| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.02.2013, 19:39
| #1 |
 |  Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Hallo zusammen, G-Data hat Heute um 12.57Uhr folgende Viren gefunden: Die Datei wurde in die Quarantäne verschoben. Datei C:\Program Files (x86)\MyMDb\jittemp\jittmp40.dll Virus Gen:Variant.Symmi.10389 (Engine A) Datei C:\Program Files (x86)\MyMDb\jittemp\jittmp8.dll Virus Gen:Variant.Graftor.Elzob.23242 (Engine A) Datei C:\Program Files (x86)\MyMDb\jittemp\jittmp23.dll Virus Gen:Variant.Symmi.10389 (Engine A) Datei C:\Program Files (x86)\MyMDb\jittemp\jittmp24.dll Virus Gen:Variant.Symmi.10389 (Engine A) Datei C:\Program Files (x86)\MyMDb\jittemp\jittmp30.dll Virus Gen:Variant.Symmi.10389 (Engine A) Datei C:\Program Files (x86)\MyMDb\jittemp\jittmp38.dll Virus Gen:Variant.Symmi.10001 (Engine A) Die Datei wurde desinfiziert. Datei: C:\Program Files (x86)\MyMDb\jittemp\jittmp22.dll Virus: Gen:Variant.Symmi.10389 (Engine A) Die Dateien im Pfad C:\Program Files (x86)\MyMDb\jittemp\*** haben jetzt gerade alle 0 byte. Die Dateien die G-Data in die Quarantäne geschoben haben soll, erscheinen dort nicht. Was kann ich da tun um sicher zu sein, dass der Rechner "sauber" ist? Gruß dante |
|
04.02.2013, 22:14
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Was soll denn jetzt ein neuer Strang?!
__________________Du hast doch diesen schon! => http://www.trojaner-board.de/130604-...spioniert.html
__________________ |
|
04.02.2013, 22:40
| #3 |
| | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Nein, das betrifft nun wirklich meinen eigenen Pc seit Heute Mittag.
__________________Also habe ich nun zwei Rechner die auffällig geworden sind. |
|
04.02.2013, 22:49
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Ja, dann ist das ok, wenn das ein völlig andere Rechner ist  Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
05.02.2013, 20:35
| #5 |
| | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Habe nun die zweit Dateien mit OTL erstellt, nur kann ich sie hier nicht Code einfügen, weil die Länge des Text 14817 Zeichen hat. Wie soll ich weiter vor gehen? Als Archiv an Beitrag anhängen? |
|
06.02.2013, 10:52
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Dann ausnahmsweise die beiden Logs zippen und hier anhängen In den ANhang aber auch nur dann packe nwenn sie sonst zu groß sind!
__________________ --> Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen |
|
06.02.2013, 15:52
| #7 |
| | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Hier nun die beiden Ergebnisse. |
|
06.02.2013, 16:48
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangenZitat:
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner? Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.02.2013, 17:30
| #9 |
| | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Die W7 pro hatte ich mir damals wegen der Möglichkeit des XP- Modus geholt. Ich habe ein Programm was nur auf XP läuft, das läuft Heute jedoch auf einem alten Lenovo R52. Also, grundsätzlich hast du dabei Recht. Das Laptop ist rein privat und definitiv nicht in der Firma zu nutzen. Weitere Logs habe ich nicht, außer die Funde im Eröffnungsthread. |
|
06.02.2013, 21:30
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus. aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2013, 16:58
| #11 |
| | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Ergebnis Log mit GMER: Code:
ATTFilter GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-02-07 16:27:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 C300-CTF rev.0006 119,24GB
Running: gmer_2.0.18454.exe; Driver: C:\Users\*****\AppData\Local\Temp\ugloypod.sys
---- Kernel code sections - GMER 2.0 ----
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000193c00 7 bytes [C0, A0, F3, FF, 01, AC, F0]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 9 fffff96000193c09 2 bytes [06, 02]
---- User code sections - GMER 2.0 ----
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[2924] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2664] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe[3484] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Program Files\TPFanControl\TPFanControl.exe[5108] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Program Files (x86)\RocketDock\RocketDock.exe[4904] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe[5708] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\RunDll32.exe[6076] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6416] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[6528] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe[6728] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c81401 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c81419 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c81431 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c8144a 2 bytes [C8, 74]
.text ... * 9
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c814dd 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c814f5 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c8150d 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c81525 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c8153d 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c81555 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c8156d 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c81585 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c8159d 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c815b5 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c815cd 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c816b2 2 bytes [C8, 74]
.text C:\Windows\SysWOW64\DllHost.exe[6504] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c816bd 2 bytes [C8, 74]
---- User IAT/EAT - GMER 2.0 ----
IAT C:\Windows\system32\winlogon.exe[1076] @ C:\Windows\system32\UxTheme.dll[KERNEL32.dll!ReadFile] [55580002700] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\winlogon.exe[1076] @ C:\Windows\system32\themeservice.dll[KERNEL32.dll!GetProcAddress] [55580002820] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\winlogon.exe[1076] @ C:\Windows\system32\themeservice.dll[KERNEL32.dll!ReadFile] [55580002700] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\svchost.exe[1360] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!GetProcAddress] [55580002820] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\svchost.exe[1360] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!ReadFile] [55580002700] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\svchost.exe[1360] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress] [55580002820] c:\windows\system32\uxtuneup.dll
IAT C:\Windows\system32\svchost.exe[1360] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!ReadFile] [55580002700] c:\windows\system32\uxtuneup.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetAppId] [7fef48c2750] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetMachineId] [7fef48c2b98] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmWriteSharedMachineId] [7fef48c7de0] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmCreateNewId] [7fef48c8130] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmReadSharedMachineId] [7fef48c1908] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmGetSession] [7fef48c1c00] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmStartUpload] [7fef48c81d8] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSet] [7fef48c2878] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmAddToStreamString] [7fef48c7a5c] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmIncrement] [7fef48c6c48] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmAddToStreamDWord] [7fef48c77bc] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetAppVersion] [7fef48c7064] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmStartSession] [7fef48c6544] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[3324] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmEndSession] [7fef48c5e30] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmStartUpload] [7feef3a81d8] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmWaitForUploadComplete] [7feef3a86fc] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmStartSession] [7feef3a6544] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmEndSession] [7feef3a5e30] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmSetUserId] [7feef3a2c90] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmWriteSharedUserId] [7feef3a7fcc] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmReadSharedUserId] [7feef3a22c8] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmSetMachineId] [7feef3a2b98] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmWriteSharedMachineId] [7feef3a7de0] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmCreateNewId] [7feef3a8130] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmReadSharedMachineId] [7feef3a1908] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmSetAppVersion] [7feef3a7064] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmSetAppId] [7feef3a2750] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmIncrement] [7feef3a6c48] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmAddToStreamDWord] [7feef3a77bc] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmSetBool] [7feef3a6830] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmSet] [7feef3a2878] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmAddToStreamString] [7feef3a7a5c] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ C:\Program Files\Microsoft IntelliPoint\ipoint.exe[sqmapi.dll!SqmGetSession] [7feef3a1c00] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmIncrement] [7feef3a6c48] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmStartUpload] [7feef3a81d8] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmStartSession] [7feef3a6544] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmEndSession] [7feef3a5e30] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmSetUserId] [7feef3a2c90] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmWriteSharedUserId] [7feef3a7fcc] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmReadSharedUserId] [7feef3a22c8] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmSetMachineId] [7feef3a2b98] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmWriteSharedMachineId] [7feef3a7de0] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmCreateNewId] [7feef3a8130] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmReadSharedMachineId] [7feef3a1908] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmSetAppVersion] [7feef3a7064] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmSetAppId] [7feef3a2750] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
IAT C:\Program Files\Microsoft IntelliPoint\ipoint.exe[4784] @ c:\Program Files\Microsoft IntelliPoint\dpgcmd.dll[sqmapi.dll!SqmGetSession] [7feef3a1c00] C:\Program Files\Microsoft IntelliPoint\sqmapi.dll
---- Registry - GMER 2.0 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00242cbb75ec
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00242cbb75ec@5056638792b6 0x5D 0xF9 0x0B 0xBD ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00242cbb75ec@c884470ebca1 0x58 0x06 0x74 0xE4 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00242cbb75ec@20689deb8878 0x08 0xA9 0x4A 0xC7 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00242cbb75ec (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00242cbb75ec@5056638792b6 0x5D 0xF9 0x0B 0xBD ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00242cbb75ec@c884470ebca1 0x58 0x06 0x74 0xE4 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00242cbb75ec@20689deb8878 0x08 0xA9 0x4A 0xC7 ...
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\*****\Documents\06_Handys\1.) HTC HD2\App\3.) App\xb4s gekauft\SPBBackup2.1\8_200912031319_SPBBackup2.1.exe 1
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\*****\Documents\06_Handys\1.) HTC HD2\App\5.) App\xb4s freeware\Communikation\mobexp200b100betasetup.exe 1
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\*****\Documents\04_Auto alles\OBD I+II\Prog\xb4s getestet\Scanmaster\ScanMasterProDEMO1.1.0.0.exe 1
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\*****\Documents\07_Handys\1.) HTC HD2\App\5.) App\xb4s freeware\Communikation\SkypeMobile3.exe 1
---- EOF - GMER 2.0 ----
Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-07 16:50:25
-----------------------------
16:50:25.508 OS Version: Windows x64 6.1.7601 Service Pack 1
16:50:25.508 Number of processors: 2 586 0x170A
16:50:25.509 ComputerName: *****-PC UserName: *****
16:50:25.865 Initialize success
16:50:31.714 AVAST engine defs: 13020700
16:51:17.879 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:51:17.885 Disk 0 Vendor: C300-CTF 0006 Size: 122104MB BusType: 3
16:51:17.893 Disk 0 MBR read successfully
16:51:17.896 Disk 0 MBR scan
16:51:17.903 Disk 0 Windows 7 default MBR code
16:51:17.907 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:51:17.914 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
16:51:17.927 Disk 0 scanning C:\Windows\system32\drivers
16:51:23.724 Service scanning
16:51:38.523 Modules scanning
16:51:38.547 Disk 0 trace - called modules:
16:51:38.560 ntoskrnl.exe CLASSPNP.SYS disk.sys Sahdad64.sys ACPI.sys iaStor.sys hal.dll
16:51:38.568 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800823a170]
16:51:38.575 3 CLASSPNP.SYS[fffff8800162c43f] -> nt!IofCallDriver -> [0xfffffa800823aa20]
16:51:38.799 5 Sahdad64.sys[fffff88001de4e25] -> nt!IofCallDriver -> [0xfffffa8007c6ce40]
16:51:38.816 7 ACPI.sys[fffff88000f707a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007c72050]
16:51:38.830 Scan finished successfully
16:52:17.354 Disk 0 MBR has been saved successfully to "C:\Users\*****\Desktop\Virensuche Ich\07.02.2013\2\MBR.dat"
16:52:17.360 The log file has been saved successfully to "C:\Users\*****\Desktop\Virensuche Ich\07.02.2013\2\aswMBR.txt"
|
|
08.02.2013, 10:06
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2013, 13:23
| #13 |
| | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Ergebnis ComboFix: Code:
ATTFilter ComboFix 13-02-07.02 - ***** 08.02.2013 12:58:49.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8086.5773 [GMT 1:00]
ausgeführt von:: c:\users\*****\Desktop\ComboFix.exe
AV: G Data InternetSecurity 2013 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: G Data InternetSecurity 2013 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\*****\AppData\Roaming\Microsoft\Windows\Recent\Google-Ergebnis für http--www.audimultitronic.de-typo3temp-pics-2708d53362.jpg.url
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-01-08 bis 2013-02-08 ))))))))))))))))))))))))))))))
.
.
2013-02-08 12:13 . 2013-02-08 12:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-08 11:56 . 2013-02-08 11:56 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7728D06-7002-483E-9C71-6FCDFF702E29}\offreg.dll
2013-02-08 11:46 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7728D06-7002-483E-9C71-6FCDFF702E29}\mpengine.dll
2013-02-05 05:41 . 2013-02-05 05:41 -------- d-----w- c:\users\Internet
2013-02-03 09:16 . 2013-02-03 09:16 -------- d-----w- c:\program files\Axantum
2013-01-29 10:44 . 2013-01-29 10:44 5 ----a-w- c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2013-01-29 08:17 . 2013-01-29 08:17 -------- d-----w- c:\users\*****\AppData\Roaming\G Data
2013-01-28 23:57 . 2013-01-28 23:57 16504 ----a-w- c:\windows\system32\drivers\GdPhyMem.sys
2013-01-28 23:22 . 2009-01-25 11:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe
2013-01-28 23:13 . 2013-01-10 13:35 11240 ----a-w- c:\windows\SysWow64\GdScrSv.de.dll
2013-01-28 09:44 . 2013-01-28 09:47 -------- d-----w- C:\kleaner.tmp
2013-01-28 08:34 . 2013-01-28 23:13 64416 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2013-01-28 08:34 . 2013-01-28 23:14 -------- d-----w- c:\program files (x86)\Common Files\G Data
2013-01-28 08:34 . 2013-01-28 08:34 -------- d-----w- c:\program files (x86)\G Data
2013-01-27 10:27 . 2013-01-27 10:27 -------- d-----r- C:\Backup
2013-01-27 10:26 . 2009-12-14 11:44 85048 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2013-01-27 10:26 . 2009-12-14 11:44 66104 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2013-01-26 18:29 . 2013-01-26 18:29 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-01-26 18:28 . 2013-01-26 18:28 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-25 22:05 . 2013-01-25 22:05 -------- d-----r- C:\Sandbox
2013-01-24 20:09 . 2013-02-01 11:27 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-01-23 19:40 . 2013-01-23 19:40 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-28 23:14 . 2011-08-09 19:11 62368 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2013-01-28 23:13 . 2011-08-09 16:03 54176 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2013-01-28 23:13 . 2011-08-09 16:03 126880 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2013-01-28 23:13 . 2011-08-09 16:03 65008 ----a-w- c:\windows\system32\drivers\gdwfpcd64.sys
2013-01-28 08:51 . 2011-08-13 16:56 106648 ----a-w- c:\windows\system32\drivers\GRD.sys
2013-01-27 15:43 . 2012-04-03 13:08 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-27 15:43 . 2011-08-09 15:12 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-26 18:28 . 2012-06-18 08:25 859552 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-01-26 18:28 . 2011-08-09 16:12 780192 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 21:44 . 2011-08-09 14:51 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-18 11:49 . 2012-12-18 11:49 53248 ----a-r- c:\users\*****\AppData\Roaming\Microsoft\Installer\{0369F866-2CE0-4EB9-B426-88FA122C6E82}\ARPPRODUCTICON.exe
2012-12-18 11:49 . 2012-12-18 11:49 53248 ----a-r- c:\users\*****\AppData\Roaming\Microsoft\Installer\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}\ARPPRODUCTICON.exe
2012-12-18 09:06 . 2012-12-27 14:28 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-12-18 09:06 . 2012-12-18 09:06 974848 ----a-w- c:\windows\SysWow64\cis-2.4.dll
2012-12-18 09:06 . 2012-12-18 09:06 81920 ----a-w- c:\windows\SysWow64\issacapi_bs-2.3.dll
2012-12-18 09:06 . 2012-12-18 09:06 65536 ----a-w- c:\windows\SysWow64\issacapi_pe-2.3.dll
2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\SysWow64\MTXSYNCICON.dll
2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\SysWow64\MK_Lyric.dll
2012-12-18 09:06 . 2012-12-18 09:06 57344 ----a-w- c:\windows\SysWow64\issacapi_se-2.3.dll
2012-12-18 09:06 . 2012-12-18 09:06 569344 ----a-w- c:\windows\SysWow64\muzdecode.ax
2012-12-18 09:06 . 2012-12-18 09:06 491520 ----a-w- c:\windows\SysWow64\muzapp.dll
2012-12-18 09:06 . 2012-12-18 09:06 49152 ----a-w- c:\windows\SysWow64\MaJGUILib.dll
2012-12-18 09:06 . 2012-12-18 09:06 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-12-18 09:06 . 2012-12-18 09:06 45056 ----a-w- c:\windows\SysWow64\MaXMLProto.dll
2012-12-18 09:06 . 2012-12-18 09:06 45056 ----a-w- c:\windows\SysWow64\MACXMLProto.dll
2012-12-18 09:06 . 2012-12-18 09:06 40960 ----a-w- c:\windows\SysWow64\MTTELECHIP.dll
2012-12-18 09:06 . 2012-12-18 09:06 352256 ----a-w- c:\windows\SysWow64\MSLUR71.dll
2012-12-18 09:06 . 2012-12-18 09:06 258048 ----a-w- c:\windows\SysWow64\muzoggsp.ax
2012-12-18 09:06 . 2012-12-18 09:06 245760 ----a-w- c:\windows\SysWow64\MSCLib.dll
2012-12-18 09:06 . 2012-12-18 09:06 24576 ----a-w- c:\windows\SysWow64\MASetupCleaner.exe
2012-12-18 09:06 . 2012-12-18 09:06 200704 ----a-w- c:\windows\SysWow64\muzwmts.dll
2012-12-18 09:06 . 2012-12-18 09:06 172032 ----a-w- c:\windows\SysWow64\muzapp.exe
2012-12-18 09:06 . 2012-12-18 09:06 155648 ----a-w- c:\windows\SysWow64\MSFLib.dll
2012-12-18 09:06 . 2012-12-18 09:06 143360 ----a-w- c:\windows\SysWow64\3DAudio.ax
2012-12-18 09:06 . 2012-12-18 09:06 135168 ----a-w- c:\windows\SysWow64\muzaf1.dll
2012-12-18 09:06 . 2012-12-18 09:06 131072 ----a-w- c:\windows\SysWow64\muzmpgsp.ax
2012-12-18 09:06 . 2012-12-18 09:06 122880 ----a-w- c:\windows\SysWow64\muzeffect.ax
2012-12-18 09:06 . 2012-12-18 09:06 118784 ----a-w- c:\windows\SysWow64\MaDRM.dll
2012-12-18 09:06 . 2012-12-18 09:06 110592 ----a-w- c:\windows\SysWow64\muzmp4sp.ax
2012-12-16 17:11 . 2012-12-21 08:20 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 08:20 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 08:20 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 08:20 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-11 05:22 . 2012-12-11 05:22 72048 ----a-w- c:\windows\system32\ibmpmctl.exe
2012-12-11 05:22 . 2012-12-11 05:22 60272 ----a-w- c:\windows\system32\ibmpmsvc.exe
2012-12-11 05:22 . 2012-12-11 05:22 42824 ----a-w- c:\windows\system32\drivers\ibmpmdrv.sys
2012-12-11 05:22 . 2012-12-11 05:22 39792 ----a-w- c:\windows\system32\tpinspm.dll
2012-11-30 04:45 . 2013-01-09 21:26 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-13 16:05 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-13 16:05 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-13 16:05 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-13 16:05 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-13 16:05 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-13 16:05 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-13 16:05 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-13 16:05 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-13 16:05 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-13 16:05 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-13 16:05 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-13 16:05 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-13 16:05 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-13 16:05 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-13 16:05 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-13 16:05 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-13 16:05 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-13 16:05 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 16:05 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-13 16:05 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 16:05 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-13 16:05 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-03-02 140640]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-09-22 5587832]
"RotateImage"="c:\program files (x86)\RotateImage\RCIMGDIR.exe" [2008-10-30 55808]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-05-16 5941344]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2011-09-22 2571032]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-05-04 98304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2013-01-09 1035216]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2012-11-29 1475096]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2011-1-19 1214240]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2012-1-3 1207312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"CPMonitor"="c:\program files (x86)\Roxio 2012\5.0\CPMonitor.exe"
"ISUSPM"=c:\programdata\FLEXnet\Connect\11\\isuspm.exe -scheduler
"Desktop Disc Tool"="c:\program files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"SAOB Monitor"=c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon"=c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys [x]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CSObjectsSrv;Verwaltungsservice vom CryproStorage-System;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [x]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2010-02-05 130048]
R3 ALSysIO;ALSysIO;c:\users\*****\AppData\Local\Temp\ALSysIO64.sys [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys [2011-10-19 195072]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2010-12-14 53008]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2010-12-14 58128]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-01-20 426024]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-01-20 89128]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-01-20 39976]
R3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1x64.sys [2012-08-29 28008]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon64.sys [2011-08-09 31448]
R3 GigasetGenericUSB_x64;GigasetGenericUSB_x64;c:\windows\system32\DRIVERS\GigasetGenericUSB_x64.sys [2012-10-08 54272]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-05-16 1662560]
R3 PS3 Media Server;PS3 Media Server;c:\program files (x86)\PS3 Media Server\win32\service\wrapper.exe [2008-08-17 217088]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-05-16 1665120]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SRS_AE_Service;SRS Audio;c:\windows\system32\drivers\SRS_AE_amd64.sys [2012-06-21 549704]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
R4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-02-09 457200]
R4 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-07-15 21488]
R4 RoxMediaDB13;RoxMediaDB13;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-07-13 1095664]
R4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-07-13 340976]
R4 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys [2012-05-16 29512]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2013-01-28 54176]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-05-24 55952]
S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys [2011-02-09 27120]
S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys [2011-02-09 19952]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2012-09-11 1263200]
S1 c2scsi64;c2scsi64;c:\windows\system32\DRIVERS\c2scsi64.sys [2011-07-20 167920]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2013-01-28 126880]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [2013-01-28 65008]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2013-01-28 106648]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2013-01-28 64416]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys [2011-02-09 27632]
S2 afcdpsrv;Acronis Nonstop Backup-Dienst;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-09-11 3246040]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-05-04 203776]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\ATService.exe [2010-02-05 2713920]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2012-11-29 1548312]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2012-11-29 469016]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2012-11-29 2012592]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2010-02-05 117760]
S2 FPLService;TrueSuiteService;c:\program files\AuthenTec TrueSuite\TrueSuiteService.exe [2012-08-30 296808]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2012-01-16 43584]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-01-16 62016]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-10-08 166912]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072]
S2 TVicPort64;TVicPort64; [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-02-04 2058776]
S2 WiselinkPro;SAMSUNG WiselinkPro Service;c:\program files (x86)\SAMSUNG\PC Auto Backup\WiselinkPro.exe [2012-01-18 7262263]
S3 5U875UVC;Integrated Camera;c:\windows\system32\DRIVERS\RCUVCMNP.sys [2009-10-23 220032]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-09-11 285280]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 195072]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2010-02-05 736840]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys [2011-08-10 116096]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2010-12-17 299648]
S3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2012-05-16 320576]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [2011-10-20 302296]
S3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys [2010-02-23 26664]
S3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys [2010-02-23 30248]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2012-11-29 2377736]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2013-01-28 62368]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [2012-03-29 470008]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-10-13 10629184]
S3 l36wgps; Mobile Broadband GPS Port;c:\windows\system32\DRIVERS\l36wgps64.sys [2011-02-28 101416]
S3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2009-05-11 118016]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2009-06-17 74256]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2009-06-17 13328]
S3 Mbm3CBus;F3507g Mobile Broadband Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys [2011-04-13 419400]
S3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys [2011-04-13 430664]
S3 Mbm3mdfl; Mobile Broadband Modem Port Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys [2011-04-13 19528]
S3 Mbm3Mdm; Mobile Broadband Modem Port Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys [2011-04-13 483400]
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0;PCDSRVC{127174DC-C366ED8B-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms [2011-06-27 25584]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-10-17 44344]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-09-22 11856]
S3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys [2011-04-06 286248]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 15:43]
.
2013-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 18:57]
.
2013-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 18:57]
.
2013-01-17 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
2013-02-08 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TSFPLOlayIcon]
@="{F4DD9208-8229-492D-BCBF-2955F7AC38F4}"
[HKEY_CLASSES_ROOT\CLSID\{F4DD9208-8229-492D-BCBF-2955F7AC38F4}]
2012-08-30 12:10 298344 ----a-w- c:\program files\AuthenTec TrueSuite\TrueSuite.FPLOlayIcon.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"FingerPrintSoftwareSplashScreen"="c:\program files\Lenovo Fingerprint Software\SplashScreen.exe \s" [X]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-24 2726728]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-05-24 395344]
"picon"="c:\program files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe" [2010-02-04 111640]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-01-16 44096]
"TPFanControl"="c:\program files\TPFanControl\TPFanControl.exe" [2010-04-23 154112]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.amazon.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Mit FRITZ!Box Anrufen
IE: Mit FRITZ!Box Anrufen\Flags
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020200}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-08 13:16:22
ComboFix-quarantined-files.txt 2013-02-08 12:16
.
Vor Suchlauf: 14 Verzeichnis(se), 32.291.753.984 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 32.309.190.656 Bytes frei
.
- - End Of File - - 916A9205657ADD7C6D8E65B57EAF06AD
|
|
08.02.2013, 14:29
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.02.2013, 16:03
| #15 |
| | Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen Ergebnis TDSS-Killer: Code:
ATTFilter 15:54:49.0988 7684 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:54:51.0989 7684 ============================================================
15:54:51.0989 7684 Current date / time: 2013/02/08 15:54:51.0989
15:54:51.0989 7684 SystemInfo:
15:54:51.0989 7684
15:54:51.0990 7684 OS Version: 6.1.7601 ServicePack: 1.0
15:54:51.0990 7684 Product type: Workstation
15:54:51.0990 7684 ComputerName: *****-PC
15:54:51.0990 7684 UserName: *****
15:54:51.0990 7684 Windows directory: C:\Windows
15:54:51.0990 7684 System windows directory: C:\Windows
15:54:51.0990 7684 Running under WOW64
15:54:51.0990 7684 Processor architecture: Intel x64
15:54:51.0990 7684 Number of processors: 2
15:54:51.0990 7684 Page size: 0x1000
15:54:51.0990 7684 Boot type: Normal boot
15:54:51.0990 7684 ============================================================
15:54:52.0386 7684 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x409B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
15:54:52.0392 7684 ============================================================
15:54:52.0392 7684 \Device\Harddisk0\DR0:
15:54:52.0393 7684 MBR partitions:
15:54:52.0393 7684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:54:52.0393 7684 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
15:54:52.0393 7684 ============================================================
15:54:52.0394 7684 C: <-> \Device\Harddisk0\DR0\Partition2
15:54:52.0395 7684 ============================================================
15:54:52.0395 7684 Initialize success
15:54:52.0395 7684 ============================================================
15:55:28.0176 4624 ============================================================
15:55:28.0176 4624 Scan started
15:55:28.0176 4624 Mode: Manual; SigCheck; TDLFS;
15:55:28.0176 4624 ============================================================
15:55:28.0478 4624 ================ Scan system memory ========================
15:55:28.0478 4624 System memory - ok
15:55:28.0481 4624 ================ Scan services =============================
15:55:28.0525 4624 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:55:28.0599 4624 1394ohci - ok
15:55:28.0606 4624 [ FA84047290E5091790A2670E9FD365EE ] 5U875UVC C:\Windows\system32\DRIVERS\RCUVCMNP.sys
15:55:28.0622 4624 5U875UVC - ok
15:55:28.0633 4624 [ C863272577DC93199F9A2D108468EDB9 ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
15:55:28.0659 4624 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
15:55:28.0669 4624 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:55:28.0690 4624 ACPI - ok
15:55:28.0697 4624 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:55:28.0720 4624 AcpiPmi - ok
15:55:28.0738 4624 [ C8AC99197698D2C5988EE2A902E2A042 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
15:55:28.0767 4624 AcrSch2Svc - ok
15:55:28.0774 4624 [ AE30DF1DCD92AFAA9D80405FCFFA05E4 ] ADMonitor C:\Windows\system32\ADMonitor.exe
15:55:28.0781 4624 ADMonitor ( UnsignedFile.Multi.Generic ) - warning
15:55:28.0781 4624 ADMonitor - detected UnsignedFile.Multi.Generic (1)
15:55:28.0788 4624 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:55:28.0800 4624 AdobeARMservice - ok
15:55:28.0823 4624 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:55:28.0838 4624 AdobeFlashPlayerUpdateSvc - ok
15:55:28.0848 4624 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:55:28.0867 4624 adp94xx - ok
15:55:28.0877 4624 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:55:28.0894 4624 adpahci - ok
15:55:28.0900 4624 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:55:28.0915 4624 adpu320 - ok
15:55:28.0924 4624 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:55:28.0983 4624 AeLookupSvc - ok
15:55:28.0992 4624 [ AE1FCE2CD1E99BEA89183BA8CD320872 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
15:55:29.0006 4624 afcdp - ok
15:55:29.0045 4624 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
15:55:29.0106 4624 afcdpsrv - ok
15:55:29.0121 4624 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:55:29.0141 4624 AFD - ok
15:55:29.0148 4624 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:55:29.0162 4624 agp440 - ok
15:55:29.0168 4624 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:55:29.0188 4624 ALG - ok
15:55:29.0195 4624 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:55:29.0208 4624 aliide - ok
15:55:29.0232 4624 ALSysIO - ok
15:55:29.0240 4624 [ F23C8B2011900E7D0F1940CA75975B90 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:55:29.0266 4624 AMD External Events Utility - ok
15:55:29.0271 4624 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:55:29.0285 4624 amdide - ok
15:55:29.0292 4624 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:55:29.0306 4624 AmdK8 - ok
15:55:29.0387 4624 [ F9F4A7CC75C3101AD5A66FD035525CC3 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:55:29.0505 4624 amdkmdag - ok
15:55:29.0517 4624 [ 7FDAAE73445C2C9F8360AB45E22C03BE ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:55:29.0534 4624 amdkmdap - ok
15:55:29.0542 4624 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:55:29.0555 4624 AmdPPM - ok
15:55:29.0563 4624 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:55:29.0575 4624 amdsata - ok
15:55:29.0584 4624 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:55:29.0597 4624 amdsbs - ok
15:55:29.0605 4624 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:55:29.0616 4624 amdxata - ok
15:55:29.0624 4624 [ 12E7A43A3C6840A063A82B04F7EF47C0 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
15:55:29.0638 4624 AMPPAL - ok
15:55:29.0646 4624 [ 12E7A43A3C6840A063A82B04F7EF47C0 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
15:55:29.0660 4624 AMPPALP - ok
15:55:29.0673 4624 [ 2CC0CBF2707BE4D5B6CE6B87D9DA2F97 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
15:55:29.0694 4624 AMPPALR3 - ok
15:55:29.0702 4624 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:55:29.0734 4624 AppID - ok
15:55:29.0741 4624 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:55:29.0773 4624 AppIDSvc - ok
15:55:29.0778 4624 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:55:29.0812 4624 Appinfo - ok
15:55:29.0821 4624 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:55:29.0835 4624 AppMgmt - ok
15:55:29.0843 4624 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:55:29.0856 4624 arc - ok
15:55:29.0864 4624 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:55:29.0877 4624 arcsas - ok
15:55:29.0895 4624 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:55:29.0906 4624 aspnet_state - ok
15:55:29.0913 4624 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:55:29.0946 4624 AsyncMac - ok
15:55:29.0953 4624 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:55:29.0965 4624 atapi - ok
15:55:30.0047 4624 [ F9F4A7CC75C3101AD5A66FD035525CC3 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:55:30.0150 4624 atikmdag - ok
15:55:30.0186 4624 [ B0057F384CFC33A851F4FD9C0A7AF0FE ] ATService C:\Windows\system32\ATService.exe
15:55:30.0233 4624 ATService - ok
15:55:30.0247 4624 [ 17B8D955BE11B001456C47C5CFAB1054 ] ATSwpWDF C:\Windows\system32\Drivers\ATSwpWDF.sys
15:55:30.0266 4624 ATSwpWDF - ok
15:55:30.0279 4624 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:55:30.0322 4624 AudioEndpointBuilder - ok
15:55:30.0335 4624 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:55:30.0379 4624 AudioSrv - ok
15:55:30.0400 4624 [ A1ADE0E06E057E3E7C3C931413AD9665 ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
15:55:30.0431 4624 AVKProxy - ok
15:55:30.0447 4624 [ 68F93849B4197243E8454E704B063F9B ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
15:55:30.0463 4624 AVKService - ok
15:55:30.0494 4624 [ B278D782732166A55AB270406E89F7A0 ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
15:55:30.0539 4624 AVKWCtl - ok
15:55:30.0545 4624 [ BD39D7CFD9D6A73396B618113A8E8D57 ] avmaudio C:\Windows\system32\DRIVERS\avmaudio.sys
15:55:30.0558 4624 avmaudio - ok
15:55:30.0563 4624 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:55:30.0585 4624 AxInstSV - ok
15:55:30.0597 4624 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:55:30.0614 4624 b06bdrv - ok
15:55:30.0623 4624 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:55:30.0640 4624 b57nd60a - ok
15:55:30.0651 4624 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:55:30.0665 4624 BDESVC - ok
15:55:30.0672 4624 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:55:30.0708 4624 Beep - ok
15:55:30.0721 4624 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:55:30.0760 4624 BFE - ok
15:55:30.0775 4624 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:55:30.0816 4624 BITS - ok
15:55:30.0823 4624 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:55:30.0837 4624 blbdrive - ok
15:55:30.0852 4624 [ C620C59D46F43BEECC556F65E801312B ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
15:55:30.0867 4624 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
15:55:30.0867 4624 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
15:55:30.0885 4624 [ 5E5EDCCEEA4FA3FDF3A907AC204B5828 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
15:55:30.0905 4624 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
15:55:30.0905 4624 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
15:55:30.0920 4624 [ 826E65C945738CBD64F89EAE4406687F ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
15:55:30.0940 4624 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning
15:55:30.0940 4624 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1)
15:55:30.0948 4624 [ C752A6902163B5E9C3554BA69A275F41 ] BOT4Service C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
15:55:30.0958 4624 BOT4Service - ok
15:55:30.0966 4624 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:55:30.0980 4624 bowser - ok
15:55:30.0984 4624 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:55:30.0999 4624 BrFiltLo - ok
15:55:31.0004 4624 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:55:31.0021 4624 BrFiltUp - ok
15:55:31.0034 4624 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:55:31.0067 4624 BridgeMP - ok
15:55:31.0076 4624 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:55:31.0090 4624 Browser - ok
15:55:31.0101 4624 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:55:31.0118 4624 Brserid - ok
15:55:31.0126 4624 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:55:31.0141 4624 BrSerWdm - ok
15:55:31.0149 4624 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:55:31.0167 4624 BrUsbMdm - ok
15:55:31.0175 4624 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:55:31.0192 4624 BrUsbSer - ok
15:55:31.0199 4624 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:55:31.0212 4624 BthEnum - ok
15:55:31.0220 4624 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:55:31.0236 4624 BTHMODEM - ok
15:55:31.0245 4624 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:55:31.0261 4624 BthPan - ok
15:55:31.0273 4624 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
15:55:31.0293 4624 BTHPORT - ok
15:55:31.0300 4624 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:55:31.0332 4624 bthserv - ok
15:55:31.0341 4624 [ D6CEEC2F878149E4DB9FE93FA5D8FE60 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
15:55:31.0352 4624 BTHSSecurityMgr - ok
15:55:31.0360 4624 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
15:55:31.0373 4624 BTHUSB - ok
15:55:31.0386 4624 [ A1B4D161BC0DC8C7CD9283BF5A8D74E2 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
15:55:31.0396 4624 btmaudio - ok
15:55:31.0401 4624 [ 962BD3689E2C85F0BA97F3D7E7BA540B ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
15:55:31.0411 4624 btmaux - ok
15:55:31.0417 4624 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
15:55:31.0427 4624 btusbflt - ok
15:55:31.0437 4624 [ D1961566D80F6BC9D50C9D784966A60B ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
15:55:31.0453 4624 BTWAMPFL - ok
15:55:31.0461 4624 [ C6614B9CBA64BE8D0D68869DF7931D51 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:55:31.0473 4624 btwaudio - ok
15:55:31.0480 4624 [ C44B6E64F894BE8A8BA28EDB7716E0F1 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
15:55:31.0491 4624 btwavdt - ok
15:55:31.0507 4624 [ 5BCF4DB10EA362517B10C3FCE418E673 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
15:55:31.0530 4624 btwdins - ok
15:55:31.0537 4624 [ 74E4CE6133679CE786CB0C13B9E5EE40 ] BTWDPAN C:\Windows\system32\DRIVERS\btwdpan.sys
15:55:31.0547 4624 BTWDPAN - ok
15:55:31.0553 4624 [ B36DD002B349D11CCE22B23C71991BC9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:55:31.0563 4624 btwl2cap - ok
15:55:31.0568 4624 [ 0BB3797E32CF55E44D25C1B0E0DAF1E5 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:55:31.0580 4624 btwrchid - ok
15:55:31.0587 4624 [ 59626AB5920F316BDBFDC8B47521A882 ] c2scsi64 C:\Windows\system32\DRIVERS\c2scsi64.sys
15:55:31.0598 4624 c2scsi64 - ok
15:55:31.0603 4624 catchme - ok
15:55:31.0619 4624 [ 9C4E50BEA239E2D45099EC919F779DB0 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
15:55:31.0633 4624 CAXHWAZL - ok
15:55:31.0642 4624 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:55:31.0675 4624 cdfs - ok
15:55:31.0683 4624 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:55:31.0698 4624 cdrom - ok
15:55:31.0706 4624 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:55:31.0739 4624 CertPropSvc - ok
15:55:31.0747 4624 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:55:31.0762 4624 circlass - ok
15:55:31.0771 4624 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:55:31.0789 4624 CLFS - ok
15:55:31.0797 4624 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:55:31.0808 4624 clr_optimization_v2.0.50727_32 - ok
15:55:31.0815 4624 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:55:31.0827 4624 clr_optimization_v2.0.50727_64 - ok
15:55:31.0839 4624 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:55:31.0851 4624 clr_optimization_v4.0.30319_32 - ok
15:55:31.0858 4624 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:55:31.0870 4624 clr_optimization_v4.0.30319_64 - ok
15:55:31.0878 4624 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:55:31.0892 4624 CmBatt - ok
15:55:31.0898 4624 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:55:31.0911 4624 cmdide - ok
15:55:31.0923 4624 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:55:31.0946 4624 CNG - ok
15:55:31.0959 4624 [ D3C4F72E8F8DC523B02A0C313CEEEA99 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:55:31.0977 4624 CnxtHdAudService - ok
15:55:31.0985 4624 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:55:31.0998 4624 Compbatt - ok
15:55:32.0007 4624 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:55:32.0023 4624 CompositeBus - ok
15:55:32.0031 4624 COMSysApp - ok
15:55:32.0037 4624 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:55:32.0049 4624 crcdisk - ok
15:55:32.0061 4624 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:55:32.0075 4624 CryptSvc - ok
15:55:32.0089 4624 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:55:32.0109 4624 CSC - ok
15:55:32.0123 4624 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:55:32.0143 4624 CscService - ok
15:55:32.0149 4624 CSObjectsSrv - ok
15:55:32.0161 4624 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:55:32.0201 4624 DcomLaunch - ok
15:55:32.0212 4624 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:55:32.0248 4624 defragsvc - ok
15:55:32.0256 4624 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:55:32.0288 4624 DfsC - ok
15:55:32.0294 4624 [ 51D50A9A72C18E4629891BF381D123BA ] DFX11_1 C:\Windows\system32\drivers\dfx11_1x64.sys
15:55:32.0304 4624 DFX11_1 - ok
15:55:32.0310 4624 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
15:55:32.0324 4624 dg_ssudbus - ok
15:55:32.0334 4624 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:55:32.0351 4624 Dhcp - ok
15:55:32.0359 4624 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:55:32.0397 4624 discache - ok
15:55:32.0406 4624 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:55:32.0419 4624 Disk - ok
15:55:32.0425 4624 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:55:32.0441 4624 dmvsc - ok
15:55:32.0450 4624 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:55:32.0467 4624 Dnscache - ok
15:55:32.0481 4624 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:55:32.0516 4624 dot3svc - ok
15:55:32.0523 4624 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:55:32.0540 4624 Dot4 - ok
15:55:32.0546 4624 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:55:32.0561 4624 Dot4Print - ok
15:55:32.0566 4624 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:55:32.0583 4624 dot4usb - ok
15:55:32.0593 4624 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
15:55:32.0608 4624 DozeSvc - ok
15:55:32.0618 4624 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:55:32.0652 4624 DPS - ok
15:55:32.0660 4624 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:55:32.0675 4624 drmkaud - ok
15:55:32.0685 4624 [ E12EA64F18947AD7B6160DBC45995F84 ] dtsvc C:\Windows\system32\DTS.exe
15:55:32.0691 4624 dtsvc ( UnsignedFile.Multi.Generic ) - warning
15:55:32.0691 4624 dtsvc - detected UnsignedFile.Multi.Generic (1)
15:55:32.0706 4624 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:55:32.0731 4624 DXGKrnl - ok
15:55:32.0739 4624 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
15:55:32.0753 4624 DzHDD64 - ok
15:55:32.0762 4624 [ 11D0ECA73AB25135F65656B93ADBCB3D ] e1yexpress C:\Windows\system32\DRIVERS\e1y62x64.sys
15:55:32.0776 4624 e1yexpress - ok
15:55:32.0785 4624 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:55:32.0820 4624 EapHost - ok
15:55:32.0857 4624 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:55:32.0905 4624 ebdrv - ok
15:55:32.0914 4624 [ F88F2E5806FC405B0FA94B7947A5875E ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
15:55:32.0925 4624 ecnssndis - ok
15:55:32.0933 4624 [ C8CD88218EFC28F7E44A9892B3E97F4D ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
15:55:32.0943 4624 ecnssndisfltr - ok
15:55:32.0949 4624 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:55:32.0965 4624 EFS - ok
15:55:32.0977 4624 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:55:33.0002 4624 ehRecvr - ok
15:55:33.0011 4624 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:55:33.0040 4624 ehSched - ok
15:55:33.0053 4624 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:55:33.0073 4624 elxstor - ok
15:55:33.0081 4624 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:55:33.0095 4624 ErrDev - ok
15:55:33.0111 4624 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:55:33.0148 4624 EventSystem - ok
15:55:33.0170 4624 [ 532B8FF8E07F3772B086620377654F95 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:55:33.0204 4624 EvtEng - ok
15:55:33.0211 4624 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:55:33.0247 4624 exfat - ok
15:55:33.0257 4624 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:55:33.0290 4624 fastfat - ok
15:55:33.0302 4624 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:55:33.0322 4624 Fax - ok
15:55:33.0330 4624 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:55:33.0344 4624 fdc - ok
15:55:33.0350 4624 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:55:33.0385 4624 fdPHost - ok
15:55:33.0400 4624 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:55:33.0436 4624 FDResPub - ok
15:55:33.0444 4624 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:55:33.0458 4624 FileInfo - ok
15:55:33.0464 4624 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:55:33.0498 4624 Filetrace - ok
15:55:33.0507 4624 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:55:33.0520 4624 flpydisk - ok
15:55:33.0531 4624 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:55:33.0546 4624 FltMgr - ok
15:55:33.0562 4624 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:55:33.0587 4624 FontCache - ok
15:55:33.0596 4624 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:55:33.0606 4624 FontCache3.0.0.0 - ok
15:55:33.0618 4624 [ 212EC8A697F96A8EB0283CB405AE6FE8 ] FPLService C:\Program Files\AuthenTec TrueSuite\TrueSuiteService.exe
15:55:33.0632 4624 FPLService - ok
15:55:33.0640 4624 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:55:33.0653 4624 FsDepends - ok
15:55:33.0658 4624 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:55:33.0669 4624 fssfltr - ok
15:55:33.0690 4624 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:55:33.0729 4624 fsssvc - ok
15:55:33.0735 4624 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:55:33.0749 4624 Fs_Rec - ok
15:55:33.0756 4624 [ 82D4BD620F7E27EA268EA0E2F701A7AE ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
15:55:33.0767 4624 FTDIBUS - ok
15:55:33.0774 4624 [ 1FA21FF2D7B50B528D8B73DB34AD06BC ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
15:55:33.0785 4624 FTSER2K - ok
15:55:33.0793 4624 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:55:33.0810 4624 fvevol - ok
15:55:33.0821 4624 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:55:33.0834 4624 gagp30kx - ok
15:55:33.0840 4624 [ DEC2DEB0025548EE434C2DBA68B771BC ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
15:55:33.0852 4624 GDBehave - ok
15:55:33.0879 4624 [ 98024F808C6A12FA9160AEF9C8344FAB ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
15:55:33.0930 4624 GDFwSvc - ok
15:55:33.0942 4624 [ C91D9D7338AD7E6D0CC707828E90203F ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
15:55:33.0955 4624 GDMnIcpt - ok
15:55:33.0963 4624 [ CEBDA28D56F0CA2F08367C93741E5F76 ] GdNetMon C:\Windows\system32\drivers\GdNetMon64.sys
15:55:33.0974 4624 GdNetMon - ok
15:55:33.0983 4624 [ B6F4C60CF97E823F2874FF9FEF4CC89B ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
15:55:33.0995 4624 GDPkIcpt - ok
15:55:34.0003 4624 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
15:55:34.0020 4624 GDScan - ok
15:55:34.0029 4624 [ 080B1C7B27BD44877DA04F6EC3D16CF3 ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
15:55:34.0042 4624 gdwfpcd - ok
15:55:34.0049 4624 [ B93252C4C5A3733ECD5522CAF88DE02D ] GigasetGenericUSB_x64 C:\Windows\system32\DRIVERS\GigasetGenericUSB_x64.sys
15:55:34.0057 4624 GigasetGenericUSB_x64 ( UnsignedFile.Multi.Generic ) - warning
15:55:34.0057 4624 GigasetGenericUSB_x64 - detected UnsignedFile.Multi.Generic (1)
15:55:34.0070 4624 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:55:34.0108 4624 gpsvc - ok
15:55:34.0117 4624 [ 9580CBF03D2EE08BD1C0D701AAE4092A ] GRD C:\Windows\system32\drivers\GRD.sys
15:55:34.0129 4624 GRD - ok
15:55:34.0137 4624 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:34.0149 4624 gupdate - ok
15:55:34.0156 4624 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:34.0167 4624 gupdatem - ok
15:55:34.0173 4624 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:55:34.0188 4624 hcw85cir - ok
15:55:34.0198 4624 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:55:34.0218 4624 HdAudAddService - ok
15:55:34.0224 4624 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:55:34.0240 4624 HDAudBus - ok
15:55:34.0249 4624 [ 15C9789470B8855AC2F54FDF96802D13 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:55:34.0263 4624 HECIx64 - ok
15:55:34.0274 4624 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:55:34.0288 4624 HidBatt - ok
15:55:34.0297 4624 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:55:34.0314 4624 HidBth - ok
15:55:34.0324 4624 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:55:34.0340 4624 HidIr - ok
15:55:34.0347 4624 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:55:34.0383 4624 hidserv - ok
15:55:34.0392 4624 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:55:34.0405 4624 HidUsb - ok
15:55:34.0414 4624 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:55:34.0447 4624 hkmsvc - ok
15:55:34.0458 4624 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:55:34.0473 4624 HomeGroupListener - ok
15:55:34.0483 4624 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:55:34.0501 4624 HomeGroupProvider - ok
15:55:34.0508 4624 [ 907C238D9F85BE868817740C0FD8D315 ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
15:55:34.0521 4624 HookCentre - ok
15:55:34.0533 4624 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:55:34.0541 4624 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
15:55:34.0541 4624 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
15:55:34.0550 4624 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:55:34.0558 4624 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
15:55:34.0558 4624 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
15:55:34.0563 4624 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:55:34.0576 4624 HpSAMD - ok
15:55:34.0600 4624 HPSLPSVC - ok
15:55:34.0628 4624 [ 75D9D5C4DD0A18E3E7F50683734E0077 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
15:55:34.0645 4624 HsfXAudioService - ok
15:55:34.0684 4624 [ 5A518B63D408B2DBC1778788456E1A66 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
15:55:34.0714 4624 HSF_DPV - ok
15:55:34.0723 4624 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
15:55:34.0740 4624 HTCAND64 - ok
15:55:34.0747 4624 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
15:55:34.0757 4624 htcnprot - ok
15:55:34.0771 4624 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:55:34.0810 4624 HTTP - ok
15:55:34.0817 4624 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:55:34.0828 4624 hwpolicy - ok
15:55:34.0835 4624 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:55:34.0849 4624 i8042prt - ok
15:55:34.0866 4624 [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:55:34.0880 4624 iaStor - ok
15:55:34.0891 4624 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:55:34.0908 4624 iaStorV - ok
15:55:34.0918 4624 [ B21087E1A64FD474BF3E1A602A714F1F ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
15:55:34.0929 4624 IBMPMDRV - ok
15:55:34.0934 4624 [ A3E4DE0F77031061972485EF9BD8E4D0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
15:55:34.0945 4624 IBMPMSVC - ok
15:55:34.0954 4624 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:55:34.0961 4624 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:55:34.0961 4624 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:55:34.0977 4624 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:55:35.0004 4624 idsvc - ok
15:55:35.0142 4624 [ 4EAA4261E1AD4B860657CADA790B9B38 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:55:35.0332 4624 igfx - ok
15:55:35.0344 4624 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:55:35.0358 4624 iirsp - ok
15:55:35.0366 4624 [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
15:55:35.0376 4624 IJPLMSVC - ok
15:55:35.0394 4624 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:55:35.0434 4624 IKEEXT - ok
15:55:35.0450 4624 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:55:35.0461 4624 intelide - ok
15:55:35.0572 4624 [ 4EAA4261E1AD4B860657CADA790B9B38 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
15:55:35.0721 4624 intelkmd - ok
15:55:35.0732 4624 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:55:35.0746 4624 intelppm - ok
15:55:35.0755 4624 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:55:35.0789 4624 IPBusEnum - ok
15:55:35.0799 4624 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:55:35.0831 4624 IpFilterDriver - ok
15:55:35.0844 4624 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:55:35.0864 4624 iphlpsvc - ok
15:55:35.0873 4624 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:55:35.0887 4624 IPMIDRV - ok
15:55:35.0897 4624 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:55:35.0930 4624 IPNAT - ok
15:55:35.0937 4624 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:55:35.0959 4624 IRENUM - ok
15:55:35.0968 4624 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:55:35.0980 4624 isapnp - ok
15:55:35.0988 4624 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:55:36.0004 4624 iScsiPrt - ok
15:55:36.0015 4624 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:55:36.0029 4624 kbdclass - ok
15:55:36.0036 4624 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:55:36.0049 4624 kbdhid - ok
15:55:36.0055 4624 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:55:36.0070 4624 KeyIso - ok
15:55:36.0079 4624 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:55:36.0093 4624 KSecDD - ok
15:55:36.0104 4624 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:55:36.0118 4624 KSecPkg - ok
15:55:36.0126 4624 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:55:36.0160 4624 ksthunk - ok
15:55:36.0172 4624 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:55:36.0208 4624 KtmRm - ok
15:55:36.0216 4624 [ C864875E87E6B790471516856FC1F5C2 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys
15:55:36.0227 4624 l36wgps - ok
15:55:36.0238 4624 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:55:36.0273 4624 LanmanServer - ok
15:55:36.0283 4624 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:55:36.0317 4624 LanmanWorkstation - ok
15:55:36.0328 4624 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
15:55:36.0342 4624 LBTServ - ok
15:55:36.0353 4624 [ A4973DF3264791952D6D7AB56565DD55 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
15:55:36.0364 4624 LENOVO.CAMMUTE - ok
15:55:36.0371 4624 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
15:55:36.0385 4624 LENOVO.MICMUTE - ok
15:55:36.0392 4624 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
15:55:36.0402 4624 lenovo.smi - ok
15:55:36.0410 4624 [ 05D72DE005BE625CE60CE3BE4FAB9714 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
15:55:36.0419 4624 LENOVO.TPKNRSVC - ok
15:55:36.0429 4624 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
15:55:36.0440 4624 Lenovo.VIRTSCRLSVC - ok
15:55:36.0452 4624 [ 606DA892A53FA863B67F8D3F8FF016A0 ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
15:55:36.0466 4624 LenovoRd - ok
15:55:36.0481 4624 [ BECBD7CD46776B8739EE18061F45A581 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
15:55:36.0491 4624 LEqdUsb - ok
15:55:36.0500 4624 [ 21D6BD7D62C270059EB8E2B1D4095880 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
15:55:36.0511 4624 LHidEqd - ok
15:55:36.0521 4624 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:55:36.0532 4624 LHidFilt - ok
15:55:36.0538 4624 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:55:36.0570 4624 lltdio - ok
15:55:36.0582 4624 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:55:36.0619 4624 lltdsvc - ok
15:55:36.0628 4624 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:55:36.0672 4624 lmhosts - ok
15:55:36.0678 4624 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:55:36.0688 4624 LMouFilt - ok
15:55:36.0696 4624 [ 7F697D6EB3E47FBC7757229DAEE406B4 ] LMS C:\Program Files (x86)\Intel\AMT\LMS.exe
15:55:36.0710 4624 LMS - ok
15:55:36.0724 4624 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:55:36.0738 4624 LSI_FC - ok
15:55:36.0748 4624 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:55:36.0761 4624 LSI_SAS - ok
15:55:36.0770 4624 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:55:36.0783 4624 LSI_SAS2 - ok
15:55:36.0788 4624 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:55:36.0803 4624 LSI_SCSI - ok
15:55:36.0809 4624 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:55:36.0844 4624 luafv - ok
15:55:36.0857 4624 [ D8BA1ECBF0B9A4B4E1F3B7EB517D6C20 ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
15:55:36.0875 4624 Mbm3CBus - ok
15:55:36.0888 4624 [ 01E60917101B309E15F30DA26ACF64F6 ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
15:55:36.0906 4624 Mbm3DevMt - ok
15:55:36.0916 4624 [ 6350A2CA21FB7B14432EFFDC61863AED ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
15:55:36.0926 4624 Mbm3mdfl - ok
15:55:36.0939 4624 [ 9FC3A8713D148E15D0472E1C44DD0FDA ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
15:55:36.0958 4624 Mbm3Mdm - ok
15:55:36.0967 4624 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:55:36.0981 4624 Mcx2Svc - ok
15:55:36.0986 4624 [ FC631425ED761EA1F24738AA15FF5A7D ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
15:55:36.0996 4624 mdmxsdk - ok
15:55:37.0005 4624 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:55:37.0019 4624 megasas - ok
15:55:37.0029 4624 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:55:37.0045 4624 MegaSR - ok
15:55:37.0055 4624 Microsoft SharePoint Workspace Audit Service - ok
15:55:37.0060 4624 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:55:37.0094 4624 MMCSS - ok
15:55:37.0103 4624 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:55:37.0135 4624 Modem - ok
15:55:37.0144 4624 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:55:37.0159 4624 monitor - ok
15:55:37.0169 4624 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:55:37.0182 4624 mouclass - ok
15:55:37.0190 4624 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:55:37.0203 4624 mouhid - ok
15:55:37.0209 4624 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:55:37.0222 4624 mountmgr - ok
15:55:37.0230 4624 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:55:37.0244 4624 mpio - ok
15:55:37.0251 4624 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:55:37.0284 4624 mpsdrv - ok
15:55:37.0302 4624 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:55:37.0343 4624 MpsSvc - ok
15:55:37.0352 4624 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:55:37.0372 4624 MRxDAV - ok
15:55:37.0388 4624 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:55:37.0405 4624 mrxsmb - ok
15:55:37.0417 4624 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:55:37.0433 4624 mrxsmb10 - ok
15:55:37.0443 4624 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:55:37.0458 4624 mrxsmb20 - ok
15:55:37.0465 4624 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:55:37.0478 4624 msahci - ok
15:55:37.0486 4624 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:55:37.0501 4624 msdsm - ok
15:55:37.0510 4624 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:55:37.0525 4624 MSDTC - ok
15:55:37.0541 4624 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:55:37.0577 4624 Msfs - ok
15:55:37.0583 4624 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:55:37.0615 4624 mshidkmdf - ok
15:55:37.0625 4624 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:55:37.0638 4624 msisadrv - ok
15:55:37.0646 4624 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:55:37.0684 4624 MSiSCSI - ok
15:55:37.0694 4624 msiserver - ok
15:55:37.0703 4624 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:55:37.0734 4624 MSKSSRV - ok
15:55:37.0744 4624 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:55:37.0777 4624 MSPCLOCK - ok
15:55:37.0786 4624 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:55:37.0820 4624 MSPQM - ok
15:55:37.0833 4624 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:55:37.0850 4624 MsRPC - ok
15:55:37.0865 4624 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:55:37.0877 4624 mssmbios - ok
15:55:37.0885 4624 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:55:37.0919 4624 MSTEE - ok
15:55:37.0929 4624 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:55:37.0942 4624 MTConfig - ok
15:55:37.0952 4624 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:55:37.0968 4624 Mup - ok
15:55:37.0982 4624 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:55:38.0020 4624 napagent - ok
15:55:38.0033 4624 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:55:38.0056 4624 NativeWifiP - ok
15:55:38.0075 4624 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:55:38.0100 4624 NDIS - ok
15:55:38.0110 4624 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:55:38.0144 4624 NdisCap - ok
15:55:38.0154 4624 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:55:38.0187 4624 NdisTapi - ok
15:55:38.0197 4624 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:55:38.0232 4624 Ndisuio - ok
15:55:38.0243 4624 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:55:38.0278 4624 NdisWan - ok
15:55:38.0288 4624 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:55:38.0321 4624 NDProxy - ok
15:55:38.0331 4624 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:55:38.0337 4624 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:55:38.0337 4624 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:55:38.0345 4624 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:55:38.0379 4624 NetBIOS - ok
15:55:38.0390 4624 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:55:38.0425 4624 NetBT - ok
15:55:38.0433 4624 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:55:38.0452 4624 Netlogon - ok
15:55:38.0462 4624 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:55:38.0499 4624 Netman - ok
15:55:38.0513 4624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:55:38.0527 4624 NetMsmqActivator - ok
15:55:38.0536 4624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:55:38.0549 4624 NetPipeActivator - ok
15:55:38.0563 4624 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:55:38.0604 4624 netprofm - ok
15:55:38.0614 4624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:55:38.0625 4624 NetTcpActivator - ok
15:55:38.0633 4624 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:55:38.0644 4624 NetTcpPortSharing - ok
15:55:38.0718 4624 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
15:55:38.0817 4624 NETw5s64 - ok
15:55:38.0879 4624 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
15:55:38.0965 4624 netw5v64 - ok
15:55:39.0063 4624 [ 774C9ECCEF83AB8A3D1466F19809C95F ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
15:55:39.0186 4624 NETwNs64 - ok
15:55:39.0194 4624 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:55:39.0208 4624 nfrd960 - ok
15:55:39.0217 4624 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:55:39.0235 4624 NlaSvc - ok
15:55:39.0250 4624 nm3 - ok
15:55:39.0260 4624 [ 4903177FC90E77ABEB19021451E9475E ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
15:55:39.0285 4624 nmwcd - ok
15:55:39.0295 4624 [ E6844A4C97E5409BBE24BB4ED000320D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
15:55:39.0321 4624 nmwcdc - ok
15:55:39.0331 4624 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:55:39.0365 4624 Npfs - ok
15:55:39.0375 4624 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:55:39.0412 4624 nsi - ok
15:55:39.0424 4624 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:55:39.0461 4624 nsiproxy - ok
15:55:39.0487 4624 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:55:39.0522 4624 Ntfs - ok
15:55:39.0532 4624 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:55:39.0567 4624 Null - ok
15:55:39.0577 4624 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:55:39.0591 4624 nvraid - ok
15:55:39.0602 4624 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:55:39.0616 4624 nvstor - ok
15:55:39.0628 4624 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:55:39.0642 4624 nv_agp - ok
15:55:39.0652 4624 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:55:39.0667 4624 ohci1394 - ok
15:55:39.0679 4624 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:55:39.0691 4624 ose - ok
15:55:39.0751 4624 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:55:39.0844 4624 osppsvc - ok
15:55:39.0865 4624 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:55:39.0882 4624 p2pimsvc - ok
15:55:39.0897 4624 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:55:39.0917 4624 p2psvc - ok
15:55:39.0928 4624 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:55:39.0943 4624 Parport - ok
15:55:39.0956 4624 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:55:39.0969 4624 partmgr - ok
15:55:39.0976 4624 [ 5F731DD45D3B176C071E4CCEEB87B06B ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
15:55:39.0983 4624 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
15:55:39.0984 4624 PassThru Service - detected UnsignedFile.Multi.Generic (1)
15:55:39.0991 4624 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:55:40.0011 4624 PcaSvc - ok
15:55:40.0022 4624 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:55:40.0041 4624 pccsmcfd - ok
15:55:40.0055 4624 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{127174DC-C366ED8B-06020200}_0 c:\program files\pc-doctor\pcdsrvc_x64.pkms
15:55:40.0067 4624 PCDSRVC{127174DC-C366ED8B-06020200}_0 - ok
15:55:40.0074 4624 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:55:40.0089 4624 pci - ok
15:55:40.0095 4624 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:55:40.0108 4624 pciide - ok
15:55:40.0115 4624 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:55:40.0130 4624 pcmcia - ok
15:55:40.0138 4624 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:55:40.0155 4624 pcw - ok
15:55:40.0178 4624 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:55:40.0244 4624 PEAUTH - ok
15:55:40.0267 4624 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:55:40.0296 4624 PeerDistSvc - ok
15:55:40.0331 4624 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:55:40.0347 4624 PerfHost - ok
15:55:40.0393 4624 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:55:40.0463 4624 pla - ok
15:55:40.0480 4624 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:55:40.0501 4624 PlugPlay - ok
15:55:40.0513 4624 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:55:40.0520 4624 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:55:40.0520 4624 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:55:40.0529 4624 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:55:40.0543 4624 PNRPAutoReg - ok
15:55:40.0556 4624 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:55:40.0573 4624 PNRPsvc - ok
15:55:40.0582 4624 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
15:55:40.0592 4624 Point64 - ok
15:55:40.0603 4624 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:55:40.0641 4624 PolicyAgent - ok
15:55:40.0655 4624 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:55:40.0692 4624 Power - ok
15:55:40.0721 4624 [ DEED60F99C5B8E386D507860F600D509 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
15:55:40.0756 4624 Power Manager DBC Service - ok
15:55:40.0767 4624 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:55:40.0799 4624 PptpMiniport - ok
15:55:40.0810 4624 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:55:40.0825 4624 Processor - ok
15:55:40.0835 4624 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:55:40.0850 4624 ProfSvc - ok
15:55:40.0856 4624 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:55:40.0873 4624 ProtectedStorage - ok
15:55:40.0884 4624 [ EB21A4F28E4135498B3CE981883A0A44 ] PS3 Media Server C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
15:55:40.0892 4624 PS3 Media Server ( UnsignedFile.Multi.Generic ) - warning
15:55:40.0892 4624 PS3 Media Server - detected UnsignedFile.Multi.Generic (1)
15:55:40.0899 4624 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
15:55:40.0909 4624 psadd - ok
15:55:40.0918 4624 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:55:40.0950 4624 Psched - ok
15:55:40.0978 4624 [ 68DCE950DCD2ABBB82362D383EC5836E ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
15:55:41.0021 4624 PwmEWSvc - ok
15:55:41.0032 4624 [ F2EECF8977BD3FE4E38743DDCFBECD20 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:55:41.0043 4624 PxHlpa64 - ok
15:55:41.0062 4624 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:55:41.0097 4624 ql2300 - ok
15:55:41.0109 4624 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:55:41.0123 4624 ql40xx - ok
15:55:41.0135 4624 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:55:41.0158 4624 QWAVE - ok
15:55:41.0166 4624 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:55:41.0185 4624 QWAVEdrv - ok
15:55:41.0198 4624 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
15:55:41.0216 4624 RapiMgr - ok
15:55:41.0224 4624 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:55:41.0260 4624 RasAcd - ok
15:55:41.0274 4624 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:55:41.0307 4624 RasAgileVpn - ok
15:55:41.0321 4624 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:55:41.0355 4624 RasAuto - ok
15:55:41.0366 4624 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:55:41.0402 4624 Rasl2tp - ok
15:55:41.0412 4624 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:55:41.0448 4624 RasMan - ok
15:55:41.0456 4624 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:55:41.0492 4624 RasPppoe - ok
15:55:41.0503 4624 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:55:41.0538 4624 RasSstp - ok
15:55:41.0551 4624 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:55:41.0585 4624 rdbss - ok
15:55:41.0598 4624 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:55:41.0614 4624 rdpbus - ok
15:55:41.0623 4624 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:55:41.0657 4624 RDPCDD - ok
15:55:41.0677 4624 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:55:41.0695 4624 RDPDR - ok
15:55:41.0706 4624 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:55:41.0739 4624 RDPENCDD - ok
15:55:41.0757 4624 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:55:41.0792 4624 RDPREFMP - ok
15:55:41.0808 4624 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:55:41.0821 4624 RdpVideoMiniport - ok
15:55:41.0834 4624 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:55:41.0850 4624 RDPWD - ok
15:55:41.0862 4624 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:55:41.0878 4624 rdyboost - ok
15:55:41.0896 4624 [ 7196BE857E29007470FF9B689C7F29A7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:55:41.0921 4624 RegSrvc - ok
15:55:41.0931 4624 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:55:41.0969 4624 RemoteAccess - ok
15:55:41.0981 4624 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:55:42.0017 4624 RemoteRegistry - ok
15:55:42.0029 4624 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:55:42.0046 4624 RFCOMM - ok
15:55:42.0056 4624 [ F45D6E12EB99A668F52201637C67C8F5 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
15:55:42.0071 4624 rimmptsk - ok
15:55:42.0082 4624 [ EAC02ED935A9C1F2DDD8D985C465B854 ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
15:55:42.0098 4624 rimsptsk - ok
15:55:42.0108 4624 [ 931A8F843B4120DF527C3684DAF77FD9 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
15:55:42.0121 4624 rismxdp - ok
15:55:42.0142 4624 [ 879BF5333A3DF407019FB16B35F2A352 ] RoxMediaDB13 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
15:55:42.0175 4624 RoxMediaDB13 - ok
15:55:42.0184 4624 [ DDB9FE116DF539AD256AB18C9BCA883B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
15:55:42.0201 4624 RoxWatch12 - ok
15:55:42.0209 4624 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:55:42.0253 4624 RpcEptMapper - ok
15:55:42.0264 4624 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:55:42.0281 4624 RpcLocator - ok
15:55:42.0295 4624 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:55:42.0333 4624 RpcSs - ok
15:55:42.0342 4624 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:55:42.0379 4624 rspndr - ok
15:55:42.0392 4624 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:55:42.0406 4624 s3cap - ok
15:55:42.0417 4624 [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
15:55:42.0427 4624 Sahdad64 - ok
15:55:42.0438 4624 [ F77849D909B90BCACFCF7295AECF299B ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
15:55:42.0447 4624 Saibad64 - ok
15:55:42.0456 4624 [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
15:55:42.0467 4624 SaibVdAd64 - ok
15:55:42.0479 4624 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:55:42.0495 4624 SamSs - ok
15:55:42.0508 4624 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:55:42.0524 4624 sbp2port - ok
15:55:42.0537 4624 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:55:42.0574 4624 SCardSvr - ok
15:55:42.0586 4624 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:55:42.0619 4624 scfilter - ok
15:55:42.0638 4624 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:55:42.0682 4624 Schedule - ok
15:55:42.0693 4624 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:55:42.0726 4624 SCPolicySvc - ok
15:55:42.0739 4624 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
15:55:42.0756 4624 sdbus - ok
15:55:42.0767 4624 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:55:42.0783 4624 SDRSVC - ok
15:55:42.0802 4624 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
15:55:42.0825 4624 SDScannerService - ok
15:55:42.0850 4624 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:55:42.0878 4624 SDUpdateService - ok
15:55:42.0889 4624 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:55:42.0904 4624 SDWSCService - ok
15:55:42.0913 4624 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:55:42.0945 4624 secdrv - ok
15:55:42.0957 4624 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:55:42.0992 4624 seclogon - ok
15:55:43.0002 4624 Secunia Update Agent - ok
15:55:43.0013 4624 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:55:43.0050 4624 SENS - ok
15:55:43.0060 4624 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:55:43.0074 4624 SensrSvc - ok
15:55:43.0083 4624 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:55:43.0096 4624 Serenum - ok
15:55:43.0104 4624 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:55:43.0119 4624 Serial - ok
15:55:43.0129 4624 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:55:43.0144 4624 sermouse - ok
15:55:43.0161 4624 [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
15:55:43.0181 4624 ServiceLayer - ok
15:55:43.0212 4624 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:55:43.0247 4624 SessionEnv - ok
15:55:43.0258 4624 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:55:43.0274 4624 sffdisk - ok
15:55:43.0286 4624 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:55:43.0301 4624 sffp_mmc - ok
15:55:43.0312 4624 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:55:43.0328 4624 sffp_sd - ok
15:55:43.0338 4624 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:55:43.0351 4624 sfloppy - ok
15:55:43.0366 4624 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:55:43.0405 4624 SharedAccess - ok
15:55:43.0420 4624 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:55:43.0455 4624 ShellHWDetection - ok
15:55:43.0466 4624 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:55:43.0478 4624 SiSRaid2 - ok
15:55:43.0485 4624 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:55:43.0500 4624 SiSRaid4 - ok
15:55:43.0512 4624 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:55:43.0525 4624 SkypeUpdate - ok
15:55:43.0538 4624 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:55:43.0572 4624 Smb - ok
15:55:43.0584 4624 [ E11C9E13E92DA6747363924CFFCBD7EF ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
15:55:43.0595 4624 SmbDrvI - ok
15:55:43.0624 4624 [ 10450F432811D7FDA60A97FCC674D7B2 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
15:55:43.0637 4624 snapman - ok
15:55:43.0648 4624 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:55:43.0663 4624 SNMPTRAP - ok
15:55:43.0674 4624 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:55:43.0686 4624 spldr - ok
15:55:43.0702 4624 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:55:43.0725 4624 Spooler - ok
15:55:43.0765 4624 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:55:43.0835 4624 sppsvc - ok
15:55:43.0846 4624 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:55:43.0884 4624 sppuinotify - ok
15:55:43.0900 4624 [ 62392CEB7DD65838364990E0F5494B73 ] SRS_AE_Service C:\Windows\system32\drivers\SRS_AE_amd64.sys
15:55:43.0917 4624 SRS_AE_Service - ok
15:55:43.0932 4624 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:55:43.0949 4624 srv - ok
15:55:43.0960 4624 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:55:43.0979 4624 srv2 - ok
15:55:43.0993 4624 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:55:44.0010 4624 SrvHsfHDA - ok
15:55:44.0034 4624 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:55:44.0064 4624 SrvHsfV92 - ok
15:55:44.0081 4624 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:55:44.0102 4624 SrvHsfWinac - ok
15:55:44.0115 4624 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:55:44.0130 4624 srvnet - ok
15:55:44.0144 4624 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:55:44.0179 4624 SSDPSRV - ok
15:55:44.0189 4624 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:55:44.0223 4624 SstpSvc - ok
15:55:44.0239 4624 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
15:55:44.0252 4624 ssudmdm - ok
15:55:44.0261 4624 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:55:44.0274 4624 stexstor - ok
15:55:44.0288 4624 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:55:44.0313 4624 stisvc - ok
15:55:44.0324 4624 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:55:44.0336 4624 storflt - ok
15:55:44.0345 4624 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:55:44.0362 4624 StorSvc - ok
15:55:44.0372 4624 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:55:44.0385 4624 storvsc - ok
15:55:44.0395 4624 [ 787D181332401B04DA4EDC422193C47B ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
15:55:44.0405 4624 SUService - ok
15:55:44.0417 4624 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:55:44.0430 4624 swenum - ok
15:55:44.0441 4624 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:55:44.0480 4624 swprv - ok
15:55:44.0494 4624 [ BB3E8D7B5165672A71392DB27028144B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:55:44.0509 4624 SynTP - ok
15:55:44.0537 4624 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:55:44.0576 4624 SysMain - ok
15:55:44.0588 4624 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:55:44.0609 4624 TabletInputService - ok
15:55:44.0622 4624 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:55:44.0659 4624 TapiSrv - ok
15:55:44.0672 4624 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:55:44.0707 4624 TBS - ok
15:55:44.0742 4624 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:55:44.0781 4624 Tcpip - ok
15:55:44.0809 4624 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:55:44.0848 4624 TCPIP6 - ok
15:55:44.0863 4624 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:55:44.0876 4624 tcpipreg - ok
15:55:44.0897 4624 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:55:44.0910 4624 TDPIPE - ok
15:55:44.0935 4624 [ 99527D49EE0A96FC25537C61B270A372 ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
15:55:44.0964 4624 tdrpman273 - ok
15:55:44.0977 4624 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:55:44.0994 4624 TDTCP - ok
15:55:45.0008 4624 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:55:45.0041 4624 tdx - ok
15:55:45.0087 4624 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
15:55:45.0152 4624 TeamViewer8 - ok
15:55:45.0165 4624 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:55:45.0179 4624 TermDD - ok
15:55:45.0198 4624 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:55:45.0242 4624 TermService - ok
15:55:45.0253 4624 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:55:45.0273 4624 Themes - ok
15:55:45.0285 4624 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:55:45.0321 4624 THREADORDER - ok
15:55:45.0341 4624 [ EBBAEA02F0095A798000C7E06B16D41B ] timounter C:\Windows\system32\DRIVERS\timntr.sys
15:55:45.0365 4624 timounter - ok
15:55:45.0376 4624 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
15:55:45.0391 4624 TPHKLOAD - ok
15:55:45.0400 4624 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
15:55:45.0410 4624 TPHKSVC - ok
15:55:45.0418 4624 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
15:55:45.0431 4624 TPPWRIF - ok
15:55:45.0440 4624 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:55:45.0476 4624 TrkWks - ok
15:55:45.0492 4624 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:55:45.0526 4624 TrustedInstaller - ok
15:55:45.0546 4624 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:55:45.0578 4624 tssecsrv - ok
15:55:45.0590 4624 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:55:45.0608 4624 TsUsbFlt - ok
15:55:45.0618 4624 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:55:45.0633 4624 TsUsbGD - ok
15:55:45.0668 4624 [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
15:55:45.0708 4624 TuneUp.UtilitiesSvc - ok
15:55:45.0721 4624 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
15:55:45.0733 4624 TuneUpUtilitiesDrv - ok
15:55:45.0744 4624 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:55:45.0776 4624 tunnel - ok
15:55:45.0785 4624 [ A65643ED30A30E46317C0B25818BC9B7 ] TVicPort64 C:\Windows\system32\drivers\TVicPort64.sys
15:55:45.0798 4624 TVicPort64 - ok
15:55:45.0805 4624 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:55:45.0818 4624 uagp35 - ok
15:55:45.0829 4624 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:55:45.0862 4624 udfs - ok
15:55:45.0883 4624 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:55:45.0899 4624 UI0Detect - ok
15:55:45.0911 4624 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:55:45.0924 4624 uliagpkx - ok
15:55:45.0933 4624 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:55:45.0947 4624 umbus - ok
15:55:45.0956 4624 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:55:45.0969 4624 UmPass - ok
15:55:45.0980 4624 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:55:45.0997 4624 UmRdpService - ok
15:55:46.0026 4624 [ 86DEAC5CED845D55C63B125E0908685E ] UNS C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
15:55:46.0067 4624 UNS - ok
15:55:46.0083 4624 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:55:46.0120 4624 upnphost - ok
15:55:46.0128 4624 [ 907F50B8695DAA65A9445D27AD306E65 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:55:46.0152 4624 upperdev - ok
15:55:46.0165 4624 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:55:46.0170 4624 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:55:46.0170 4624 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
15:55:46.0180 4624 [ EBF228A52517042DE4F38A40285BC8D9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:55:46.0194 4624 usbccgp - ok
15:55:46.0205 4624 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:55:46.0221 4624 usbcir - ok
15:55:46.0233 4624 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:55:46.0246 4624 usbehci - ok
15:55:46.0261 4624 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:55:46.0277 4624 usbhub - ok
15:55:46.0289 4624 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:55:46.0303 4624 usbohci - ok
15:55:46.0313 4624 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:55:46.0328 4624 usbprint - ok
15:55:46.0336 4624 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:55:46.0352 4624 usbscan - ok
15:55:46.0361 4624 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
15:55:46.0377 4624 usbser - ok
15:55:46.0387 4624 [ 3F7498527B48657091C355F683BEB0DD ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:55:46.0411 4624 UsbserFilt - ok
15:55:46.0423 4624 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:55:46.0438 4624 USBSTOR - ok
15:55:46.0450 4624 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:55:46.0463 4624 usbuhci - ok
15:55:46.0476 4624 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:55:46.0493 4624 usbvideo - ok
15:55:46.0502 4624 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
15:55:46.0516 4624 usb_rndisx - ok
15:55:46.0526 4624 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:55:46.0559 4624 UxSms - ok
15:55:46.0572 4624 [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp C:\Windows\System32\uxtuneup.dll
15:55:46.0583 4624 UxTuneUp - ok
15:55:46.0594 4624 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:55:46.0610 4624 VaultSvc - ok
15:55:46.0622 4624 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
15:55:46.0636 4624 VClone - ok
15:55:46.0644 4624 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:55:46.0659 4624 vdrvroot - ok
15:55:46.0674 4624 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:55:46.0712 4624 vds - ok
15:55:46.0724 4624 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:55:46.0740 4624 vga - ok
15:55:46.0754 4624 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:55:46.0785 4624 VgaSave - ok
15:55:46.0799 4624 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:55:46.0822 4624 vhdmp - ok
15:55:46.0832 4624 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:55:46.0846 4624 viaide - ok
15:55:46.0857 4624 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:55:46.0873 4624 vmbus - ok
15:55:46.0884 4624 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:55:46.0898 4624 VMBusHID - ok
15:55:46.0912 4624 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:55:46.0924 4624 volmgr - ok
15:55:46.0940 4624 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:55:46.0957 4624 volmgrx - ok
15:55:46.0972 4624 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:55:46.0988 4624 volsnap - ok
15:55:47.0001 4624 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:55:47.0014 4624 vsmraid - ok
15:55:47.0051 4624 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:55:47.0102 4624 VSS - ok
15:55:47.0115 4624 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:55:47.0131 4624 vwifibus - ok
15:55:47.0143 4624 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:55:47.0161 4624 vwififlt - ok
15:55:47.0173 4624 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:55:47.0191 4624 vwifimp - ok
15:55:47.0205 4624 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:55:47.0245 4624 W32Time - ok
15:55:47.0266 4624 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:55:47.0280 4624 WacomPen - ok
15:55:47.0292 4624 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:55:47.0323 4624 WANARP - ok
15:55:47.0335 4624 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:55:47.0368 4624 Wanarpv6 - ok
15:55:47.0401 4624 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:55:47.0431 4624 wbengine - ok
15:55:47.0444 4624 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:55:47.0465 4624 WbioSrvc - ok
15:55:47.0481 4624 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
15:55:47.0502 4624 WcesComm - ok
15:55:47.0518 4624 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:55:47.0540 4624 wcncsvc - ok
15:55:47.0552 4624 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:55:47.0568 4624 WcsPlugInService - ok
15:55:47.0578 4624 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:55:47.0591 4624 Wd - ok
15:55:47.0608 4624 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:55:47.0634 4624 Wdf01000 - ok
15:55:47.0646 4624 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:55:47.0666 4624 WdiServiceHost - ok
15:55:47.0677 4624 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:55:47.0696 4624 WdiSystemHost - ok
15:55:47.0706 4624 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:55:47.0727 4624 WebClient - ok
15:55:47.0741 4624 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:55:47.0781 4624 Wecsvc - ok
15:55:47.0794 4624 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:55:47.0830 4624 wercplsupport - ok
15:55:47.0842 4624 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:55:47.0878 4624 WerSvc - ok
15:55:47.0890 4624 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:55:47.0922 4624 WfpLwf - ok
15:55:47.0934 4624 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:55:47.0946 4624 WIMMount - ok
15:55:47.0967 4624 [ 7387CE6730BAAB8254DA0CE3776A4B28 ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
15:55:47.0988 4624 winachsf - ok
15:55:48.0001 4624 WinDefend - ok
15:55:48.0027 4624 WinHttpAutoProxySvc - ok
15:55:48.0044 4624 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:55:48.0080 4624 Winmgmt - ok
15:55:48.0112 4624 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:55:48.0165 4624 WinRM - ok
15:55:48.0196 4624 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
15:55:48.0212 4624 WinUsb - ok
15:55:48.0295 4624 [ CAE0321F71C1FC421244BA1EEB0C1668 ] WiselinkPro C:\Program Files (x86)\SAMSUNG\PC Auto Backup\WiselinkPro.exe
15:55:48.0403 4624 WiselinkPro ( UnsignedFile.Multi.Generic ) - warning
15:55:48.0403 4624 WiselinkPro - detected UnsignedFile.Multi.Generic (1)
15:55:48.0425 4624 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:55:48.0454 4624 Wlansvc - ok
15:55:48.0487 4624 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:55:48.0543 4624 wlidsvc - ok
15:55:48.0555 4624 WMCoreService - ok
15:55:48.0567 4624 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:55:48.0580 4624 WmiAcpi - ok
15:55:48.0599 4624 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:55:48.0615 4624 wmiApSrv - ok
15:55:48.0622 4624 WMPNetworkSvc - ok
15:55:48.0631 4624 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:55:48.0646 4624 WPCSvc - ok
15:55:48.0655 4624 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:55:48.0675 4624 WPDBusEnum - ok
15:55:48.0693 4624 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:55:48.0732 4624 ws2ifsl - ok
15:55:48.0743 4624 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:55:48.0763 4624 wscsvc - ok
15:55:48.0775 4624 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:55:48.0795 4624 WSDPrintDevice - ok
15:55:48.0806 4624 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
15:55:48.0822 4624 WSDScan - ok
15:55:48.0832 4624 WSearch - ok
15:55:48.0872 4624 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:55:48.0919 4624 wuauserv - ok
15:55:48.0933 4624 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:55:48.0948 4624 WudfPf - ok
15:55:48.0962 4624 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:55:48.0979 4624 WUDFRd - ok
15:55:48.0994 4624 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:55:49.0011 4624 wudfsvc - ok
15:55:49.0026 4624 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:55:49.0050 4624 WwanSvc - ok
15:55:49.0066 4624 [ AA0A3A08A501237CD5BC4CFBFB64B3D6 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
15:55:49.0080 4624 WwanUsbServ - ok
15:55:49.0093 4624 [ 9907BC1CC78C37073AC78A4541710B61 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
15:55:49.0102 4624 XAudio - ok
15:55:49.0160 4624 ================ Scan global ===============================
15:55:49.0166 4624 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:55:49.0173 4624 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:55:49.0182 4624 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:55:49.0190 4624 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:55:49.0198 4624 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:55:49.0201 4624 [Global] - ok
15:55:49.0204 4624 ================ Scan MBR ==================================
15:55:49.0207 4624 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:55:49.0304 4624 \Device\Harddisk0\DR0 - ok
15:55:49.0306 4624 ================ Scan VBR ==================================
15:55:49.0308 4624 [ EE55694B635B00C353D8A37B2FB6DBE1 ] \Device\Harddisk0\DR0\Partition1
15:55:49.0309 4624 \Device\Harddisk0\DR0\Partition1 - ok
15:55:49.0314 4624 [ 5033E36FDEFF71B84097D2D9904FB4CD ] \Device\Harddisk0\DR0\Partition2
15:55:49.0315 4624 \Device\Harddisk0\DR0\Partition2 - ok
15:55:49.0317 4624 ============================================================
15:55:49.0317 4624 Scan finished
15:55:49.0317 4624 ============================================================
15:55:49.0326 3484 Detected object count: 15
15:55:49.0326 3484 Actual detected object count: 15
15:56:33.0451 3484 ADMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0451 3484 ADMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0453 3484 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0453 3484 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0454 3484 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0454 3484 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0456 3484 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0456 3484 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0457 3484 dtsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0457 3484 dtsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0459 3484 GigasetGenericUSB_x64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0459 3484 GigasetGenericUSB_x64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0460 3484 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0461 3484 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0462 3484 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0462 3484 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0463 3484 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0463 3484 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0465 3484 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0465 3484 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0466 3484 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0466 3484 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0468 3484 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0468 3484 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0469 3484 PS3 Media Server ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0469 3484 PS3 Media Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0471 3484 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0471 3484 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:56:33.0472 3484 WiselinkPro ( UnsignedFile.Multi.Generic ) - skipped by user
15:56:33.0472 3484 WiselinkPro ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:58:03.0970 4452 Deinitialize success
|
|
| Themen zu Virus Gen:Variant.Symmi.10389 und Gen:Variant.Graftor.Elzob.23242 eingefangen |
| datei, dateien, eingefangen, engine, erscheine, erscheinen, files, folge, folgende, gefangen, gefunde, gen, gen:variant.graftor.elzob, hallo zusammen, heute, mp3, program, quarantäne, rechner, sauber, temp, tmp, viren, virus, zusammen |
Linear-Darstellung
