24.0973 7796 [ D758850E38B5BA8969D28D007984CE79 ] \Device\Harddisk0\DR0\Partition2 21:33:24.0973 7796 \Device\Harddisk0\DR0\Partition2 - ok 21:33:24.0989 7796 [ A672900380F4C1CE5F3FA24965261F81 ] \Device\Harddisk0\DR0\Partition3 21:33:24.0989 7796 \Device\Harddisk0\DR0\Partition3 - ok 21:33:24.0989 7796 ============================================================ 21:33:24.0989 7796 Scan finished 21:33:24.0989 7796 ============================================================ 21:33:25.0004 4872 Detected object count: 0 21:33:25.0004 4872 Actual detected object count: 0 21:33:58.0475 7188 Deinitialize succes |
|
29.12.2012, 16:53
| #12 |
| | click and continue letzter scan (nach dem Löschen) 23:01:58.0505 12300 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 23:01:58.0865 12300 ============================================================ 23:01:58.0865 12300 Current date / time: 2012/12/28 23:01:58.0865 23:01:58.0865 12300 SystemInfo: 23:01:58.0865 12300 23:01:58.0865 12300 OS Version: 6.1.7601 ServicePack: 1.0 23:01:58.0865 12300 Product type: Workstation 23:01:58.0866 12300 ComputerName: GEHTDICHNICHTSA 23:01:58.0866 12300 UserName: geht dich nichts an 23:01:58.0866 12300 Windows directory: C:\Windows 23:01:58.0866 12300 System windows directory: C:\Windows 23:01:58.0866 12300 Running under WOW64 23:01:58.0866 12300 Processor architecture: Intel x64 23:01:58.0866 12300 Number of processors: 8 23:01:58.0866 12300 Page size: 0x1000 23:01:58.0866 12300 Boot type: Normal boot 23:01:58.0866 12300 ============================================================ 23:01:59.0488 12300 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 23:01:59.0505 12300 ============================================================ 23:01:59.0505 12300 \Device\Harddisk0\DR0: 23:01:59.0506 12300 MBR partitions: 23:01:59.0506 12300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000 23:01:59.0506 12300 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x107EA800 23:01:59.0506 12300 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10AD9000, BlocksNum 0x1F40000 23:01:59.0506 12300 ============================================================ 23:01:59.0508 12300 C: <-> \Device\Harddisk0\DR0\Partition2 23:01:59.0510 12300 Q: <-> \Device\Harddisk0\DR0\Partition3 23:01:59.0510 12300 ============================================================ 23:01:59.0510 12300 Initialize success 23:01:59.0510 12300 ============================================================ 23:02:02.0706 12680 ============================================================ 23:02:02.0707 12680 Scan started 23:02:02.0707 12680 Mode: Manual; 23:02:02.0707 12680 ============================================================ 23:02:02.0836 12680 ================ Scan system memory ======================== 23:02:02.0836 12680 System memory - ok 23:02:02.0837 12680 ================ Scan services ============================= 23:02:02.0920 12680 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 23:02:02.0926 12680 1394ohci - ok 23:02:02.0937 12680 [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys 23:02:02.0950 12680 5U877 - ok 23:02:02.0963 12680 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 23:02:02.0967 12680 ACDaemon - ok 23:02:02.0980 12680 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 23:02:03.0004 12680 ACPI - ok 23:02:03.0012 12680 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 23:02:03.0020 12680 AcpiPmi - ok 23:02:03.0032 12680 [ DEECCADBD25F65D65293A09721B3A447 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe 23:02:03.0036 12680 AcPrfMgrSvc - ok 23:02:03.0048 12680 [ A7753804C6C66C9C80F4E29659FD721C ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe 23:02:03.0054 12680 AcSvc - ok 23:02:03.0112 12680 [ 76D5A3D2A50402A0B9B6ED13C4371E79 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 23:02:03.0120 12680 AdobeFlashPlayerUpdateSvc - ok 23:02:03.0138 12680 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 23:02:03.0161 12680 adp94xx - ok 23:02:03.0176 12680 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys 23:02:03.0194 12680 adpahci - ok 23:02:03.0205 12680 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 23:02:03.0221 12680 adpu320 - ok 23:02:03.0233 12680 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 23:02:03.0246 12680 AeLookupSvc - ok 23:02:03.0254 12680 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\Windows\syswow64\drivers\Afc.sys 23:02:03.0263 12680 Afc - ok 23:02:03.0283 12680 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 23:02:03.0293 12680 AFD - ok 23:02:03.0302 12680 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 23:02:03.0313 12680 agp440 - ok 23:02:03.0322 12680 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 23:02:03.0333 12680 ALG - ok 23:02:03.0341 12680 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 23:02:03.0349 12680 aliide - ok 23:02:03.0356 12680 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 23:02:03.0364 12680 amdide - ok 23:02:03.0372 12680 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 23:02:03.0384 12680 AmdK8 - ok 23:02:03.0394 12680 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 23:02:03.0406 12680 AmdPPM - ok 23:02:03.0416 12680 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 23:02:03.0428 12680 amdsata - ok 23:02:03.0439 12680 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 23:02:03.0455 12680 amdsbs - ok 23:02:03.0467 12680 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 23:02:03.0476 12680 amdxata - ok 23:02:03.0489 12680 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 23:02:03.0493 12680 AntiVirSchedulerService - ok 23:02:03.0500 12680 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 23:02:03.0503 12680 AntiVirService - ok 23:02:03.0512 12680 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 23:02:03.0523 12680 AppID - ok 23:02:03.0531 12680 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 23:02:03.0542 12680 AppIDSvc - ok 23:02:03.0550 12680 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 23:02:03.0564 12680 Appinfo - ok 23:02:03.0572 12680 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 23:02:03.0577 12680 Apple Mobile Device - ok 23:02:03.0590 12680 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll 23:02:03.0605 12680 AppMgmt - ok 23:02:03.0614 12680 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys 23:02:03.0626 12680 arc - ok 23:02:03.0633 12680 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys 23:02:03.0645 12680 arcsas - ok 23:02:03.0659 12680 aspnet_state - ok 23:02:03.0665 12680 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 23:02:03.0672 12680 AsyncMac - ok 23:02:03.0681 12680 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 23:02:03.0689 12680 atapi - ok 23:02:03.0708 12680 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 23:02:03.0739 12680 AudioEndpointBuilder - ok 23:02:03.0758 12680 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 23:02:03.0765 12680 AudioSrv - ok 23:02:03.0775 12680 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 23:02:03.0787 12680 avgntflt - ok 23:02:03.0797 12680 [ A3B21D3CD9185734698AB4C5D7D8F182 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys 23:02:03.0806 12680 avgtp - ok 23:02:03.0814 12680 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 23:02:03.0828 12680 avipbb - ok 23:02:03.0835 12680 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 23:02:03.0844 12680 avkmgr - ok 23:02:03.0854 12680 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 23:02:03.0867 12680 AxInstSV - ok 23:02:03.0886 12680 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 23:02:03.0907 12680 b06bdrv - ok 23:02:03.0918 12680 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 23:02:03.0934 12680 b57nd60a - ok 23:02:03.0946 12680 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 23:02:03.0958 12680 BDESVC - ok 23:02:03.0999 12680 [ 553E94AE71D233C14A8C8B4AF9286ED0 ] BecHelperService C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe 23:02:04.0050 12680 BecHelperService - ok 23:02:04.0056 12680 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 23:02:04.0061 12680 Beep - ok 23:02:04.0082 12680 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 23:02:04.0110 12680 BFE - ok 23:02:04.0140 12680 [ 5B1FE9D351C284701C8051DA2AA81DF6 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120507.001\BHDrvx64.sys 23:02:04.0159 12680 BHDrvx64 - ok 23:02:04.0182 12680 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 23:02:04.0213 12680 BITS - ok 23:02:04.0221 12680 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 23:02:04.0229 12680 blbdrive - ok 23:02:04.0243 12680 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 23:02:04.0266 12680 Bonjour Service - ok 23:02:04.0274 12680 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 23:02:04.0283 12680 bowser - ok 23:02:04.0290 12680 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 23:02:04.0297 12680 BrFiltLo - ok 23:02:04.0305 12680 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 23:02:04.0310 12680 BrFiltUp - ok 23:02:04.0319 12680 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 23:02:04.0332 12680 Browser - ok 23:02:04.0346 12680 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 23:02:04.0363 12680 Brserid - ok 23:02:04.0370 12680 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 23:02:04.0379 12680 BrSerWdm - ok 23:02:04.0384 12680 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 23:02:04.0390 12680 BrUsbMdm - ok 23:02:04.0396 12680 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 23:02:04.0402 12680 BrUsbSer - ok 23:02:04.0408 12680 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 23:02:04.0416 12680 BthEnum - ok 23:02:04.0425 12680 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 23:02:04.0434 12680 BTHMODEM - ok 23:02:04.0443 12680 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 23:02:04.0454 12680 BthPan - ok 23:02:04.0470 12680 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 23:02:04.0492 12680 BTHPORT - ok 23:02:04.0501 12680 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 23:02:04.0511 12680 bthserv - ok 23:02:04.0518 12680 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 23:02:04.0528 12680 BTHUSB - ok 23:02:04.0544 12680 [ 8834F87A6A745872894DF8223201A6C3 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys 23:02:04.0562 12680 BTWAMPFL - ok 23:02:04.0571 12680 [ 9863D82ECBEC6106D377ED73680D99D8 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 23:02:04.0583 12680 btwaudio - ok 23:02:04.0592 12680 [ 3432DD66AE75AB2DE6D0527AD78DBFC7 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 23:02:04.0604 12680 btwavdt - ok 23:02:04.0628 12680 [ EB4AFE08FB39BB444F221D7D501E0915 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe 23:02:04.0643 12680 btwdins - ok 23:02:04.0651 12680 [ 382DC5A631CED0462EA09B7EB898BDBF ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 23:02:04.0658 12680 btwl2cap - ok 23:02:04.0664 12680 [ 13A9C2CEDD44C175E6CA39A536795CA6 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 23:02:04.0671 12680 btwrchid - ok 23:02:04.0682 12680 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys 23:02:04.0687 12680 ccSet_NIS - ok 23:02:04.0694 12680 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 23:02:04.0703 12680 cdfs - ok 23:02:04.0711 12680 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 23:02:04.0723 12680 cdrom - ok 23:02:04.0731 12680 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 23:02:04.0741 12680 CertPropSvc - ok 23:02:04.0745 12680 CHIPDRIVE USB SmartCardReader - ok 23:02:04.0753 12680 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys 23:02:04.0761 12680 circlass - ok 23:02:04.0773 12680 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 23:02:04.0789 12680 CLFS - ok 23:02:04.0797 12680 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:02:04.0811 12680 clr_optimization_v2.0.50727_32 - ok 23:02:04.0822 12680 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 23:02:04.0834 12680 clr_optimization_v2.0.50727_64 - ok 23:02:04.0847 12680 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:02:04.0853 12680 clr_optimization_v4.0.30319_32 - ok 23:02:04.0865 12680 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 23:02:04.0870 12680 clr_optimization_v4.0.30319_64 - ok 23:02:04.0877 12680 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 23:02:04.0883 12680 CmBatt - ok 23:02:04.0890 12680 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 23:02:04.0896 12680 cmdide - ok 23:02:04.0910 12680 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 23:02:04.0930 12680 CNG - ok 23:02:04.0962 12680 [ DB6F09464C57606892BF6D2458483417 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys 23:02:05.0002 12680 CnxtHdAudService - ok 23:02:05.0008 12680 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 23:02:05.0014 12680 Compbatt - ok 23:02:05.0019 12680 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 23:02:05.0028 12680 CompositeBus - ok 23:02:05.0033 12680 COMSysApp - ok 23:02:05.0040 12680 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 23:02:05.0047 12680 crcdisk - ok 23:02:05.0059 12680 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 23:02:05.0074 12680 CryptSvc - ok 23:02:05.0087 12680 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys 23:02:05.0107 12680 CSC - ok 23:02:05.0123 12680 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll 23:02:05.0134 12680 CscService - ok 23:02:05.0143 12680 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe 23:02:05.0156 12680 CxAudMsg - ok 23:02:05.0173 12680 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 23:02:05.0182 12680 DcomLaunch - ok 23:02:05.0194 12680 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 23:02:05.0210 12680 defragsvc - ok 23:02:05.0217 12680 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 23:02:05.0225 12680 DfsC - ok 23:02:05.0232 12680 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys 23:02:05.0235 12680 DgiVecp - ok 23:02:05.0246 12680 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 23:02:05.0263 12680 Dhcp - ok 23:02:05.0269 12680 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 23:02:05.0271 12680 discache - ok 23:02:05.0279 12680 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys 23:02:05.0290 12680 Disk - ok 23:02:05.0296 12680 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 23:02:05.0304 12680 dmvsc - ok 23:02:05.0317 12680 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 23:02:05.0331 12680 Dnscache - ok 23:02:05.0341 12680 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 23:02:05.0358 12680 dot3svc - ok 23:02:05.0373 12680 [ 277247B79DA2230D0C3AEB83E6CD8CA7 ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE 23:02:05.0381 12680 DozeSvc - ok 23:02:05.0391 12680 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 23:02:05.0404 12680 DPS - ok 23:02:05.0409 12680 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 23:02:05.0413 12680 drmkaud - ok 23:02:05.0436 12680 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 23:02:05.0461 12680 DXGKrnl - ok 23:02:05.0469 12680 [ CE4CFFD9F64B86BCEB1C343FC9924D72 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys 23:02:05.0476 12680 DzHDD64 - ok 23:02:05.0486 12680 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys 23:02:05.0501 12680 e1cexpress - ok 23:02:05.0508 12680 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 23:02:05.0517 12680 EapHost - ok 23:02:05.0566 12680 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys 23:02:05.0615 12680 ebdrv - ok 23:02:05.0622 12680 [ F88F2E5806FC405B0FA94B7947A5875E ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys 23:02:05.0629 12680 ecnssndis - ok 23:02:05.0636 12680 [ C8CD88218EFC28F7E44A9892B3E97F4D ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys 23:02:05.0637 12680 ecnssndisfltr - ok 23:02:05.0652 12680 [ 0C3F9EFF8DDD9F9EB56D754B4620155F ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 23:02:05.0660 12680 eeCtrl - ok 23:02:05.0665 12680 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 23:02:05.0667 12680 EFS - ok 23:02:05.0684 12680 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 23:02:05.0706 12680 ehRecvr - ok 23:02:05.0712 12680 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 23:02:05.0722 12680 ehSched - ok 23:02:05.0736 12680 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys 23:02:05.0752 12680 elxstor - ok 23:02:05.0760 12680 [ 8C0F9B877BC0B7FFD327EF55F9EFB642 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 23:02:05.0763 12680 EraserUtilRebootDrv - ok 23:02:05.0768 12680 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 23:02:05.0772 12680 ErrDev - ok 23:02:05.0789 12680 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 23:02:05.0796 12680 EventSystem - ok 23:02:05.0829 12680 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 23:02:05.0850 12680 EvtEng - ok 23:02:05.0861 12680 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 23:02:05.0871 12680 exfat - ok 23:02:05.0879 12680 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 23:02:05.0889 12680 fastfat - ok 23:02:05.0906 12680 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 23:02:05.0925 12680 Fax - ok 23:02:05.0930 12680 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys 23:02:05.0936 12680 fdc - ok 23:02:05.0941 12680 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 23:02:05.0947 12680 fdPHost - ok 23:02:05.0952 12680 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 23:02:05.0967 12680 FDResPub - ok 23:02:05.0981 12680 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 23:02:05.0995 12680 FileInfo - ok 23:02:06.0005 12680 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 23:02:06.0015 12680 Filetrace - ok 23:02:06.0026 12680 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 23:02:06.0036 12680 flpydisk - ok 23:02:06.0055 12680 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 23:02:06.0081 12680 FltMgr - ok 23:02:06.0119 12680 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 23:02:06.0146 12680 FontCache - ok 23:02:06.0156 12680 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 23:02:06.0158 12680 FontCache3.0.0.0 - ok 23:02:06.0169 12680 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 23:02:06.0185 12680 FsDepends - ok 23:02:06.0201 12680 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 23:02:06.0213 12680 Fs_Rec - ok 23:02:06.0234 12680 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 23:02:06.0241 12680 fvevol - ok 23:02:06.0252 12680 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 23:02:06.0267 12680 gagp30kx - ok 23:02:06.0282 12680 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 23:02:06.0295 12680 GEARAspiWDM - ok 23:02:06.0329 12680 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 23:02:06.0374 12680 gpsvc - ok 23:02:06.0388 12680 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 23:02:06.0393 12680 gupdate - ok 23:02:06.0404 12680 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 23:02:06.0407 12680 gupdatem - ok 23:02:06.0421 12680 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 23:02:06.0429 12680 gusvc - ok 23:02:06.0443 12680 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 23:02:06.0457 12680 hcw85cir - ok 23:02:06.0481 12680 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 23:02:06.0509 12680 HdAudAddService - ok 23:02:06.0525 12680 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 23:02:06.0543 12680 HDAudBus - ok 23:02:06.0552 12680 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 23:02:06.0565 12680 HidBatt - ok 23:02:06.0592 12680 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys 23:02:06.0613 12680 HidBth - ok 23:02:06.0632 12680 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys 23:02:06.0652 12680 HidIr - ok 23:02:06.0670 12680 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 23:02:06.0694 12680 hidserv - ok 23:02:06.0710 12680 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 23:02:06.0726 12680 HidUsb - ok 23:02:06.0744 12680 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 23:02:06.0763 12680 hkmsvc - ok 23:02:06.0786 12680 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 23:02:06.0830 12680 HomeGroupListener - ok 23:02:06.0852 12680 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 23:02:06.0885 12680 HomeGroupProvider - ok 23:02:06.0902 12680 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 23:02:06.0922 12680 HpSAMD - ok 23:02:06.0956 12680 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 23:02:06.0973 12680 HTTP - ok 23:02:07.0002 12680 [ 8F9B0FC4EC3A8194BD4CBC5ED3E7ABEB ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 23:02:07.0017 12680 hwdatacard - ok 23:02:07.0032 12680 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 23:02:07.0042 12680 hwpolicy - ok 23:02:07.0071 12680 [ B45B3647BA32749B94FA689175EC8C26 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys 23:02:07.0086 12680 hwusbdev - ok 23:02:07.0106 12680 [ E935C8099F9196BF19224D9EE4808612 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe 23:02:07.0126 12680 HyperW7Svc - ok 23:02:07.0138 12680 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 23:02:07.0156 12680 i8042prt - ok 23:02:07.0190 12680 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys 23:02:07.0208 12680 iaStor - ok 23:02:07.0233 12680 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 23:02:07.0260 12680 iaStorV - ok 23:02:07.0278 12680 [ 29ED470689B7C597A9701D6A4C57A578 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys 23:02:07.0289 12680 IBMPMDRV - ok 23:02:07.0306 12680 [ BC7AF43EEC24E995D770EC92A441D5D8 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe 23:02:07.0321 12680 IBMPMSVC - ok 23:02:07.0358 12680 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 23:02:07.0380 12680 idsvc - ok 23:02:07.0407 12680 [ 4E9E0E5A3B0EFEB27491C26BE1D97FDA ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120511.001\IDSvia64.sys 23:02:07.0419 12680 IDSVia64 - ok 23:02:07.0732 12680 [ 66DC0CE2D1867B8178EAA0E11930DBD7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 23:02:07.0995 12680 igfx - ok 23:02:08.0012 12680 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys 23:02:08.0023 12680 iirsp - ok 23:02:08.0053 12680 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 23:02:08.0100 12680 IKEEXT - ok 23:02:08.0116 12680 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 23:02:08.0125 12680 intelide - ok 23:02:08.0139 12680 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 23:02:08.0153 12680 intelppm - ok 23:02:08.0170 12680 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 23:02:08.0187 12680 IPBusEnum - ok 23:02:08.0198 12680 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:02:08.0212 12680 IpFilterDriver - ok 23:02:08.0237 12680 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 23:02:08.0252 12680 iphlpsvc - ok 23:02:08.0268 12680 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 23:02:08.0283 12680 IPMIDRV - ok 23:02:08.0300 12680 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 23:02:08.0315 12680 IPNAT - ok 23:02:08.0348 12680 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 23:02:08.0368 12680 iPod Service - ok 23:02:08.0379 12680 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 23:02:08.0387 12680 IRENUM - ok 23:02:08.0400 12680 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 23:02:08.0410 12680 isapnp - ok 23:02:08.0431 12680 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 23:02:08.0459 12680 iScsiPrt - ok 23:02:08.0485 12680 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe 23:02:08.0493 12680 jhi_service - ok 23:02:08.0510 12680 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 23:02:08.0526 12680 kbdclass - ok 23:02:08.0547 12680 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 23:02:08.0557 12680 kbdhid - ok 23:02:08.0568 12680 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 23:02:08.0571 12680 KeyIso - ok 23:02:08.0591 12680 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 23:02:08.0608 12680 KSecDD - ok 23:02:08.0623 12680 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 23:02:08.0642 12680 KSecPkg - ok 23:02:08.0660 12680 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 23:02:08.0669 12680 ksthunk - ok 23:02:08.0692 12680 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 23:02:08.0722 12680 KtmRm - ok 23:02:08.0736 12680 [ C864875E87E6B790471516856FC1F5C2 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys 23:02:08.0749 12680 l36wgps - ok 23:02:08.0768 12680 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 23:02:08.0797 12680 LanmanServer - ok 23:02:08.0808 12680 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 23:02:08.0830 12680 LanmanWorkstation - ok 23:02:08.0843 12680 [ 56B74943929BC575914631EDC0E72220 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe 23:02:08.0859 12680 LENOVO.CAMMUTE - ok 23:02:08.0870 12680 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 23:02:08.0875 12680 LENOVO.MICMUTE - ok 23:02:08.0884 12680 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys 23:02:08.0893 12680 lenovo.smi - ok 23:02:08.0915 12680 [ F9B51B2A5DA1222A910021C71E9EA559 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 23:02:08.0918 12680 LENOVO.TPKNRSVC - ok 23:02:08.0929 12680 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe 23:02:08.0935 12680 Lenovo.VIRTSCRLSVC - ok 23:02:08.0948 12680 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 23:02:08.0960 12680 lltdio - ok 23:02:08.0975 12680 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 23:02:08.0998 12680 lltdsvc - ok 23:02:09.0007 12680 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 23:02:09.0019 12680 lmhosts - ok 23:02:09.0037 12680 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 23:02:09.0046 12680 LMS - ok 23:02:09.0066 12680 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 23:02:09.0082 12680 LSI_FC - ok 23:02:09.0094 12680 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 23:02:09.0110 12680 LSI_SAS - ok 23:02:09.0122 12680 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 23:02:09.0136 12680 LSI_SAS2 - ok 23:02:09.0151 12680 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 23:02:09.0167 12680 LSI_SCSI - ok 23:02:09.0182 12680 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 23:02:09.0198 12680 luafv - ok 23:02:09.0213 12680 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 23:02:09.0225 12680 MBAMProtector - ok 23:02:09.0246 12680 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe 23:02:09.0285 12680 MBAMScheduler - ok 23:02:09.0316 12680 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 23:02:09.0363 12680 MBAMService - ok 23:02:09.0385 12680 [ D8BA1ECBF0B9A4B4E1F3B7EB517D6C20 ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys 23:02:09.0409 12680 Mbm3CBus - ok 23:02:09.0431 12680 [ 01E60917101B309E15F30DA26ACF64F6 ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys 23:02:09.0455 12680 Mbm3DevMt - ok 23:02:09.0468 12680 [ 6350A2CA21FB7B14432EFFDC61863AED ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys 23:02:09.0478 12680 Mbm3mdfl - ok 23:02:09.0502 12680 [ 9FC3A8713D148E15D0472E1C44DD0FDA ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys 23:02:09.0528 12680 Mbm3Mdm - ok 23:02:09.0540 12680 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 23:02:09.0557 12680 Mcx2Svc - ok 23:02:09.0576 12680 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 23:02:09.0585 12680 MDM - ok 23:02:09.0593 12680 mdvrmng - ok 23:02:09.0610 12680 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys 23:02:09.0622 12680 megasas - ok 23:02:09.0639 12680 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 23:02:09.0661 12680 MegaSR - ok 23:02:09.0677 12680 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 23:02:09.0690 12680 MEIx64 - ok 23:02:09.0700 12680 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 23:02:09.0716 12680 MMCSS - ok 23:02:09.0725 12680 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 23:02:09.0728 12680 Modem - ok 23:02:09.0739 12680 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 23:02:09.0742 12680 monitor - ok 23:02:09.0753 12680 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 23:02:09.0766 12680 mouclass - ok 23:02:09.0776 12680 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 23:02:09.0788 12680 mouhid - ok 23:02:09.0799 12680 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 23:02:09.0804 12680 mountmgr - ok 23:02:09.0817 12680 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 23:02:09.0838 12680 mpio - ok 23:02:09.0849 12680 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 23:02:09.0863 12680 mpsdrv - ok 23:02:09.0891 12680 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 23:02:09.0938 12680 MpsSvc - ok 23:02:09.0950 12680 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 23:02:09.0968 12680 MRxDAV - ok 23:02:09.0980 12680 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 23:02:09.0997 12680 mrxsmb - ok 23:02:10.0017 12680 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:02:10.0039 12680 mrxsmb10 - ok 23:02:10.0051 12680 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:02:10.0065 12680 mrxsmb20 - ok 23:02:10.0076 12680 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 23:02:10.0088 12680 msahci - ok 23:02:10.0103 12680 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 23:02:10.0120 12680 msdsm - ok 23:02:10.0134 12680 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 23:02:10.0155 12680 MSDTC - ok 23:02:10.0173 12680 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 23:02:10.0183 12680 Msfs - ok 23:02:10.0192 12680 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 23:02:10.0198 12680 mshidkmdf - ok 23:02:10.0207 12680 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 23:02:10.0218 12680 msisadrv - ok 23:02:10.0231 12680 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 23:02:10.0249 12680 MSiSCSI - ok 23:02:10.0265 12680 msiserver - ok 23:02:10.0280 12680 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 23:02:10.0287 12680 MSKSSRV - ok 23:02:10.0296 12680 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 23:02:10.0302 12680 MSPCLOCK - ok 23:02:10.0312 12680 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 23:02:10.0319 12680 MSPQM - ok 23:02:10.0343 12680 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 23:02:10.0365 12680 MsRPC - ok 23:02:10.0382 12680 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 23:02:10.0385 12680 mssmbios - ok 23:02:10.0401 12680 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 23:02:10.0408 12680 MSTEE - ok 23:02:10.0420 12680 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 23:02:10.0429 12680 MTConfig - ok 23:02:10.0438 12680 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 23:02:10.0453 12680 Mup - ok 23:02:10.0474 12680 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 23:02:10.0510 12680 napagent - ok 23:02:10.0537 12680 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 23:02:10.0561 12680 NativeWifiP - ok 23:02:10.0573 12680 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120511.021\ENG64.SYS 23:02:10.0579 12680 NAVENG - ok 23:02:10.0633 12680 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120511.021\EX64.SYS 23:02:10.0675 12680 NAVEX15 - ok 23:02:10.0710 12680 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 23:02:10.0732 12680 NDIS - ok 23:02:10.0745 12680 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 23:02:10.0755 12680 NdisCap - ok 23:02:10.0764 12680 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 23:02:10.0774 12680 NdisTapi - ok 23:02:10.0785 12680 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 23:02:10.0797 12680 Ndisuio - ok 23:02:10.0809 12680 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 23:02:10.0827 12680 NdisWan - ok 23:02:10.0841 12680 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 23:02:10.0853 12680 NDProxy - ok 23:02:10.0866 12680 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 23:02:10.0877 12680 Netaapl - ok 23:02:10.0891 12680 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 23:02:10.0903 12680 NetBIOS - ok 23:02:10.0918 12680 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 23:02:10.0940 12680 NetBT - ok 23:02:10.0953 12680 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 23:02:10.0956 12680 Netlogon - ok 23:02:10.0974 12680 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 23:02:11.0008 12680 Netman - ok 23:02:11.0029 12680 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 23:02:11.0067 12680 netprofm - ok 23:02:11.0079 12680 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:02:11.0103 12680 NetTcpPortSharing - ok 23:02:11.0306 12680 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 23:02:11.0495 12680 NETwNs64 - ok 23:02:11.0509 12680 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 23:02:11.0521 12680 nfrd960 - ok 23:02:11.0548 12680 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe 23:02:11.0553 12680 NIS - ok 23:02:11.0574 12680 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 23:02:11.0602 12680 NlaSvc - ok 23:02:11.0613 12680 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 23:02:11.0623 12680 Npfs - ok 23:02:11.0634 12680 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 23:02:11.0646 12680 nsi - ok 23:02:11.0659 12680 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 23:02:11.0662 12680 nsiproxy - ok 23:02:11.0723 12680 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 23:02:11.0785 12680 Ntfs - ok 23:02:11.0797 12680 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 23:02:11.0803 12680 Null - ok 23:02:12.0109 12680 [ E2C13F0BC48BBF7FEC12AEE77F3D3E26 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 23:02:12.0363 12680 nvlddmkm - ok 23:02:12.0380 12680 [ 2E6C975AE61742DC8A31B9E260D8AF1D ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys 23:02:12.0391 12680 nvpciflt - ok 23:02:12.0412 12680 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 23:02:12.0428 12680 nvraid - ok 23:02:12.0442 12680 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 23:02:12.0460 12680 nvstor - ok 23:02:12.0496 12680 [ ADE4D6E9335F1746016D3533F177C694 ] NVSvc C:\Windows\system32\nvvsvc.exe 23:02:12.0520 12680 NVSvc - ok 23:02:12.0574 12680 [ E9200F89EA2885B9B8151AA9D7B480EB ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 23:02:12.0617 12680 nvUpdatusService - ok 23:02:12.0636 12680 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 23:02:12.0653 12680 nv_agp - ok 23:02:12.0665 12680 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 23:02:12.0680 12680 ohci1394 - ok 23:02:12.0696 12680 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:02:12.0719 12680 ose - ok 23:02:12.0750 12680 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 23:02:12.0761 12680 p2pimsvc - ok 23:02:12.0785 12680 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 23:02:12.0815 12680 p2psvc - ok 23:02:12.0827 12680 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys 23:02:12.0842 12680 Parport - ok 23:02:12.0856 12680 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 23:02:12.0871 12680 partmgr - ok 23:02:12.0892 12680 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 23:02:12.0917 12680 PcaSvc - ok 23:02:12.0935 12680 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 23:02:12.0942 12680 pci - ok 23:02:12.0953 12680 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 23:02:12.0963 12680 pciide - ok 23:02:12.0981 12680 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 23:02:13.0004 12680 pcmcia - ok 23:02:13.0016 12680 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 23:02:13.0029 12680 pcw - ok 23:02:13.0052 12680 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 23:02:13.0091 12680 PEAUTH - ok 23:02:13.0131 12680 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 23:02:13.0161 12680 PeerDistSvc - ok 23:02:13.0238 12680 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 23:02:13.0252 12680 PerfHost - ok 23:02:13.0277 12680 [ 52C9F4359AF4A25969B882AECC6F3BDA ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS 23:02:13.0288 12680 PHCORE - ok 23:02:13.0330 12680 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 23:02:13.0386 12680 pla - ok 23:02:13.0406 12680 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 23:02:13.0441 12680 PlugPlay - ok 23:02:13.0450 12680 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 23:02:13.0465 12680 PNRPAutoReg - ok 23:02:13.0485 12680 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 23:02:13.0493 12680 PNRPsvc - ok 23:02:13.0515 12680 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 23:02:13.0548 12680 PolicyAgent - ok 23:02:13.0565 12680 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll 23:02:13.0573 12680 Power - ok 23:02:13.0588 12680 [ 0BF1D6B41E4D4376BE4E4FA31D1A88C0 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE 23:02:13.0591 12680 Power Manager DBC Service - ok 23:02:13.0603 12680 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 23:02:13.0620 12680 PptpMiniport - ok 23:02:13.0632 12680 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys 23:02:13.0647 12680 Processor - ok 23:02:13.0661 12680 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 23:02:13.0687 12680 ProfSvc - ok 23:02:13.0701 12680 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 23:02:13.0704 12680 ProtectedStorage - ok 23:02:13.0717 12680 [ 0D8A7E27BB8697EE4191BD1094C30F01 ] psadd C:\Windows\system32\DRIVERS\psadd.sys 23:02:13.0729 12680 psadd - ok 23:02:13.0741 12680 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 23:02:13.0746 12680 Psched - ok 23:02:13.0758 12680 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 23:02:13.0782 12680 PSI_SVC_2 - ok 23:02:13.0794 12680 [ D20BF8B293EB90E3C4ED2F38B51948A1 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE 23:02:13.0800 12680 PwmEWSvc - ok 23:02:13.0843 12680 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 23:02:13.0892 12680 ql2300 - ok 23:02:13.0903 12680 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 23:02:13.0920 12680 ql40xx - ok 23:02:13.0935 12680 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 23:02:13.0963 12680 QWAVE - ok 23:02:13.0974 12680 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 23:02:13.0986 12680 QWAVEdrv - ok 23:02:13.0994 12680 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 23:02:14.0002 12680 RasAcd - ok 23:02:14.0012 12680 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 23:02:14.0025 12680 RasAgileVpn - ok 23:02:14.0037 12680 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 23:02:14.0053 12680 RasAuto - ok 23:02:14.0065 12680 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 23:02:14.0082 12680 Rasl2tp - ok 23:02:14.0103 12680 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 23:02:14.0114 12680 RasMan - ok 23:02:14.0129 12680 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 23:02:14.0143 12680 RasPppoe - ok 23:02:14.0153 12680 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 23:02:14.0167 12680 RasSstp - ok 23:02:14.0186 12680 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 23:02:14.0211 12680 rdbss - ok 23:02:14.0220 12680 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 23:02:14.0230 12680 rdpbus - ok 23:02:14.0243 12680 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 23:02:14.0246 12680 RDPCDD - ok 23:02:14.0270 12680 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 23:02:14.0287 12680 RDPDR - ok 23:02:14.0298 12680 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 23:02:14.0305 12680 RDPENCDD - ok 23:02:14.0326 12680 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 23:02:14.0329 12680 RDPREFMP - ok 23:02:14.0343 12680 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 23:02:14.0361 12680 RDPWD - ok 23:02:14.0381 12680 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 23:02:14.0402 12680 rdyboost - ok 23:02:14.0437 12680 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 23:02:14.0456 12680 RegSrvc - ok 23:02:14.0471 12680 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 23:02:14.0487 12680 RemoteAccess - ok 23:02:14.0500 12680 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 23:02:14.0523 12680 RemoteRegistry - ok 23:02:14.0537 12680 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 23:02:14.0551 12680 RFCOMM - ok 23:02:14.0563 12680 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys 23:02:14.0577 12680 risdxc - ok 23:02:14.0587 12680 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 23:02:14.0603 12680 RpcEptMapper - ok 23:02:14.0613 12680 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 23:02:14.0623 12680 RpcLocator - ok 23:02:14.0644 12680 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 23:02:14.0656 12680 RpcSs - ok 23:02:14.0667 12680 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 23:02:14.0679 12680 rspndr - ok 23:02:14.0696 12680 [ B88880586ACD3EDEFCD0F9C2A6C1EE27 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys 23:02:14.0718 12680 RTL2832UBDA - ok 23:02:14.0734 12680 [ 4C04300EE6A5E780FD4E2F0806AECA0E ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys 23:02:14.0745 12680 RTL2832UUSB - ok 23:02:14.0758 12680 [ 19FAA5E7CF3D5263F4E79450A03E50CA ] RTL2832U_IRHID C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys 23:02:14.0769 12680 RTL2832U_IRHID - ok 23:02:14.0782 12680 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys 23:02:14.0791 12680 s3cap - ok 23:02:14.0808 12680 [ 4F55BC63DCA859A6DEDC1106E0062135 ] S3XXx64 C:\Windows\system32\DRIVERS\S3XXx64.sys 23:02:14.0822 12680 S3XXx64 - ok 23:02:14.0831 12680 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 23:02:14.0835 12680 SamSs - ok 23:02:14.0846 12680 SAService - ok 23:02:14.0862 12680 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 23:02:14.0878 12680 sbp2port - ok 23:02:14.0894 12680 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 23:02:14.0913 12680 SCardSvr - ok 23:02:14.0928 12680 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 23:02:14.0941 12680 scfilter - ok 23:02:14.0980 12680 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 23:02:15.0041 12680 Schedule - ok 23:02:15.0057 12680 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 23:02:15.0068 12680 SCPolicySvc - ok 23:02:15.0084 12680 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 23:02:15.0110 12680 SDRSVC - ok 23:02:15.0120 12680 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 23:02:15.0131 12680 secdrv - ok 23:02:15.0144 12680 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 23:02:15.0159 12680 seclogon - ok 23:02:15.0168 12680 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 23:02:15.0175 12680 SENS - ok 23:02:15.0185 12680 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 23:02:15.0198 12680 SensrSvc - ok 23:02:15.0210 12680 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 23:02:15.0219 12680 Serenum - ok 23:02:15.0234 12680 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys 23:02:15.0249 12680 Serial - ok 23:02:15.0263 12680 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys 23:02:15.0273 12680 sermouse - ok 23:02:15.0307 12680 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 23:02:15.0326 12680 SessionEnv - ok 23:02:15.0337 12680 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 23:02:15.0345 12680 sffdisk - ok 23:02:15.0353 12680 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 23:02:15.0363 12680 sffp_mmc - ok 23:02:15.0373 12680 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 23:02:15.0381 12680 sffp_sd - ok 23:02:15.0392 12680 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 23:02:15.0400 12680 sfloppy - ok 23:02:15.0423 12680 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 23:02:15.0450 12680 SharedAccess - ok 23:02:15.0469 12680 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 23:02:15.0497 12680 ShellHWDetection - ok 23:02:15.0517 12680 [ E2FC046D4EDABFE3B5EF7DA06406277D ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys 23:02:15.0533 12680 Shockprf - ok 23:02:15.0543 12680 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 23:02:15.0559 12680 SiSRaid2 - ok 23:02:15.0569 12680 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 23:02:15.0584 12680 SiSRaid4 - ok 23:02:15.0666 12680 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 23:02:15.0728 12680 Skype C2C Service - ok 23:02:15.0741 12680 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 23:02:15.0856 12680 SkypeUpdate - ok 23:02:15.0869 12680 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 23:02:15.0883 12680 Smb - ok 23:02:15.0894 12680 [ C5B1A19B14F19B08AE72FCB20A3075B6 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys 23:02:15.0902 12680 smihlp - ok 23:02:15.0922 12680 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 23:02:15.0934 12680 SNMPTRAP - ok 23:02:15.0944 12680 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 23:02:15.0955 12680 spldr - ok 23:02:15.0982 12680 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 23:02:16.0022 12680 Spooler - ok 23:02:16.0107 12680 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 23:02:16.0180 12680 sppsvc - ok 23:02:16.0193 12680 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 23:02:16.0208 12680 sppuinotify - ok 23:02:16.0238 12680 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1309000.009\SRTSP64.SYS 23:02:16.0276 12680 SRTSP - ok 23:02:16.0286 12680 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1309000.009\SRTSPX64.SYS 23:02:16.0289 12680 SRTSPX - ok 23:02:16.0308 12680 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 23:02:16.0336 12680 srv - ok 23:02:16.0355 12680 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 23:02:16.0385 12680 srv2 - ok 23:02:16.0398 12680 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 23:02:16.0416 12680 srvnet - ok 23:02:16.0430 12680 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 23:02:16.0451 12680 SSDPSRV - ok 23:02:16.0461 12680 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys 23:02:16.0469 12680 SSPORT - ok 23:02:16.0482 12680 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 23:02:16.0488 12680 SstpSvc - ok 23:02:16.0518 12680 [ E4AEA6FC64A979375149B86882CA2100 ] StarMoney 8.0 OnlineUpdate C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe 23:02:16.0534 12680 StarMoney 8.0 OnlineUpdate - ok 23:02:16.0558 12680 [ 9F16DDF670705ECAE9169E6E3130E50B ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 23:02:16.0596 12680 Stereo Service - ok 23:02:16.0606 12680 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys 23:02:16.0618 12680 stexstor - ok 23:02:16.0643 12680 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 23:02:16.0677 12680 stisvc - ok 23:02:16.0688 12680 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 23:02:16.0701 12680 storflt - ok 23:02:16.0710 12680 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll 23:02:16.0722 12680 StorSvc - ok 23:02:16.0735 12680 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys 23:02:16.0747 12680 storvsc - ok 23:02:16.0757 12680 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 23:02:16.0767 12680 swenum - ok 23:02:16.0790 12680 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 23:02:16.0822 12680 swprv - ok 23:02:16.0843 12680 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS 23:02:16.0854 12680 SymDS - ok 23:02:16.0891 12680 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS 23:02:16.0942 12680 SymEFA - ok 23:02:16.0955 12680 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 23:02:16.0973 12680 SymEvent - ok 23:02:16.0989 12680 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS 23:02:17.0009 12680 SymIRON - ok 23:02:17.0028 12680 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS 23:02:17.0038 12680 SymNetS - ok 23:02:17.0081 12680 [ FFDD13B42D4B106AC9FAFBB0E1F7FAA5 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 23:02:17.0132 12680 SynTP - ok 23:02:17.0180 12680 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 23:02:17.0248 12680 SysMain - ok 23:02:17.0261 12680 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 23:02:17.0279 12680 TabletInputService - ok 23:02:17.0295 12680 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 23:02:17.0324 12680 TapiSrv - ok 23:02:17.0336 12680 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 23:02:17.0343 12680 TBS - ok 23:02:17.0395 12680 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 23:02:17.0473 12680 Tcpip - ok 23:02:17.0527 12680 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 23:02:17.0556 12680 TCPIP6 - ok 23:02:17.0578 12680 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 23:02:17.0589 12680 tcpipreg - ok 23:02:17.0605 12680 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 23:02:17.0613 12680 TDPIPE - ok 23:02:17.0623 12680 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 23:02:17.0633 12680 TDTCP - ok 23:02:17.0645 12680 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 23:02:17.0659 12680 tdx - ok 23:02:17.0669 12680 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 23:02:17.0683 12680 TermDD - ok 23:02:17.0709 12680 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 23:02:17.0754 12680 TermService - ok 23:02:17.0764 12680 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 23:02:17.0780 12680 Themes - ok 23:02:17.0790 12680 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 23:02:17.0803 12680 THREADORDER - ok 23:02:17.0816 12680 [ 55B7FE3E1D3B616BDC4E9EA48D92D6E6 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys 23:02:17.0826 12680 TPDIGIMN - ok 23:02:17.0836 12680 [ F0684C62ED8FD3061CD488ECFC851022 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe 23:02:17.0853 12680 TPHDEXLGSVC - ok 23:02:17.0865 12680 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe 23:02:17.0886 12680 TPHKLOAD - ok 23:02:17.0897 12680 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 23:02:17.0901 12680 TPHKSVC - ok 23:02:17.0911 12680 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys 23:02:17.0922 12680 TPM - ok 23:02:17.0932 12680 [ 7165B5A9B4867F64A6D6935F57D4196B ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys 23:02:17.0941 12680 TPPWRIF - ok 23:02:17.0953 12680 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 23:02:17.0975 12680 TrkWks - ok 23:02:17.0988 12680 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 23:02:17.0995 12680 TrustedInstaller - ok 23:02:18.0010 12680 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 23:02:18.0020 12680 tssecsrv - ok 23:02:18.0030 12680 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 23:02:18.0044 12680 TsUsbFlt - ok 23:02:18.0058 12680 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 23:02:18.0071 12680 TsUsbGD - ok 23:02:18.0087 12680 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 23:02:18.0102 12680 tunnel - ok 23:02:18.0147 12680 [ D3D473C0DD8BAC37FADD6419362907E2 ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe 23:02:18.0181 12680 TVT Backup Service - ok 23:02:18.0193 12680 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys 23:02:18.0205 12680 TVTI2C - ok 23:02:18.0215 12680 TwkMs - ok 23:02:18.0224 12680 TWKSER2K - ok 23:02:18.0236 12680 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 23:02:18.0250 12680 uagp35 - ok 23:02:18.0267 12680 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 23:02:18.0290 12680 udfs - ok 23:02:18.0312 12680 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 23:02:18.0331 12680 UI0Detect - ok 23:02:18.0341 12680 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 23:02:18.0356 12680 uliagpkx - ok 23:02:18.0366 12680 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 23:02:18.0378 12680 umbus - ok 23:02:18.0391 12680 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys 23:02:18.0399 12680 UmPass - ok 23:02:18.0415 12680 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll 23:02:18.0444 12680 UmRdpService - ok 23:02:18.0514 12680 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 23:02:18.0570 12680 UNS - ok 23:02:18.0591 12680 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 23:02:18.0619 12680 upnphost - ok 23:02:18.0630 12680 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 23:02:18.0642 12680 USBAAPL64 - ok 23:02:18.0653 12680 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 23:02:18.0667 12680 usbccgp - ok 23:02:18.0682 12680 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 23:02:18.0702 12680 usbcir - ok 23:02:18.0713 12680 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 23:02:18.0725 12680 usbehci - ok 23:02:18.0749 12680 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 23:02:18.0775 12680 usbhub - ok 23:02:18.0785 12680 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 23:02:18.0794 12680 usbohci - ok 23:02:18.0806 12680 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 23:02:18.0816 12680 usbprint - ok 23:02:18.0832 12680 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:02:18.0847 12680 USBSTOR - ok 23:02:18.0859 12680 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 23:02:18.0869 12680 usbuhci - ok 23:02:18.0887 12680 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 23:02:18.0903 12680 usbvideo - ok 23:02:18.0914 12680 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 23:02:18.0930 12680 UxSms - ok 23:02:18.0944 12680 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 23:02:18.0947 12680 VaultSvc - ok 23:02:18.0957 12680 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 23:02:18.0970 12680 vdrvroot - ok 23:02:18.0998 12680 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 23:02:19.0032 12680 vds - ok 23:02:19.0043 12680 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 23:02:19.0052 12680 vga - ok 23:02:19.0062 12680 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 23:02:19.0071 12680 VgaSave - ok 23:02:19.0085 12680 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 23:02:19.0108 12680 vhdmp - ok 23:02:19.0118 12680 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 23:02:19.0129 12680 viaide - ok 23:02:19.0141 12680 [ 94BB24C999C97C7B31AC154559C9ECEE ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe 23:02:19.0144 12680 VIPAppService - ok 23:02:19.0158 12680 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys 23:02:19.0180 12680 vmbus - ok 23:02:19.0190 12680 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 23:02:19.0198 12680 VMBusHID - ok 23:02:19.0209 12680 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 23:02:19.0224 12680 volmgr - ok 23:02:19.0242 12680 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 23:02:19.0270 12680 volmgrx - ok 23:02:19.0287 12680 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 23:02:19.0311 12680 volsnap - ok 23:02:19.0327 12680 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 23:02:19.0345 12680 vsmraid - ok 23:02:19.0390 12680 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 23:02:19.0445 12680 VSS - ok 23:02:19.0474 12680 [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe 23:02:19.0491 12680 vToolbarUpdater13.2.0 - ok 23:02:19.0502 12680 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 23:02:19.0514 12680 vwifibus - ok 23:02:19.0525 12680 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 23:02:19.0539 12680 vwififlt - ok 23:02:19.0549 12680 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 23:02:19.0557 12680 vwifimp - ok 23:02:19.0578 12680 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 23:02:19.0613 12680 W32Time - ok 23:02:19.0637 12680 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys 23:02:19.0647 12680 WacomPen - ok 23:02:19.0660 12680 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 23:02:19.0675 12680 WANARP - ok 23:02:19.0686 12680 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 23:02:19.0688 12680 Wanarpv6 - ok 23:02:19.0728 12680 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 23:02:19.0801 12680 WatAdminSvc - ok 23:02:19.0844 12680 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 23:02:19.0897 12680 wbengine - ok 23:02:19.0915 12680 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 23:02:19.0937 12680 WbioSrvc - ok 23:02:19.0957 12680 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 23:02:19.0982 12680 wcncsvc - ok 23:02:19.0994 12680 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 23:02:20.0010 12680 WcsPlugInService - ok 23:02:20.0022 12680 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys 23:02:20.0033 12680 Wd - ok 23:02:20.0062 12680 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 23:02:20.0103 12680 Wdf01000 - ok 23:02:20.0119 12680 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 23:02:20.0138 12680 WdiServiceHost - ok 23:02:20.0148 12680 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 23:02:20.0154 12680 WdiSystemHost - ok 23:02:20.0170 12680 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 23:02:20.0198 12680 WebClient - ok 23:02:20.0213 12680 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 23:02:20.0235 12680 Wecsvc - ok 23:02:20.0247 12680 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 23:02:20.0254 12680 wercplsupport - ok 23:02:20.0268 12680 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 23:02:20.0275 12680 WerSvc - ok 23:02:20.0285 12680 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 23:02:20.0294 12680 WfpLwf - ok 23:02:20.0304 12680 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 23:02:20.0314 12680 WIMMount - ok 23:02:20.0322 12680 WinDefend - ok 23:02:20.0339 12680 WinHttpAutoProxySvc - ok 23:02:20.0364 12680 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 23:02:20.0390 12680 Winmgmt - ok 23:02:20.0447 12680 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 23:02:20.0514 12680 WinRM - ok 23:02:20.0538 12680 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys 23:02:20.0552 12680 WinUsb - ok 23:02:20.0584 12680 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 23:02:20.0608 12680 Wlansvc - ok 23:02:20.0622 12680 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 23:02:20.0637 12680 wlcrasvc - ok 23:02:20.0701 12680 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 23:02:20.0750 12680 wlidsvc - ok 23:02:20.0762 12680 WMCoreService - ok 23:02:20.0776 12680 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 23:02:20.0785 12680 WmiAcpi - ok 23:02:20.0806 12680 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 23:02:20.0812 12680 wmiApSrv - ok 23:02:20.0822 12680 WMPNetworkSvc - ok 23:02:20.0837 12680 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 23:02:20.0850 12680 WPCSvc - ok 23:02:20.0861 12680 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 23:02:20.0883 12680 WPDBusEnum - ok 23:02:20.0894 12680 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 23:02:20.0904 12680 ws2ifsl - ok 23:02:20.0915 12680 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 23:02:20.0922 12680 wscsvc - ok 23:02:20.0932 12680 WSearch - ok 23:02:21.0001 12680 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 23:02:21.0053 12680 wuauserv - ok 23:02:21.0065 12680 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 23:02:21.0079 12680 WudfPf - ok 23:02:21.0094 12680 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 23:02:21.0113 12680 WUDFRd - ok 23:02:21.0124 12680 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 23:02:21.0142 12680 wudfsvc - ok 23:02:21.0159 12680 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 23:02:21.0180 12680 WwanSvc - ok 23:02:21.0199 12680 [ AA0A3A08A501237CD5BC4CFBFB64B3D6 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys 23:02:21.0208 12680 WwanUsbServ - ok 23:02:21.0244 12680 ================ Scan global =============================== 23:02:21.0253 12680 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 23:02:21.0275 12680 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll 23:02:21.0312 12680 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll 23:02:21.0326 12680 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 23:02:21.0352 12680 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 23:02:21.0363 12680 [Global] - ok 23:02:21.0365 12680 ================ Scan MBR ================================== 23:02:21.0371 12680 [ 5D535071221FC633A0143C79B1427D6D ] \Device\Harddisk0\DR0 23:02:21.0689 12680 \Device\Harddisk0\DR0 - ok 23:02:21.0690 12680 ================ Scan VBR ================================== 23:02:21.0696 12680 [ 7F96230CA639474ED5ED5510A6D83F4E ] \Device\Harddisk0\DR0\Partition1 23:02:21.0699 12680 \Device\Harddisk0\DR0\Partition1 - ok 23:02:21.0706 12680 [ D758850E38B5BA8969D28D007984CE79 ] \Device\Harddisk0\DR0\Partition2 23:02:21.0710 12680 \Device\Harddisk0\DR0\Partition2 - ok 23:02:21.0716 12680 [ A672900380F4C1CE5F3FA24965261F81 ] \Device\Harddisk0\DR0\Partition3 23:02:21.0720 12680 \Device\Harddisk0\DR0\Partition3 - ok 23:02:21.0721 12680 ============================================================ 23:02:21.0721 12680 Scan finished 23:02:21.0721 12680 ============================================================ 23:02:21.0749 1128 Detected object count: 0 23:02:21.0749 1128 Actual detected object count: 0 |
|
02.01.2013, 21:05
| #13 | |
| /// Malware-holic | click and continue Hi combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 13:31
| #14 |
| | click and continue Combofix Logfile: Code:
ATTFilter ComboFix 13-01-03.02 - geht dich nichts an 03.01.2013 11:20:15.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3979.1966 [GMT 1:00]
ausgeführt von:: c:\users\geht dich nichts an\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files\Protector by IB\ExTEnsion32.dll
c:\programdata\Bcool
c:\programdata\Bcool\background.html
c:\programdata\Bcool\content.js
c:\programdata\Bcool\data\content.js
c:\programdata\Bcool\data\jsondb.js
c:\programdata\Bcool\hpilclpacieflhmobalmaccogiioldoo.crx
c:\programdata\Bcool\settings.ini
c:\programdata\Bcool\uninstall.exe
c:\programdata\Roaming
C:\root
c:\root\wpfdot.exe
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\026466c3\0056283a_af32cd01\InternetExplorer.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\04fcc2d0\0083593b_af32cd01\PriceGrabber.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\11eeddd7\00727648_af32cd01\LenovoSolutionCenter.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\1a7ae6cb\00ebe244_af32cd01\LenovoMusic.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\54e43ba7\00b34628_af32cd01\CoreAudioApi.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\68016ff4\00671b6a_cde0cc01\NewsTile.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\6e4094b4\00809d4f_af32cd01\Skype.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\71f7b1d9\00371e40_af32cd01\Flickr.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\7acd39b9\00b08a3c_af32cd01\SimpleTapAppStoreAddon.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\804808c1\00b5955e_d6d9cc01\AccuWeatherTile.resources.DLL
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\807544df\0083593b_af32cd01\AccuWeatherTile.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\839cd220\00b5955e_d6d9cc01\AccuWeatherTile.resources.DLL
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\8bfc97b3\00beb143_af32cd01\Groupon.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\96d62448\003ada2b_af32cd01\WirelessApi.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\9fbd56ae\00cf9436_af32cd01\DefaultTheme.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\ab145615\00ccd84a_af32cd01\LenovoTV.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\b14517bf\00480133_af32cd01\ScreenRotate.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\bd9b3b95\0029f738_af32cd01\Chrome.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\cf97899b\00753234_af32cd01\Biztree.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\d16cfa28\00e07729_af32cd01\DisplayBrightnessApi.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\db16abdd\00809d4f_af32cd01\Wikipedia.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\e69b1d83\00536c4e_af32cd01\MSOffice.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\ebcb2de7\00263b4d_af32cd01\MessageCenterPlus.dll
c:\users\geht dich nichts an\AppData\Local\Temp\SimpleTap\assembly\dl3\ef031502\00e169d7_ea00cd01\SugarSync.SimpleTapAddons.FileManager.dll
c:\users\geht dich nichts an\Documents\~WRL0380.tmp
c:\users\geht dich nichts an\Documents\~WRL0426.tmp
c:\users\geht dich nichts an\Documents\~WRL1073.tmp
c:\users\geht dich nichts an\Documents\~WRL2795.tmp
c:\users\geht dich nichts an\Documents\~WRL3044.tmp
c:\users\geht dich nichts an\Documents\~WRL3902.tmp
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\026466c3\0056283a_af32cd01\InternetExplorer.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\04fcc2d0\0083593b_af32cd01\PriceGrabber.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\11eeddd7\00727648_af32cd01\LenovoSolutionCenter.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\1a7ae6cb\00ebe244_af32cd01\LenovoMusic.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\54e43ba7\00b34628_af32cd01\CoreAudioApi.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\68016ff4\00671b6a_cde0cc01\NewsTile.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\6e4094b4\00809d4f_af32cd01\Skype.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\71f7b1d9\00371e40_af32cd01\Flickr.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\7acd39b9\00b08a3c_af32cd01\SimpleTapAppStoreAddon.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\804808c1\00b5955e_d6d9cc01\AccuWeatherTile.resources.DLL
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\807544df\0083593b_af32cd01\AccuWeatherTile.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\839cd220\00b5955e_d6d9cc01\AccuWeatherTile.resources.DLL
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\8bfc97b3\00beb143_af32cd01\Groupon.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\96d62448\003ada2b_af32cd01\WirelessApi.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\9fbd56ae\00cf9436_af32cd01\DefaultTheme.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\ab145615\00ccd84a_af32cd01\LenovoTV.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\b14517bf\00480133_af32cd01\ScreenRotate.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\bd9b3b95\0029f738_af32cd01\Chrome.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\cf97899b\00753234_af32cd01\Biztree.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\d16cfa28\00e07729_af32cd01\DisplayBrightnessApi.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\db16abdd\00809d4f_af32cd01\Wikipedia.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\e69b1d83\00536c4e_af32cd01\MSOffice.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\ebcb2de7\00263b4d_af32cd01\MessageCenterPlus.dll
c:\users\GEHTDI~1\AppData\Local\Temp\SimpleTap\assembly\dl3\ef031502\00e169d7_ea00cd01\SugarSync.SimpleTapAddons.FileManager.dll
c:\windows\SysWow64\aosmtp.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
Q:\AUTORUN.INF
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-03 bis 2013-01-03 ))))))))))))))))))))))))))))))
.
.
2013-01-03 11:23 . 2013-01-03 11:23 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3DE43237-C86E-4CDB-99D4-50B29F7B662E}\offreg.dll
2013-01-01 09:37 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3DE43237-C86E-4CDB-99D4-50B29F7B662E}\mpengine.dll
2012-12-27 21:00 . 2012-12-27 21:00 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-27 19:19 . 2012-12-27 19:31 -------- d-----w- C:\_OTL
2012-12-27 12:18 . 2012-12-27 12:18 -------- d-----w- c:\users\geht dich nichts an\AppData\Roaming\Malwarebytes
2012-12-27 12:18 . 2012-12-27 12:18 -------- d-----w- c:\programdata\Malwarebytes
2012-12-27 12:18 . 2012-12-27 12:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-27 12:18 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-27 11:25 . 2013-01-03 11:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\CrashDumps
2012-12-22 02:01 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 02:01 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 02:01 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-22 02:01 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 06:14 . 2012-12-14 06:14 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-13 07:08 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-13 07:08 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-13 07:08 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-11 21:38 . 2012-12-11 21:38 -------- d-----w- c:\programdata\YTD Video Downloader
2012-12-11 21:38 . 2012-12-11 21:38 -------- d-----w- c:\users\geht dich nichts an\YTD Video Downloader
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 02:02 . 2012-06-23 02:27 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-28 06:45 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 06:45 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 08:38 . 2012-10-16 08:38 30568 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-10-16 07:39 . 2012-11-28 06:45 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 18:25 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 18:25 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 18:25 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 18:25 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1BF}]
2012-10-02 07:57 71168 ----a-w- c:\users\geht dich nichts an\AppData\Local\fbDownloader\Extensions\FBDownloader.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-11-08 12:52 1796552 ----a-w- c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 14:31 1514152 ------w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll" [2012-11-08 1796552]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LTT"="c:\program files\PC-Doctor\EnableToolbarW32.exe" [2011-06-27 23120]
"015E326E56C484A7B79C54B8DDA85BB3212D265E._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2012-12-05 1242728]
"DataMgr"="c:\users\geht dich nichts an\AppData\Roaming\DataMgr\datamgr.exe" [2012-09-29 168264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2011-08-31 1629544]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-13 4351712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-01-03 1391272]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2009-08-15 614400]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-11-08 997320]
"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-10-16 1020512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2010-12-18 1202976]
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2012-7-19 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
R0 TwkMs;CHIPDRIVE Mouse Adapter; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-07-08 144232]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 CHIPDRIVE USB SmartCardReader;CHIPDRIVE USB SmartCardReader;c:\windows\system32\DRIVERS\TwkUsb2K.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-08-31 478056]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2010-01-28 114304]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2011-08-31 87400]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2011-08-31 173416]
R3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 44320]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2010-07-01 224488]
R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2010-07-01 39016]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TWKSER2K;CHIPDRIVE Serial SmartCardReader;c:\windows\system32\DRIVERS\TWKSER2K.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-02 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys [2011-08-31 31344]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-01 25960]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2010-12-15 23664]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-10-16 30568]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [2011-07-08 32104]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-10 86224]
S2 BecHelperService;BecHelperService;c:\program files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [2010-01-28 1737464]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-16 198784]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-23 212944]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2011-05-31 41320]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-05-31 59240]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe [2012-06-16 138272]
S2 risdxc;risdxc;c:\windows\system32\DRIVERS\risdxc64.sys [2011-05-25 101888]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 13840]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-01-10 11576]
S2 StarMoney 8.0 OnlineUpdate;StarMoney 8.0 OnlineUpdate;c:\program files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [2012-06-28 692432]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-25 378472]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-06-29 82544]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-10-16 711112]
S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2011-03-04 166016]
S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120507.001\BHDrvx64.sys [2012-04-02 1160824]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2010-12-18 425000]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-18 39464]
S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309000.009\ccSetx64.sys [2012-06-07 167072]
S3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys [2010-02-23 26664]
S3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys [2010-02-23 30248]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-04-13 138360]
S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120511.001\IDSvia64.sys [2012-04-28 488568]
S3 l36wgps; Mobile Broadband GPS Port;c:\windows\system32\DRIVERS\l36wgps64.sys [2011-02-28 101416]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 Mbm3CBus;F5521gw Mobile Broadband Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys [2011-04-13 419400]
S3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys [2011-04-13 430664]
S3 Mbm3mdfl; Mobile Broadband Modem Port Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys [2011-04-13 19528]
S3 Mbm3Mdm; Mobile Broadband Modem Port Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys [2011-04-13 483400]
S3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys [2011-09-07 70016]
S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309000.009\SYMDS64.SYS [2011-07-25 451192]
S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309000.009\SYMEFA64.SYS [2012-05-22 1129120]
S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309000.009\Ironx64.SYS [2012-04-18 190072]
S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309000.009\SYMNETS.SYS [2012-04-18 405624]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2011-05-30 40248]
S3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys [2011-04-06 286248]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-12 13:04]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 17:21]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 17:21]
.
2013-01-03 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-06-27 15:06]
.
2013-01-03 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-06-27 15:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"="TpShocks.exe" [2010-12-09 380776]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-03-14 316032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-10 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-10 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-10 418840]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2011-05-31 40808]
"ALCKRESI.EXE"="c:\program files\Lenovo\AutoLock\ALCKRESI.EXE" [2011-05-25 281960]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2011-04-14 31592]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.fbdownloader.com/?channel=sfge202fbdgy14
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60441
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60441
IE: &Preispiratensuche nach markiertem Text - c:\\Program Files (x86)\\Preispiraten6\\preispiraten.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\Protector by IB\Extension32.dll
BHO-{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
Toolbar-Locked - (no file)
Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
Wow6432Node-HKLM-Run-IR_SERVER - c:\progra~2\Realtek\REALTE~1\IR_SERVER.exe
SafeBoot-24353823.sys
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-{20E7BC40-33F6-4A81-9D52-B58349326206} - c:\programdata\Bcool\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.0.9\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\SysWOW64\SAsrv.exe
c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files\Lenovo\SimpleTap\SimpleTap.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-03 13:27:41 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-01-03 12:27
.
Vor Suchlauf: 15 Verzeichnis(se), 30.466.936.832 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 29.116.989.440 Bytes frei
.
- - End Of File - - ADBEF1EE9229A0B7BF07AEC573CCB620
|
|
03.01.2013, 17:54
| #15 |
| /// Malware-holic | click and continue Hi lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools,uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu click and continue |
| administrator, aktion, anti-malware, autostart, browser, continue, dateien, ergebnis, explorer, folge, helper, link, links, malwarebytes, malwareprogramm, microsoft, nichts, registrierung, service, software, speicher, suchmaschine, test, texte, version, wahrscheinlich, website |
Linear-Darstellung
