|
Plagegeister aller Art und deren Bekämpfung: Dateien mit Virus corrupted.exe infiziertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
21.02.2013, 20:34 | #16 |
| Dateien mit Virus corrupted.exe infiziert Hi, oh tatsächlich, diese Bilder hatte ich nicht gesehen, war wohl zu schnell... Der neue Bericht: 20:24:26.0528 5820 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 20:24:26.0965 5820 ============================================================ 20:24:26.0965 5820 Current date / time: 2013/02/21 20:24:26.0965 20:24:26.0965 5820 SystemInfo: 20:24:26.0965 5820 20:24:26.0965 5820 OS Version: 6.1.7601 ServicePack: 1.0 20:24:26.0965 5820 Product type: Workstation 20:24:26.0965 5820 ComputerName: RIKE-THINK 20:24:26.0965 5820 UserName: Rike 20:24:26.0965 5820 Windows directory: C:\Windows 20:24:26.0965 5820 System windows directory: C:\Windows 20:24:26.0965 5820 Running under WOW64 20:24:26.0965 5820 Processor architecture: Intel x64 20:24:26.0965 5820 Number of processors: 4 20:24:26.0965 5820 Page size: 0x1000 20:24:26.0965 5820 Boot type: Normal boot 20:24:26.0965 5820 ============================================================ 20:24:27.0839 5820 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:24:27.0854 5820 ============================================================ 20:24:27.0854 5820 \Device\Harddisk0\DR0: 20:24:27.0854 5820 MBR partitions: 20:24:27.0854 5820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000 20:24:27.0854 5820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x23E4D7F8 20:24:27.0854 5820 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000 20:24:27.0854 5820 ============================================================ 20:24:27.0932 5820 C: <-> \Device\Harddisk0\DR0\Partition2 20:24:28.0041 5820 Q: <-> \Device\Harddisk0\DR0\Partition3 20:24:28.0041 5820 ============================================================ 20:24:28.0041 5820 Initialize success 20:24:28.0041 5820 ============================================================ 20:24:40.0865 5964 ============================================================ 20:24:40.0865 5964 Scan started 20:24:40.0865 5964 Mode: Manual; SigCheck; TDLFS; 20:24:40.0865 5964 ============================================================ 20:24:41.0286 5964 ================ Scan system memory ======================== 20:24:41.0286 5964 System memory - ok 20:24:41.0286 5964 ================ Scan services ============================= 20:24:41.0535 5964 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 20:24:41.0754 5964 1394ohci - ok 20:24:41.0785 5964 [ 7D497701BDA1267AD5F86350925D2F10 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys 20:24:41.0863 5964 5U877 - ok 20:24:41.0910 5964 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 20:24:41.0972 5964 ACPI - ok 20:24:42.0019 5964 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 20:24:42.0081 5964 AcpiPmi - ok 20:24:42.0191 5964 [ CF2D68C16C7BE8D037DDD1BFA6E9C965 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe 20:24:42.0206 5964 AcPrfMgrSvc - ok 20:24:42.0237 5964 [ B5060FE4AA0A074779C7B11AE7DB9D48 ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe 20:24:42.0269 5964 AcSvc - ok 20:24:42.0362 5964 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 20:24:42.0393 5964 AdobeARMservice - ok 20:24:42.0518 5964 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 20:24:42.0549 5964 AdobeFlashPlayerUpdateSvc - ok 20:24:42.0612 5964 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 20:24:42.0659 5964 adp94xx - ok 20:24:42.0721 5964 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 20:24:42.0752 5964 adpahci - ok 20:24:42.0783 5964 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 20:24:42.0830 5964 adpu320 - ok 20:24:42.0861 5964 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:24:43.0002 5964 AeLookupSvc - ok 20:24:43.0064 5964 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 20:24:43.0142 5964 AFD - ok 20:24:43.0189 5964 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 20:24:43.0220 5964 agp440 - ok 20:24:43.0423 5964 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll 20:24:43.0423 5964 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66 20:24:43.0439 5964 Akamai ( HiddenFile.Multi.Generic ) - warning 20:24:43.0439 5964 Akamai - detected HiddenFile.Multi.Generic (1) 20:24:43.0485 5964 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 20:24:43.0548 5964 ALG - ok 20:24:43.0626 5964 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 20:24:43.0657 5964 aliide - ok 20:24:43.0673 5964 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 20:24:43.0704 5964 amdide - ok 20:24:43.0719 5964 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 20:24:43.0782 5964 AmdK8 - ok 20:24:43.0797 5964 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 20:24:43.0860 5964 AmdPPM - ok 20:24:43.0875 5964 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 20:24:43.0922 5964 amdsata - ok 20:24:43.0938 5964 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 20:24:43.0985 5964 amdsbs - ok 20:24:44.0031 5964 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 20:24:44.0063 5964 amdxata - ok 20:24:44.0094 5964 [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus C:\Windows\system32\DRIVERS\lgandbus64.sys 20:24:44.0156 5964 Andbus - ok 20:24:44.0172 5964 [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag64.sys 20:24:44.0219 5964 AndDiag - ok 20:24:44.0265 5964 [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps C:\Windows\system32\DRIVERS\lgandgps64.sys 20:24:44.0312 5964 AndGps - ok 20:24:44.0343 5964 [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem64.sys 20:24:44.0406 5964 ANDModem - ok 20:24:44.0468 5964 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 20:24:44.0577 5964 AppID - ok 20:24:44.0624 5964 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:24:44.0749 5964 AppIDSvc - ok 20:24:44.0780 5964 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 20:24:44.0889 5964 Appinfo - ok 20:24:44.0936 5964 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 20:24:44.0967 5964 arc - ok 20:24:44.0983 5964 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 20:24:45.0030 5964 arcsas - ok 20:24:45.0077 5964 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 20:24:45.0170 5964 aswFsBlk - ok 20:24:45.0233 5964 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 20:24:45.0248 5964 aswMonFlt - ok 20:24:45.0311 5964 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys 20:24:45.0342 5964 aswRdr - ok 20:24:45.0404 5964 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 20:24:45.0498 5964 aswSnx - ok 20:24:45.0545 5964 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys 20:24:45.0576 5964 aswSP - ok 20:24:45.0623 5964 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 20:24:45.0670 5964 aswTdi - ok 20:24:45.0701 5964 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:24:45.0794 5964 AsyncMac - ok 20:24:45.0841 5964 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 20:24:45.0872 5964 atapi - ok 20:24:45.0935 5964 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 20:24:46.0060 5964 AudioEndpointBuilder - ok 20:24:46.0075 5964 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 20:24:46.0184 5964 AudioSrv - ok 20:24:46.0325 5964 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 20:24:46.0340 5964 avast! Antivirus - ok 20:24:46.0387 5964 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:24:46.0465 5964 AxInstSV - ok 20:24:46.0528 5964 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 20:24:46.0590 5964 b06bdrv - ok 20:24:46.0637 5964 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 20:24:46.0715 5964 b57nd60a - ok 20:24:46.0840 5964 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 20:24:46.0886 5964 BBSvc - ok 20:24:46.0933 5964 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 20:24:46.0980 5964 BBUpdate - ok 20:24:47.0027 5964 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 20:24:47.0058 5964 BcmSqlStartupSvc - ok 20:24:47.0089 5964 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 20:24:47.0136 5964 BDESVC - ok 20:24:47.0183 5964 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 20:24:47.0308 5964 Beep - ok 20:24:47.0401 5964 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 20:24:47.0510 5964 BFE - ok 20:24:47.0635 5964 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 20:24:47.0776 5964 BITS - ok 20:24:47.0838 5964 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 20:24:47.0885 5964 blbdrive - ok 20:24:47.0932 5964 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:24:47.0994 5964 bowser - ok 20:24:48.0025 5964 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:24:48.0088 5964 BrFiltLo - ok 20:24:48.0103 5964 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:24:48.0166 5964 BrFiltUp - ok 20:24:48.0212 5964 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 20:24:48.0259 5964 Browser - ok 20:24:48.0322 5964 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 20:24:48.0400 5964 Brserid - ok 20:24:48.0431 5964 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 20:24:48.0478 5964 BrSerWdm - ok 20:24:48.0524 5964 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 20:24:48.0587 5964 BrUsbMdm - ok 20:24:48.0602 5964 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 20:24:48.0665 5964 BrUsbSer - ok 20:24:48.0743 5964 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 20:24:48.0821 5964 BthEnum - ok 20:24:48.0868 5964 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 20:24:48.0899 5964 BTHMODEM - ok 20:24:48.0930 5964 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 20:24:48.0977 5964 BthPan - ok 20:24:49.0008 5964 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 20:24:49.0086 5964 BTHPORT - ok 20:24:49.0148 5964 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 20:24:49.0273 5964 bthserv - ok 20:24:49.0304 5964 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 20:24:49.0320 5964 BTHUSB - ok 20:24:49.0351 5964 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\Windows\system32\drivers\btusbflt.sys 20:24:49.0382 5964 btusbflt - ok 20:24:49.0414 5964 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 20:24:49.0445 5964 btwaudio - ok 20:24:49.0460 5964 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys 20:24:49.0476 5964 btwavdt - ok 20:24:49.0538 5964 [ 1BA00F5A3012365CB5B1A5DBABC1943C ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe 20:24:49.0585 5964 btwdins - ok 20:24:49.0632 5964 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 20:24:49.0648 5964 btwl2cap - ok 20:24:49.0663 5964 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 20:24:49.0694 5964 btwrchid - ok 20:24:49.0726 5964 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:24:49.0835 5964 cdfs - ok 20:24:49.0913 5964 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 20:24:49.0960 5964 cdrom - ok 20:24:50.0006 5964 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 20:24:50.0116 5964 CertPropSvc - ok 20:24:50.0147 5964 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 20:24:50.0240 5964 circlass - ok 20:24:50.0303 5964 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 20:24:50.0334 5964 CLFS - ok 20:24:50.0412 5964 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:24:50.0443 5964 clr_optimization_v2.0.50727_32 - ok 20:24:50.0490 5964 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:24:50.0521 5964 clr_optimization_v2.0.50727_64 - ok 20:24:50.0599 5964 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:24:50.0630 5964 clr_optimization_v4.0.30319_32 - ok 20:24:50.0677 5964 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:24:50.0708 5964 clr_optimization_v4.0.30319_64 - ok 20:24:50.0740 5964 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 20:24:50.0786 5964 CmBatt - ok 20:24:50.0818 5964 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 20:24:50.0849 5964 cmdide - ok 20:24:50.0896 5964 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 20:24:50.0958 5964 CNG - ok 20:24:51.0005 5964 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 20:24:51.0036 5964 Compbatt - ok 20:24:51.0083 5964 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 20:24:51.0130 5964 CompositeBus - ok 20:24:51.0161 5964 COMSysApp - ok 20:24:51.0192 5964 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 20:24:51.0239 5964 crcdisk - ok 20:24:51.0286 5964 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:24:51.0332 5964 CryptSvc - ok 20:24:51.0379 5964 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 20:24:51.0520 5964 DcomLaunch - ok 20:24:51.0582 5964 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 20:24:51.0691 5964 defragsvc - ok 20:24:51.0769 5964 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 20:24:51.0863 5964 DfsC - ok 20:24:51.0925 5964 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 20:24:51.0972 5964 Dhcp - ok 20:24:52.0019 5964 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 20:24:52.0112 5964 discache - ok 20:24:52.0128 5964 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 20:24:52.0159 5964 Disk - ok 20:24:52.0206 5964 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:24:52.0253 5964 Dnscache - ok 20:24:52.0331 5964 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 20:24:52.0440 5964 dot3svc - ok 20:24:52.0487 5964 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 20:24:52.0596 5964 DPS - ok 20:24:52.0643 5964 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:24:52.0705 5964 drmkaud - ok 20:24:52.0799 5964 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:24:52.0861 5964 DXGKrnl - ok 20:24:52.0892 5964 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 20:24:53.0002 5964 EapHost - ok 20:24:53.0126 5964 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 20:24:53.0298 5964 ebdrv - ok 20:24:53.0329 5964 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 20:24:53.0392 5964 EFS - ok 20:24:53.0454 5964 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 20:24:53.0532 5964 ehRecvr - ok 20:24:53.0563 5964 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 20:24:53.0626 5964 ehSched - ok 20:24:53.0704 5964 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 20:24:53.0766 5964 elxstor - ok 20:24:53.0797 5964 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 20:24:53.0844 5964 ErrDev - ok 20:24:53.0906 5964 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 20:24:54.0031 5964 EventSystem - ok 20:24:54.0140 5964 [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 20:24:54.0218 5964 EvtEng - ok 20:24:54.0234 5964 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 20:24:54.0343 5964 exfat - ok 20:24:54.0390 5964 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:24:54.0499 5964 fastfat - ok 20:24:54.0577 5964 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 20:24:54.0640 5964 Fax - ok 20:24:54.0671 5964 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 20:24:54.0733 5964 fdc - ok 20:24:54.0764 5964 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 20:24:54.0905 5964 fdPHost - ok 20:24:54.0920 5964 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 20:24:55.0030 5964 FDResPub - ok 20:24:55.0061 5964 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:24:55.0092 5964 FileInfo - ok 20:24:55.0123 5964 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:24:55.0248 5964 Filetrace - ok 20:24:55.0264 5964 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 20:24:55.0310 5964 flpydisk - ok 20:24:55.0373 5964 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:24:55.0404 5964 FltMgr - ok 20:24:55.0466 5964 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 20:24:55.0560 5964 FontCache - ok 20:24:55.0638 5964 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:24:55.0654 5964 FontCache3.0.0.0 - ok 20:24:55.0700 5964 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:24:55.0732 5964 FsDepends - ok 20:24:55.0763 5964 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:24:55.0778 5964 Fs_Rec - ok 20:24:55.0856 5964 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:24:55.0888 5964 fvevol - ok 20:24:55.0903 5964 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 20:24:55.0934 5964 gagp30kx - ok 20:24:55.0997 5964 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 20:24:56.0153 5964 gpsvc - ok 20:24:56.0231 5964 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:24:56.0262 5964 gupdate - ok 20:24:56.0293 5964 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:24:56.0309 5964 gupdatem - ok 20:24:56.0340 5964 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 20:24:56.0387 5964 hcw85cir - ok 20:24:56.0480 5964 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:24:56.0543 5964 HdAudAddService - ok 20:24:56.0574 5964 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 20:24:56.0621 5964 HDAudBus - ok 20:24:56.0652 5964 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 20:24:56.0683 5964 HECIx64 - ok 20:24:56.0699 5964 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 20:24:56.0761 5964 HidBatt - ok 20:24:56.0792 5964 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 20:24:56.0839 5964 HidBth - ok 20:24:56.0855 5964 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 20:24:56.0886 5964 HidIr - ok 20:24:56.0933 5964 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 20:24:57.0042 5964 hidserv - ok 20:24:57.0104 5964 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 20:24:57.0136 5964 HidUsb - ok 20:24:57.0167 5964 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 20:24:57.0292 5964 hkmsvc - ok 20:24:57.0338 5964 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:24:57.0416 5964 HomeGroupListener - ok 20:24:57.0463 5964 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:24:57.0510 5964 HomeGroupProvider - ok 20:24:57.0557 5964 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 20:24:57.0588 5964 HpSAMD - ok 20:24:57.0650 5964 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:24:57.0806 5964 HTTP - ok 20:24:57.0838 5964 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:24:57.0869 5964 hwpolicy - ok 20:24:57.0916 5964 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 20:24:57.0947 5964 i8042prt - ok 20:24:57.0994 5964 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 20:24:58.0025 5964 iaStor - ok 20:24:58.0056 5964 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:24:58.0103 5964 iaStorV - ok 20:24:58.0150 5964 [ 3761FAB385F1C2F51B2FAD48CFABBE9D ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys 20:24:58.0181 5964 IBMPMDRV - ok 20:24:58.0181 5964 [ FC22310F3862E2C7C8722EF4778D5CC3 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe 20:24:58.0212 5964 IBMPMSVC - ok 20:24:58.0274 5964 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:24:58.0352 5964 idsvc - ok 20:24:58.0680 5964 [ 0AC9E321D604BE48A0D72B69BA484BDC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 20:24:59.0164 5964 igfx - ok 20:24:59.0210 5964 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 20:24:59.0242 5964 iirsp - ok 20:24:59.0320 5964 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 20:24:59.0460 5964 IKEEXT - ok 20:24:59.0507 5964 [ C48567D80AD357613CD0EEADE18780AE ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys 20:24:59.0569 5964 Impcd - ok 20:24:59.0663 5964 [ 53019327813FF5AB2964B33B2C61307C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 20:24:59.0788 5964 IntcAzAudAddService - ok 20:24:59.0866 5964 [ DA24C1F66EE1B5A92E045376D7A44B58 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 20:24:59.0912 5964 IntcDAud - ok 20:24:59.0959 5964 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 20:24:59.0975 5964 intelide - ok 20:25:00.0022 5964 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 20:25:00.0084 5964 intelppm - ok 20:25:00.0100 5964 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 20:25:00.0224 5964 IPBusEnum - ok 20:25:00.0271 5964 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:25:00.0412 5964 IpFilterDriver - ok 20:25:00.0458 5964 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:25:00.0521 5964 iphlpsvc - ok 20:25:00.0568 5964 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 20:25:00.0630 5964 IPMIDRV - ok 20:25:00.0661 5964 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:25:00.0770 5964 IPNAT - ok 20:25:00.0802 5964 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:25:00.0864 5964 IRENUM - ok 20:25:00.0895 5964 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:25:00.0926 5964 isapnp - ok 20:25:00.0942 5964 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 20:25:00.0989 5964 iScsiPrt - ok 20:25:01.0036 5964 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe 20:25:01.0067 5964 IviRegMgr - ok 20:25:01.0098 5964 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 20:25:01.0129 5964 kbdclass - ok 20:25:01.0192 5964 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 20:25:01.0238 5964 kbdhid - ok 20:25:01.0270 5964 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 20:25:01.0301 5964 KeyIso - ok 20:25:01.0348 5964 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:25:01.0394 5964 KSecDD - ok 20:25:01.0441 5964 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:25:01.0488 5964 KSecPkg - ok 20:25:01.0504 5964 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 20:25:01.0628 5964 ksthunk - ok 20:25:01.0675 5964 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 20:25:01.0816 5964 KtmRm - ok 20:25:01.0878 5964 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 20:25:02.0018 5964 LanmanServer - ok 20:25:02.0050 5964 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:25:02.0190 5964 LanmanWorkstation - ok 20:25:02.0268 5964 [ 70481DABD9ADAB51A6933C5893B82925 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe 20:25:02.0284 5964 LENOVO.CAMMUTE - ok 20:25:02.0346 5964 [ C88EB33793420A79F601FB5E33E2EDD9 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 20:25:02.0377 5964 LENOVO.MICMUTE - ok 20:25:02.0393 5964 [ 5ACFF5823634BC2C4EBF559C3B33E18E ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys 20:25:02.0408 5964 lenovo.smi - ok 20:25:02.0455 5964 [ D0DAF6A22037F6DEE706A095C647AA41 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 20:25:02.0486 5964 LENOVO.TPKNRSVC - ok 20:25:02.0518 5964 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:25:02.0627 5964 lltdio - ok 20:25:02.0674 5964 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:25:02.0767 5964 lltdsvc - ok 20:25:02.0783 5964 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:25:02.0908 5964 lmhosts - ok 20:25:02.0954 5964 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 20:25:02.0986 5964 LMS - ok 20:25:03.0048 5964 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 20:25:03.0079 5964 LSI_FC - ok 20:25:03.0095 5964 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 20:25:03.0142 5964 LSI_SAS - ok 20:25:03.0157 5964 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:25:03.0188 5964 LSI_SAS2 - ok 20:25:03.0220 5964 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:25:03.0251 5964 LSI_SCSI - ok 20:25:03.0282 5964 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 20:25:03.0391 5964 luafv - ok 20:25:03.0516 5964 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe 20:25:03.0547 5964 McComponentHostService - ok 20:25:03.0594 5964 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 20:25:03.0656 5964 Mcx2Svc - ok 20:25:03.0703 5964 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 20:25:03.0734 5964 megasas - ok 20:25:03.0750 5964 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 20:25:03.0797 5964 MegaSR - ok 20:25:03.0828 5964 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 20:25:03.0953 5964 MMCSS - ok 20:25:03.0984 5964 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 20:25:04.0109 5964 Modem - ok 20:25:04.0156 5964 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 20:25:04.0218 5964 monitor - ok 20:25:04.0265 5964 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys 20:25:04.0296 5964 mouclass - ok 20:25:04.0343 5964 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 20:25:04.0390 5964 mouhid - ok 20:25:04.0452 5964 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:25:04.0468 5964 mountmgr - ok 20:25:04.0530 5964 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 20:25:04.0577 5964 MozillaMaintenance - ok 20:25:04.0608 5964 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 20:25:04.0655 5964 mpio - ok 20:25:04.0686 5964 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:25:04.0780 5964 mpsdrv - ok 20:25:04.0842 5964 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 20:25:04.0967 5964 MpsSvc - ok 20:25:05.0029 5964 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:25:05.0092 5964 MRxDAV - ok 20:25:05.0138 5964 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:25:05.0185 5964 mrxsmb - ok 20:25:05.0232 5964 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:25:05.0294 5964 mrxsmb10 - ok 20:25:05.0326 5964 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:25:05.0388 5964 mrxsmb20 - ok 20:25:05.0404 5964 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 20:25:05.0435 5964 msahci - ok 20:25:05.0482 5964 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 20:25:05.0513 5964 msdsm - ok 20:25:05.0560 5964 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 20:25:05.0638 5964 MSDTC - ok 20:25:05.0700 5964 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:25:05.0794 5964 Msfs - ok 20:25:05.0825 5964 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:25:05.0934 5964 mshidkmdf - ok 20:25:05.0981 5964 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:25:06.0012 5964 msisadrv - ok 20:25:06.0059 5964 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:25:06.0168 5964 MSiSCSI - ok 20:25:06.0168 5964 msiserver - ok 20:25:06.0215 5964 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:25:06.0308 5964 MSKSSRV - ok 20:25:06.0324 5964 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:25:06.0433 5964 MSPCLOCK - ok 20:25:06.0464 5964 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:25:06.0574 5964 MSPQM - ok 20:25:06.0636 5964 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:25:06.0667 5964 MsRPC - ok 20:25:06.0714 5964 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 20:25:06.0745 5964 mssmbios - ok 20:25:06.0792 5964 MSSQL$MSSMLBIZ - ok 20:25:06.0823 5964 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe 20:25:06.0854 5964 MSSQLServerADHelper - ok 20:25:06.0901 5964 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:25:07.0010 5964 MSTEE - ok 20:25:07.0120 5964 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 20:25:07.0166 5964 MTConfig - ok 20:25:07.0229 5964 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 20:25:07.0260 5964 Mup - ok 20:25:07.0322 5964 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 20:25:07.0463 5964 napagent - ok 20:25:07.0525 5964 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:25:07.0603 5964 NativeWifiP - ok 20:25:07.0666 5964 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 20:25:07.0744 5964 NDIS - ok 20:25:07.0775 5964 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:25:07.0868 5964 NdisCap - ok 20:25:07.0884 5964 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:25:08.0009 5964 NdisTapi - ok 20:25:08.0040 5964 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:25:08.0165 5964 Ndisuio - ok 20:25:08.0196 5964 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:25:08.0321 5964 NdisWan - ok 20:25:08.0368 5964 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:25:08.0477 5964 NDProxy - ok 20:25:08.0524 5964 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:25:08.0633 5964 NetBIOS - ok 20:25:08.0680 5964 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:25:08.0804 5964 NetBT - ok 20:25:08.0820 5964 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 20:25:08.0867 5964 Netlogon - ok 20:25:08.0898 5964 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 20:25:09.0038 5964 Netman - ok 20:25:09.0070 5964 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 20:25:09.0194 5964 netprofm - ok 20:25:09.0226 5964 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:25:09.0257 5964 NetTcpPortSharing - ok 20:25:09.0460 5964 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys 20:25:09.0834 5964 NETw5s64 - ok 20:25:10.0021 5964 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys 20:25:10.0349 5964 netw5v64 - ok 20:25:10.0380 5964 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 20:25:10.0411 5964 nfrd960 - ok 20:25:10.0458 5964 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 20:25:10.0536 5964 NlaSvc - ok 20:25:10.0552 5964 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:25:10.0661 5964 Npfs - ok 20:25:10.0708 5964 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 20:25:10.0817 5964 nsi - ok 20:25:10.0848 5964 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:25:10.0973 5964 nsiproxy - ok 20:25:11.0051 5964 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:25:11.0144 5964 Ntfs - ok 20:25:11.0176 5964 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 20:25:11.0300 5964 Null - ok 20:25:11.0347 5964 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:25:11.0378 5964 nvraid - ok 20:25:11.0410 5964 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:25:11.0441 5964 nvstor - ok 20:25:11.0472 5964 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:25:11.0503 5964 nv_agp - ok 20:25:11.0597 5964 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 20:25:11.0659 5964 odserv - ok 20:25:11.0690 5964 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 20:25:11.0753 5964 ohci1394 - ok 20:25:11.0800 5964 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:25:11.0831 5964 ose - ok 20:25:11.0893 5964 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:25:11.0940 5964 p2pimsvc - ok 20:25:11.0956 5964 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 20:25:12.0018 5964 p2psvc - ok 20:25:12.0065 5964 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 20:25:12.0127 5964 Parport - ok 20:25:12.0158 5964 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:25:12.0190 5964 partmgr - ok 20:25:12.0221 5964 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 20:25:12.0299 5964 PcaSvc - ok 20:25:12.0346 5964 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 20:25:12.0392 5964 pci - ok 20:25:12.0408 5964 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 20:25:12.0439 5964 pciide - ok 20:25:12.0486 5964 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 20:25:12.0533 5964 pcmcia - ok 20:25:12.0548 5964 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 20:25:12.0564 5964 pcw - ok 20:25:12.0595 5964 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:25:12.0704 5964 PEAUTH - ok 20:25:12.0876 5964 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 20:25:12.0907 5964 PerfHost - ok 20:25:12.0985 5964 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 20:25:13.0126 5964 pla - ok 20:25:13.0250 5964 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:25:13.0328 5964 PlugPlay - ok 20:25:13.0360 5964 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:25:13.0406 5964 PNRPAutoReg - ok 20:25:13.0422 5964 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:25:13.0469 5964 PNRPsvc - ok 20:25:13.0531 5964 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:25:13.0672 5964 PolicyAgent - ok 20:25:13.0734 5964 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 20:25:13.0890 5964 Power - ok 20:25:13.0937 5964 [ 0B6590C8E9B12CD7EDC7BB7311EFBB30 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE 20:25:13.0968 5964 Power Manager DBC Service - ok 20:25:14.0015 5964 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:25:14.0155 5964 PptpMiniport - ok 20:25:14.0202 5964 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 20:25:14.0249 5964 Processor - ok 20:25:14.0311 5964 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 20:25:14.0358 5964 ProfSvc - ok 20:25:14.0405 5964 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 20:25:14.0436 5964 ProtectedStorage - ok 20:25:14.0467 5964 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys 20:25:14.0498 5964 psadd - ok 20:25:14.0545 5964 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:25:14.0654 5964 Psched - ok 20:25:14.0732 5964 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 20:25:14.0842 5964 ql2300 - ok 20:25:14.0873 5964 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 20:25:14.0904 5964 ql40xx - ok 20:25:14.0935 5964 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 20:25:14.0982 5964 QWAVE - ok 20:25:15.0029 5964 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:25:15.0076 5964 QWAVEdrv - ok 20:25:15.0122 5964 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:25:15.0232 5964 RasAcd - ok 20:25:15.0278 5964 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:25:15.0419 5964 RasAgileVpn - ok 20:25:15.0528 5964 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 20:25:15.0653 5964 RasAuto - ok 20:25:15.0980 5964 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:25:16.0199 5964 Rasl2tp - ok 20:25:16.0526 5964 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 20:25:16.0807 5964 RasMan - ok 20:25:16.0870 5964 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:25:17.0010 5964 RasPppoe - ok 20:25:17.0041 5964 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:25:17.0182 5964 RasSstp - ok 20:25:17.0228 5964 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:25:17.0353 5964 rdbss - ok 20:25:17.0384 5964 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 20:25:17.0490 5964 rdpbus - ok 20:25:17.0536 5964 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 20:25:17.0769 5964 RDPCDD - ok 20:25:17.0848 5964 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 20:25:18.0044 5964 RDPENCDD - ok 20:25:18.0109 5964 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 20:25:18.0256 5964 RDPREFMP - ok 20:25:18.0335 5964 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:25:18.0378 5964 RDPWD - ok 20:25:18.0487 5964 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:25:18.0537 5964 rdyboost - ok 20:25:18.0628 5964 [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 20:25:18.0715 5964 RegSrvc - ok 20:25:18.0771 5964 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:25:18.0951 5964 RemoteAccess - ok 20:25:19.0030 5964 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:25:19.0340 5964 RemoteRegistry - ok 20:25:19.0439 5964 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 20:25:19.0579 5964 RFCOMM - ok 20:25:19.0624 5964 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:25:19.0815 5964 RpcEptMapper - ok 20:25:19.0924 5964 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 20:25:20.0029 5964 RpcLocator - ok 20:25:20.0086 5964 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 20:25:20.0344 5964 RpcSs - ok 20:25:20.0408 5964 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:25:20.0658 5964 rspndr - ok 20:25:20.0753 5964 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 20:25:20.0797 5964 RSUSBSTOR - ok 20:25:20.0861 5964 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 20:25:20.0975 5964 RTL8167 - ok 20:25:21.0020 5964 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 20:25:21.0104 5964 SamSs - ok 20:25:21.0148 5964 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:25:21.0213 5964 sbp2port - ok 20:25:21.0291 5964 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:25:21.0420 5964 SCardSvr - ok 20:25:21.0465 5964 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:25:21.0588 5964 scfilter - ok 20:25:21.0669 5964 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 20:25:21.0792 5964 Schedule - ok 20:25:21.0837 5964 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 20:25:21.0944 5964 SCPolicySvc - ok 20:25:22.0008 5964 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys 20:25:22.0074 5964 sdbus - ok 20:25:22.0128 5964 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:25:22.0207 5964 SDRSVC - ok 20:25:22.0250 5964 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:25:22.0360 5964 secdrv - ok 20:25:22.0404 5964 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 20:25:22.0566 5964 seclogon - ok 20:25:22.0617 5964 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 20:25:22.0762 5964 SENS - ok 20:25:22.0784 5964 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:25:22.0838 5964 SensrSvc - ok 20:25:22.0869 5964 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 20:25:22.0934 5964 Serenum - ok 20:25:22.0986 5964 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 20:25:23.0053 5964 Serial - ok 20:25:23.0099 5964 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 20:25:23.0163 5964 sermouse - ok 20:25:23.0288 5964 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 20:25:23.0463 5964 SessionEnv - ok 20:25:23.0498 5964 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 20:25:23.0563 5964 sffdisk - ok 20:25:23.0606 5964 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 20:25:23.0708 5964 sffp_mmc - ok 20:25:23.0747 5964 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 20:25:23.0861 5964 sffp_sd - ok 20:25:23.0929 5964 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 20:25:24.0016 5964 sfloppy - ok 20:25:24.0086 5964 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:25:24.0233 5964 SharedAccess - ok 20:25:24.0372 5964 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:25:24.0575 5964 ShellHWDetection - ok 20:25:24.0715 5964 [ C45942985943FC4AB8A7EA7A92F29C00 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys 20:25:24.0782 5964 Shockprf - ok 20:25:24.0858 5964 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:25:24.0908 5964 SiSRaid2 - ok 20:25:24.0935 5964 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 20:25:24.0979 5964 SiSRaid4 - ok 20:25:25.0043 5964 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 20:25:25.0086 5964 SkypeUpdate - ok 20:25:25.0136 5964 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 20:25:25.0300 5964 Smb - ok 20:25:25.0414 5964 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:25:25.0491 5964 SNMPTRAP - ok 20:25:25.0526 5964 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 20:25:25.0568 5964 spldr - ok 20:25:25.0617 5964 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 20:25:25.0738 5964 Spooler - ok 20:25:25.0933 5964 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 20:25:26.0308 5964 sppsvc - ok 20:25:26.0362 5964 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 20:25:26.0486 5964 sppuinotify - ok 20:25:26.0521 5964 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 20:25:26.0565 5964 SQLBrowser - ok 20:25:26.0629 5964 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 20:25:26.0672 5964 SQLWriter - ok 20:25:26.0721 5964 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 20:25:26.0799 5964 srv - ok 20:25:26.0862 5964 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:25:26.0963 5964 srv2 - ok 20:25:27.0027 5964 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS 20:25:27.0136 5964 SrvHsfHDA - ok 20:25:27.0206 5964 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS 20:25:27.0297 5964 SrvHsfV92 - ok 20:25:27.0337 5964 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 20:25:27.0402 5964 SrvHsfWinac - ok 20:25:27.0443 5964 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:25:27.0483 5964 srvnet - ok 20:25:27.0528 5964 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:25:27.0695 5964 SSDPSRV - ok 20:25:27.0727 5964 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:25:27.0849 5964 SstpSvc - ok 20:25:27.0899 5964 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 20:25:27.0941 5964 stexstor - ok 20:25:28.0015 5964 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 20:25:28.0107 5964 stisvc - ok 20:25:28.0172 5964 [ F3C73E650F1CD3289F38E62CCC325A66 ] SUService c:\Program Files (x86)\Lenovo\System Update\SUService.exe 20:25:28.0203 5964 SUService ( UnsignedFile.Multi.Generic ) - warning 20:25:28.0203 5964 SUService - detected UnsignedFile.Multi.Generic (1) 20:25:28.0247 5964 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 20:25:28.0280 5964 swenum - ok 20:25:28.0330 5964 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 20:25:28.0500 5964 swprv - ok 20:25:28.0544 5964 [ 868DFB220A18312A12CEF01BA9AC069B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 20:25:28.0588 5964 SynTP - ok 20:25:28.0687 5964 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 20:25:28.0814 5964 SysMain - ok 20:25:28.0863 5964 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 20:25:28.0948 5964 TabletInputService - ok 20:25:28.0992 5964 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 20:25:29.0157 5964 TapiSrv - ok 20:25:29.0199 5964 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 20:25:29.0318 5964 TBS - ok 20:25:29.0419 5964 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:25:29.0577 5964 Tcpip - ok 20:25:30.0415 5964 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:25:30.0533 5964 TCPIP6 - ok 20:25:30.0610 5964 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:25:30.0674 5964 tcpipreg - ok 20:25:30.0739 5964 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 20:25:30.0791 5964 TDPIPE - ok 20:25:30.0843 5964 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 20:25:30.0913 5964 TDTCP - ok 20:25:30.0985 5964 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:25:31.0128 5964 tdx - ok 20:25:31.0450 5964 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 20:25:31.0500 5964 TermDD - ok 20:25:31.0637 5964 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 20:25:31.0814 5964 TermService - ok 20:25:32.0066 5964 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 20:25:32.0181 5964 Themes - ok 20:25:32.0248 5964 [ 39AC444E07FDBD8C2E8E291A65D515D3 ] ThinkVantage Registry Monitor Service C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe 20:25:32.0505 5964 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - warning 20:25:32.0505 5964 ThinkVantage Registry Monitor Service - detected UnsignedFile.Multi.Generic (1) 20:25:32.0700 5964 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 20:25:32.0824 5964 THREADORDER - ok 20:25:32.0869 5964 [ 6DB3FAE611554DC373E266ED50111B1C ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys 20:25:32.0900 5964 TPDIGIMN - ok 20:25:32.0941 5964 [ 47D2009FDC682833EE03B6DCBA23FDD2 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe 20:25:32.0980 5964 TPHDEXLGSVC - ok 20:25:33.0036 5964 [ 2CF225E19490F499528B926263FE4554 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 20:25:33.0065 5964 TPHKSVC - ok 20:25:33.0095 5964 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys 20:25:33.0163 5964 TPM - ok 20:25:33.0224 5964 [ 2C067E01D6BBCCC88B233B868E210907 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys 20:25:33.0262 5964 TPPWRIF - ok 20:25:33.0301 5964 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 20:25:33.0429 5964 TrkWks - ok 20:25:33.0498 5964 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:25:33.0621 5964 TrustedInstaller - ok 20:25:33.0669 5964 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 20:25:33.0819 5964 tssecsrv - ok 20:25:33.0880 5964 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:25:33.0918 5964 TsUsbFlt - ok 20:25:33.0998 5964 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:25:34.0101 5964 tunnel - ok 20:25:34.0138 5964 [ 53FF5F00EAB07E329ABE48AE3DE4F5D7 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys 20:25:34.0163 5964 TurboB - ok 20:25:34.0220 5964 [ B670DF651F00194434ADC6B326743709 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe 20:25:34.0248 5964 TurboBoost - ok 20:25:34.0338 5964 [ B56DA1AA776C15043D10F82B32AA000D ] TVT Backup Service C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe 20:25:34.0387 5964 TVT Backup Service ( UnsignedFile.Multi.Generic ) - warning 20:25:34.0387 5964 TVT Backup Service - detected UnsignedFile.Multi.Generic (1) 20:25:34.0418 5964 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 20:25:34.0448 5964 uagp35 - ok 20:25:34.0503 5964 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:25:34.0629 5964 udfs - ok 20:25:34.0742 5964 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:25:34.0796 5964 UI0Detect - ok 20:25:34.0830 5964 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:25:34.0880 5964 uliagpkx - ok 20:25:34.0948 5964 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 20:25:35.0008 5964 umbus - ok 20:25:35.0051 5964 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 20:25:35.0091 5964 UmPass - ok 20:25:35.0190 5964 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 20:25:35.0323 5964 UNS - ok 20:25:35.0432 5964 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 20:25:35.0624 5964 upnphost - ok 20:25:35.0670 5964 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 20:25:35.0740 5964 usbccgp - ok 20:25:35.0821 5964 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 20:25:35.0884 5964 usbcir - ok 20:25:35.0939 5964 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys 20:25:35.0991 5964 usbehci - ok 20:25:36.0046 5964 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 20:25:36.0110 5964 usbhub - ok 20:25:36.0148 5964 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 20:25:36.0190 5964 usbohci - ok 20:25:36.0217 5964 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 20:25:36.0285 5964 usbprint - ok 20:25:36.0335 5964 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 20:25:36.0389 5964 usbscan - ok 20:25:36.0443 5964 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:25:36.0514 5964 USBSTOR - ok 20:25:36.0569 5964 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 20:25:36.0608 5964 usbuhci - ok 20:25:36.0666 5964 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 20:25:36.0755 5964 usbvideo - ok 20:25:36.0802 5964 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 20:25:36.0934 5964 UxSms - ok 20:25:37.0024 5964 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 20:25:37.0063 5964 VaultSvc - ok 20:25:37.0107 5964 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:25:37.0142 5964 vdrvroot - ok 20:25:37.0197 5964 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 20:25:37.0369 5964 vds - ok 20:25:37.0413 5964 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 20:25:37.0469 5964 vga - ok 20:25:37.0494 5964 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 20:25:37.0648 5964 VgaSave - ok 20:25:37.0699 5964 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 20:25:37.0733 5964 vhdmp - ok 20:25:37.0764 5964 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 20:25:37.0800 5964 viaide - ok 20:25:37.0883 5964 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:25:37.0931 5964 volmgr - ok 20:25:38.0027 5964 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:25:38.0100 5964 volmgrx - ok 20:25:38.0134 5964 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:25:38.0189 5964 volsnap - ok 20:25:38.0270 5964 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 20:25:38.0318 5964 vsmraid - ok 20:25:38.0443 5964 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 20:25:38.0707 5964 VSS - ok 20:25:38.0740 5964 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 20:25:38.0832 5964 vwifibus - ok 20:25:38.0898 5964 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 20:25:39.0020 5964 vwififlt - ok 20:25:39.0102 5964 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 20:25:39.0320 5964 vwifimp - ok 20:25:39.0406 5964 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 20:25:39.0617 5964 W32Time - ok 20:25:39.0660 5964 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 20:25:39.0707 5964 WacomPen - ok 20:25:39.0800 5964 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 20:25:39.0936 5964 WANARP - ok 20:25:39.0955 5964 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:25:40.0076 5964 Wanarpv6 - ok 20:25:40.0165 5964 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 20:25:40.0289 5964 WatAdminSvc - ok 20:25:40.0407 5964 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 20:25:40.0544 5964 wbengine - ok 20:25:40.0610 5964 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:25:40.0710 5964 WbioSrvc - ok 20:25:40.0770 5964 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:25:40.0879 5964 wcncsvc - ok 20:25:40.0918 5964 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:25:40.0971 5964 WcsPlugInService - ok 20:25:41.0003 5964 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 20:25:41.0043 5964 Wd - ok 20:25:41.0133 5964 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:25:41.0208 5964 Wdf01000 - ok 20:25:41.0245 5964 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:25:41.0343 5964 WdiServiceHost - ok 20:25:41.0368 5964 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:25:41.0433 5964 WdiSystemHost - ok 20:25:41.0496 5964 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 20:25:41.0589 5964 WebClient - ok 20:25:41.0632 5964 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:25:41.0855 5964 Wecsvc - ok 20:25:41.0912 5964 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:25:42.0104 5964 wercplsupport - ok 20:25:42.0257 5964 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 20:25:42.0412 5964 WerSvc - ok 20:25:42.0458 5964 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 20:25:42.0590 5964 WfpLwf - ok 20:25:42.0628 5964 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:25:42.0661 5964 WIMMount - ok 20:25:42.0692 5964 WinDefend - ok 20:25:42.0702 5964 WinHttpAutoProxySvc - ok 20:25:42.0764 5964 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:25:42.0871 5964 Winmgmt - ok 20:25:42.0977 5964 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 20:25:43.0227 5964 WinRM - ok 20:25:43.0319 5964 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 20:25:43.0364 5964 WinUsb - ok 20:25:43.0411 5964 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 20:25:43.0506 5964 Wlansvc - ok 20:25:43.0626 5964 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 20:25:43.0677 5964 WmiAcpi - ok 20:25:43.0728 5964 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:25:43.0799 5964 wmiApSrv - ok 20:25:43.0843 5964 WMPNetworkSvc - ok 20:25:43.0893 5964 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:25:43.0931 5964 WPCSvc - ok 20:25:44.0001 5964 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:25:44.0094 5964 WPDBusEnum - ok 20:25:44.0154 5964 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:25:44.0368 5964 ws2ifsl - ok 20:25:44.0450 5964 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 20:25:44.0538 5964 wscsvc - ok 20:25:44.0547 5964 WSearch - ok 20:25:44.0681 5964 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 20:25:44.0910 5964 wuauserv - ok 20:25:44.0952 5964 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:25:44.0985 5964 WudfPf - ok 20:25:45.0007 5964 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 20:25:45.0066 5964 WUDFRd - ok 20:25:45.0095 5964 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:25:45.0147 5964 wudfsvc - ok 20:25:45.0220 5964 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 20:25:45.0342 5964 WwanSvc - ok 20:25:45.0485 5964 ================ Scan global =============================== 20:25:45.0555 5964 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 20:25:45.0624 5964 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 20:25:45.0658 5964 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 20:25:45.0721 5964 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 20:25:45.0788 5964 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 20:25:45.0805 5964 [Global] - ok 20:25:45.0817 5964 ================ Scan MBR ================================== 20:25:45.0846 5964 [ 2359660F8D5E1B418E3B1C780E1E0EA3 ] \Device\Harddisk0\DR0 20:25:46.0323 5964 \Device\Harddisk0\DR0 - ok 20:25:46.0324 5964 ================ Scan VBR ================================== 20:25:46.0331 5964 [ D2861C4F45152A3F727966D2D1352AA0 ] \Device\Harddisk0\DR0\Partition1 20:25:46.0334 5964 \Device\Harddisk0\DR0\Partition1 - ok 20:25:46.0373 5964 [ E3A238BFFBBDB1166ED9173CCDC18BA8 ] \Device\Harddisk0\DR0\Partition2 20:25:46.0377 5964 \Device\Harddisk0\DR0\Partition2 - ok 20:25:46.0415 5964 [ EA0CB6B32F3085BAE7E30AE03B4A3C93 ] \Device\Harddisk0\DR0\Partition3 20:25:46.0419 5964 \Device\Harddisk0\DR0\Partition3 - ok 20:25:46.0420 5964 ============================================================ 20:25:46.0420 5964 Scan finished 20:25:46.0420 5964 ============================================================ 20:25:46.0452 6056 Detected object count: 4 20:25:46.0452 6056 Actual detected object count: 4 20:26:43.0674 6056 Akamai ( HiddenFile.Multi.Generic ) - skipped by user 20:26:43.0674 6056 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 20:26:43.0674 6056 SUService ( UnsignedFile.Multi.Generic ) - skipped by user 20:26:43.0674 6056 SUService ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:26:43.0674 6056 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:26:43.0674 6056 ThinkVantage Registry Monitor Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:26:43.0689 6056 TVT Backup Service ( UnsignedFile.Multi.Generic ) - skipped by user 20:26:43.0689 6056 TVT Backup Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 20:26:53.0393 3636 Deinitialize success |
22.02.2013, 15:10 | #17 |
/// Malware-holic | Dateien mit Virus corrupted.exe infiziert Hi,
__________________Scan mit Combofix
__________________ |
26.02.2013, 19:28 | #18 |
| Dateien mit Virus corrupted.exe infiziert Hallo, sorry, war ein paar tage unterwegs, aber bin heute zum scan gekommen. hier ist der logfile:
__________________Combofix Logfile: Code:
ATTFilter ComboFix 13-02-26.01 - Rike 26.02.2013 18:23:47.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3893.2436 [GMT 1:00] ausgeführt von:: c:\users\Rike\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe Q:\Autorun.inf . Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt . . ((((((((((((((((((((((( Dateien erstellt von 2013-01-26 bis 2013-02-26 )))))))))))))))))))))))))))))) . . 2013-02-26 16:10 . 2013-02-08 00:28 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9B22E52A-AF83-475D-B224-BBC7DCA82AB3}\mpengine.dll 2013-02-20 21:02 . 2013-02-20 21:02 -------- d-----w- C:\_OTL 2013-02-19 16:48 . 2013-02-19 16:48 -------- d-----w- C:\escan 2013-02-19 13:54 . 2013-02-19 13:54 -------- d---a-w- c:\windows\VDLL.DLL 2013-02-19 13:54 . 2013-02-19 13:54 -------- d---a-w- c:\windows\SysWow64\runouce.exe 2013-02-19 13:54 . 2013-02-19 13:54 -------- d---a-w- c:\windows\rundll16.exe 2013-02-19 13:54 . 2013-02-19 13:54 -------- d---a-w- c:\windows\RUNDL132.EXE 2013-02-19 13:54 . 2013-02-19 13:54 -------- d---a-w- c:\windows\logo1_.exe 2013-02-19 13:54 . 2013-02-19 13:54 -------- d---a-w- c:\windows\logo_1.exe 2013-02-19 13:42 . 2013-02-19 13:42 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll 2013-02-19 13:42 . 2013-02-19 13:42 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll 2013-02-19 13:42 . 2013-02-19 13:42 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe 2013-02-19 13:42 . 2013-02-19 13:42 -------- d-----w- c:\program files (x86)\Common Files\MicroWorld 2013-02-19 13:42 . 2013-02-19 13:42 -------- d-----w- c:\programdata\MicroWorld 2013-02-19 11:03 . 2013-02-19 11:07 -------- d-----w- c:\users\Rike\AppData\Local\Google 2013-02-19 11:03 . 2013-02-19 11:04 -------- d-----w- c:\program files (x86)\Google 2013-02-19 11:03 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe 2013-02-19 11:01 . 2013-02-26 17:32 -------- d-----w- c:\programdata\AVAST Software 2013-02-19 11:01 . 2013-02-19 11:01 -------- d-----w- c:\program files\AVAST Software 2013-02-13 17:08 . 2012-12-20 13:59 1492992 ----a-w- c:\windows\system32\urlmon.dll 2013-02-12 21:52 . 2013-02-12 21:52 -------- d-----w- c:\program files (x86)\Common Files\Skype . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-19 10:42 . 2012-04-20 08:54 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-02-19 10:42 . 2011-06-11 22:05 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-02-13 23:06 . 2010-07-11 21:33 70004024 ----a-w- c:\windows\system32\MRT.exe 2013-01-17 00:28 . 2010-07-08 12:30 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-04 04:43 . 2013-02-13 17:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-12-16 17:11 . 2012-12-22 02:00 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-22 02:00 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-22 02:00 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-22 02:00 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-07 13:20 . 2013-01-09 22:49 441856 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 13:15 . 2013-01-09 22:49 2746368 ----a-w- c:\windows\system32\gameux.dll 2012-12-07 12:26 . 2013-01-09 22:49 308736 ----a-w- c:\windows\SysWow64\Wpc.dll 2012-12-07 12:20 . 2013-01-09 22:49 2576384 ----a-w- c:\windows\SysWow64\gameux.dll 2012-12-07 11:20 . 2013-01-09 22:49 30720 ----a-w- c:\windows\system32\usk.rs 2012-12-07 11:20 . 2013-01-09 22:49 43520 ----a-w- c:\windows\system32\csrr.rs 2012-12-07 11:20 . 2013-01-09 22:49 23552 ----a-w- c:\windows\system32\oflc.rs 2012-12-07 11:20 . 2013-01-09 22:49 45568 ----a-w- c:\windows\system32\oflc-nz.rs 2012-12-07 11:20 . 2013-01-09 22:49 44544 ----a-w- c:\windows\system32\pegibbfc.rs 2012-12-07 11:20 . 2013-01-09 22:49 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2012-12-07 11:20 . 2013-01-09 22:49 20480 ----a-w- c:\windows\system32\pegi-pt.rs 2012-12-07 11:19 . 2013-01-09 22:49 20480 ----a-w- c:\windows\system32\pegi.rs 2012-12-07 11:19 . 2013-01-09 22:49 46592 ----a-w- c:\windows\system32\fpb.rs 2012-12-07 11:19 . 2013-01-09 22:49 40960 ----a-w- c:\windows\system32\cob-au.rs 2012-12-07 11:19 . 2013-01-09 22:49 21504 ----a-w- c:\windows\system32\grb.rs 2012-12-07 11:19 . 2013-01-09 22:49 15360 ----a-w- c:\windows\system32\djctq.rs 2012-12-07 11:19 . 2013-01-09 22:49 55296 ----a-w- c:\windows\system32\cero.rs 2012-12-07 11:19 . 2013-01-09 22:49 51712 ----a-w- c:\windows\system32\esrb.rs 2012-12-07 10:46 . 2013-01-09 22:49 43520 ----a-w- c:\windows\SysWow64\csrr.rs 2012-12-07 10:46 . 2013-01-09 22:49 30720 ----a-w- c:\windows\SysWow64\usk.rs 2012-12-07 10:46 . 2013-01-09 22:49 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs 2012-12-07 10:46 . 2013-01-09 22:49 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs 2012-12-07 10:46 . 2013-01-09 22:49 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs 2012-12-07 10:46 . 2013-01-09 22:49 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2012-12-07 10:46 . 2013-01-09 22:49 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2012-12-07 10:46 . 2013-01-09 22:49 46592 ----a-w- c:\windows\SysWow64\fpb.rs 2012-12-07 10:46 . 2013-01-09 22:49 20480 ----a-w- c:\windows\SysWow64\pegi.rs 2012-12-07 10:46 . 2013-01-09 22:49 21504 ----a-w- c:\windows\SysWow64\grb.rs 2012-12-07 10:46 . 2013-01-09 22:49 40960 ----a-w- c:\windows\SysWow64\cob-au.rs 2012-12-07 10:46 . 2013-01-09 22:49 15360 ----a-w- c:\windows\SysWow64\djctq.rs 2012-12-07 10:46 . 2013-01-09 22:49 55296 ----a-w- c:\windows\SysWow64\cero.rs 2012-12-07 10:46 . 2013-01-09 22:49 51712 ----a-w- c:\windows\SysWow64\esrb.rs 2012-11-30 05:45 . 2013-01-09 22:48 362496 ----a-w- c:\windows\system32\wow64win.dll 2012-11-30 05:45 . 2013-01-09 22:48 243200 ----a-w- c:\windows\system32\wow64.dll 2012-11-30 05:45 . 2013-01-09 22:48 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2012-11-30 05:43 . 2013-01-09 22:48 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2012-11-30 05:41 . 2013-01-09 22:48 424448 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 05:41 . 2013-01-09 22:48 1161216 ----a-w- c:\windows\system32\kernel32.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 05:38 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2012-11-30 04:53 . 2013-01-09 22:48 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll 2012-11-30 04:45 . 2013-01-09 22:48 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll 2012-11-30 04:45 . 2013-01-09 22:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 129272 ----a-w- c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="c:\users\Rike\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920] "Spotify"="c:\users\Rike\AppData\Roaming\Spotify\Spotify.exe" [2012-12-01 7880664] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Message Center Plus"="c:\program files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-27 49976] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352] . c:\users\Rike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2010-2-17 1083680] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536] R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456] R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648] R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136] R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304] R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-30 53800] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368] R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2010-01-05 75112] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-08 239136] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-29 126392] R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-03 1255736] S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2009-10-09 23592] S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2008-05-12 15400] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176] S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648] S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-04-20 50536] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2010-04-07 45496] S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-04-20 74088] S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2010-04-07 63928] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-09-29 12728] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920] S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2009-06-18 161024] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-01-06 158848] S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-07 271872] S3 NETw5s64;Intel(R) Wireless WiFi Link Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-02-23 11:18 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2013-02-26 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 10:42] . 2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19 11:03] . 2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-19 11:03] . 2013-02-26 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06] . 2013-02-26 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-11-13 23:32 162552 ----a-w- c:\users\Rike\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-12-21 69568] "TpShocks"="TpShocks.exe" [2009-12-11 380776] "AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2009-10-13 36864] "cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2009-08-26 5879608] "LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2010-04-20 62312] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-29 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-29 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-29 417304] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.hiergehtslos.de mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local> IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\users\Rike\AppData\Roaming\Mozilla\Firefox\Profiles\scz0zwuv.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.gmx.net/ FF - ExtSQL: 2013-02-19 12:06; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF FF - user.js: yahoo.homepage.dontask - true . - - - - Entfernte verwaiste Registrierungseinträge - - - - . HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe c:\progra~1\Lenovo\HOTKEY\tpnumlkd.exe c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe c:\program files (x86)\Lenovo\System Update\SUService.exe c:\program files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe . ************************************************************************** . Zeit der Fertigstellung: 2013-02-26 18:38:35 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2013-02-26 17:38 . Vor Suchlauf: 18 Verzeichnis(se), 187.816.308.736 Bytes frei Nach Suchlauf: 23 Verzeichnis(se), 187.122.016.256 Bytes frei . - - End Of File - - 2E114B03FB9A7C1F055B2C9C196D63AA |
Themen zu Dateien mit Virus corrupted.exe infiziert |
adware, akamai, antivir, autorun.inf, corrupted.exe, dateien, ergebnis, explorer, fehlalarm, folge, frage, friert, infected, infiziert, installation, laufwerke, lenovo, mozilla, opera, prozesse, registrierungsdatenbank, software, spyware, system32, systemstart, temp, virus, windows |