| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Email von Adresse eines Bekannten mit seltsamem LinkWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.01.2013, 00:20
| #1 |
| |  Email von Adresse eines Bekannten mit seltsamem Link Liebe trojaner-Team, ich habe von einer Freundin eine Mail mit einem Link versehen erhalten, den ich gedrückt habe, wobei ich mich wahrscheinlich mit einem Trojaner infiziert habe. Daraufhin ließ ich Malwarebytes durchlaufen, der tatsächlich eine riskware fand. daher poste ich den Log jetzt. Ist es sinnvoll, defogger, otl und dann GMER durchlaufen zu lassen oder gibt es eine einfachere lösung in diesem falle? vielen dank im voraus für eure hilfe! der mbamlog ist folgender: Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.05.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 nitram484 :: NITRAM484-THINK [limitiert] Schutz: Aktiviert 05.01.2013 22:58:31 mbam-log-2013-01-05 (22-58-31).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 350108 Laufzeit: 1 Stunde(n), 10 Minute(n), 13 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\nitram484\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORQ6YOSM\PDFCreator_Stub_5874[1].exe (Riskware.InstallMonetizer) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
|
06.01.2013, 03:46
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Email von Adresse eines Bekannten mit seltsamem Link Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ |
|
06.01.2013, 10:52
| #3 |
| | Email von Adresse eines Bekannten mit seltsamem Link Hallo und danke erstmal für die Reaktion,
__________________bei mbam war es der einzige fund. ich habe noch einen virenscan mit gdata (antivirus 2013, aktuelle signaturen) durchlaufen lassen, der nichts gefunden hat. wie soll ich weiterverfahren? danke! Hallo nochmal, ich habe nun nacheinander Defogger und OTL durchlaufen lassen. Defogger hat keinerlei Fehlermeldungen erbracht. Die Logs von OTL (otl.txt und extras.txt) poste ich weiter unten. otl.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 06.01.2013 11:59:30 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nitram484\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,73 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 49,45% Memory free 7,45 Gb Paging File | 4,97 Gb Available in Paging File | 66,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450,62 Gb Total Space | 278,85 Gb Free Space | 61,88% Space Free | Partition Type: NTFS Drive Q: | 13,67 Gb Total Space | 1,70 Gb Free Space | 12,41% Space Free | Partition Type: NTFS Computer Name: NITRAM484-THINK | User Name: nitram484 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.05 23:34:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nitram484\Desktop\OTL.exe PRC - [2012.12.29 00:02:24 | 028,539,392 | ---- | M] (Dropbox, Inc.) -- C:\Users\nitram484\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.11.13 16:40:39 | 000,246,112 | ---- | M] () -- C:\ProgramData\PLAY ONLINE\OnlineUpdate\ouc.exe PRC - [2012.10.25 23:10:30 | 000,162,408 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.09.17 04:24:09 | 000,995,352 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe PRC - [2012.08.23 14:46:06 | 001,542,680 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2012.06.28 16:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe PRC - [2012.06.06 23:04:22 | 000,145,256 | ---- | M] (AuthenTec Inc.) -- C:\Programme\Lenovo Fingerprint Reader\x86\BioMonitor.exe PRC - [2012.06.05 14:14:28 | 000,034,728 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe PRC - [2012.05.21 08:26:28 | 000,291,648 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012.04.26 11:55:58 | 000,176,464 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\vcamsvc.exe PRC - [2012.04.26 11:55:54 | 000,289,104 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TpKnrres.exe PRC - [2012.04.26 11:55:52 | 000,061,264 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe PRC - [2012.04.26 11:55:30 | 000,058,192 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe PRC - [2012.04.11 22:20:00 | 000,128,576 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe PRC - [2012.03.29 03:42:27 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe PRC - [2012.03.27 07:02:04 | 001,104,208 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2012.03.27 07:02:02 | 001,304,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe PRC - [2012.03.27 07:01:56 | 001,014,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2012.03.27 07:01:56 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe PRC - [2012.03.12 11:07:48 | 000,169,776 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe PRC - [2012.02.07 11:05:04 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.02.07 11:05:04 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.02.07 11:04:54 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe PRC - [2012.02.07 11:04:44 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe PRC - [2012.01.25 08:44:56 | 000,567,360 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe PRC - [2011.12.29 11:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe PRC - [2011.11.24 09:06:58 | 000,548,864 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera\VM331STI.EXE PRC - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\micmute.exe PRC - [2011.03.14 16:27:28 | 000,236,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe PRC - [2010.10.28 11:14:44 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe ========== Modules (No Company Name) ========== MOD - [2012.01.11 04:12:10 | 000,663,552 | ---- | M] () -- C:\Windows\SysWOW64\vmprp331.ax MOD - [2010.10.28 11:14:44 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe ========== Services (SafeList) ========== SRV:64bit: - [2012.02.29 07:15:08 | 000,048,704 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC) SRV:64bit: - [2011.12.28 21:48:24 | 000,049,480 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC) SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.12.12 18:05:10 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.05 15:08:10 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.11.13 16:40:39 | 000,246,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe -- (PLAY ONLINE. RunOuc) SRV - [2012.10.19 16:33:26 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.08.30 04:06:18 | 002,011,568 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe -- (AVKWCtl) SRV - [2012.08.23 14:46:06 | 001,542,680 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2012.06.06 23:04:04 | 000,328,552 | ---- | M] (AuthenTec, Inc) [Auto | Running] -- C:\Programme\Lenovo Fingerprint Reader\TrueSuiteService.exe -- (FPLService) SRV - [2012.06.05 14:14:28 | 000,034,728 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService) SRV - [2012.05.30 00:09:22 | 002,445,968 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012.04.26 11:55:58 | 000,176,464 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\vcamsvc.exe -- (LENOVO.TVTVCAM) SRV - [2012.04.26 11:55:52 | 000,061,264 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC) SRV - [2012.04.26 11:55:30 | 000,058,192 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE) SRV - [2012.04.11 22:20:00 | 001,665,088 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc) SRV - [2012.04.11 22:20:00 | 001,662,528 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service) SRV - [2012.03.29 03:42:27 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2012.03.27 07:02:04 | 001,104,208 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2012.03.27 07:02:02 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2012.03.27 07:01:56 | 001,014,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2012.03.26 15:07:04 | 000,145,472 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc) SRV - [2012.03.22 21:34:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.03.12 11:07:48 | 000,169,776 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe -- (FastbootService) SRV - [2012.02.26 04:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV - [2012.02.26 04:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2012.02.26 04:07:32 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2012.02.26 04:07:26 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2012.02.07 11:05:04 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.02.07 11:05:04 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.02.07 11:04:54 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012.02.07 11:04:44 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012.02.02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService) SRV - [2011.12.29 11:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC) SRV - [2011.07.12 08:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC) SRV - [2011.07.12 08:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD) SRV - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE) SRV - [2011.03.14 16:27:34 | 000,346,976 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService64.exe -- (HWDeviceService64.exe) SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.01.05 22:30:21 | 000,106,648 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.11.28 16:17:04 | 000,060,320 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:64bit: - [2012.11.28 16:17:03 | 000,126,880 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:64bit: - [2012.11.28 16:17:03 | 000,064,416 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:64bit: - [2012.11.28 16:17:03 | 000,054,176 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:64bit: - [2012.11.28 15:00:46 | 000,064,376 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:64bit: - [2012.11.13 16:40:54 | 000,229,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys -- (huawei_wwanecm) DRV:64bit: - [2012.11.13 16:40:54 | 000,030,720 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_juextctrl.sys -- (huawei_ext_ctrl) DRV:64bit: - [2012.11.13 16:40:54 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter) DRV:64bit: - [2012.11.13 16:40:53 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev) DRV:64bit: - [2012.11.13 16:40:53 | 000,104,448 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm) DRV:64bit: - [2012.11.13 16:40:53 | 000,090,112 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator) DRV:64bit: - [2012.09.08 02:50:50 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.06.20 12:32:20 | 000,431,928 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2012.06.20 12:32:20 | 000,027,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvIntel) DRV:64bit: - [2012.06.14 03:23:58 | 000,339,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2012.05.21 08:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.05.21 08:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.05.21 08:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.04.11 22:20:00 | 000,019,784 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF) DRV:64bit: - [2012.03.21 10:13:14 | 000,060,928 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (ibtfltcoex) DRV:64bit: - [2012.03.20 00:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012.02.29 07:39:06 | 000,952,832 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm331avs.sys -- (vm331avs) DRV:64bit: - [2012.02.29 07:14:48 | 000,042,312 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV) DRV:64bit: - [2012.02.20 11:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64) DRV:64bit: - [2012.02.13 08:10:40 | 000,747,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2012.02.13 07:53:54 | 000,095,232 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2012.01.26 17:37:24 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2012.01.26 17:37:24 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2011.12.28 21:48:24 | 000,147,784 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf) DRV:64bit: - [2011.12.28 21:48:24 | 000,025,416 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN) DRV:64bit: - [2011.12.26 10:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd) DRV:64bit: - [2011.12.08 21:24:30 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.12.08 21:24:30 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.12.07 17:59:52 | 000,027,432 | ---- | M] (ThinkVantage Communications Utility) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvtvcamd.sys -- (tvtvcamd) DRV:64bit: - [2011.12.06 12:23:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2011.11.29 12:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2011.11.23 16:02:20 | 000,648,808 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.11.09 18:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2011.05.29 11:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C) DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2009.11.17 01:16:43 | 000,011,576 | R--- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2012.03.26 15:07:06 | 000,033,344 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Programme\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE) DRV - [2009.10.28 06:09:33 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.imre-kertesz-kolleg.uni-jena.de/" FF - prefs.js..extensions.enabledAddons: %7Baff87fa2-a58e-4edd-b852-0a20203c1e17%7D:0.9 FF - prefs.js..extensions.enabledAddons: %7Bb2e69492-2358-071a-7056-24ad0c3defb1%7D:1.7.1 FF - prefs.js..extensions.enabledAddons: %7B906305f7-aafc-45e9-8bbd-941950a84dad%7D:1.1.11215.1124 FF - prefs.js..extensions.enabledAddons: %7B8AA36F4F-6DC7-4c06-77AF-5035170634FE%7D:2012.09.13 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12 FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3 FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP5X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2012.11.11 11:54:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.05 20:11:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.05 20:11:55 | 000,000,000 | ---D | M] [2012.11.11 11:28:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nitram484\AppData\Roaming\mozilla\Extensions [2012.12.10 14:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nitram484\AppData\Roaming\mozilla\Firefox\Profiles\27z0nidp.default\extensions [2012.11.23 17:42:54 | 000,000,000 | ---D | M] (Bamboo Feed Reader) -- C:\Users\nitram484\AppData\Roaming\mozilla\Firefox\Profiles\27z0nidp.default\extensions\{b2e69492-2358-071a-7056-24ad0c3defb1} [2012.12.10 14:48:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\nitram484\AppData\Roaming\mozilla\Firefox\Profiles\27z0nidp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.12.10 14:48:01 | 000,124,993 | ---- | M] () (No name found) -- C:\Users\nitram484\AppData\Roaming\mozilla\firefox\profiles\27z0nidp.default\extensions\adblockpopups@jessehakanen.net.xpi [2012.12.10 14:17:41 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\nitram484\AppData\Roaming\mozilla\firefox\profiles\27z0nidp.default\extensions\elemhidehelper@adblockplus.org.xpi [2012.12.10 14:48:01 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\nitram484\AppData\Roaming\mozilla\firefox\profiles\27z0nidp.default\extensions\translator@zoli.bod.xpi [2012.11.11 14:50:41 | 000,042,737 | ---- | M] () (No name found) -- C:\Users\nitram484\AppData\Roaming\mozilla\firefox\profiles\27z0nidp.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2012.12.10 14:17:45 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\nitram484\AppData\Roaming\mozilla\firefox\profiles\27z0nidp.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.11.11 11:38:15 | 000,697,733 | ---- | M] () (No name found) -- C:\Users\nitram484\AppData\Roaming\mozilla\firefox\profiles\27z0nidp.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2012.11.11 11:47:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.11.28 16:17:02 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad} [2012.11.11 11:54:57 | 000,000,000 | ---D | M] (Citavi Picker) -- C:\PROGRAMDATA\SWISS ACADEMIC SOFTWARE\CITAVI PICKER\FIREFOX [2012.12.05 15:08:10 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\Lenovo Fingerprint Reader\IEBHO.dll (AuthenTec Inc.) O2 - BHO: (TrueSuite Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programme\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.) O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Programme\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE (Vimicro) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe (Lenovo) O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe File not found O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation) O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.) O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe () O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.) O4 - Startup: C:\Users\nitram484\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\nitram484\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\nitram484\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk = C:\Users\nitram484\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{643DE9FA-D422-443F-929E-44E5BBA8343B}: NameServer = 89.108.202.21 89.108.195.21 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B04C3129-5BD1-48F6-9A04-1CFA501BE99C}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC218176-AE76-44A7-BC48-25D9811ABA04}: NameServer = 89.108.195.20 89.108.202.20 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0513250-B542-4CCD-A530-1AB10B518D7F}: DhcpNameServer = 141.35.1.16 141.35.1.80 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.12.15 04:05:40 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ] O33 - MountPoints2\{30de0e17-2d73-11e2-8fd3-685d43de03e0}\Shell - "" = AutoRun O33 - MountPoints2\{30de0e17-2d73-11e2-8fd3-685d43de03e0}\Shell\AutoRun\command - "" = D:\AutoRun.exe O33 - MountPoints2\{30de0e26-2d73-11e2-8fd3-685d43de03e0}\Shell - "" = AutoRun O33 - MountPoints2\{30de0e26-2d73-11e2-8fd3-685d43de03e0}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{656838b6-f904-11e1-9518-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{656838b6-f904-11e1-9518-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2011.12.15 04:05:40 | 000,267,576 | -HS- | M] (Lenovo Group Limited) O33 - MountPoints2\{864e4428-2fbe-11e2-bf19-685d43de03e0}\Shell - "" = AutoRun O33 - MountPoints2\{864e4428-2fbe-11e2-bf19-685d43de03e0}\Shell\AutoRun\command - "" = D:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.05 23:38:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\nitram484\Desktop\OTL.exe [2013.01.05 22:44:52 | 000,000,000 | ---D | C] -- C:\Users\nitram484\AppData\Roaming\Malwarebytes [2013.01.05 22:44:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.01.05 22:43:52 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.01.05 22:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.01.05 22:30:22 | 000,016,504 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GdPhyMem.sys [2013.01.05 22:30:21 | 000,106,648 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys [2013.01.05 11:48:27 | 000,000,000 | ---D | C] -- C:\Users\nitram484\Desktop\Drucken [2013.01.05 11:20:56 | 000,000,000 | ---D | C] -- C:\Users\nitram484\Desktop\Dissertation_28612 [2013.01.05 11:09:48 | 000,000,000 | R--D | C] -- C:\Users\nitram484\Mediencenter [2013.01.05 11:08:28 | 000,000,000 | ---D | C] -- C:\Users\nitram484\AppData\Local\Telekom [2013.01.05 11:08:19 | 000,000,000 | ---D | C] -- C:\Users\nitram484\AppData\Roaming\Telekom [2012.12.12 21:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\CMUV [2012.12.12 21:06:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVBViewer TERRATEC Edition [2012.12.12 15:34:53 | 000,110,592 | ---- | C] (EPSON) -- C:\Windows\SysNative\EPSPMSV.DLL [2012.12.12 15:34:53 | 000,051,200 | ---- | C] (EPSON) -- C:\Windows\SysNative\EPSPMUI.DLL ========== Files - Modified Within 30 Days ========== [2013.01.06 12:05:06 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.06 11:57:16 | 000,000,000 | ---- | M] () -- C:\Users\nitram484\defogger_reenable [2013.01.06 10:40:04 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.06 10:40:04 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.06 10:32:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.06 10:32:24 | 3001,208,832 | -HS- | M] () -- C:\hiberfil.sys [2013.01.06 00:19:25 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.06 00:19:25 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.06 00:19:25 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.06 00:19:25 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.06 00:19:25 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.05 23:39:30 | 000,357,376 | ---- | M] () -- C:\Users\nitram484\Desktop\w2bc6x9h.exe [2013.01.05 23:34:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nitram484\Desktop\OTL.exe [2013.01.05 23:19:08 | 000,050,477 | ---- | M] () -- C:\Users\nitram484\Desktop\Defogger.exe [2013.01.05 22:33:12 | 000,937,556 | ---- | M] () -- C:\Windows\SysWow64\sig.bin [2013.01.05 22:33:12 | 000,050,762 | ---- | M] () -- C:\Windows\SysWow64\nmp.map [2013.01.05 22:30:22 | 000,016,504 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GdPhyMem.sys [2013.01.05 22:30:21 | 000,106,648 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys [2013.01.05 16:17:58 | 000,022,546 | ---- | M] () -- C:\Users\nitram484\Desktop\auslandskv_nachweis_mueller-butz.pdf [2013.01.05 11:08:20 | 000,001,172 | ---- | M] () -- C:\Users\nitram484\Desktop\Mediencenter.lnk [2013.01.05 11:08:20 | 000,001,164 | ---- | M] () -- C:\Users\nitram484\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2013.01.03 12:23:04 | 000,001,072 | ---- | M] () -- C:\Users\nitram484\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.12.23 10:19:18 | 000,342,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.12.15 09:49:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.12.13 15:13:47 | 000,002,413 | ---- | M] () -- C:\Users\nitram484\Desktop\Firefox-Wiederherstellungs-Schlüssel.html [2012.12.12 15:36:16 | 000,001,138 | -H-- | M] () -- C:\Users\nitram484\Documents\SWWATER.INI ========== Files Created - No Company Name ========== [2013.01.06 11:57:16 | 000,000,000 | ---- | C] () -- C:\Users\nitram484\defogger_reenable [2013.01.05 23:39:43 | 000,357,376 | ---- | C] () -- C:\Users\nitram484\Desktop\w2bc6x9h.exe [2013.01.05 23:38:27 | 000,050,477 | ---- | C] () -- C:\Users\nitram484\Desktop\Defogger.exe [2013.01.05 16:17:58 | 000,022,546 | ---- | C] () -- C:\Users\nitram484\Desktop\auslandskv_nachweis_mueller-butz.pdf [2013.01.05 11:08:20 | 000,001,172 | ---- | C] () -- C:\Users\nitram484\Desktop\Mediencenter.lnk [2013.01.05 11:08:20 | 000,001,164 | ---- | C] () -- C:\Users\nitram484\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk [2013.01.05 11:08:20 | 000,001,158 | ---- | C] () -- C:\Users\nitram484\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk [2012.12.15 09:49:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.12.13 15:13:30 | 000,002,413 | ---- | C] () -- C:\Users\nitram484\Desktop\Firefox-Wiederherstellungs-Schlüssel.html [2012.12.12 15:36:16 | 000,001,138 | -H-- | C] () -- C:\Users\nitram484\Documents\SWWATER.INI [2012.11.12 10:32:57 | 000,937,556 | ---- | C] () -- C:\Windows\SysWow64\sig.bin [2012.11.11 18:19:05 | 000,012,926 | ---- | C] () -- C:\Users\nitram484\AppData\Roaming\Microsoft Excel 97-2003.CAL [2012.11.11 13:53:19 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe [2012.11.11 13:52:09 | 000,113,768 | ---- | C] () -- C:\Windows\Wiainst.exe [2012.11.06 19:22:44 | 000,001,024 | ---- | C] () -- C:\Users\nitram484\AppData\Roaming\AbsoluteReminder.xml [2012.11.06 19:22:04 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat [2012.09.07 17:11:01 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012.09.07 17:11:01 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012.09.07 17:10:59 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.09.07 17:10:58 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2012.09.07 17:10:57 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2012.09.07 17:05:06 | 000,001,531 | ---- | C] () -- C:\Windows\vm331Rmv.ini [2012.09.07 17:05:06 | 000,001,531 | ---- | C] () -- C:\Windows\SysWow64\vm331Rmv.ini [2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.01.06 10:35:13 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\Dropbox [2012.11.29 09:52:27 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\G Data [2012.11.06 19:26:18 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\Leadertech [2012.11.11 11:44:43 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\Lenovo [2012.11.06 19:31:54 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\LSC [2012.11.11 11:04:35 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\Nitro PDF [2012.11.15 17:31:28 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\PeaZip [2012.11.06 21:04:28 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\PwrMgr [2012.12.03 19:30:20 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\Swiss Academic Software [2013.01.05 11:08:19 | 000,000,000 | ---D | M] -- C:\Users\nitram484\AppData\Roaming\Telekom ========== Purity Check ========== < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 06.01.2013 11:59:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nitram484\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,73 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 49,45% Memory free
7,45 Gb Paging File | 4,97 Gb Available in Paging File | 66,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,62 Gb Total Space | 278,85 Gb Free Space | 61,88% Space Free | Partition Type: NTFS
Drive Q: | 13,67 Gb Total Space | 1,70 Gb Free Space | 12,41% Space Free | Partition Type: NTFS
Computer Name: NITRAM484-THINK | User Name: nitram484 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EA6BAC1-A428-4D00-BE65-C6C086FEB459}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{134D395E-647C-4089-9EFA-3AEDB91BEAB0}" = rport=139 | protocol=6 | dir=out | app=system |
"{15870DFA-19BD-48AB-96F2-D1A59821546D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1ECBCB1B-5324-4F28-B196-83622F95EC4A}" = lport=138 | protocol=17 | dir=in | app=system |
"{46F05EB0-39AF-4181-8FAE-527AC68DE891}" = lport=2869 | protocol=6 | dir=in | app=system |
"{48110E7A-C14E-4B1C-B6A5-3D89A0D48459}" = lport=137 | protocol=17 | dir=in | app=system |
"{483C3B7A-EFB5-4560-A422-7A9AF3B1E5CC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4F430312-9127-418C-9D46-7ED1DDC67C15}" = lport=10243 | protocol=6 | dir=in | app=system |
"{508448B6-2EE3-4974-8DCA-C62F1DE064E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{530FF65E-5889-46CA-AC0C-F7E929C40100}" = rport=445 | protocol=6 | dir=out | app=system |
"{55BF1B5F-1B17-4A39-B7E0-7DE791033D95}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5E47A813-5E42-444A-B9C5-2F8075ACE69C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{677F5310-0F7A-4694-90CD-FFD033079DC5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7E6BC0F1-5032-4856-9E91-CB1A072F2CE6}" = lport=139 | protocol=6 | dir=in | app=system |
"{839E36FC-A611-419E-8C89-8EE7FD9B0799}" = rport=138 | protocol=17 | dir=out | app=system |
"{88678623-E46F-4CE9-BB89-3C7F2C201502}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B39F9E6-804F-4621-85D5-03383E05B1E5}" = rport=137 | protocol=17 | dir=out | app=system |
"{BFAAF13F-D8EA-4304-AF74-5A059F656626}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{DEBD2948-F033-4544-8C16-9F8373751051}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0848AB0-4DF8-4323-B461-2B266A24ED82}" = lport=445 | protocol=6 | dir=in | app=system |
"{E363D873-24CD-46AB-8030-A212A12852DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F43D0087-D213-4A49-8077-E115B38FB22B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{012FA16C-C045-474E-A4D7-1468CF705774}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{022AEADC-79A9-4908-B1AB-61638AD84B51}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3200\sscan2io.exe |
"{022BD975-944E-4387-92DF-BE64E288780B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0CD9002C-0B14-4A30-9C92-6B95D41E6BB5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{15B22558-5B53-4205-91F1-DADE4F8927A5}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{21F4C446-DE80-4AE6-94FF-F8A6554C5906}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{26B62189-21A5-4DCF-924C-3ED78059223F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39301462-F791-4C67-B65C-A8728EDE8F40}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3DD3DB4D-8A6C-4F4E-86E8-0F5AEE90B553}" = protocol=17 | dir=in | app=c:\users\nitram484\appdata\roaming\dropbox\bin\dropbox.exe |
"{4A6AE903-869B-4A11-B6B6-4949363FB7A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4ED9208C-26EF-4921-8F45-E08717E8CFD7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{74D7B63D-0CC2-4D1D-9B4B-DE9896E93713}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{79FDFA51-09EB-4FE9-9FB2-C1D265384BC8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{87F200F2-8210-4BAE-A75F-DBF435A4BB9C}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3200\scan2pc.exe |
"{8DF224BA-AD5D-46A1-9A8F-23DA8E534B51}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3200\sscan2io.exe |
"{A47FD1D4-C293-4D7B-B3DA-BF09E711481A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A48A3915-B1B7-4890-A9FA-D16339676902}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B82C0BE5-4AC2-4550-9B80-0936881D1119}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{BB266365-3A08-4BD3-97D9-A4AEC9908701}" = protocol=6 | dir=in | app=c:\users\nitram484\appdata\roaming\dropbox\bin\dropbox.exe |
"{BDA5C37D-94F7-4608-BBED-730927526DE6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BDE05455-51D2-44A1-ADDF-060758BB82BC}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3200\scan2pc.exe |
"{C3396E02-8303-4B7C-AA9F-F75A58CCD7C2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C70AFAE0-6526-4685-97DB-FE7D7448E254}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C7814A7A-055E-407D-A745-C1709B12C3C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C86E69ED-9716-4FF0-95B1-F98ADD93D085}" = protocol=6 | dir=out | app=system |
"{C9727ECD-BE98-421D-9315-63DF00BEF2AC}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe |
"{D65EBA6E-8427-49DC-A5F2-442F7019539C}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{D7656833-B0DA-47A0-A8E0-3C7F11F9AF30}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{DCDBCACD-2B96-426B-A2DC-4E21623C8B9D}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe |
"{E0D3B753-5E6C-463E-A19A-2270EDAF6315}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E4658727-91C2-4D3A-88B0-DBC44111BDC2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E55A67C7-F021-45E2-B9D1-594D45A7F8BF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F391989A-F21C-40BE-8F75-841AA3970D83}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{2C0D16D3-188C-4E4A-8CA5-761415E71759}C:\users\nitram484\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\nitram484\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{A96646EB-86BF-43FE-B476-1C1CF4E106B2}C:\users\nitram484\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\nitram484\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0369F866-2CE0-4EB9-B426-88FA122C6E82}" = Lenovo Patch Utility 64 bit
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{C5BB9380-D729-410A-A440-061EBCADCCB9}" = Password Vault
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DD00F699-6861-4DCF-A19F-8CF61E5E28ED}" = Lenovo Solution Center
"{E97F409F-9E1C-42A0-B72D-765A78DF3696}" = Intel® PROSet/Wireless WiFi-Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"64A62163FE43328D13305746CB8BCC93F2DF6545" = Windows-Treiberpaket - Intel (iaStor) hdc (11/29/2011 11.0.0.1032)
"A333D414B3783936ED9A3F663498AB82EB07B7A3" = Windows-Treiberpaket - Synaptics (SmbDrvAMDASF) System (06/21/2012 16.1.4.17)
"E3535F123E7F666D573665142F90D3E5004DC326" = Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20)
"Epson Universal Laser P6" = Epson Universal Laser P6
"FE61CFFCEFBF4E2D83AE176443D33414275365FC" = Windows-Treiberpaket - Synaptics (SynTP) Mouse (06/21/2012 16.1.4.17)
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"OnScreenDisplay" = Anzeige am Bildschirm
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25C64847-B900-48AD-A164-1B4F9B774650}" = System Update
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 4.7.3
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{6E6E7725-C7BC-4C39-8B3F-14B67331A120}" = Lenovo Patch Utility
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}" = Intel(R) WiDi
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.9.0
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0332}" = Integrated Camera
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0F08ACB-6BBA-49A8-8BE9-BBB4C2D8B574}" = G Data AntiVirus 2013
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BF6CF460-40C3-49BA-800A-4B934B6498B1}" = Scan Assistant
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C8BCC14C-2807-4C2D-A659-843427BF82E2}" = TopSecret Biometrics Components
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Energie-Manager
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DVBViewer TERRATEC Edition_is1" = DVBViewer TERRATEC Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fastboot" = RapidBoot HDD Accelerator
"FastStone Image Viewer" = FastStone Image Viewer 4.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.53
"PLAY ONLINE" = PLAY ONLINE
"Samsung SCX-3200 Series" = Samsung SCX-3200 Series
"VLC media player" = VLC media player 2.0.4
"Winamp" = Winamp
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Mediencenter" = Mediencenter 3.5.0.1212
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.12.2012 05:03:42 | Computer Name = nitram484-THINK | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen
werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der
gespeicherten Datei bzw. den auf dem Computer installierten Speichertreibern, oder
der Datenträger fehlt. Das Programm Behavioral Analysis Proxy wurde wegen dieses
Fehlers geschlossen. Programm: Behavioral Analysis Proxy Datei: Der Fehlerwert ist
im Abschnitt "Zusätzliche Dateien" aufgelistet. Benutzeraktion 1. Öffnen Sie die
Datei erneut. Diese Situation ist eventuell ein temporäres Problem, das selbstständig
behoben wird, wenn das Programm erneut ausgeführt wird. 2. Wenn Sie weiterhin nicht
auf die Datei zugreifen können und - diese sich im Netzwerk befindet, dann sollte
der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass
eine Verbindung mit dem Server hergestellt werden kann. - diese sich auf einem Wechseldatenträger,
wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger
richtig in den Computer eingelegt ist. 3. Überprüfen und reparieren Sie das Dateisystem,
indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben
Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK
/F ein, und drücken Sie die EINGABETASTE. 4. Stellen Sie die Datei von einer Sicherungskopie
wieder her, wenn das Problem weiterhin besteht. 5. Überprüfen Sie, ob andere Dateien
auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist,
ist der Datenträger eventuell beschädigt. Wenden Sie sich an den Administrator
oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten,
wenn es sich um eine Festplatte handelt. Zusätzliche Daten Fehlerwert: C0000013 Datenträgertyp:
0
Error - 14.12.2012 05:04:59 | Computer Name = nitram484-THINK | Source = Application Hang | ID = 1002
Description = Programm DVD-Writer.exe, Version 7.5.1004.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: b50 Startzeit: 01cdd9d9b7bfefd2 Endzeit: 60000 Anwendungspfad:
D:\DVD-Writer.exe Berichts-ID: 22bcb724-45cd-11e2-9cbb-685d43de03e0
Error - 14.12.2012 05:23:45 | Computer Name = nitram484-THINK | Source = Application Hang | ID = 1002
Description = Programm DVD-Writer.exe, Version 7.5.1004.0 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1c88 Startzeit: 01cdd9dc7045d6c3 Endzeit: 60000 Anwendungspfad:
D:\DVD-Writer.exe Berichts-ID: bb4b801d-45cf-11e2-9cbb-685d43de03e0
Error - 14.12.2012 06:35:20 | Computer Name = nitram484-THINK | Source = WinMgmt | ID = 10
Description =
Error - 15.12.2012 06:24:36 | Computer Name = nitram484-THINK | Source = WinMgmt | ID = 10
Description =
Error - 16.12.2012 11:58:50 | Computer Name = nitram484-THINK | Source = WinMgmt | ID = 10
Description =
Error - 17.12.2012 02:03:12 | Computer Name = nitram484-THINK | Source = WinMgmt | ID = 10
Description =
Error - 18.12.2012 10:41:56 | Computer Name = nitram484-THINK | Source = WinMgmt | ID = 10
Description =
Error - 19.12.2012 05:16:30 | Computer Name = nitram484-THINK | Source = WinMgmt | ID = 10
Description =
Error - 20.12.2012 03:28:41 | Computer Name = nitram484-THINK | Source = WinMgmt | ID = 10
Description =
[ Lenovo-Message Center Plus/Admin Events ]
Error - 06.11.2012 14:57:19 | Computer Name = nitram484-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angegebene Host ist unbekannt -> Exception message:
Der angegebene Host ist unbekannt
Error - 06.11.2012 14:57:19 | Computer Name = nitram484-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angegebene Host ist unbekannt -> Exception message:
Der angegebene Host ist unbekannt
Error - 06.11.2012 14:57:19 | Computer Name = nitram484-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angegebene Host ist unbekannt -> Exception message:
Der angegebene Host ist unbekannt
Error - 11.11.2012 06:13:01 | Computer Name = nitram484-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angegebene Host ist unbekannt -> Exception message:
Der angegebene Host ist unbekannt
Error - 11.11.2012 06:13:01 | Computer Name = nitram484-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angegebene Host ist unbekannt -> Exception message:
Der angegebene Host ist unbekannt
Error - 11.11.2012 06:13:01 | Computer Name = nitram484-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Der angegebene Host ist unbekannt -> Exception message:
Der angegebene Host ist unbekannt
[ System Events ]
Error - 23.12.2012 05:19:27 | Computer Name = nitram484-THINK | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
PLAY ONLINE. OUC erreicht.
Error - 23.12.2012 05:19:27 | Computer Name = nitram484-THINK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PLAY ONLINE. OUC" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 23.12.2012 05:19:29 | Computer Name = nitram484-THINK | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom GLogin
Error - 23.12.2012 06:26:07 | Computer Name = nitram484-THINK | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst TPHKSVC erreicht.
Error - 23.12.2012 09:18:56 | Computer Name = nitram484-THINK | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst LENOVO.CAMMUTE erreicht.
Error - 24.12.2012 05:28:49 | Computer Name = nitram484-THINK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 24.12.2012 05:29:02 | Computer Name = nitram484-THINK | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
PLAY ONLINE. OUC erreicht.
Error - 24.12.2012 05:29:02 | Computer Name = nitram484-THINK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "PLAY ONLINE. OUC" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 24.12.2012 05:29:05 | Computer Name = nitram484-THINK | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom GLogin
Error - 28.12.2012 06:42:12 | Computer Name = nitram484-THINK | Source = BROWSER | ID = 8032
Description =
< End of report >
|
|
06.01.2013, 16:08
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Email von Adresse eines Bekannten mit seltsamem Link Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
06.01.2013, 17:53
| #5 |
| | Email von Adresse eines Bekannten mit seltsamem Link Habe beide Programme nacheinander scannen lassen. aswMBR stürzte beim ersten Mal ab, nach Modifikation der Einstellungen bei AVScan lief es einwandfrei. Im folgenden zuerst der Log von aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-06 17:23:54
-----------------------------
17:23:54.333 OS Version: Windows x64 6.1.7601 Service Pack 1
17:23:54.333 Number of processors: 4 586 0x2A07
17:23:54.333 ComputerName: NITRAM484-THINK UserName: nitram484
17:23:55.518 Initialize success
17:24:06.376 AVAST engine defs: 13010600
17:24:28.372 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
17:24:28.372 Disk 0 Vendor: HITACHI_ GH2Z Size: 476940MB BusType: 3
17:24:28.388 Disk 0 MBR read successfully
17:24:28.403 Disk 0 MBR scan
17:24:28.403 Disk 0 unknown MBR code
17:24:28.419 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 2048
17:24:28.434 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 461438 MB offset 3074048
17:24:28.466 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14000 MB offset 948099072
17:24:28.544 Disk 0 scanning C:\Windows\system32\drivers
17:24:51.881 Service scanning
17:25:16.561 Modules scanning
17:25:16.561 Disk 0 trace - called modules:
17:25:16.608
17:25:17.123 Scan finished successfully
17:27:42.983 Disk 0 MBR has been saved successfully to "C:\Users\nitram484\Desktop\MBR.dat"
17:27:42.999 The log file has been saved successfully to "C:\Users\nitram484\Desktop\aswMBR.txt"
Geändert von cosinus (07.01.2013 um 20:51 Uhr) Grund: CODE-Tags |
|
06.01.2013, 17:55
| #6 |
| | Email von Adresse eines Bekannten mit seltsamem Link Hier der Log von TDSS getrennt, da zu groß, TEIL I: Code:
ATTFilter 17:42:38.0370 8124 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:42:38.0869 8124 ============================================================
17:42:38.0869 8124 Current date / time: 2013/01/06 17:42:38.0869
17:42:38.0869 8124 SystemInfo:
17:42:38.0869 8124
17:42:38.0869 8124 OS Version: 6.1.7601 ServicePack: 1.0
17:42:38.0869 8124 Product type: Workstation
17:42:38.0869 8124 ComputerName: NITRAM484-THINK
17:42:38.0869 8124 UserName: nitram484
17:42:38.0869 8124 Windows directory: C:\Windows
17:42:38.0869 8124 System windows directory: C:\Windows
17:42:38.0869 8124 Running under WOW64
17:42:38.0869 8124 Processor architecture: Intel x64
17:42:38.0869 8124 Number of processors: 4
17:42:38.0869 8124 Page size: 0x1000
17:42:38.0869 8124 Boot type: Normal boot
17:42:38.0869 8124 ============================================================
17:42:39.0524 8124 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:42:39.0524 8124 ============================================================
17:42:39.0524 8124 \Device\Harddisk0\DR0:
17:42:39.0524 8124 MBR partitions:
17:42:39.0524 8124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
17:42:39.0524 8124 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3853F000
17:42:39.0524 8124 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3882D800, BlocksNum 0x1B58000
17:42:39.0524 8124 ============================================================
17:42:39.0555 8124 C: <-> \Device\Harddisk0\DR0\Partition2
17:42:39.0618 8124 Q: <-> \Device\Harddisk0\DR0\Partition3
17:42:39.0618 8124 ============================================================
17:42:39.0618 8124 Initialize success
17:42:39.0618 8124 ============================================================
17:42:55.0998 12076 ============================================================
17:42:55.0998 12076 Scan started
17:42:55.0998 12076 Mode: Manual;
17:42:55.0998 12076 ============================================================
17:42:56.0403 12076 ================ Scan system memory ========================
17:42:56.0403 12076 System memory - ok
17:42:56.0403 12076 ================ Scan services =============================
17:42:56.0606 12076 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:42:56.0606 12076 1394ohci - ok
17:42:56.0622 12076 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:42:56.0622 12076 ACPI - ok
17:42:56.0637 12076 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:42:56.0637 12076 AcpiPmi - ok
17:42:56.0700 12076 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:42:56.0700 12076 AdobeARMservice - ok
17:42:56.0793 12076 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:42:56.0793 12076 AdobeFlashPlayerUpdateSvc - ok
17:42:56.0825 12076 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:42:56.0825 12076 adp94xx - ok
17:42:56.0856 12076 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:42:56.0871 12076 adpahci - ok
17:42:56.0887 12076 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:42:56.0887 12076 adpu320 - ok
17:42:56.0918 12076 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:42:56.0918 12076 AeLookupSvc - ok
17:42:56.0981 12076 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:42:56.0996 12076 AFD - ok
17:42:56.0996 12076 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:42:56.0996 12076 agp440 - ok
17:42:57.0027 12076 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:42:57.0027 12076 ALG - ok
17:42:57.0027 12076 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:42:57.0027 12076 aliide - ok
17:42:57.0027 12076 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:42:57.0043 12076 amdide - ok
17:42:57.0043 12076 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:42:57.0043 12076 AmdK8 - ok
17:42:57.0059 12076 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:42:57.0059 12076 AmdPPM - ok
17:42:57.0074 12076 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:42:57.0074 12076 amdsata - ok
17:42:57.0090 12076 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:42:57.0090 12076 amdsbs - ok
17:42:57.0121 12076 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:42:57.0121 12076 amdxata - ok
17:42:57.0121 12076 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:42:57.0121 12076 AppID - ok
17:42:57.0137 12076 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:42:57.0137 12076 AppIDSvc - ok
17:42:57.0152 12076 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:42:57.0152 12076 Appinfo - ok
17:42:57.0152 12076 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:42:57.0152 12076 arc - ok
17:42:57.0168 12076 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:42:57.0168 12076 arcsas - ok
17:42:57.0183 12076 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:42:57.0183 12076 AsyncMac - ok
17:42:57.0199 12076 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:42:57.0199 12076 atapi - ok
17:42:57.0277 12076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:42:57.0293 12076 AudioEndpointBuilder - ok
17:42:57.0293 12076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:42:57.0308 12076 AudioSrv - ok
17:42:57.0433 12076 [ C48176DA44D0298A7075D3C5CF8C3D8D ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
17:42:57.0449 12076 AVKProxy - ok
17:42:57.0511 12076 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
17:42:57.0527 12076 AVKService - ok
17:42:57.0573 12076 [ 22F1444896844B0462359825EF628507 ] AVKWCtl C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe
17:42:57.0605 12076 AVKWCtl - ok
17:42:57.0651 12076 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:42:57.0651 12076 AxInstSV - ok
17:42:57.0683 12076 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:42:57.0698 12076 b06bdrv - ok
17:42:57.0714 12076 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:42:57.0729 12076 b57nd60a - ok
17:42:57.0761 12076 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:42:57.0761 12076 BDESVC - ok
17:42:57.0761 12076 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:42:57.0776 12076 Beep - ok
17:42:57.0807 12076 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:42:57.0823 12076 BFE - ok
17:42:57.0854 12076 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:42:57.0870 12076 BITS - ok
17:42:57.0901 12076 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:42:57.0901 12076 blbdrive - ok
17:42:57.0995 12076 [ 6D625A18DDFCD0464B914B71293AD837 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:42:58.0010 12076 Bluetooth Device Monitor - ok
17:42:58.0041 12076 [ 74B2BF80D966CFE8BC8005D19E40608D ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:42:58.0057 12076 Bluetooth Media Service - ok
17:42:58.0119 12076 [ 707BF27D30ADAB7798C69D5BF41C7131 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:42:58.0135 12076 Bluetooth OBEX Service - ok
17:42:58.0166 12076 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:42:58.0166 12076 bowser - ok
17:42:58.0197 12076 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:42:58.0197 12076 BrFiltLo - ok
17:42:58.0213 12076 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:42:58.0213 12076 BrFiltUp - ok
17:42:58.0229 12076 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:42:58.0229 12076 Browser - ok
17:42:58.0244 12076 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:42:58.0244 12076 Brserid - ok
17:42:58.0244 12076 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:42:58.0260 12076 BrSerWdm - ok
17:42:58.0260 12076 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:42:58.0260 12076 BrUsbMdm - ok
17:42:58.0260 12076 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:42:58.0260 12076 BrUsbSer - ok
17:42:58.0322 12076 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:42:58.0322 12076 BthEnum - ok
17:42:58.0338 12076 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:42:58.0338 12076 BTHMODEM - ok
17:42:58.0353 12076 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:42:58.0353 12076 BthPan - ok
17:42:58.0400 12076 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:42:58.0400 12076 BTHPORT - ok
17:42:58.0431 12076 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:42:58.0431 12076 bthserv - ok
17:42:58.0463 12076 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:42:58.0463 12076 BTHUSB - ok
17:42:58.0494 12076 [ 3676BEAA7D842047D30E95D59B241F22 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
17:42:58.0509 12076 btmaux - ok
17:42:58.0525 12076 [ FA0E7B5AFB8FD335234916764A2D6CF9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
17:42:58.0541 12076 btmhsf - ok
17:42:58.0572 12076 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:42:58.0572 12076 cdfs - ok
17:42:58.0603 12076 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:42:58.0603 12076 cdrom - ok
17:42:58.0619 12076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:42:58.0634 12076 CertPropSvc - ok
17:42:58.0650 12076 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:42:58.0650 12076 circlass - ok
17:42:58.0681 12076 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:42:58.0681 12076 CLFS - ok
17:42:58.0759 12076 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:42:58.0759 12076 clr_optimization_v2.0.50727_32 - ok
17:42:58.0806 12076 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:42:58.0806 12076 clr_optimization_v2.0.50727_64 - ok
17:42:58.0853 12076 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:42:58.0853 12076 clr_optimization_v4.0.30319_32 - ok
17:42:58.0899 12076 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:42:58.0899 12076 clr_optimization_v4.0.30319_64 - ok
17:42:58.0915 12076 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:42:58.0915 12076 CmBatt - ok
17:42:58.0946 12076 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:42:58.0946 12076 cmdide - ok
17:42:58.0993 12076 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:42:58.0993 12076 CNG - ok
17:42:59.0024 12076 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:42:59.0024 12076 Compbatt - ok
17:42:59.0055 12076 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:42:59.0055 12076 CompositeBus - ok
17:42:59.0055 12076 COMSysApp - ok
17:42:59.0102 12076 [ AA7A157729FB504E1EED535F2F6AD1C0 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:42:59.0118 12076 cphs - ok
17:42:59.0133 12076 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:42:59.0133 12076 crcdisk - ok
17:42:59.0165 12076 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:42:59.0165 12076 CryptSvc - ok
17:42:59.0211 12076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:42:59.0211 12076 DcomLaunch - ok
17:42:59.0258 12076 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:42:59.0258 12076 defragsvc - ok
17:42:59.0289 12076 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:42:59.0289 12076 DfsC - ok
17:42:59.0305 12076 DgiVecp - ok
17:42:59.0336 12076 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:42:59.0336 12076 Dhcp - ok
17:42:59.0352 12076 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:42:59.0352 12076 discache - ok
17:42:59.0383 12076 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:42:59.0383 12076 Disk - ok
17:42:59.0399 12076 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:42:59.0399 12076 Dnscache - ok
17:42:59.0430 12076 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:42:59.0430 12076 dot3svc - ok
17:42:59.0445 12076 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:42:59.0461 12076 DPS - ok
17:42:59.0492 12076 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:42:59.0492 12076 drmkaud - ok
17:42:59.0523 12076 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:42:59.0539 12076 DXGKrnl - ok
17:42:59.0570 12076 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:42:59.0570 12076 EapHost - ok
17:42:59.0648 12076 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:42:59.0711 12076 ebdrv - ok
17:42:59.0742 12076 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:42:59.0742 12076 EFS - ok
17:42:59.0789 12076 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:42:59.0804 12076 ehRecvr - ok
17:42:59.0820 12076 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:42:59.0820 12076 ehSched - ok
17:42:59.0867 12076 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:42:59.0867 12076 elxstor - ok
17:42:59.0867 12076 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:42:59.0882 12076 ErrDev - ok
17:42:59.0929 12076 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:42:59.0945 12076 EventSystem - ok
17:43:00.0023 12076 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:43:00.0038 12076 EvtEng - ok
17:43:00.0069 12076 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
17:43:00.0069 12076 ew_hwusbdev - ok
17:43:00.0101 12076 [ 55E0EDA185869F7EA67EA97FD0655B39 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
17:43:00.0101 12076 ew_usbenumfilter - ok
17:43:00.0116 12076 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:43:00.0132 12076 exfat - ok
17:43:00.0163 12076 [ A845E84D0F3EDC127E37EC1838F9ED97 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
17:43:00.0163 12076 Fastboot - ok
17:43:00.0210 12076 [ 6B9DC153941FF58D684C409614565A4E ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
17:43:00.0210 12076 FastbootService - ok
17:43:00.0225 12076 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:43:00.0225 12076 fastfat - ok
17:43:00.0272 12076 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:43:00.0288 12076 Fax - ok
17:43:00.0303 12076 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:43:00.0303 12076 fdc - ok
17:43:00.0335 12076 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:43:00.0335 12076 fdPHost - ok
17:43:00.0350 12076 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:43:00.0350 12076 FDResPub - ok
17:43:00.0366 12076 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:43:00.0366 12076 FileInfo - ok
17:43:00.0381 12076 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:43:00.0381 12076 Filetrace - ok
17:43:00.0397 12076 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:43:00.0397 12076 flpydisk - ok
17:43:00.0413 12076 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:43:00.0428 12076 FltMgr - ok
17:43:00.0459 12076 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:43:00.0475 12076 FontCache - ok
17:43:00.0537 12076 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:43:00.0537 12076 FontCache3.0.0.0 - ok
17:43:00.0584 12076 [ 0B034CC9D439B9AD6B05B6F975BAF489 ] FPLService C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
17:43:00.0584 12076 FPLService - ok
17:43:00.0600 12076 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:43:00.0600 12076 FsDepends - ok
17:43:00.0615 12076 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:43:00.0615 12076 Fs_Rec - ok
17:43:00.0631 12076 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:43:00.0647 12076 fvevol - ok
17:43:00.0662 12076 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:43:00.0662 12076 gagp30kx - ok
17:43:00.0725 12076 [ D201C1F6B0F5E4F202CBCB75D6352E63 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
17:43:00.0725 12076 GDBehave - ok
17:43:00.0740 12076 [ E1558301938B6CF92F7677224D3FB6F7 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
17:43:00.0740 12076 GDMnIcpt - ok
17:43:00.0787 12076 [ 5F1E5EAE8F08B6E2FABE8345E0BDFE48 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
17:43:00.0787 12076 GDPkIcpt - ok
17:43:00.0896 12076 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
17:43:00.0896 12076 GDScan - ok
17:43:00.0912 12076 [ 4ECBCAD43B7FED6F135BF108BB71434D ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
17:43:00.0927 12076 gdwfpcd - ok
17:43:00.0927 12076 GLogin - ok
17:43:00.0990 12076 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:43:01.0005 12076 gpsvc - ok
17:43:01.0037 12076 [ 9580CBF03D2EE08BD1C0D701AAE4092A ] GRD C:\Windows\system32\drivers\GRD.sys
17:43:01.0037 12076 GRD - ok
17:43:01.0068 12076 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:43:01.0068 12076 hcw85cir - ok
17:43:01.0099 12076 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:43:01.0115 12076 HdAudAddService - ok
17:43:01.0130 12076 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:43:01.0130 12076 HDAudBus - ok
17:43:01.0146 12076 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:43:01.0146 12076 HidBatt - ok
17:43:01.0146 12076 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:43:01.0146 12076 HidBth - ok
17:43:01.0161 12076 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:43:01.0161 12076 HidIr - ok
17:43:01.0177 12076 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:43:01.0193 12076 hidserv - ok
17:43:01.0208 12076 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:43:01.0208 12076 HidUsb - ok
17:43:01.0224 12076 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:43:01.0224 12076 hkmsvc - ok
17:43:01.0239 12076 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:43:01.0255 12076 HomeGroupListener - ok
17:43:01.0271 12076 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:43:01.0271 12076 HomeGroupProvider - ok
17:43:01.0302 12076 [ 3CD18F0B3681FB267E67763CC3152D4E ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
17:43:01.0302 12076 HookCentre - ok
17:43:01.0333 12076 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:43:01.0333 12076 HpSAMD - ok
17:43:01.0349 12076 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:43:01.0364 12076 HTTP - ok
17:43:01.0395 12076 [ 8F3C72B2B005BB9AF90D645EDDF818B8 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
17:43:01.0411 12076 huawei_cdcacm - ok
17:43:01.0427 12076 [ DDBB283835010E52E88AAC6995B617D7 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
17:43:01.0427 12076 huawei_enumerator - ok
17:43:01.0473 12076 [ 83D6CD158B6D543BD6C61D5FA6063E93 ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
17:43:01.0473 12076 huawei_ext_ctrl - ok
17:43:01.0505 12076 [ F0A1A00F44FBAB86A3607A7002620915 ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
17:43:01.0505 12076 huawei_wwanecm - ok
17:43:01.0567 12076 [ E90DA42B87D684DEBFB73B38A718A006 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
17:43:01.0583 12076 HWDeviceService64.exe - ok
17:43:01.0583 12076 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:43:01.0583 12076 hwpolicy - ok
17:43:01.0661 12076 [ 8E2C5AE82CA66B60E3F4114526F1CD96 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
17:43:01.0661 12076 HyperW7Svc - ok
17:43:01.0676 12076 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:43:01.0676 12076 i8042prt - ok
17:43:01.0707 12076 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:43:01.0723 12076 iaStor - ok
17:43:01.0754 12076 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:43:01.0770 12076 iaStorV - ok
17:43:01.0785 12076 [ 72B253CDBCAA10E88AAD0BA39CC83BCD ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
17:43:01.0785 12076 IBMPMDRV - ok
17:43:01.0817 12076 [ 4925FFB084C9AD02E8EEF01FB18BF5AC ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
17:43:01.0817 12076 IBMPMSVC - ok
17:43:01.0863 12076 [ 653A38B868A5F20BB506AB57AC41B936 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
17:43:01.0863 12076 ibtfltcoex - ok
17:43:01.0957 12076 [ 15C9BF6968A0990D8F4161A6ABEB7229 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:43:01.0988 12076 IconMan_R - ok
17:43:02.0035 12076 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:43:02.0051 12076 idsvc - ok
17:43:02.0347 12076 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:43:02.0675 12076 igfx - ok
17:43:02.0706 12076 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:43:02.0721 12076 iirsp - ok
17:43:02.0753 12076 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:43:02.0768 12076 IKEEXT - ok
17:43:02.0799 12076 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
17:43:02.0799 12076 intaud_WaveExtensible - ok
17:43:02.0924 12076 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:43:03.0002 12076 IntcAzAudAddService - ok
17:43:03.0049 12076 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:43:03.0049 12076 IntcDAud - ok
17:43:03.0127 12076 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:43:03.0127 12076 Intel(R) Capability Licensing Service Interface - ok
17:43:03.0174 12076 [ F46458404BA3728430ACB7EC1E371E59 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
17:43:03.0189 12076 Intel(R) ME Service - ok
17:43:03.0205 12076 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:43:03.0221 12076 intelide - ok
17:43:03.0236 12076 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:43:03.0236 12076 intelppm - ok
17:43:03.0267 12076 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:43:03.0267 12076 IPBusEnum - ok
17:43:03.0283 12076 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:43:03.0283 12076 IpFilterDriver - ok
17:43:03.0314 12076 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:43:03.0314 12076 iphlpsvc - ok
17:43:03.0330 12076 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:43:03.0330 12076 IPMIDRV - ok
17:43:03.0330 12076 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:43:03.0330 12076 IPNAT - ok
17:43:03.0361 12076 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:43:03.0361 12076 IRENUM - ok
17:43:03.0377 12076 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:43:03.0377 12076 isapnp - ok
17:43:03.0392 12076 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:43:03.0392 12076 iScsiPrt - ok
17:43:03.0423 12076 [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
17:43:03.0423 12076 iusb3hcs - ok
17:43:03.0455 12076 [ 023896E23B61543A15A230EED996D911 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
17:43:03.0455 12076 iusb3hub - ok
17:43:03.0486 12076 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:43:03.0486 12076 iusb3xhc - ok
17:43:03.0517 12076 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
17:43:03.0533 12076 iwdbus - ok
17:43:03.0579 12076 [ 468F7516B4030603BA9D1427CCEACDF9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:43:03.0579 12076 jhi_service - ok
17:43:03.0611 12076 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:43:03.0611 12076 kbdclass - ok
17:43:03.0626 12076 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:43:03.0626 12076 kbdhid - ok
17:43:03.0642 12076 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:43:03.0642 12076 KeyIso - ok
17:43:03.0657 12076 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:43:03.0673 12076 KSecDD - ok
17:43:03.0673 12076 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:43:03.0673 12076 KSecPkg - ok
17:43:03.0689 12076 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:43:03.0689 12076 ksthunk - ok
17:43:03.0720 12076 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:43:03.0735 12076 KtmRm - ok
17:43:03.0751 12076 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:43:03.0751 12076 LanmanServer - ok
17:43:03.0782 12076 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:43:03.0782 12076 LanmanWorkstation - ok
17:43:03.0829 12076 [ 7100AE6040F230100B4652DF19BDB5E7 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
17:43:03.0829 12076 LENOVO.CAMMUTE - ok
17:43:03.0860 12076 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
17:43:03.0860 12076 LENOVO.MICMUTE - ok
17:43:03.0876 12076 [ 1D2B4FEEDF7BB05959A814AD3D5B733F ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
17:43:03.0876 12076 LENOVO.TPKNRSVC - ok
17:43:03.0891 12076 [ 6417B93EC3C2CA4DEBCB9E87954858B4 ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
17:43:03.0891 12076 LENOVO.TVTVCAM - ok
17:43:03.0907 12076 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
17:43:03.0907 12076 Lenovo.VIRTSCRLSVC - ok
17:43:03.0938 12076 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:43:03.0938 12076 lltdio - ok
17:43:03.0954 12076 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:43:03.0969 12076 lltdsvc - ok
17:43:03.0969 12076 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:43:03.0985 12076 lmhosts - ok
17:43:04.0032 12076 [ B114B200CCDEBC7EBD8EF5D783819386 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:43:04.0032 12076 LMS - ok
17:43:04.0079 12076 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:43:04.0079 12076 LSI_FC - ok
17:43:04.0079 12076 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:43:04.0094 12076 LSI_SAS - ok
17:43:04.0094 12076 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:43:04.0094 12076 LSI_SAS2 - ok
17:43:04.0094 12076 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:43:04.0110 12076 LSI_SCSI - ok
17:43:04.0125 12076 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:43:04.0125 12076 luafv - ok
17:43:04.0157 12076 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:43:04.0172 12076 MBAMProtector - ok
17:43:04.0219 12076 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:43:04.0219 12076 MBAMScheduler - ok
17:43:04.0250 12076 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:43:04.0250 12076 MBAMService - ok
17:43:04.0282 12076 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:43:04.0297 12076 Mcx2Svc - ok
17:43:04.0297 12076 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:43:04.0297 12076 megasas - ok
17:43:04.0313 12076 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:43:04.0328 12076 MegaSR - ok
17:43:04.0360 12076 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:43:04.0360 12076 MEIx64 - ok
17:43:04.0391 12076 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:43:04.0406 12076 MMCSS - ok
17:43:04.0422 12076 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:43:04.0422 12076 Modem - ok
17:43:04.0453 12076 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:43:04.0453 12076 monitor - ok
17:43:04.0469 12076 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:43:04.0469 12076 mouclass - ok
17:43:04.0484 12076 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:43:04.0500 12076 mouhid - ok
17:43:04.0516 12076 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:43:04.0516 12076 mountmgr - ok
17:43:04.0547 12076 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:43:04.0547 12076 MozillaMaintenance - ok
17:43:04.0562 12076 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:43:04.0562 12076 mpio - ok
17:43:04.0578 12076 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:43:04.0578 12076 mpsdrv - ok
17:43:04.0609 12076 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:43:04.0625 12076 MpsSvc - ok
17:43:04.0625 12076 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:43:04.0625 12076 MRxDAV - ok
17:43:04.0656 12076 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:43:04.0656 12076 mrxsmb - ok
17:43:04.0687 12076 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:43:04.0687 12076 mrxsmb10 - ok
17:43:04.0703 12076 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:43:04.0703 12076 mrxsmb20 - ok
17:43:04.0718 12076 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:43:04.0718 12076 msahci - ok
17:43:04.0734 12076 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:43:04.0734 12076 msdsm - ok
17:43:04.0750 12076 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:43:04.0750 12076 MSDTC - ok
17:43:04.0781 12076 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:43:04.0781 12076 Msfs - ok
17:43:04.0796 12076 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:43:04.0796 12076 mshidkmdf - ok
17:43:04.0812 12076 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:43:04.0812 12076 msisadrv - ok
17:43:04.0859 12076 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:43:04.0859 12076 MSiSCSI - ok
17:43:04.0874 12076 msiserver - ok
17:43:04.0890 12076 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:43:04.0890 12076 MSKSSRV - ok
17:43:04.0921 12076 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:43:04.0921 12076 MSPCLOCK - ok
17:43:04.0921 12076 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:43:04.0937 12076 MSPQM - ok
17:43:04.0952 12076 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:43:04.0952 12076 MsRPC - ok
17:43:04.0968 12076 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:43:04.0968 12076 mssmbios - ok
17:43:04.0984 12076 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:43:04.0984 12076 MSTEE - ok
17:43:04.0999 12076 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:43:04.0999 12076 MTConfig - ok
17:43:05.0015 12076 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:43:05.0015 12076 Mup - ok
17:43:05.0046 12076 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:43:05.0062 12076 MyWiFiDHCPDNS - ok
17:43:05.0093 12076 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:43:05.0093 12076 napagent - ok
17:43:05.0124 12076 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:43:05.0124 12076 NativeWifiP - ok
17:43:05.0171 12076 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:43:05.0202 12076 NDIS - ok
17:43:05.0249 12076 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:43:05.0249 12076 NdisCap - ok
17:43:05.0264 12076 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:43:05.0264 12076 NdisTapi - ok
17:43:05.0280 12076 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:43:05.0280 12076 Ndisuio - ok
17:43:05.0311 12076 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:43:05.0311 12076 NdisWan - ok
17:43:05.0327 12076 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:43:05.0327 12076 NDProxy - ok
17:43:05.0327 12076 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:43:05.0342 12076 NetBIOS - ok
17:43:05.0342 12076 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:43:05.0358 12076 NetBT - ok
17:43:05.0374 12076 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:43:05.0374 12076 Netlogon - ok
17:43:05.0405 12076 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:43:05.0405 12076 Netman - ok
17:43:05.0436 12076 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:43:05.0436 12076 netprofm - ok
17:43:05.0467 12076 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:43:05.0467 12076 NetTcpPortSharing - ok
17:43:05.0701 12076 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
17:43:05.0888 12076 NETwNs64 - ok
17:43:05.0920 12076 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:43:05.0920 12076 nfrd960 - ok
17:43:05.0951 12076 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:43:05.0951 12076 NlaSvc - ok
17:43:05.0966 12076 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:43:05.0966 12076 Npfs - ok
17:43:05.0982 12076 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:43:05.0998 12076 nsi - ok
17:43:06.0013 12076 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:43:06.0013 12076 nsiproxy - ok
17:43:06.0060 12076 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:43:06.0091 12076 Ntfs - ok
17:43:06.0107 12076 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:43:06.0107 12076 Null - ok
17:43:06.0138 12076 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:43:06.0138 12076 nvraid - ok
17:43:06.0138 12076 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:43:06.0154 12076 nvstor - ok
17:43:06.0169 12076 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:43:06.0169 12076 nv_agp - ok
17:43:06.0216 12076 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:43:06.0232 12076 odserv - ok
17:43:06.0232 12076 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:43:06.0232 12076 ohci1394 - ok
17:43:06.0263 12076 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:43:06.0278 12076 ose - ok
17:43:06.0310 12076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:43:06.0310 12076 p2pimsvc - ok
17:43:06.0341 12076 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:43:06.0341 12076 p2psvc - ok
17:43:06.0356 12076 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:43:06.0356 12076 Parport - ok
17:43:06.0372 12076 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:43:06.0372 12076 partmgr - ok
17:43:06.0388 12076 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:43:06.0403 12076 PcaSvc - ok
17:43:06.0419 12076 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:43:06.0419 12076 pci - ok
17:43:06.0434 12076 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:43:06.0434 12076 pciide - ok
17:43:06.0450 12076 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:43:06.0450 12076 pcmcia - ok
17:43:06.0466 12076 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:43:06.0466 12076 pcw - ok
17:43:06.0481 12076 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:43:06.0497 12076 PEAUTH - ok
17:43:06.0559 12076 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:43:06.0559 12076 PerfHost - ok
17:43:06.0606 12076 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
17:43:06.0606 12076 PHCORE - ok
17:43:06.0637 12076 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:43:06.0668 12076 pla - ok
17:43:06.0731 12076 [ 1CE0621B591913C12BECAA5B50E88BB2 ] PLAY ONLINE. RunOuc C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe
17:43:06.0746 12076 PLAY ONLINE. RunOuc - ok
17:43:06.0762 12076 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:43:06.0778 12076 PlugPlay - ok
17:43:06.0778 12076 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:43:06.0793 12076 PNRPAutoReg - ok
17:43:06.0809 12076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:43:06.0809 12076 PNRPsvc - ok
17:43:06.0856 12076 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:43:06.0856 12076 PolicyAgent - ok
17:43:06.0887 12076 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
17:43:06.0887 12076 Power - ok
17:43:06.0965 12076 [ EBA27A33362B62F6C11D89A76E09E08E ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
17:43:06.0980 12076 Power Manager DBC Service - ok
17:43:07.0027 12076 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:43:07.0027 12076 PptpMiniport - ok
17:43:07.0043 12076 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:43:07.0043 12076 Processor - ok
17:43:07.0058 12076 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:43:07.0074 12076 ProfSvc - ok
17:43:07.0074 12076 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:43:07.0074 12076 ProtectedStorage - ok
17:43:07.0105 12076 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
17:43:07.0105 12076 psadd - ok
17:43:07.0121 12076 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:43:07.0136 12076 Psched - ok
17:43:07.0183 12076 [ 7D55E34F823392D2D7080E850B9F486B ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
17:43:07.0199 12076 PwmEWSvc - ok
17:43:07.0246 12076 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:43:07.0277 12076 ql2300 - ok
17:43:07.0308 12076 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:43:07.0308 12076 ql40xx - ok
17:43:07.0324 12076 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:43:07.0324 12076 QWAVE - ok
17:43:07.0339 12076 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:43:07.0355 12076 QWAVEdrv - ok
17:43:07.0370 12076 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:43:07.0370 12076 RasAcd - ok
17:43:07.0402 12076 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:43:07.0402 12076 RasAgileVpn - ok
17:43:07.0417 12076 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:43:07.0433 12076 RasAuto - ok
17:43:07.0448 12076 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:43:07.0448 12076 Rasl2tp - ok
17:43:07.0480 12076 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:43:07.0480 12076 RasMan - ok
17:43:07.0511 12076 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:43:07.0511 12076 RasPppoe - ok
17:43:07.0542 12076 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:43:07.0542 12076 RasSstp - ok
17:43:07.0604 12076 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:43:07.0604 12076 rdbss - ok
17:43:07.0620 12076 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:43:07.0620 12076 rdpbus - ok
17:43:07.0636 12076 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:43:07.0636 12076 RDPCDD - ok
17:43:07.0667 12076 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:43:07.0667 12076 RDPENCDD - ok
17:43:07.0667 12076 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:43:07.0667 12076 RDPREFMP - ok
17:43:07.0714 12076 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:43:07.0714 12076 RDPWD - ok
17:43:07.0714 12076 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:43:07.0729 12076 rdyboost - ok
17:43:07.0792 12076 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:43:07.0792 12076 RegSrvc - ok
17:43:07.0823 12076 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:43:07.0823 12076 RemoteAccess - ok
17:43:07.0854 12076 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:43:07.0854 12076 RemoteRegistry - ok
17:43:07.0870 12076 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:43:07.0885 12076 RFCOMM - ok
17:43:07.0885 12076 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:43:07.0901 12076 RpcEptMapper - ok
17:43:07.0901 12076 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:43:07.0916 12076 RpcLocator - ok
17:43:07.0932 12076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:43:07.0932 12076 RpcSs - ok
17:43:07.0963 12076 [ FD2F7ABB0B3C777CDC9D342CADBF0131 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
17:43:07.0979 12076 RSPCIESTOR - ok
17:43:08.0010 12076 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:43:08.0026 12076 rspndr - ok
17:43:08.0057 12076 [ 6CF9DB101A75360E98659F823852E540 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:43:08.0072 12076 RTL8167 - ok
17:43:08.0072 12076 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:43:08.0072 12076 SamSs - ok
17:43:08.0104 12076 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:43:08.0104 12076 sbp2port - ok
17:43:08.0135 12076 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:43:08.0135 12076 SCardSvr - ok
17:43:08.0150 12076 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:43:08.0150 12076 scfilter - ok
17:43:08.0182 12076 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:43:08.0197 12076 Schedule - ok
17:43:08.0228 12076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:43:08.0228 12076 SCPolicySvc - ok
17:43:08.0244 12076 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:43:08.0244 12076 SDRSVC - ok
17:43:08.0275 12076 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:43:08.0291 12076 secdrv - ok
17:43:08.0306 12076 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:43:08.0306 12076 seclogon - ok
17:43:08.0338 12076 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:43:08.0338 12076 SENS - ok
17:43:08.0400 12076 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:43:08.0400 12076 SensrSvc - ok
17:43:08.0416 12076 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:43:08.0416 12076 Serenum - ok
17:43:08.0431 12076 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:43:08.0431 12076 Serial - ok
17:43:08.0431 12076 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:43:08.0447 12076 sermouse - ok
17:43:08.0478 12076 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:43:08.0478 12076 SessionEnv - ok
17:43:08.0494 12076 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:43:08.0494 12076 sffdisk - ok
17:43:08.0509 12076 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:43:08.0509 12076 sffp_mmc - ok
17:43:08.0525 12076 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:43:08.0525 12076 sffp_sd - ok
17:43:08.0525 12076 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:43:08.0540 12076 sfloppy - ok
17:43:08.0572 12076 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:43:08.0587 12076 SharedAccess - ok
17:43:08.0603 12076 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:43:08.0603 12076 ShellHWDetection - ok
17:43:08.0650 12076 [ 7AC6FBFC13ABA3F15B05986412D10E10 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
17:43:08.0650 12076 Shockprf - ok
17:43:08.0665 12076 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:43:08.0665 12076 SiSRaid2 - ok
17:43:08.0681 12076 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:43:08.0681 12076 SiSRaid4 - ok
17:43:08.0712 12076 [ 94A221B95F4FB4FAAB6A56A683D6FDF3 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:43:08.0712 12076 SkypeUpdate - ok
17:43:08.0743 12076 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:43:08.0743 12076 Smb - ok
17:43:08.0759 12076 [ 1D05A2E9067CD87E2C7D566DA47B9EEF ] SmbDrvIntel C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
17:43:08.0759 12076 SmbDrvIntel - ok
17:43:08.0790 12076 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:43:08.0806 12076 SNMPTRAP - ok
17:43:08.0821 12076 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:43:08.0821 12076 spldr - ok
17:43:08.0852 12076 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:43:08.0868 12076 Spooler - ok
17:43:08.0946 12076 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:43:09.0008 12076 sppsvc - ok
17:43:09.0024 12076 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:43:09.0024 12076 sppuinotify - ok
17:43:09.0055 12076 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:43:09.0055 12076 srv - ok
17:43:09.0071 12076 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:43:09.0071 12076 srv2 - ok
17:43:09.0086 12076 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:43:09.0102 12076 srvnet - ok
17:43:09.0133 12076 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:43:09.0133 12076 SSDPSRV - ok
17:43:09.0149 12076 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
17:43:09.0149 12076 SSPORT - ok
17:43:09.0164 12076 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:43:09.0164 12076 SstpSvc - ok
17:43:09.0180 12076 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:43:09.0180 12076 stexstor - ok
17:43:09.0211 12076 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:43:09.0227 12076 stisvc - ok
17:43:09.0289 12076 [ C5AEDE68CEED66BC1A030E1E535B5B4C ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
17:43:09.0289 12076 SUService - ok
17:43:09.0305 12076 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:43:09.0305 12076 swenum - ok
17:43:09.0320 12076 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:43:09.0336 12076 swprv - ok
17:43:09.0367 12076 [ 1C402D9404BD874406D9C53FD40D1418 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:43:09.0367 12076 SynTP - ok
17:43:09.0430 12076 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:43:09.0461 12076 SysMain - ok
17:43:09.0476 12076 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:43:09.0476 12076 TabletInputService - ok
17:43:09.0492 12076 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:43:09.0492 12076 TapiSrv - ok
17:43:09.0508 12076 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:43:09.0508 12076 TBS - ok
17:43:09.0570 12076 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:43:09.0601 12076 Tcpip - ok
17:43:09.0648 12076 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:43:09.0664 12076 TCPIP6 - ok
17:43:09.0679 12076 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:43:09.0679 12076 tcpipreg - ok
17:43:09.0710 12076 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:43:09.0710 12076 TDPIPE - ok
17:43:09.0726 12076 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:43:09.0726 12076 TDTCP - ok
17:43:09.0757 12076 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:43:09.0757 12076 tdx - ok
17:43:09.0773 12076 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:43:09.0773 12076 TermDD - ok
17:43:09.0804 12076 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:43:09.0820 12076 TermService - ok
17:43:09.0835 12076 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:43:09.0835 12076 Themes - ok
17:43:09.0851 12076 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:43:09.0851 12076 THREADORDER - ok
17:43:09.0866 12076 [ BC148E3415BF8A9DE83364966F75044F ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
17:43:09.0866 12076 TPDIGIMN - ok
17:43:09.0882 12076 [ BBD91008BEC4A2BA5D383BC9A15D6F9E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
17:43:09.0882 12076 TPHDEXLGSVC - ok
17:43:09.0913 12076 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
17:43:09.0913 12076 TPHKLOAD - ok
17:43:09.0944 12076 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
17:43:09.0944 12076 TPHKSVC - ok
17:43:09.0976 12076 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
17:43:09.0976 12076 TPM - ok
17:43:09.0991 12076 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
17:43:09.0991 12076 TPPWRIF - ok
17:43:10.0022 12076 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:43:10.0022 12076 TrkWks - ok
17:43:10.0054 12076 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:43:10.0069 12076 TrustedInstaller - ok
17:43:10.0069 12076 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:43:10.0085 12076 tssecsrv - ok
17:43:10.0085 12076 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:43:10.0085 12076 TsUsbFlt - ok
17:43:10.0085 12076 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:43:10.0085 12076 TsUsbGD - ok
17:43:10.0116 12076 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:43:10.0116 12076 tunnel - ok
Geändert von cosinus (07.01.2013 um 20:50 Uhr) Grund: CODE-Tags |
|
06.01.2013, 17:56
| #7 |
| | Email von Adresse eines Bekannten mit seltsamem Link TEIL II Code:
ATTFilter 17:43:10.0147 12076 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
17:43:10.0147 12076 TVTI2C - ok
17:43:10.0178 12076 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
17:43:10.0178 12076 tvtvcamd - ok
17:43:10.0178 12076 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:43:10.0178 12076 uagp35 - ok
17:43:10.0194 12076 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:43:10.0210 12076 udfs - ok
17:43:10.0225 12076 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:43:10.0225 12076 UI0Detect - ok
17:43:10.0272 12076 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:43:10.0272 12076 uliagpkx - ok
17:43:10.0288 12076 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:43:10.0288 12076 umbus - ok
17:43:10.0303 12076 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:43:10.0303 12076 UmPass - ok
17:43:10.0381 12076 [ 6617E7CC9DC6729A11BFF54C47CEA7D0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:43:10.0397 12076 UNS - ok
17:43:10.0412 12076 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:43:10.0412 12076 upnphost - ok
17:43:10.0428 12076 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:43:10.0428 12076 usbccgp - ok
17:43:10.0444 12076 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:43:10.0444 12076 usbcir - ok
17:43:10.0444 12076 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:43:10.0444 12076 usbehci - ok
17:43:10.0475 12076 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:43:10.0475 12076 usbhub - ok
17:43:10.0490 12076 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:43:10.0490 12076 usbohci - ok
17:43:10.0506 12076 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:43:10.0506 12076 usbprint - ok
17:43:10.0506 12076 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:43:10.0522 12076 USBSTOR - ok
17:43:10.0522 12076 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:43:10.0522 12076 usbuhci - ok
17:43:10.0537 12076 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:43:10.0553 12076 usbvideo - ok
17:43:10.0568 12076 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:43:10.0568 12076 UxSms - ok
17:43:10.0584 12076 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:43:10.0584 12076 VaultSvc - ok
17:43:10.0615 12076 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:43:10.0615 12076 vdrvroot - ok
17:43:10.0631 12076 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:43:10.0646 12076 vds - ok
17:43:10.0646 12076 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:43:10.0646 12076 vga - ok
17:43:10.0662 12076 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:43:10.0662 12076 VgaSave - ok
17:43:10.0678 12076 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:43:10.0678 12076 vhdmp - ok
17:43:10.0693 12076 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:43:10.0693 12076 viaide - ok
17:43:10.0740 12076 [ 12B2BE13A5DF667F8095F66949233EA5 ] vm331avs C:\Windows\system32\Drivers\vm331avs.sys
17:43:10.0756 12076 vm331avs - ok
17:43:10.0771 12076 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:43:10.0771 12076 volmgr - ok
17:43:10.0787 12076 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:43:10.0802 12076 volmgrx - ok
17:43:10.0802 12076 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:43:10.0818 12076 volsnap - ok
17:43:10.0834 12076 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:43:10.0834 12076 vsmraid - ok
17:43:10.0880 12076 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:43:10.0912 12076 VSS - ok
17:43:10.0927 12076 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:43:10.0927 12076 vwifibus - ok
17:43:10.0943 12076 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:43:10.0943 12076 vwififlt - ok
17:43:10.0958 12076 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:43:10.0974 12076 vwifimp - ok
17:43:10.0990 12076 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:43:11.0005 12076 W32Time - ok
17:43:11.0005 12076 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:43:11.0005 12076 WacomPen - ok
17:43:11.0036 12076 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:43:11.0036 12076 WANARP - ok
17:43:11.0036 12076 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:43:11.0052 12076 Wanarpv6 - ok
17:43:11.0099 12076 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:43:11.0114 12076 WatAdminSvc - ok
17:43:11.0177 12076 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:43:11.0192 12076 wbengine - ok
17:43:11.0208 12076 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:43:11.0208 12076 WbioSrvc - ok
17:43:11.0224 12076 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:43:11.0224 12076 wcncsvc - ok
17:43:11.0239 12076 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:43:11.0255 12076 WcsPlugInService - ok
17:43:11.0270 12076 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:43:11.0270 12076 Wd - ok
17:43:11.0317 12076 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:43:11.0333 12076 Wdf01000 - ok
17:43:11.0348 12076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:43:11.0348 12076 WdiServiceHost - ok
17:43:11.0348 12076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:43:11.0348 12076 WdiSystemHost - ok
17:43:11.0364 12076 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:43:11.0380 12076 WebClient - ok
17:43:11.0380 12076 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:43:11.0395 12076 Wecsvc - ok
17:43:11.0411 12076 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:43:11.0411 12076 wercplsupport - ok
17:43:11.0442 12076 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:43:11.0442 12076 WerSvc - ok
17:43:11.0458 12076 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:43:11.0458 12076 WfpLwf - ok
17:43:11.0458 12076 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:43:11.0458 12076 WIMMount - ok
17:43:11.0489 12076 WinDefend - ok
17:43:11.0489 12076 WinHttpAutoProxySvc - ok
17:43:11.0551 12076 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:43:11.0551 12076 Winmgmt - ok
17:43:11.0598 12076 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:43:11.0629 12076 WinRM - ok
17:43:11.0660 12076 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:43:11.0676 12076 WinUsb - ok
17:43:11.0707 12076 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:43:11.0723 12076 Wlansvc - ok
17:43:11.0754 12076 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:43:11.0754 12076 WmiAcpi - ok
17:43:11.0785 12076 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:43:11.0801 12076 wmiApSrv - ok
17:43:11.0816 12076 WMPNetworkSvc - ok
17:43:11.0832 12076 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:43:11.0848 12076 WPCSvc - ok
17:43:11.0848 12076 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:43:11.0863 12076 WPDBusEnum - ok
17:43:11.0863 12076 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:43:11.0863 12076 ws2ifsl - ok
17:43:11.0879 12076 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:43:11.0879 12076 wscsvc - ok
17:43:11.0894 12076 WSearch - ok
17:43:11.0957 12076 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:43:11.0988 12076 wuauserv - ok
17:43:12.0004 12076 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:43:12.0019 12076 WudfPf - ok
17:43:12.0035 12076 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:43:12.0050 12076 WUDFRd - ok
17:43:12.0050 12076 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:43:12.0066 12076 wudfsvc - ok
17:43:12.0097 12076 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:43:12.0097 12076 WwanSvc - ok
17:43:12.0206 12076 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:43:12.0238 12076 ZeroConfigService - ok
17:43:12.0269 12076 ================ Scan global ===============================
17:43:12.0300 12076 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:43:12.0331 12076 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:43:12.0331 12076 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:43:12.0362 12076 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:43:12.0378 12076 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:43:12.0378 12076 [Global] - ok
17:43:12.0378 12076 ================ Scan MBR ==================================
17:43:12.0394 12076 [ 156ACC2E9A885A3CDB4E95388043E696 ] \Device\Harddisk0\DR0
17:43:12.0596 12076 \Device\Harddisk0\DR0 - ok
17:43:12.0596 12076 ================ Scan VBR ==================================
17:43:12.0596 12076 [ C15B870982F520CFCE57A8D033C08702 ] \Device\Harddisk0\DR0\Partition1
17:43:12.0596 12076 \Device\Harddisk0\DR0\Partition1 - ok
17:43:12.0612 12076 [ F24DEAD31992A239DAD3AD8C54F74889 ] \Device\Harddisk0\DR0\Partition2
17:43:12.0612 12076 \Device\Harddisk0\DR0\Partition2 - ok
17:43:12.0643 12076 [ 7F95C6D0AF93C87BCAAD9DCF39A1A7B2 ] \Device\Harddisk0\DR0\Partition3
17:43:12.0643 12076 \Device\Harddisk0\DR0\Partition3 - ok
17:43:12.0643 12076 ============================================================
17:43:12.0643 12076 Scan finished
17:43:12.0643 12076 ============================================================
17:43:12.0659 7992 Detected object count: 0
17:43:12.0659 7992 Actual detected object count: 0
17:43:36.0870 4608 ============================================================
17:43:36.0870 4608 Scan started
17:43:36.0870 4608 Mode: Manual; SigCheck; TDLFS;
17:43:36.0870 4608 ============================================================
17:43:37.0026 4608 ================ Scan system memory ========================
17:43:37.0026 4608 System memory - ok
17:43:37.0026 4608 ================ Scan services =============================
17:43:37.0166 4608 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:43:37.0291 4608 1394ohci - ok
17:43:37.0307 4608 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:43:37.0338 4608 ACPI - ok
17:43:37.0338 4608 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:43:37.0400 4608 AcpiPmi - ok
17:43:37.0447 4608 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:43:37.0463 4608 AdobeARMservice - ok
17:43:37.0541 4608 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:43:37.0556 4608 AdobeFlashPlayerUpdateSvc - ok
17:43:37.0588 4608 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:43:37.0619 4608 adp94xx - ok
17:43:37.0619 4608 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:43:37.0650 4608 adpahci - ok
17:43:37.0666 4608 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:43:37.0681 4608 adpu320 - ok
17:43:37.0712 4608 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:43:37.0822 4608 AeLookupSvc - ok
17:43:37.0853 4608 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:43:37.0900 4608 AFD - ok
17:43:37.0915 4608 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:43:37.0931 4608 agp440 - ok
17:43:37.0946 4608 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:43:37.0978 4608 ALG - ok
17:43:37.0993 4608 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:43:38.0009 4608 aliide - ok
17:43:38.0024 4608 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:43:38.0040 4608 amdide - ok
17:43:38.0071 4608 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:43:38.0102 4608 AmdK8 - ok
17:43:38.0102 4608 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:43:38.0134 4608 AmdPPM - ok
17:43:38.0134 4608 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:43:38.0165 4608 amdsata - ok
17:43:38.0165 4608 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:43:38.0180 4608 amdsbs - ok
17:43:38.0212 4608 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:43:38.0227 4608 amdxata - ok
17:43:38.0227 4608 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:43:38.0290 4608 AppID - ok
17:43:38.0290 4608 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:43:38.0368 4608 AppIDSvc - ok
17:43:38.0383 4608 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:43:38.0446 4608 Appinfo - ok
17:43:38.0461 4608 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:43:38.0477 4608 arc - ok
17:43:38.0477 4608 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:43:38.0508 4608 arcsas - ok
17:43:38.0508 4608 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:43:38.0570 4608 AsyncMac - ok
17:43:38.0586 4608 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:43:38.0602 4608 atapi - ok
17:43:38.0633 4608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:43:38.0695 4608 AudioEndpointBuilder - ok
17:43:38.0711 4608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:43:38.0773 4608 AudioSrv - ok
17:43:38.0836 4608 [ C48176DA44D0298A7075D3C5CF8C3D8D ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
17:43:38.0898 4608 AVKProxy - ok
17:43:38.0945 4608 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
17:43:38.0960 4608 AVKService - ok
17:43:39.0023 4608 [ 22F1444896844B0462359825EF628507 ] AVKWCtl C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe
17:43:39.0101 4608 AVKWCtl - ok
17:43:39.0116 4608 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:43:39.0179 4608 AxInstSV - ok
17:43:39.0210 4608 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:43:39.0257 4608 b06bdrv - ok
17:43:39.0272 4608 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:43:39.0304 4608 b57nd60a - ok
17:43:39.0319 4608 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:43:39.0366 4608 BDESVC - ok
17:43:39.0382 4608 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:43:39.0444 4608 Beep - ok
17:43:39.0475 4608 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:43:39.0553 4608 BFE - ok
17:43:39.0569 4608 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:43:39.0647 4608 BITS - ok
17:43:39.0662 4608 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:43:39.0694 4608 blbdrive - ok
17:43:39.0756 4608 [ 6D625A18DDFCD0464B914B71293AD837 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:43:39.0803 4608 Bluetooth Device Monitor - ok
17:43:39.0834 4608 [ 74B2BF80D966CFE8BC8005D19E40608D ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:43:39.0881 4608 Bluetooth Media Service - ok
17:43:39.0912 4608 [ 707BF27D30ADAB7798C69D5BF41C7131 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:43:39.0959 4608 Bluetooth OBEX Service - ok
17:43:39.0990 4608 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:43:40.0037 4608 bowser - ok
17:43:40.0068 4608 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:43:40.0084 4608 BrFiltLo - ok
17:43:40.0099 4608 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:43:40.0115 4608 BrFiltUp - ok
17:43:40.0146 4608 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:43:40.0177 4608 Browser - ok
17:43:40.0193 4608 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:43:40.0224 4608 Brserid - ok
17:43:40.0240 4608 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:43:40.0271 4608 BrSerWdm - ok
17:43:40.0271 4608 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:43:40.0302 4608 BrUsbMdm - ok
17:43:40.0302 4608 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:43:40.0333 4608 BrUsbSer - ok
17:43:40.0349 4608 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:43:40.0427 4608 BthEnum - ok
17:43:40.0427 4608 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:43:40.0458 4608 BTHMODEM - ok
17:43:40.0474 4608 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:43:40.0505 4608 BthPan - ok
17:43:40.0536 4608 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:43:40.0583 4608 BTHPORT - ok
17:43:40.0598 4608 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:43:40.0661 4608 bthserv - ok
17:43:40.0676 4608 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:43:40.0708 4608 BTHUSB - ok
17:43:40.0723 4608 [ 3676BEAA7D842047D30E95D59B241F22 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
17:43:40.0770 4608 btmaux - ok
17:43:40.0801 4608 [ FA0E7B5AFB8FD335234916764A2D6CF9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
17:43:40.0848 4608 btmhsf - ok
17:43:40.0879 4608 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:43:40.0942 4608 cdfs - ok
17:43:40.0957 4608 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:43:41.0004 4608 cdrom - ok
17:43:41.0020 4608 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:43:41.0098 4608 CertPropSvc - ok
17:43:41.0098 4608 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:43:41.0144 4608 circlass - ok
17:43:41.0176 4608 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:43:41.0191 4608 CLFS - ok
17:43:41.0269 4608 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:43:41.0285 4608 clr_optimization_v2.0.50727_32 - ok
17:43:41.0316 4608 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:43:41.0347 4608 clr_optimization_v2.0.50727_64 - ok
17:43:41.0363 4608 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:43:41.0378 4608 clr_optimization_v4.0.30319_32 - ok
17:43:41.0425 4608 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:43:41.0441 4608 clr_optimization_v4.0.30319_64 - ok
17:43:41.0456 4608 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:43:41.0488 4608 CmBatt - ok
17:43:41.0503 4608 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:43:41.0519 4608 cmdide - ok
17:43:41.0534 4608 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:43:41.0612 4608 CNG - ok
17:43:41.0628 4608 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:43:41.0644 4608 Compbatt - ok
17:43:41.0659 4608 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:43:41.0690 4608 CompositeBus - ok
17:43:41.0690 4608 COMSysApp - ok
17:43:41.0722 4608 [ AA7A157729FB504E1EED535F2F6AD1C0 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
17:43:41.0737 4608 cphs - ok
17:43:41.0737 4608 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:43:41.0768 4608 crcdisk - ok
17:43:41.0800 4608 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:43:41.0831 4608 CryptSvc - ok
17:43:41.0878 4608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:43:41.0956 4608 DcomLaunch - ok
17:43:41.0987 4608 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:43:42.0065 4608 defragsvc - ok
17:43:42.0080 4608 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:43:42.0143 4608 DfsC - ok
17:43:42.0143 4608 DgiVecp - ok
17:43:42.0158 4608 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:43:42.0190 4608 Dhcp - ok
17:43:42.0205 4608 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:43:42.0268 4608 discache - ok
17:43:42.0283 4608 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:43:42.0299 4608 Disk - ok
17:43:42.0314 4608 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:43:42.0361 4608 Dnscache - ok
17:43:42.0392 4608 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:43:42.0439 4608 dot3svc - ok
17:43:42.0455 4608 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:43:42.0517 4608 DPS - ok
17:43:42.0533 4608 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:43:42.0580 4608 drmkaud - ok
17:43:42.0595 4608 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:43:42.0642 4608 DXGKrnl - ok
17:43:42.0658 4608 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:43:42.0720 4608 EapHost - ok
17:43:42.0782 4608 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:43:42.0892 4608 ebdrv - ok
17:43:42.0923 4608 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:43:42.0954 4608 EFS - ok
17:43:43.0016 4608 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:43:43.0063 4608 ehRecvr - ok
17:43:43.0079 4608 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:43:43.0110 4608 ehSched - ok
17:43:43.0141 4608 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:43:43.0172 4608 elxstor - ok
17:43:43.0172 4608 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:43:43.0204 4608 ErrDev - ok
17:43:43.0219 4608 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:43:43.0282 4608 EventSystem - ok
17:43:43.0360 4608 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:43:43.0406 4608 EvtEng - ok
17:43:43.0438 4608 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
17:43:43.0469 4608 ew_hwusbdev - ok
17:43:43.0500 4608 [ 55E0EDA185869F7EA67EA97FD0655B39 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
17:43:43.0547 4608 ew_usbenumfilter - ok
17:43:43.0562 4608 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:43:43.0625 4608 exfat - ok
17:43:43.0656 4608 [ A845E84D0F3EDC127E37EC1838F9ED97 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
17:43:43.0672 4608 Fastboot - ok
17:43:43.0718 4608 [ 6B9DC153941FF58D684C409614565A4E ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
17:43:43.0734 4608 FastbootService - ok
17:43:43.0750 4608 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:43:43.0812 4608 fastfat - ok
17:43:43.0843 4608 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:43:43.0890 4608 Fax - ok
17:43:43.0906 4608 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:43:43.0937 4608 fdc - ok
17:43:43.0952 4608 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:43:44.0015 4608 fdPHost - ok
17:43:44.0015 4608 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:43:44.0093 4608 FDResPub - ok
17:43:44.0108 4608 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:43:44.0124 4608 FileInfo - ok
17:43:44.0124 4608 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:43:44.0186 4608 Filetrace - ok
17:43:44.0202 4608 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:43:44.0233 4608 flpydisk - ok
17:43:44.0249 4608 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:43:44.0264 4608 FltMgr - ok
17:43:44.0296 4608 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:43:44.0358 4608 FontCache - ok
17:43:44.0405 4608 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:43:44.0420 4608 FontCache3.0.0.0 - ok
17:43:44.0483 4608 [ 0B034CC9D439B9AD6B05B6F975BAF489 ] FPLService C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
17:43:44.0498 4608 FPLService - ok
17:43:44.0514 4608 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:43:44.0530 4608 FsDepends - ok
17:43:44.0545 4608 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:43:44.0561 4608 Fs_Rec - ok
17:43:44.0576 4608 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:43:44.0608 4608 fvevol - ok
17:43:44.0623 4608 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:43:44.0639 4608 gagp30kx - ok
17:43:44.0654 4608 [ D201C1F6B0F5E4F202CBCB75D6352E63 ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
17:43:44.0670 4608 GDBehave - ok
17:43:44.0686 4608 [ E1558301938B6CF92F7677224D3FB6F7 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
17:43:44.0701 4608 GDMnIcpt - ok
17:43:44.0717 4608 [ 5F1E5EAE8F08B6E2FABE8345E0BDFE48 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
17:43:44.0732 4608 GDPkIcpt - ok
17:43:44.0810 4608 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
17:43:44.0842 4608 GDScan - ok
17:43:44.0857 4608 [ 4ECBCAD43B7FED6F135BF108BB71434D ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
17:43:44.0873 4608 gdwfpcd - ok
17:43:44.0873 4608 GLogin - ok
17:43:44.0920 4608 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:43:44.0982 4608 gpsvc - ok
17:43:44.0998 4608 [ 9580CBF03D2EE08BD1C0D701AAE4092A ] GRD C:\Windows\system32\drivers\GRD.sys
17:43:45.0013 4608 GRD - ok
17:43:45.0029 4608 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:43:45.0076 4608 hcw85cir - ok
17:43:45.0091 4608 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:43:45.0138 4608 HdAudAddService - ok
17:43:45.0138 4608 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:43:45.0169 4608 HDAudBus - ok
17:43:45.0185 4608 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:43:45.0200 4608 HidBatt - ok
17:43:45.0216 4608 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:43:45.0232 4608 HidBth - ok
17:43:45.0247 4608 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:43:45.0263 4608 HidIr - ok
17:43:45.0278 4608 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:43:45.0341 4608 hidserv - ok
17:43:45.0356 4608 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:43:45.0372 4608 HidUsb - ok
17:43:45.0388 4608 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:43:45.0466 4608 hkmsvc - ok
17:43:45.0481 4608 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:43:45.0512 4608 HomeGroupListener - ok
17:43:45.0544 4608 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:43:45.0590 4608 HomeGroupProvider - ok
17:43:45.0606 4608 [ 3CD18F0B3681FB267E67763CC3152D4E ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
17:43:45.0622 4608 HookCentre - ok
17:43:45.0637 4608 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:43:45.0653 4608 HpSAMD - ok
17:43:45.0684 4608 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:43:45.0778 4608 HTTP - ok
17:43:45.0809 4608 [ 8F3C72B2B005BB9AF90D645EDDF818B8 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
17:43:45.0840 4608 huawei_cdcacm - ok
17:43:45.0856 4608 [ DDBB283835010E52E88AAC6995B617D7 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
17:43:45.0887 4608 huawei_enumerator - ok
17:43:45.0902 4608 [ 83D6CD158B6D543BD6C61D5FA6063E93 ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
17:43:45.0918 4608 huawei_ext_ctrl - ok
17:43:45.0934 4608 [ F0A1A00F44FBAB86A3607A7002620915 ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
17:43:45.0965 4608 huawei_wwanecm - ok
17:43:46.0027 4608 [ E90DA42B87D684DEBFB73B38A718A006 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
17:43:46.0058 4608 HWDeviceService64.exe - ok
17:43:46.0090 4608 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:43:46.0105 4608 hwpolicy - ok
17:43:46.0183 4608 [ 8E2C5AE82CA66B60E3F4114526F1CD96 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
17:43:46.0199 4608 HyperW7Svc - ok
17:43:46.0230 4608 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:43:46.0246 4608 i8042prt - ok
17:43:46.0292 4608 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:43:46.0324 4608 iaStor - ok
17:43:46.0355 4608 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:43:46.0370 4608 iaStorV - ok
17:43:46.0402 4608 [ 72B253CDBCAA10E88AAD0BA39CC83BCD ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
17:43:46.0417 4608 IBMPMDRV - ok
17:43:46.0448 4608 [ 4925FFB084C9AD02E8EEF01FB18BF5AC ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
17:43:46.0464 4608 IBMPMSVC - ok
17:43:46.0480 4608 [ 653A38B868A5F20BB506AB57AC41B936 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
17:43:46.0511 4608 ibtfltcoex - ok
17:43:46.0589 4608 [ 15C9BF6968A0990D8F4161A6ABEB7229 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
17:43:46.0667 4608 IconMan_R - ok
17:43:46.0714 4608 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:43:46.0745 4608 idsvc - ok
17:43:47.0010 4608 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:43:47.0384 4608 igfx - ok
17:43:47.0400 4608 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:43:47.0416 4608 iirsp - ok
17:43:47.0462 4608 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:43:47.0540 4608 IKEEXT - ok
17:43:47.0556 4608 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
17:43:47.0572 4608 intaud_WaveExtensible - ok
17:43:47.0681 4608 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:43:47.0821 4608 IntcAzAudAddService - ok
17:43:47.0837 4608 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:43:47.0899 4608 IntcDAud - ok
17:43:47.0930 4608 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:43:47.0962 4608 Intel(R) Capability Licensing Service Interface - ok
17:43:48.0008 4608 [ F46458404BA3728430ACB7EC1E371E59 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
17:43:48.0040 4608 Intel(R) ME Service - ok
17:43:48.0071 4608 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:43:48.0086 4608 intelide - ok
17:43:48.0102 4608 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:43:48.0133 4608 intelppm - ok
17:43:48.0164 4608 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:43:48.0227 4608 IPBusEnum - ok
17:43:48.0227 4608 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:43:48.0289 4608 IpFilterDriver - ok
17:43:48.0320 4608 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:43:48.0367 4608 iphlpsvc - ok
17:43:48.0383 4608 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:43:48.0398 4608 IPMIDRV - ok
17:43:48.0398 4608 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:43:48.0461 4608 IPNAT - ok
17:43:48.0476 4608 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:43:48.0523 4608 IRENUM - ok
17:43:48.0523 4608 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:43:48.0539 4608 isapnp - ok
17:43:48.0554 4608 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:43:48.0586 4608 iScsiPrt - ok
17:43:48.0601 4608 [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
17:43:48.0617 4608 iusb3hcs - ok
17:43:48.0632 4608 [ 023896E23B61543A15A230EED996D911 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
17:43:48.0664 4608 iusb3hub - ok
17:43:48.0679 4608 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:43:48.0710 4608 iusb3xhc - ok
17:43:48.0742 4608 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
17:43:48.0757 4608 iwdbus - ok
17:43:48.0804 4608 [ 468F7516B4030603BA9D1427CCEACDF9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:43:48.0820 4608 jhi_service - ok
17:43:48.0835 4608 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:43:48.0851 4608 kbdclass - ok
17:43:48.0866 4608 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:43:48.0882 4608 kbdhid - ok
17:43:48.0898 4608 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:43:48.0929 4608 KeyIso - ok
17:43:48.0944 4608 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:43:48.0976 4608 KSecDD - ok
17:43:48.0976 4608 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:43:48.0991 4608 KSecPkg - ok
17:43:49.0007 4608 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:43:49.0069 4608 ksthunk - ok
17:43:49.0100 4608 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:43:49.0163 4608 KtmRm - ok
17:43:49.0178 4608 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:43:49.0256 4608 LanmanServer - ok
17:43:49.0272 4608 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:43:49.0350 4608 LanmanWorkstation - ok
17:43:49.0381 4608 [ 7100AE6040F230100B4652DF19BDB5E7 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
17:43:49.0397 4608 LENOVO.CAMMUTE - ok
17:43:49.0428 4608 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
17:43:49.0444 4608 LENOVO.MICMUTE - ok
17:43:49.0444 4608 [ 1D2B4FEEDF7BB05959A814AD3D5B733F ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
17:43:49.0459 4608 LENOVO.TPKNRSVC - ok
17:43:49.0475 4608 [ 6417B93EC3C2CA4DEBCB9E87954858B4 ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
17:43:49.0490 4608 LENOVO.TVTVCAM - ok
17:43:49.0506 4608 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
17:43:49.0522 4608 Lenovo.VIRTSCRLSVC - ok
17:43:49.0537 4608 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:43:49.0600 4608 lltdio - ok
17:43:49.0615 4608 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:43:49.0678 4608 lltdsvc - ok
17:43:49.0693 4608 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:43:49.0740 4608 lmhosts - ok
17:43:49.0771 4608 [ B114B200CCDEBC7EBD8EF5D783819386 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:43:49.0787 4608 LMS - ok
17:43:49.0818 4608 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:43:49.0834 4608 LSI_FC - ok
17:43:49.0834 4608 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:43:49.0865 4608 LSI_SAS - ok
17:43:49.0865 4608 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:43:49.0880 4608 LSI_SAS2 - ok
17:43:49.0896 4608 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:43:49.0912 4608 LSI_SCSI - ok
17:43:49.0927 4608 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:43:49.0990 4608 luafv - ok
17:43:50.0021 4608 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:43:50.0036 4608 MBAMProtector - ok
17:43:50.0052 4608 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:43:50.0083 4608 MBAMScheduler - ok
17:43:50.0099 4608 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:43:50.0130 4608 MBAMService - ok
17:43:50.0161 4608 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:43:50.0192 4608 Mcx2Svc - ok
17:43:50.0192 4608 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:43:50.0224 4608 megasas - ok
17:43:50.0239 4608 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:43:50.0255 4608 MegaSR - ok
17:43:50.0270 4608 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:43:50.0286 4608 MEIx64 - ok
17:43:50.0317 4608 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:43:50.0380 4608 MMCSS - ok
17:43:50.0380 4608 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:43:50.0442 4608 Modem - ok
17:43:50.0458 4608 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:43:50.0489 4608 monitor - ok
17:43:50.0504 4608 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:43:50.0536 4608 mouclass - ok
17:43:50.0551 4608 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:43:50.0567 4608 mouhid - ok
17:43:50.0582 4608 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:43:50.0598 4608 mountmgr - ok
17:43:50.0629 4608 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:43:50.0645 4608 MozillaMaintenance - ok
17:43:50.0645 4608 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:43:50.0676 4608 mpio - ok
17:43:50.0692 4608 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:43:50.0738 4608 mpsdrv - ok
17:43:50.0770 4608 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:43:50.0848 4608 MpsSvc - ok
17:43:50.0863 4608 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:43:50.0910 4608 MRxDAV - ok
17:43:50.0910 4608 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:43:50.0941 4608 mrxsmb - ok
17:43:50.0972 4608 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:43:50.0988 4608 mrxsmb10 - ok
17:43:51.0004 4608 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:43:51.0035 4608 mrxsmb20 - ok
17:43:51.0035 4608 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:43:51.0050 4608 msahci - ok
17:43:51.0066 4608 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:43:51.0097 4608 msdsm - ok
17:43:51.0097 4608 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:43:51.0128 4608 MSDTC - ok
17:43:51.0144 4608 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:43:51.0206 4608 Msfs - ok
17:43:51.0222 4608 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:43:51.0269 4608 mshidkmdf - ok
17:43:51.0284 4608 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:43:51.0300 4608 msisadrv - ok
17:43:51.0331 4608 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:43:51.0394 4608 MSiSCSI - ok
17:43:51.0409 4608 msiserver - ok
17:43:51.0409 4608 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:43:51.0487 4608 MSKSSRV - ok
17:43:51.0503 4608 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:43:51.0565 4608 MSPCLOCK - ok
17:43:51.0565 4608 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:43:51.0628 4608 MSPQM - ok
17:43:51.0643 4608 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:43:51.0674 4608 MsRPC - ok
17:43:51.0690 4608 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:43:51.0706 4608 mssmbios - ok
17:43:51.0721 4608 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:43:51.0784 4608 MSTEE - ok
17:43:51.0784 4608 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:43:51.0815 4608 MTConfig - ok
17:43:51.0830 4608 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:43:51.0846 4608 Mup - ok
17:43:51.0877 4608 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:43:51.0893 4608 MyWiFiDHCPDNS - ok
17:43:51.0924 4608 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:43:52.0002 4608 napagent - ok
17:43:52.0018 4608 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:43:52.0064 4608 NativeWifiP - ok
17:43:52.0111 4608 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:43:52.0142 4608 NDIS - ok
17:43:52.0158 4608 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:43:52.0220 4608 NdisCap - ok
17:43:52.0236 4608 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:43:52.0283 4608 NdisTapi - ok
17:43:52.0298 4608 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:43:52.0345 4608 Ndisuio - ok
17:43:52.0376 4608 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:43:52.0439 4608 NdisWan - ok
17:43:52.0454 4608 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:43:52.0501 4608 NDProxy - ok
17:43:52.0532 4608 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:43:52.0595 4608 NetBIOS - ok
17:43:52.0610 4608 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:43:52.0673 4608 NetBT - ok
17:43:52.0673 4608 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:43:52.0704 4608 Netlogon - ok
17:43:52.0720 4608 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:43:52.0798 4608 Netman - ok
17:43:52.0829 4608 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:43:52.0907 4608 netprofm - ok
17:43:52.0938 4608 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:43:52.0969 4608 NetTcpPortSharing - ok
17:43:53.0172 4608 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
17:43:53.0437 4608 NETwNs64 - ok
17:43:53.0453 4608 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:43:53.0468 4608 nfrd960 - ok
17:43:53.0500 4608 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:43:53.0531 4608 NlaSvc - ok
17:43:53.0546 4608 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:43:53.0593 4608 Npfs - ok
17:43:53.0624 4608 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:43:53.0687 4608 nsi - ok
17:43:53.0702 4608 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:43:53.0765 4608 nsiproxy - ok
17:43:53.0812 4608 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:43:53.0874 4608 Ntfs - ok
17:43:53.0890 4608 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:43:53.0952 4608 Null - ok
17:43:53.0968 4608 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:43:53.0983 4608 nvraid - ok
17:43:53.0983 4608 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:43:54.0014 4608 nvstor - ok
17:43:54.0014 4608 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:43:54.0030 4608 nv_agp - ok
17:43:54.0077 4608 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:43:54.0092 4608 odserv - ok
17:43:54.0108 4608 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:43:54.0139 4608 ohci1394 - ok
17:43:54.0155 4608 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:43:54.0170 4608 ose - ok
17:43:54.0202 4608 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:43:54.0233 4608 p2pimsvc - ok
17:43:54.0264 4608 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:43:54.0295 4608 p2psvc - ok
17:43:54.0311 4608 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:43:54.0326 4608 Parport - ok
17:43:54.0358 4608 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:43:54.0373 4608 partmgr - ok
17:43:54.0389 4608 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:43:54.0420 4608 PcaSvc - ok
17:43:54.0436 4608 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:43:54.0451 4608 pci - ok
17:43:54.0467 4608 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:43:54.0482 4608 pciide - ok
17:43:54.0482 4608 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:43:54.0514 4608 pcmcia - ok
17:43:54.0529 4608 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:43:54.0545 4608 pcw - ok
17:43:54.0560 4608 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:43:54.0638 4608 PEAUTH - ok
17:43:54.0685 4608 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:43:54.0732 4608 PerfHost - ok
17:43:54.0763 4608 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
17:43:54.0779 4608 PHCORE - ok
17:43:54.0826 4608 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:43:54.0904 4608 pla - ok
17:43:54.0966 4608 [ 1CE0621B591913C12BECAA5B50E88BB2 ] PLAY ONLINE. RunOuc C:\Program Files (x86)\PLAY ONLINE\UpdateDog\ouc.exe
17:43:54.0997 4608 PLAY ONLINE. RunOuc - ok
17:43:55.0013 4608 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:43:55.0044 4608 PlugPlay - ok
17:43:55.0075 4608 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:43:55.0106 4608 PNRPAutoReg - ok
17:43:55.0122 4608 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:43:55.0153 4608 PNRPsvc - ok
17:43:55.0169 4608 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:43:55.0247 4608 PolicyAgent - ok
17:43:55.0278 4608 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
17:43:55.0309 4608 Power - ok
17:43:55.0372 4608 [ EBA27A33362B62F6C11D89A76E09E08E ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
17:43:55.0434 4608 Power Manager DBC Service - ok
17:43:55.0450 4608 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:43:55.0512 4608 PptpMiniport - ok
17:43:55.0528 4608 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:43:55.0559 4608 Processor - ok
17:43:55.0590 4608 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:43:55.0621 4608 ProfSvc - ok
17:43:55.0637 4608 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:43:55.0652 4608 ProtectedStorage - ok
17:43:55.0668 4608 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
17:43:55.0684 4608 psadd - ok
17:43:55.0699 4608 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:43:55.0762 4608 Psched - ok
17:43:55.0808 4608 [ 7D55E34F823392D2D7080E850B9F486B ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
17:43:55.0871 4608 PwmEWSvc - ok
17:43:55.0902 4608 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:43:55.0980 4608 ql2300 - ok
17:43:55.0996 4608 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:43:56.0027 4608 ql40xx - ok
17:43:56.0058 4608 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:43:56.0089 4608 QWAVE - ok
17:43:56.0105 4608 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:43:56.0136 4608 QWAVEdrv - ok
17:43:56.0136 4608 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:43:56.0198 4608 RasAcd - ok
17:43:56.0214 4608 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:43:56.0276 4608 RasAgileVpn - ok
17:43:56.0292 4608 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:43:56.0354 4608 RasAuto - ok
17:43:56.0370 4608 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:43:56.0432 4608 Rasl2tp - ok
17:43:56.0448 4608 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:43:56.0510 4608 RasMan - ok
17:43:56.0526 4608 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:43:56.0573 4608 RasPppoe - ok
17:43:56.0588 4608 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:43:56.0651 4608 RasSstp - ok
17:43:56.0666 4608 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:43:56.0729 4608 rdbss - ok
17:43:56.0744 4608 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:43:56.0776 4608 rdpbus - ok
17:43:56.0791 4608 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:43:56.0854 4608 RDPCDD - ok
17:43:56.0869 4608 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:43:56.0932 4608 RDPENCDD - ok
17:43:56.0947 4608 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:43:56.0994 4608 RDPREFMP - ok
17:43:57.0010 4608 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:43:57.0056 4608 RDPWD - ok
17:43:57.0072 4608 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:43:57.0088 4608 rdyboost - ok
17:43:57.0150 4608 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:43:57.0166 4608 RegSrvc - ok
17:43:57.0197 4608 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:43:57.0259 4608 RemoteAccess - ok
17:43:57.0275 4608 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:43:57.0337 4608 RemoteRegistry - ok
17:43:57.0337 4608 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:43:57.0368 4608 RFCOMM - ok
17:43:57.0384 4608 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:43:57.0446 4608 RpcEptMapper - ok
17:43:57.0446 4608 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:43:57.0478 4608 RpcLocator - ok
17:43:57.0509 4608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:43:57.0571 4608 RpcSs - ok
17:43:57.0602 4608 [ FD2F7ABB0B3C777CDC9D342CADBF0131 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
17:43:57.0618 4608 RSPCIESTOR - ok
17:43:57.0649 4608 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:43:57.0696 4608 rspndr - ok
17:43:57.0727 4608 [ 6CF9DB101A75360E98659F823852E540 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:43:57.0758 4608 RTL8167 - ok
17:43:57.0774 4608 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:43:57.0805 4608 SamSs - ok
17:43:57.0821 4608 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:43:57.0836 4608 sbp2port - ok
17:43:57.0852 4608 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:43:57.0930 4608 SCardSvr - ok
17:43:57.0946 4608 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:43:57.0992 4608 scfilter - ok
17:43:58.0024 4608 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:43:58.0102 4608 Schedule - ok
17:43:58.0133 4608 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:43:58.0180 4608 SCPolicySvc - ok
17:43:58.0211 4608 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:43:58.0242 4608 SDRSVC - ok
17:43:58.0258 4608 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:43:58.0320 4608 secdrv - ok
17:43:58.0336 4608 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:43:58.0382 4608 seclogon - ok
17:43:58.0398 4608 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:43:58.0460 4608 SENS - ok
17:43:58.0492 4608 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:43:58.0507 4608 SensrSvc - ok
17:43:58.0523 4608 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:43:58.0538 4608 Serenum - ok
17:43:58.0554 4608 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:43:58.0570 4608 Serial - ok
17:43:58.0585 4608 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:43:58.0601 4608 sermouse - ok
17:43:58.0632 4608 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:43:58.0694 4608 SessionEnv - ok
17:43:58.0710 4608 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:43:58.0741 4608 sffdisk - ok
17:43:58.0741 4608 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:43:58.0772 4608 sffp_mmc - ok
17:43:58.0772 4608 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:43:58.0804 4608 sffp_sd - ok
17:43:58.0819 4608 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:43:58.0835 4608 sfloppy - ok
17:43:58.0866 4608 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:43:58.0928 4608 SharedAccess - ok
17:43:58.0944 4608 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:43:59.0006 4608 ShellHWDetection - ok
17:43:59.0038 4608 [ 7AC6FBFC13ABA3F15B05986412D10E10 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
17:43:59.0053 4608 Shockprf - ok
17:43:59.0053 4608 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:43:59.0069 4608 SiSRaid2 - ok
17:43:59.0084 4608 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:43:59.0100 4608 SiSRaid4 - ok
17:43:59.0116 4608 [ 94A221B95F4FB4FAAB6A56A683D6FDF3 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:43:59.0131 4608 SkypeUpdate - ok
17:43:59.0147 4608 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:43:59.0209 4608 Smb - ok
17:43:59.0225 4608 [ 1D05A2E9067CD87E2C7D566DA47B9EEF ] SmbDrvIntel C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
17:43:59.0240 4608 SmbDrvIntel - ok
17:43:59.0272 4608 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:43:59.0303 4608 SNMPTRAP - ok
17:43:59.0303 4608 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:43:59.0318 4608 spldr - ok
17:43:59.0365 4608 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:43:59.0396 4608 Spooler - ok
17:43:59.0474 4608 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:43:59.0599 4608 sppsvc - ok
17:43:59.0615 4608 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:43:59.0662 4608 sppuinotify - ok
17:43:59.0693 4608 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:43:59.0740 4608 srv - ok
17:43:59.0740 4608 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:43:59.0786 4608 srv2 - ok
17:43:59.0802 4608 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:43:59.0818 4608 srvnet - ok
17:43:59.0849 4608 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:43:59.0911 4608 SSDPSRV - ok
17:43:59.0927 4608 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
17:43:59.0942 4608 SSPORT - ok
17:43:59.0958 4608 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:44:00.0005 4608 SstpSvc - ok
17:44:00.0020 4608 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:44:00.0036 4608 stexstor - ok
17:44:00.0083 4608 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:44:00.0114 4608 stisvc - ok
17:44:00.0176 4608 [ C5AEDE68CEED66BC1A030E1E535B5B4C ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
17:44:00.0192 4608 SUService - ok
17:44:00.0208 4608 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:44:00.0223 4608 swenum - ok
17:44:00.0254 4608 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:44:00.0317 4608 swprv - ok
17:44:00.0348 4608 [ 1C402D9404BD874406D9C53FD40D1418 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:44:00.0379 4608 SynTP - ok
17:44:00.0410 4608 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:44:00.0488 4608 SysMain - ok
17:44:00.0504 4608 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:44:00.0551 4608 TabletInputService - ok
17:44:00.0566 4608 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:44:00.0629 4608 TapiSrv - ok
17:44:00.0660 4608 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:44:00.0707 4608 TBS - ok
17:44:00.0769 4608 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:44:00.0832 4608 Tcpip - ok
17:44:00.0863 4608 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:44:00.0925 4608 TCPIP6 - ok
17:44:00.0956 4608 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:44:00.0972 4608 tcpipreg - ok
17:44:01.0003 4608 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:44:01.0034 4608 TDPIPE - ok
17:44:01.0050 4608 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:44:01.0066 4608 TDTCP - ok
17:44:01.0081 4608 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:44:01.0128 4608 tdx - ok
17:44:01.0144 4608 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:44:01.0175 4608 TermDD - ok
17:44:01.0206 4608 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:44:01.0268 4608 TermService - ok
17:44:01.0284 4608 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:44:01.0315 4608 Themes - ok
17:44:01.0331 4608 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:44:01.0393 4608 THREADORDER - ok
17:44:01.0409 4608 [ BC148E3415BF8A9DE83364966F75044F ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
17:44:01.0424 4608 TPDIGIMN - ok
17:44:01.0440 4608 [ BBD91008BEC4A2BA5D383BC9A15D6F9E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
17:44:01.0456 4608 TPHDEXLGSVC - ok
17:44:01.0487 4608 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
17:44:01.0502 4608 TPHKLOAD - ok
17:44:01.0518 4608 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
17:44:01.0534 4608 TPHKSVC - ok
17:44:01.0549 4608 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
17:44:01.0580 4608 TPM - ok
17:44:01.0596 4608 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
17:44:01.0612 4608 TPPWRIF - ok
17:44:01.0627 4608 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:44:01.0690 4608 TrkWks - ok
17:44:01.0721 4608 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:44:01.0768 4608 TrustedInstaller - ok
17:44:01.0783 4608 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:44:01.0846 4608 tssecsrv - ok
17:44:01.0861 4608 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:44:01.0892 4608 TsUsbFlt - ok
17:44:01.0892 4608 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:44:01.0924 4608 TsUsbGD - ok
17:44:01.0939 4608 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:44:02.0002 4608 tunnel - ok
17:44:02.0017 4608 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
17:44:02.0033 4608 TVTI2C - ok
17:44:02.0064 4608 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
17:44:02.0080 4608 tvtvcamd - ok
17:44:02.0080 4608 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:44:02.0095 4608 uagp35 - ok
17:44:02.0111 4608 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:44:02.0189 4608 udfs - ok
17:44:02.0204 4608 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:44:02.0236 4608 UI0Detect - ok
17:44:02.0251 4608 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:44:02.0267 4608 uliagpkx - ok
17:44:02.0282 4608 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:44:02.0298 4608 umbus - ok
17:44:02.0314 4608 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:44:02.0329 4608 UmPass - ok
17:44:02.0407 4608 [ 6617E7CC9DC6729A11BFF54C47CEA7D0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:44:02.0423 4608 UNS - ok
17:44:02.0454 4608 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:44:02.0516 4608 upnphost - ok
17:44:02.0532 4608 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:44:02.0579 4608 usbccgp - ok
17:44:02.0594 4608 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:44:02.0626 4608 usbcir - ok
17:44:02.0641 4608 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:44:02.0672 4608 usbehci - ok
17:44:02.0688 4608 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:44:02.0719 4608 usbhub - ok
17:44:02.0735 4608 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:44:02.0750 4608 usbohci - ok
17:44:02.0766 4608 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:44:02.0797 4608 usbprint - ok
17:44:02.0828 4608 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:44:02.0860 4608 USBSTOR - ok
17:44:02.0860 4608 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:44:02.0906 4608 usbuhci - ok
17:44:02.0938 4608 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:44:02.0953 4608 usbvideo - ok
17:44:02.0984 4608 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:44:03.0047 4608 UxSms - ok
17:44:03.0062 4608 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:44:03.0078 4608 VaultSvc - ok
17:44:03.0078 4608 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:44:03.0109 4608 vdrvroot - ok
17:44:03.0125 4608 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:44:03.0203 4608 vds - ok
17:44:03.0218 4608 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:44:03.0234 4608 vga - ok
17:44:03.0250 4608 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:44:03.0296 4608 VgaSave - ok
17:44:03.0312 4608 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:44:03.0328 4608 vhdmp - ok
17:44:03.0343 4608 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:44:03.0359 4608 viaide - ok
17:44:03.0390 4608 [ 12B2BE13A5DF667F8095F66949233EA5 ] vm331avs C:\Windows\system32\Drivers\vm331avs.sys
17:44:03.0452 4608 vm331avs - ok
17:44:03.0468 4608 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:44:03.0484 4608 volmgr - ok
17:44:03.0515 4608 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:44:03.0530 4608 volmgrx - ok
17:44:03.0546 4608 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:44:03.0562 4608 volsnap - ok
17:44:03.0577 4608 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:44:03.0608 4608 vsmraid - ok
17:44:03.0640 4608 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:44:03.0733 4608 VSS - ok
17:44:03.0749 4608 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:44:03.0780 4608 vwifibus - ok
17:44:03.0796 4608 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:44:03.0842 4608 vwififlt - ok
17:44:03.0842 4608 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:44:03.0874 4608 vwifimp - ok
17:44:03.0905 4608 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:44:03.0967 4608 W32Time - ok
17:44:03.0983 4608 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:44:04.0014 4608 WacomPen - ok
17:44:04.0030 4608 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:44:04.0076 4608 WANARP - ok
17:44:04.0092 4608 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:44:04.0139 4608 Wanarpv6 - ok
17:44:04.0186 4608 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:44:04.0232 4608 WatAdminSvc - ok
17:44:04.0279 4608 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:44:04.0342 4608 wbengine - ok
17:44:04.0357 4608 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:44:04.0388 4608 WbioSrvc - ok
17:44:04.0404 4608 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:44:04.0435 4608 wcncsvc - ok
17:44:04.0451 4608 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:44:04.0498 4608 WcsPlugInService - ok
17:44:04.0513 4608 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:44:04.0529 4608 Wd - ok
17:44:04.0560 4608 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:44:04.0607 4608 Wdf01000 - ok
17:44:04.0607 4608 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:44:04.0685 4608 WdiServiceHost - ok
17:44:04.0685 4608 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:44:04.0716 4608 WdiSystemHost - ok
17:44:04.0732 4608 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:44:04.0778 4608 WebClient - ok
17:44:04.0794 4608 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:44:04.0872 4608 Wecsvc - ok
17:44:04.0872 4608 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:44:04.0934 4608 wercplsupport - ok
17:44:04.0966 4608 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:44:05.0028 4608 WerSvc - ok
17:44:05.0044 4608 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:44:05.0106 4608 WfpLwf - ok
17:44:05.0106 4608 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:44:05.0137 4608 WIMMount - ok
17:44:05.0153 4608 WinDefend - ok
17:44:05.0153 4608 WinHttpAutoProxySvc - ok
17:44:05.0215 4608 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:44:05.0293 4608 Winmgmt - ok
17:44:05.0340 4608 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:44:05.0434 4608 WinRM - ok
17:44:05.0465 4608 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:44:05.0496 4608 WinUsb - ok
17:44:05.0527 4608 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:44:05.0574 4608 Wlansvc - ok
17:44:05.0590 4608 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:44:05.0621 4608 WmiAcpi - ok
17:44:05.0636 4608 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:44:05.0668 4608 wmiApSrv - ok
17:44:05.0683 4608 WMPNetworkSvc - ok
17:44:05.0714 4608 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:44:05.0746 4608 WPCSvc - ok
17:44:05.0761 4608 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:44:05.0792 4608 WPDBusEnum - ok
17:44:05.0808 4608 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:44:05.0855 4608 ws2ifsl - ok
17:44:05.0870 4608 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:44:05.0917 4608 wscsvc - ok
17:44:05.0917 4608 WSearch - ok
17:44:05.0980 4608 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:44:06.0058 4608 wuauserv - ok
17:44:06.0089 4608 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:44:06.0136 4608 WudfPf - ok
17:44:06.0151 4608 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:44:06.0182 4608 WUDFRd - ok
17:44:06.0198 4608 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:44:06.0229 4608 wudfsvc - ok
17:44:06.0245 4608 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:44:06.0276 4608 WwanSvc - ok
17:44:06.0370 4608 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:44:06.0448 4608 ZeroConfigService - ok
17:44:06.0463 4608 ================ Scan global ===============================
17:44:06.0494 4608 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:44:06.0526 4608 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:44:06.0526 4608 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:44:06.0557 4608 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:44:06.0572 4608 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:44:06.0572 4608 [Global] - ok
17:44:06.0572 4608 ================ Scan MBR ==================================
17:44:06.0588 4608 [ 156ACC2E9A885A3CDB4E95388043E696 ] \Device\Harddisk0\DR0
17:44:06.0853 4608 \Device\Harddisk0\DR0 - ok
17:44:06.0853 4608 ================ Scan VBR ==================================
17:44:06.0853 4608 [ C15B870982F520CFCE57A8D033C08702 ] \Device\Harddisk0\DR0\Partition1
17:44:06.0853 4608 \Device\Harddisk0\DR0\Partition1 - ok
17:44:06.0884 4608 [ F24DEAD31992A239DAD3AD8C54F74889 ] \Device\Harddisk0\DR0\Partition2
17:44:06.0884 4608 \Device\Harddisk0\DR0\Partition2 - ok
17:44:06.0916 4608 [ 7F95C6D0AF93C87BCAAD9DCF39A1A7B2 ] \Device\Harddisk0\DR0\Partition3
17:44:06.0916 4608 \Device\Harddisk0\DR0\Partition3 - ok
17:44:06.0916 4608 ============================================================
17:44:06.0916 4608 Scan finished
17:44:06.0916 4608 ============================================================
17:44:06.0931 6156 Detected object count: 0
17:44:06.0931 6156 Actual detected object count: 0
|
|
07.01.2013, 20:52
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Email von Adresse eines Bekannten mit seltsamem Link Ist alles unauffällig Downloade Dir bitte SecurityCheck
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Email von Adresse eines Bekannten mit seltsamem Link |
| anti-malware, appdata, autostart, dateien, email, explorer, folge, gelöscht, gmer, infiziert, link, lösung, mail, malwarebytes, microsoft, quarantäne, ram, riskware.installmonetizer, service, speicher, test, version, voll |
Linear-Darstellung
