| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus - ads by browse to saveWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.02.2013, 12:29
| #1 |
 |  Virus - ads by browse to save Hallo liebes Forum, hilfe, ich werde den Virus "ads by browse to save" nicht los. Ich habe mir hier schon Beiträge angeschaut und den OTL-Scanner durchlaufen lassen. Nun habe ich einen Text als Ergebnis mit den ich nichts anfangen kann da ich was Computer betrifft völlig ahnungslos bin. Bitte helft mir. ich hatte noch paralel GadgetBox auch ganz penetrant auf dem Lappi und habe das fast vollständig löschen können. Vielleicht besteht da ein Zusammenhang? Ich bin für jede Hilfe sehr dankbar! |
|
27.02.2013, 12:32
| #2 |
| /// Malware-holic   | Virus - ads by browse to save Hi,
__________________und wie sollen wir ihn auswerten, wenn du den otl text nicht postest?
__________________ |
|
27.02.2013, 12:34
| #3 |
| | Virus - ads by browse to save OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 27.02.2013 11:52:41 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\user\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,90 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 40,44% Memory free 5,80 Gb Paging File | 3,49 Gb Available in Paging File | 60,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 148,95 Gb Total Space | 109,44 Gb Free Space | 73,47% Space Free | Partition Type: NTFS Computer Name: USER-PC | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.02.27 11:52:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe PRC - [2013.02.21 06:23:46 | 001,274,320 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013.02.13 08:42:06 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.02.13 08:41:51 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2013.02.13 08:41:49 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.02.13 08:41:49 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe PRC - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Program Files (x86)\PDF Architect\HelperService.exe PRC - [2012.12.20 21:56:46 | 001,574,176 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.05.11 16:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe PRC - [2012.03.15 05:07:00 | 000,128,576 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe PRC - [2011.11.04 14:37:16 | 000,330,304 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe PRC - [2011.10.20 11:11:24 | 000,412,736 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe PRC - [2011.10.20 11:09:32 | 000,363,584 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe PRC - [2011.10.20 11:09:18 | 000,269,376 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe PRC - [2011.10.20 11:09:16 | 000,134,208 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe PRC - [2011.07.12 18:03:32 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe PRC - [2011.07.12 17:17:04 | 000,138,680 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ZOOM\TpScrex.exe PRC - [2011.07.12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe PRC - [2010.07.27 13:51:56 | 000,074,088 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe PRC - [2010.07.27 13:51:42 | 000,050,536 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe PRC - [2010.02.04 12:14:20 | 002,058,776 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe PRC - [2010.02.04 12:14:06 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\AMT\LMS.exe PRC - [2009.10.09 13:36:30 | 000,438,272 | R--- | M] () -- C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe PRC - [2009.08.07 05:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009.08.07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2000.07.21 23:55:54 | 000,028,739 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\WkDetect.exe PRC - [2000.07.21 22:55:52 | 000,073,784 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\MSWorks.exe PRC - [2000.07.12 21:30:18 | 000,311,350 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\wkssb.exe PRC - [1998.10.14 03:24:16 | 000,274,497 | ---- | M] (Microsoft Corporation) -- C:\Windows\Msagent\AGENTSVR.EXE ========== Modules (No Company Name) ========== MOD - [2013.02.21 06:23:44 | 000,459,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll MOD - [2013.02.21 06:23:43 | 012,637,136 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll MOD - [2013.02.21 06:23:42 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\pdf.dll MOD - [2013.02.21 06:22:51 | 000,596,944 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\libglesv2.dll MOD - [2013.02.21 06:22:50 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\libegl.dll MOD - [2013.02.21 06:22:48 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\ffmpegsumo.dll MOD - [2013.01.24 12:16:54 | 001,050,112 | ---- | M] () -- c:\progra~2\gadget~1\sprote~1.dll MOD - [2013.01.09 21:18:06 | 001,159,168 | ---- | M] () -- c:\progra~2\saveby~1\sprote~1.dll MOD - [1999.10.21 06:06:32 | 000,057,403 | ---- | M] () -- C:\PROGRA~2\MICROS~3\Office\BLNMGRPS.DLL MOD - [1999.02.02 00:39:14 | 000,073,785 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office\BLNMGR.DLL ========== Services (SafeList) ========== SRV:64bit: - [2012.02.29 14:15:08 | 000,048,704 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC) SRV:64bit: - [2011.11.28 11:54:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011.03.29 18:15:36 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC) SRV:64bit: - [2010.02.05 06:45:20 | 000,117,760 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DTS.exe -- (dtsvc) SRV:64bit: - [2010.02.05 06:45:16 | 000,130,048 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\ADMonitor.exe -- (ADMonitor) SRV:64bit: - [2010.02.05 06:39:40 | 002,713,920 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Windows\SysNative\ATService.exe -- (ATService) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.02.13 08:42:06 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.02.13 08:41:51 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2013.02.13 08:41:49 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.01.09 17:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\ConversionService.exe -- (PDF Architect Service) SRV - [2013.01.09 17:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Program Files (x86)\PDF Architect\HelperService.exe -- (PDF Architect Helper Service) SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.05.11 16:02:38 | 000,034,104 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService) SRV - [2012.03.15 05:07:00 | 001,662,528 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service) SRV - [2012.03.15 05:07:00 | 000,320,576 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc) SRV - [2012.03.15 05:07:00 | 000,165,440 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc) SRV - [2011.11.01 12:37:56 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2011.11.01 12:22:28 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2011.10.20 17:33:22 | 000,135,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV - [2011.10.20 11:09:18 | 000,269,376 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe -- (AcSvc) SRV - [2011.10.20 11:09:16 | 000,134,208 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe -- (AcPrfMgrSvc) SRV - [2011.10.19 13:25:00 | 000,661,504 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV - [2011.07.12 16:53:58 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC) SRV - [2011.07.12 16:53:40 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD) SRV - [2011.07.12 16:53:18 | 000,142,696 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC) SRV - [2011.07.12 15:53:24 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE) SRV - [2010.07.27 13:51:56 | 000,074,088 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC) SRV - [2010.07.27 13:51:42 | 000,050,536 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.04 12:14:20 | 002,058,776 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) SRV - [2010.02.04 12:14:06 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\AMT\LMS.exe -- (LMS) SRV - [2009.10.09 13:36:30 | 000,438,272 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe -- (WMCoreService) SRV - [2009.08.07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.04.29 11:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.11.16 20:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.03.15 05:07:00 | 000,029,512 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64) DRV:64bit: - [2012.03.15 05:07:00 | 000,019,784 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.29 14:14:48 | 000,042,312 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV) DRV:64bit: - [2011.12.27 02:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd) DRV:64bit: - [2011.12.23 12:30:56 | 000,412,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2011.11.28 12:20:18 | 008,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2011.11.28 12:20:18 | 008,013,312 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.11.28 11:19:10 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.10.31 14:57:50 | 008,615,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) DRV:64bit: - [2011.10.20 16:24:18 | 000,302,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress) DRV:64bit: - [2011.10.19 13:19:08 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) DRV:64bit: - [2011.10.19 13:19:08 | 000,195,072 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) DRV:64bit: - [2011.10.13 23:05:48 | 010,629,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2011.10.13 10:05:48 | 010,629,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.03.29 18:13:40 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf) DRV:64bit: - [2011.03.29 18:11:48 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.09.07 14:09:34 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi) DRV:64bit: - [2010.02.05 10:14:14 | 000,736,840 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF) DRV:64bit: - [2009.10.13 14:12:14 | 000,259,624 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WwanUsbMp64.sys -- (WwanUsbServ) DRV:64bit: - [2009.10.05 17:58:18 | 000,649,216 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2009.09.22 09:10:56 | 000,017,408 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wwussf64.sys -- (ecnssndisfltr) DRV:64bit: - [2009.09.22 09:10:56 | 000,012,800 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wwuss64.sys -- (ecnssndis) DRV:64bit: - [2009.09.03 20:14:30 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp) DRV:64bit: - [2009.09.03 19:59:28 | 000,054,784 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2009.09.03 19:37:02 | 000,067,072 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2009.08.21 13:59:20 | 000,344,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaNvStor.sys -- (iaNvStor) DRV:64bit: - [2009.08.07 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.07.10 14:53:24 | 000,096,296 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36wgps64.sys -- (e36wgps) DRV:64bit: - [2009.06.30 14:38:52 | 000,376,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36gmgmt.sys -- (e36gmgmt) DRV:64bit: - [2009.06.30 14:38:50 | 000,432,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36gmdm.sys -- (e36gmdm) DRV:64bit: - [2009.06.30 14:38:50 | 000,328,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36gbus.sys -- (e36gbus) DRV:64bit: - [2009.06.30 14:38:50 | 000,019,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e36gmdfl.sys -- (e36gmdfl) DRV:64bit: - [2009.06.30 13:05:16 | 001,486,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV) DRV:64bit: - [2009.06.30 13:01:16 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL) DRV:64bit: - [2009.06.30 12:59:54 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf) DRV:64bit: - [2009.06.23 12:50:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.06.11 16:04:54 | 003,531,136 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.11 10:33:56 | 000,118,016 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LenovoRd.sys -- (LenovoRd) DRV:64bit: - [2009.04.29 11:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio) DRV:64bit: - [2006.06.18 22:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk) DRV - [2010.09.08 22:15:34 | 000,024,560 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\PC-Doctor\pcdsrvc_x64.pkms -- (PCDSRVC{127174DC-C366ED8B-06020000}_0) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Gadgetbox Search IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = hxxp://search.gboxapp.com/?q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Free: Avira Search Free powered by Ask.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 88 43 51 9B D6 CC 01 [binary data] IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) IE - HKCU\..\SearchScopes,DefaultScope = {01bd49d7-c76b-4310-8beb-14d7e5f322c6} IE - HKCU\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = hxxp://search.gboxapp.com/?q={searchTerms} IE - HKCU\..\SearchScopes\{236DBA38-7E3C-45BB-9721-1EE4C4892BF0}: "URL" = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=2839f3e4e6ee456888bdb402f73ae72e&tu=10G90006H1B000c&sku=&tstsId=&ver=&&r=894 IE - HKCU\..\SearchScopes\{66A01331-CE2A-4EFA-9992-E6F421359035}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=8e22726b-c9bb-4fff-86fd-b4ec83fa197f&apn_sauid=7D631E7D-4ADC-4F68-B147-9FB5F3CB571A IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.10.24 08:08:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.01.16 12:53:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.10.24 08:08:02 | 000,000,000 | ---D | M] [2013.01.24 12:34:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - homepage: Gadgetbox Search CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl\7.15.19.38091_0\ CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajkcghkdbhohfpkdcicccjognhblgpik\1\ CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\ CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao\1.1.9.18_0\ CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: No name found = C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe (Lenovo) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IaNvSrv] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe () O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Microsoft Works Portfolio] C:\Program Files (x86)\Microsoft Works\WksSb.exe (Microsoft® Corporation) O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Program Files (x86)\Microsoft Works\WkDetect.exe (Microsoft® Corporation) O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found O4 - HKLM..\Run: [WorksFUD] C:\Program Files (x86)\Microsoft Works\wkfud.exe (Microsoft® Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = @biocpl.dll,-1 O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: microsoft.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.update] * in Trusted sites) O15 - HKCU\..Trusted Domains: microsoft.com ([*.windowsupdate] * in Trusted sites) O15 - HKCU\..Trusted Domains: windowsupdate.com ([]* in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0011F76C-9359-4377-9A4D-A26236A2646F}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{205D2348-29A6-46F6-8159-A76D1164952A}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51717282-32BD-462C-83A3-EC0658971197}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\ipp - No CLSID value found O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~2\saveby~1\sprote~1.dll) - c:\progra~2\saveby~1\sprote~1.dll () O20 - AppInit_DLLs: (c:\progra~2\gadget~1\sprote~1.dll) - c:\progra~2\gadget~1\sprote~1.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\ATFUS: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.16 12:03:55 | 000,000,000 | ---D | C] -- C:\global [2013.02.14 08:44:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.02.14 08:44:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.02.14 08:44:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.02.14 08:44:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.02.14 08:44:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.02.14 08:44:44 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.02.14 08:44:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.02.14 08:44:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.02.14 08:44:43 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.14 08:44:43 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.02.14 08:44:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.02.14 08:44:43 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.14 08:44:42 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.14 08:44:42 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.14 08:44:42 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.02.14 07:49:46 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.02.14 07:49:45 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.02.14 07:49:45 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.02.14 07:49:39 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.02.14 07:49:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.02.14 07:49:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.02.14 07:49:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.02.14 07:49:38 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.02.14 07:49:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.02.14 07:49:36 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.02.12 09:42:13 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Avira [2013.02.12 09:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.02.12 09:36:40 | 000,000,000 | ---D | C] -- C:\Firefox [2013.02.12 09:36:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2013.02.12 09:36:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\APN [2013.02.12 09:36:24 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.02.12 09:36:24 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.02.12 09:36:24 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.02.12 09:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.02.12 09:36:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.02.11 13:38:27 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\PackageAware [2013.02.11 13:38:18 | 000,000,000 | ---D | C] -- C:\Users\user\EasternGraphics [2013.02.11 13:37:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\{59E3981A-853B-4024-80E5-72FC64DF4CB7} [2013.02.11 13:37:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\{7BE3E677-6B29-44AE-9DAC-F8C0C4964BA7} [2013.02.11 13:37:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasternGraphics [2013.02.11 13:37:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasternGraphics [2013.02.11 13:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\EasternGraphics [2013.02.11 13:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GadgetBox [2013.01.30 19:23:37 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Macromedia [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.27 11:53:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.27 11:37:22 | 000,033,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.27 11:37:22 | 000,033,488 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.27 11:34:18 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.27 11:34:18 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.27 11:34:18 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.27 11:34:18 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.27 11:34:18 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.27 11:31:13 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.27 11:29:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.02.27 11:29:35 | 2334,150,656 | -HS- | M] () -- C:\hiberfil.sys [2013.02.27 10:01:36 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2013.02.21 20:12:41 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2013.02.21 12:48:51 | 000,577,519 | ---- | M] () -- C:\Users\user\Desktop\Scannen0001.pdf [2013.02.20 22:04:13 | 000,220,204 | ---- | M] () -- C:\Users\user\Desktop\plz01-09.pdf [2013.02.20 22:03:26 | 000,246,406 | ---- | M] () -- C:\Users\user\Desktop\plz 95-99.pdf [2013.02.14 13:10:14 | 000,032,261 | ---- | M] () -- C:\Users\user\Desktop\AuthInfo.pdf [2013.02.14 12:34:56 | 000,077,803 | ---- | M] () -- C:\Users\user\Desktop\banner4.jpg [2013.02.14 11:35:40 | 000,394,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.13 14:03:23 | 000,029,673 | ---- | M] () -- C:\Users\user\Desktop\rechnung brautkleid.pdf [2013.02.13 13:54:48 | 000,119,480 | ---- | M] () -- C:\Users\user\Desktop\Stellenangebot klaf.pdf [2013.02.12 09:36:54 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.02.11 13:37:25 | 000,001,279 | ---- | M] () -- C:\Users\Public\Desktop\pCon.planner 6.lnk [2013.01.30 20:34:18 | 000,019,160 | ---- | M] () -- C:\Users\user\Desktop\u3.jpg [2013.01.30 13:21:03 | 000,001,129 | -H-- | M] () -- C:\Windows\SysWow64\BTImages.dat [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.21 12:48:51 | 000,577,519 | ---- | C] () -- C:\Users\user\Desktop\Scannen0001.pdf [2013.02.20 22:04:13 | 000,220,204 | ---- | C] () -- C:\Users\user\Desktop\plz01-09.pdf [2013.02.20 22:03:26 | 000,246,406 | ---- | C] () -- C:\Users\user\Desktop\plz 95-99.pdf [2013.02.14 13:10:14 | 000,032,261 | ---- | C] () -- C:\Users\user\Desktop\AuthInfo.pdf [2013.02.14 12:34:50 | 000,077,803 | ---- | C] () -- C:\Users\user\Desktop\banner4.jpg [2013.02.13 14:03:21 | 000,029,673 | ---- | C] () -- C:\Users\user\Desktop\rechnung brautkleid.pdf [2013.02.13 13:54:47 | 000,119,480 | ---- | C] () -- C:\Users\user\Desktop\Stellenangebot klaf.pdf [2013.02.12 09:36:54 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.02.11 13:37:25 | 000,001,279 | ---- | C] () -- C:\Users\Public\Desktop\pCon.planner 6.lnk [2013.01.30 20:34:15 | 000,019,160 | ---- | C] () -- C:\Users\user\Desktop\u3.jpg [2013.01.30 13:20:41 | 000,001,129 | -H-- | C] () -- C:\Windows\SysWow64\BTImages.dat [2012.10.24 08:06:21 | 000,146,755 | ---- | C] () -- C:\Windows\hpoins44.dat.temp [2012.10.24 08:06:21 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat.temp [2012.10.23 11:06:21 | 000,179,573 | ---- | C] () -- C:\Windows\hpoins44.dat [2012.10.23 11:06:21 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat [2012.10.16 20:48:13 | 000,001,471 | ---- | C] () -- C:\Windows\ODBCINST.INI [2012.10.16 20:48:13 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012.05.30 10:44:19 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.04.24 15:49:42 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2012.04.24 15:49:42 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin [2012.04.24 15:49:40 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2012.04.24 15:48:51 | 000,232,448 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2uvc.dll [2012.04.24 15:48:51 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
27.02.2013, 13:09
| #4 |
| /// Malware-holic | Virus - ads by browse to save Hi, Hi, otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found
O20:64bit: - Winlogon\Notify\ATFUS: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
:files
:Commands
[emptytemp]
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2013, 19:56
| #5 |
| | Virus - ads by browse to save Okay, alles genauso ausgeführt. Hier der Text: All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PWMTRV deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ATFUS\ deleted successfully. ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: user ->Temp folder emptied: 874276299 bytes ->Temporary Internet Files folder emptied: 35536148 bytes ->Google Chrome cache emptied: 497662256 bytes ->Flash cache emptied: 1030 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 525792 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 127283307 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes RecycleBin emptied: 913069924 bytes Total Files Cleaned = 2.335,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 02272013_193415 Files\Folders moved on Reboot... C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... |
|
27.02.2013, 19:58
| #6 |
| /// Malware-holic | Virus - ads by browse to save Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Virus - ads by browse to save |
|
27.02.2013, 20:28
| #7 |
| | Virus - ads by browse to save hallo, das hier wird jetzt angezeigt: 20:19:57.0943 7124 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18 20:20:24.0041 7124 ============================================================ 20:20:24.0041 7124 Current date / time: 2013/02/27 20:20:24.0041 20:20:24.0041 7124 SystemInfo: 20:20:24.0041 7124 20:20:24.0042 7124 OS Version: 6.1.7601 ServicePack: 1.0 20:20:24.0042 7124 Product type: Workstation 20:20:24.0042 7124 ComputerName: USER-PC 20:20:24.0045 7124 UserName: user 20:20:24.0046 7124 Windows directory: C:\Windows 20:20:24.0046 7124 System windows directory: C:\Windows 20:20:24.0046 7124 Running under WOW64 20:20:24.0046 7124 Processor architecture: Intel x64 20:20:24.0046 7124 Number of processors: 2 20:20:24.0046 7124 Page size: 0x1000 20:20:24.0046 7124 Boot type: Normal boot 20:20:24.0046 7124 ============================================================ 20:20:24.0965 7124 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040 20:20:24.0978 7124 ============================================================ 20:20:24.0978 7124 \Device\Harddisk0\DR0: 20:20:24.0982 7124 MBR partitions: 20:20:24.0982 7124 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 20:20:24.0982 7124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E7000 20:20:24.0982 7124 ============================================================ 20:20:25.0000 7124 C: <-> \Device\Harddisk0\DR0\Partition1 20:20:25.0001 7124 ============================================================ 20:20:25.0001 7124 Initialize success 20:20:25.0001 7124 ============================================================ 20:21:33.0598 4140 ============================================================ 20:21:33.0598 4140 Scan started 20:21:33.0598 4140 Mode: Manual; SigCheck; TDLFS; 20:21:33.0598 4140 ============================================================ 20:21:34.0496 4140 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 20:21:34.0675 4140 1394ohci - ok 20:21:34.0728 4140 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 20:21:34.0784 4140 ACPI - ok 20:21:34.0829 4140 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 20:21:34.0891 4140 AcpiPmi - ok 20:21:35.0009 4140 AcPrfMgrSvc (1933db4808793f3bd7ab34a39a809425) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe 20:21:35.0091 4140 AcPrfMgrSvc - ok 20:21:35.0145 4140 AcSvc (e7af543334b21d84124709061a9ae4d7) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe 20:21:35.0230 4140 AcSvc - ok 20:21:35.0278 4140 ADMonitor (ae30df1dcd92afaa9d80405fcffa05e4) C:\Windows\system32\ADMonitor.exe 20:21:35.0343 4140 ADMonitor ( UnsignedFile.Multi.Generic ) - warning 20:21:35.0343 4140 ADMonitor - detected UnsignedFile.Multi.Generic (1) 20:21:35.0402 4140 AdobeARMservice (d19c4ee2ac7c47b8f5f84fff1a789d8a) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 20:21:35.0471 4140 AdobeARMservice - ok 20:21:35.0551 4140 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 20:21:35.0624 4140 adp94xx - ok 20:21:35.0669 4140 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 20:21:35.0715 4140 adpahci - ok 20:21:35.0736 4140 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 20:21:35.0774 4140 adpu320 - ok 20:21:35.0803 4140 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 20:21:35.0879 4140 AeLookupSvc - ok 20:21:35.0952 4140 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 20:21:36.0026 4140 AFD - ok 20:21:36.0059 4140 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 20:21:36.0088 4140 agp440 - ok 20:21:36.0103 4140 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 20:21:36.0188 4140 ALG - ok 20:21:36.0215 4140 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 20:21:36.0240 4140 aliide - ok 20:21:36.0304 4140 AMD External Events Utility (0f9c6a1cb7213f32c7ea142f5b58d45e) C:\Windows\system32\atiesrxx.exe 20:21:36.0431 4140 AMD External Events Utility - ok 20:21:36.0448 4140 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 20:21:36.0500 4140 amdide - ok 20:21:36.0539 4140 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 20:21:36.0620 4140 AmdK8 - ok 20:21:37.0287 4140 amdkmdag (be2fd7291550d3c6ef3a0e73dec7071a) C:\Windows\system32\DRIVERS\atikmdag.sys 20:21:37.0663 4140 amdkmdag - ok 20:21:37.0808 4140 amdkmdap (69b3d653847933ac9ae59f071694dc58) C:\Windows\system32\DRIVERS\atikmpag.sys 20:21:37.0904 4140 amdkmdap - ok 20:21:37.0924 4140 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 20:21:37.0964 4140 AmdPPM - ok 20:21:38.0026 4140 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 20:21:38.0088 4140 amdsata - ok 20:21:38.0122 4140 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 20:21:38.0192 4140 amdsbs - ok 20:21:38.0211 4140 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 20:21:38.0251 4140 amdxata - ok 20:21:38.0299 4140 AMPPAL (12e7a43a3c6840a063a82b04f7ef47c0) C:\Windows\system32\DRIVERS\AMPPAL.sys 20:21:38.0393 4140 AMPPAL - ok 20:21:38.0411 4140 AMPPALP (12e7a43a3c6840a063a82b04f7ef47c0) C:\Windows\system32\DRIVERS\amppal.sys 20:21:38.0451 4140 AMPPALP - ok 20:21:38.0582 4140 AMPPALR3 (2cc0cbf2707be4d5b6ce6b87d9da2f97) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 20:21:38.0682 4140 AMPPALR3 - ok 20:21:38.0783 4140 AntiVirSchedulerService (459465da28e49b358ecfe0d788f328f4) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 20:21:38.0838 4140 AntiVirSchedulerService - ok 20:21:38.0899 4140 AntiVirService (bcdd17e8469d647a71b347c4b6f86685) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 20:21:38.0971 4140 AntiVirService - ok 20:21:39.0055 4140 AntiVirWebService (d05b3eb1f1c8c7199d84c9d68d35fd78) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE 20:21:39.0180 4140 AntiVirWebService - ok 20:21:39.0307 4140 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 20:21:39.0412 4140 AppID - ok 20:21:39.0435 4140 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 20:21:39.0513 4140 AppIDSvc - ok 20:21:39.0545 4140 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 20:21:39.0610 4140 Appinfo - ok 20:21:39.0650 4140 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 20:21:39.0725 4140 AppMgmt - ok 20:21:39.0761 4140 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 20:21:39.0781 4140 arc - ok 20:21:39.0797 4140 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 20:21:39.0817 4140 arcsas - ok 20:21:39.0845 4140 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 20:21:39.0925 4140 AsyncMac - ok 20:21:39.0962 4140 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 20:21:40.0001 4140 atapi - ok 20:21:40.0610 4140 atikmdag (be2fd7291550d3c6ef3a0e73dec7071a) C:\Windows\system32\DRIVERS\atikmdag.sys 20:21:40.0722 4140 atikmdag - ok 20:21:41.0029 4140 ATService (b0057f384cfc33a851f4fd9c0a7af0fe) C:\Windows\system32\ATService.exe 20:21:41.0264 4140 ATService - ok 20:21:41.0408 4140 ATSwpWDF (17b8d955be11b001456c47c5cfab1054) C:\Windows\system32\Drivers\ATSwpWDF.sys 20:21:41.0482 4140 ATSwpWDF - ok 20:21:41.0573 4140 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:21:41.0718 4140 AudioEndpointBuilder - ok 20:21:41.0726 4140 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 20:21:41.0786 4140 AudioSrv - ok 20:21:41.0862 4140 avgntflt (bfe9598ebc3934cf8d876a303849c896) C:\Windows\system32\DRIVERS\avgntflt.sys 20:21:41.0901 4140 avgntflt - ok 20:21:41.0944 4140 avipbb (f74d86a9fb35fa5f24627b8dbbf3a9a4) C:\Windows\system32\DRIVERS\avipbb.sys 20:21:41.0989 4140 avipbb - ok 20:21:42.0021 4140 avkmgr (cd0e732347bf09717e0bddc0c66699ab) C:\Windows\system32\DRIVERS\avkmgr.sys 20:21:42.0037 4140 avkmgr - ok 20:21:42.0097 4140 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 20:21:42.0214 4140 AxInstSV - ok 20:21:42.0273 4140 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 20:21:42.0367 4140 b06bdrv - ok 20:21:42.0411 4140 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 20:21:42.0474 4140 b57nd60a - ok 20:21:42.0537 4140 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 20:21:42.0626 4140 BDESVC - ok 20:21:42.0640 4140 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 20:21:42.0725 4140 Beep - ok 20:21:42.0811 4140 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 20:21:42.0913 4140 BFE - ok 20:21:43.0003 4140 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 20:21:43.0110 4140 BITS - ok 20:21:43.0160 4140 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 20:21:43.0228 4140 blbdrive - ok 20:21:43.0280 4140 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 20:21:43.0345 4140 bowser - ok 20:21:43.0374 4140 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:21:43.0443 4140 BrFiltLo - ok 20:21:43.0460 4140 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:21:43.0509 4140 BrFiltUp - ok 20:21:43.0543 4140 Browser (05f5a0d14a2ee1d8255c2aa0e9e8e694) C:\Windows\System32\browser.dll 20:21:43.0585 4140 Browser - ok 20:21:43.0842 4140 BrowserProtect (fa127ac8bdf668903543d29c96b31632) C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe 20:21:43.0991 4140 BrowserProtect - ok 20:21:44.0210 4140 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 20:21:44.0314 4140 Brserid - ok 20:21:44.0331 4140 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 20:21:44.0379 4140 BrSerWdm - ok 20:21:44.0401 4140 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:21:44.0439 4140 BrUsbMdm - ok 20:21:44.0453 4140 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 20:21:44.0495 4140 BrUsbSer - ok 20:21:44.0547 4140 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 20:21:44.0640 4140 BthEnum - ok 20:21:44.0656 4140 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 20:21:44.0728 4140 BTHMODEM - ok 20:21:44.0767 4140 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 20:21:44.0830 4140 BthPan - ok 20:21:44.0888 4140 BTHPORT (738d0e9272f59eb7a1449c3ec118e6c4) C:\Windows\System32\Drivers\BTHport.sys 20:21:44.0982 4140 BTHPORT - ok 20:21:45.0028 4140 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 20:21:45.0157 4140 bthserv - ok 20:21:45.0229 4140 BTHSSecurityMgr (d6ceec2f878149e4db9fe93fa5d8fe60) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 20:21:45.0257 4140 BTHSSecurityMgr - ok 20:21:45.0300 4140 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 20:21:45.0373 4140 BTHUSB - ok 20:21:45.0428 4140 CAXHWAZL (48360b88c4bf45850653bb7c86888ed4) C:\Windows\system32\DRIVERS\CAXHWAZL.sys 20:21:45.0482 4140 CAXHWAZL - ok 20:21:45.0514 4140 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 20:21:45.0601 4140 cdfs - ok 20:21:45.0649 4140 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 20:21:45.0686 4140 cdrom - ok 20:21:45.0729 4140 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:21:45.0826 4140 CertPropSvc - ok 20:21:45.0846 4140 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 20:21:45.0922 4140 circlass - ok 20:21:45.0974 4140 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 20:21:46.0026 4140 CLFS - ok 20:21:46.0085 4140 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:21:46.0170 4140 clr_optimization_v2.0.50727_32 - ok 20:21:46.0215 4140 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 20:21:46.0266 4140 clr_optimization_v2.0.50727_64 - ok 20:21:46.0354 4140 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:21:46.0415 4140 clr_optimization_v4.0.30319_32 - ok 20:21:46.0452 4140 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 20:21:46.0477 4140 clr_optimization_v4.0.30319_64 - ok 20:21:46.0508 4140 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 20:21:46.0543 4140 CmBatt - ok 20:21:46.0575 4140 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 20:21:46.0600 4140 cmdide - ok 20:21:46.0654 4140 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 20:21:46.0770 4140 CNG - ok 20:21:46.0847 4140 CnxtHdAudService (d3c4f72e8f8dc523b02a0c313ceeea99) C:\Windows\system32\drivers\CHDRT64.sys 20:21:46.0968 4140 CnxtHdAudService - ok 20:21:46.0999 4140 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 20:21:47.0051 4140 Compbatt - ok 20:21:47.0089 4140 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 20:21:47.0141 4140 CompositeBus - ok 20:21:47.0154 4140 COMSysApp - ok 20:21:47.0178 4140 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 20:21:47.0205 4140 crcdisk - ok 20:21:47.0252 4140 CryptSvc (9c01375be382e834cc26d1b7eaf2c4fe) C:\Windows\system32\cryptsvc.dll 20:21:47.0302 4140 CryptSvc - ok 20:21:47.0367 4140 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 20:21:47.0456 4140 CSC - ok 20:21:47.0510 4140 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 20:21:47.0611 4140 CscService - ok 20:21:47.0672 4140 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:21:47.0784 4140 DcomLaunch - ok 20:21:47.0824 4140 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 20:21:47.0977 4140 defragsvc - ok 20:21:48.0048 4140 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 20:21:48.0172 4140 DfsC - ok 20:21:48.0231 4140 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 20:21:48.0361 4140 Dhcp - ok 20:21:48.0392 4140 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 20:21:48.0459 4140 discache - ok 20:21:48.0492 4140 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 20:21:48.0523 4140 Disk - ok 20:21:48.0553 4140 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 20:21:48.0622 4140 Dnscache - ok 20:21:48.0677 4140 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 20:21:48.0824 4140 dot3svc - ok 20:21:48.0881 4140 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys 20:21:48.0951 4140 Dot4 - ok 20:21:48.0968 4140 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys 20:21:49.0029 4140 Dot4Print - ok 20:21:49.0069 4140 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys 20:21:49.0110 4140 dot4usb - ok 20:21:49.0203 4140 DozeSvc (9597bcb69286ff017db1a0fb8144408d) C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE 20:21:49.0273 4140 DozeSvc - ok 20:21:49.0311 4140 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 20:21:49.0376 4140 DPS - ok 20:21:49.0407 4140 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 20:21:49.0472 4140 drmkaud - ok 20:21:49.0501 4140 dtsvc (e12ea64f18947ad7b6160dbc45995f84) C:\Windows\system32\DTS.exe 20:21:49.0526 4140 dtsvc ( UnsignedFile.Multi.Generic ) - warning 20:21:49.0526 4140 dtsvc - detected UnsignedFile.Multi.Generic (1) 20:21:49.0630 4140 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 20:21:49.0722 4140 DXGKrnl - ok 20:21:49.0761 4140 DzHDD64 (3ce83d7ee95d9c9f03323810a2e747df) C:\Windows\system32\DRIVERS\DzHDD64.sys 20:21:49.0785 4140 DzHDD64 - ok 20:21:49.0835 4140 e1yexpress (11d0eca73ab25135f65656b93adbcb3d) C:\Windows\system32\DRIVERS\e1y62x64.sys 20:21:49.0882 4140 e1yexpress - ok 20:21:49.0946 4140 e36gbus (24bc0ec911009700caa38a8867a0f22a) C:\Windows\system32\DRIVERS\e36gbus.sys 20:21:50.0018 4140 e36gbus - ok 20:21:50.0048 4140 e36gmdfl (9b926801eacc6f04708ffaaededb9bb9) C:\Windows\system32\DRIVERS\e36gmdfl.sys 20:21:50.0089 4140 e36gmdfl - ok 20:21:50.0152 4140 e36gmdm (11a92b46e40ffb09ba010d95f5577d8b) C:\Windows\system32\DRIVERS\e36gmdm.sys 20:21:50.0230 4140 e36gmdm - ok 20:21:50.0268 4140 e36gmgmt (eb82c999e14c74d07133521ca37aa5c3) C:\Windows\system32\DRIVERS\e36gmgmt.sys 20:21:50.0341 4140 e36gmgmt - ok 20:21:50.0362 4140 e36wgps (7b2260b796d5de34ede7ae483005fcbb) C:\Windows\system32\DRIVERS\e36wgps64.sys 20:21:50.0388 4140 e36wgps - ok 20:21:50.0430 4140 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 20:21:50.0541 4140 EapHost - ok 20:21:50.0787 4140 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 20:21:50.0972 4140 ebdrv - ok 20:21:51.0089 4140 ecnssndis (7e63b3e6b7ae2e458c8a77bb6736a18a) C:\Windows\system32\Drivers\wwuss64.sys 20:21:51.0159 4140 ecnssndis - ok 20:21:51.0196 4140 ecnssndisfltr (5acc585e735191f83abbfdc7c54a2f0e) C:\Windows\system32\Drivers\wwussf64.sys 20:21:51.0251 4140 ecnssndisfltr - ok 20:21:51.0289 4140 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 20:21:51.0363 4140 EFS - ok 20:21:51.0457 4140 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 20:21:51.0611 4140 ehRecvr - ok 20:21:51.0639 4140 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 20:21:51.0734 4140 ehSched - ok 20:21:51.0813 4140 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 20:21:51.0902 4140 elxstor - ok 20:21:51.0934 4140 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 20:21:52.0013 4140 ErrDev - ok 20:21:52.0069 4140 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 20:21:52.0151 4140 EventSystem - ok 20:21:52.0322 4140 EvtEng (532b8ff8e07f3772b086620377654f95) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 20:21:52.0469 4140 EvtEng - ok 20:21:52.0611 4140 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 20:21:52.0734 4140 exfat - ok 20:21:52.0758 4140 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 20:21:52.0839 4140 fastfat - ok 20:21:52.0914 4140 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 20:21:53.0017 4140 Fax - ok 20:21:53.0048 4140 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 20:21:53.0106 4140 fdc - ok 20:21:53.0140 4140 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 20:21:53.0194 4140 fdPHost - ok 20:21:53.0204 4140 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 20:21:53.0252 4140 FDResPub - ok 20:21:53.0268 4140 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 20:21:53.0288 4140 FileInfo - ok 20:21:53.0299 4140 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 20:21:53.0348 4140 Filetrace - ok 20:21:53.0365 4140 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 20:21:53.0393 4140 flpydisk - ok 20:21:53.0464 4140 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 20:21:53.0515 4140 FltMgr - ok 20:21:53.0613 4140 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 20:21:53.0728 4140 FontCache - ok 20:21:53.0812 4140 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:21:53.0870 4140 FontCache3.0.0.0 - ok 20:21:53.0904 4140 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 20:21:53.0949 4140 FsDepends - ok 20:21:53.0969 4140 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 20:21:53.0995 4140 Fs_Rec - ok 20:21:54.0050 4140 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 20:21:54.0115 4140 fvevol - ok 20:21:54.0152 4140 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:21:54.0193 4140 gagp30kx - ok 20:21:54.0276 4140 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 20:21:54.0415 4140 gpsvc - ok 20:21:54.0508 4140 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:21:54.0527 4140 gupdate - ok 20:21:54.0531 4140 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:21:54.0545 4140 gupdatem - ok 20:21:54.0557 4140 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 20:21:54.0598 4140 hcw85cir - ok 20:21:54.0665 4140 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 20:21:54.0768 4140 HdAudAddService - ok 20:21:54.0804 4140 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 20:21:54.0867 4140 HDAudBus - ok 20:21:54.0890 4140 HECIx64 (15c9789470b8855ac2f54fdf96802d13) C:\Windows\system32\DRIVERS\HECIx64.sys 20:21:54.0914 4140 HECIx64 - ok 20:21:54.0931 4140 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 20:21:54.0958 4140 HidBatt - ok 20:21:54.0977 4140 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 20:21:55.0023 4140 HidBth - ok 20:21:55.0042 4140 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 20:21:55.0074 4140 HidIr - ok 20:21:55.0101 4140 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 20:21:55.0154 4140 hidserv - ok 20:21:55.0183 4140 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 20:21:55.0235 4140 HidUsb - ok 20:21:55.0266 4140 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 20:21:55.0344 4140 hkmsvc - ok 20:21:55.0388 4140 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 20:21:55.0478 4140 HomeGroupListener - ok 20:21:55.0516 4140 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 20:21:55.0551 4140 HomeGroupProvider - ok 20:21:55.0732 4140 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 20:21:56.0858 4140 hpqcxs08 - ok 20:21:56.0894 4140 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 20:21:56.0913 4140 hpqddsvc - ok 20:21:56.0964 4140 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 20:21:57.0006 4140 HpSAMD - ok 20:21:57.0117 4140 HsfXAudioService (447256d1c026654c5cd3cc17e7b20631) C:\Windows\SysWOW64\XAudio64.dll 20:21:57.0220 4140 HsfXAudioService - ok 20:21:57.0345 4140 HSF_DPV (f6ac1087a131fbb385400667bea64fbe) C:\Windows\system32\DRIVERS\CAX_DPV.sys 20:21:57.0484 4140 HSF_DPV - ok 20:21:57.0666 4140 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 20:21:57.0850 4140 HTTP - ok 20:21:57.0878 4140 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 20:21:57.0904 4140 hwpolicy - ok 20:21:57.0944 4140 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 20:21:57.0979 4140 i8042prt - ok 20:21:58.0105 4140 IAANTMON (0e899d0db39617aa0b2f992e7e95b5eb) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe 20:21:58.0196 4140 IAANTMON - ok 20:21:58.0259 4140 iaNvStor (051e73f94f932b5975b6765e3b2f7dc6) C:\Windows\system32\DRIVERS\iaNvStor.sys 20:21:58.0326 4140 iaNvStor - ok 20:21:58.0370 4140 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys 20:21:58.0395 4140 iaStor - ok 20:21:58.0446 4140 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 20:21:58.0539 4140 iaStorV - ok 20:21:58.0563 4140 IBMPMDRV (72b253cdbcaa10e88aad0ba39cc83bcd) C:\Windows\system32\DRIVERS\ibmpmdrv.sys 20:21:58.0614 4140 IBMPMDRV - ok 20:21:58.0630 4140 IBMPMSVC (4925ffb084c9ad02e8eef01fb18bf5ac) C:\Windows\system32\ibmpmsvc.exe 20:21:58.0656 4140 IBMPMSVC - ok 20:21:58.0789 4140 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 20:21:58.0929 4140 idsvc - ok 20:21:59.0711 4140 igfx (4eaa4261e1ad4b860657cada790b9b38) C:\Windows\system32\DRIVERS\igdkmd64.sys 20:22:00.0085 4140 igfx - ok 20:22:00.0208 4140 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 20:22:00.0237 4140 iirsp - ok 20:22:00.0308 4140 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 20:22:00.0393 4140 IKEEXT - ok 20:22:00.0416 4140 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 20:22:00.0433 4140 intelide - ok 20:22:01.0178 4140 intelkmd (4eaa4261e1ad4b860657cada790b9b38) C:\Windows\system32\DRIVERS\igdpmd64.sys 20:22:01.0519 4140 intelkmd - ok 20:22:01.0657 4140 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 20:22:01.0706 4140 intelppm - ok 20:22:01.0736 4140 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 20:22:01.0804 4140 IPBusEnum - ok 20:22:01.0836 4140 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:22:01.0919 4140 IpFilterDriver - ok 20:22:01.0990 4140 iphlpsvc (08c2957bb30058e663720c5606885653) C:\Windows\System32\iphlpsvc.dll 20:22:02.0061 4140 iphlpsvc - ok 20:22:02.0095 4140 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 20:22:02.0164 4140 IPMIDRV - ok 20:22:02.0190 4140 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 20:22:02.0320 4140 IPNAT - ok 20:22:02.0343 4140 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 20:22:02.0388 4140 IRENUM - ok 20:22:02.0407 4140 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 20:22:02.0434 4140 isapnp - ok 20:22:02.0461 4140 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 20:22:02.0510 4140 iScsiPrt - ok 20:22:02.0532 4140 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 20:22:02.0560 4140 kbdclass - ok 20:22:02.0604 4140 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 20:22:02.0667 4140 kbdhid - ok 20:22:02.0706 4140 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:22:02.0730 4140 KeyIso - ok 20:22:02.0768 4140 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 20:22:02.0800 4140 KSecDD - ok 20:22:02.0824 4140 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 20:22:02.0865 4140 KSecPkg - ok 20:22:02.0876 4140 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 20:22:02.0933 4140 ksthunk - ok 20:22:02.0983 4140 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 20:22:03.0116 4140 KtmRm - ok 20:22:03.0160 4140 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 20:22:03.0270 4140 LanmanServer - ok 20:22:03.0309 4140 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 20:22:03.0389 4140 LanmanWorkstation - ok 20:22:03.0457 4140 LENOVO.CAMMUTE (cab9c6c37fd0f9612b269349116504b6) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe 20:22:03.0515 4140 LENOVO.CAMMUTE - ok 20:22:03.0569 4140 LENOVO.MICMUTE (340288b3b2edc8afd5ff127df85142a7) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 20:22:03.0624 4140 LENOVO.MICMUTE - ok 20:22:03.0651 4140 lenovo.smi (2b9d8555dc004e240082d18e7725ce20) C:\Windows\system32\DRIVERS\smiifx64.sys 20:22:03.0672 4140 lenovo.smi - ok 20:22:03.0707 4140 LENOVO.TPKNRSVC (04b5f7f44ccb2fab615c67ed0e6c8323) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 20:22:03.0746 4140 LENOVO.TPKNRSVC - ok 20:22:03.0775 4140 Lenovo.VIRTSCRLSVC (f7de50781dc4d162c1005eb30d98f931) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe 20:22:03.0822 4140 Lenovo.VIRTSCRLSVC - ok 20:22:03.0862 4140 LenovoRd (606da892a53fa863b67f8d3f8ff016a0) C:\Windows\system32\Drivers\LenovoRd.sys 20:22:03.0944 4140 LenovoRd - ok 20:22:03.0986 4140 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 20:22:04.0118 4140 lltdio - ok 20:22:04.0160 4140 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 20:22:04.0263 4140 lltdsvc - ok 20:22:04.0277 4140 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 20:22:04.0345 4140 lmhosts - ok 20:22:04.0437 4140 LMS (7f697d6eb3e47fbc7757229daee406b4) C:\Program Files (x86)\Intel\AMT\LMS.exe 20:22:04.0457 4140 LMS - ok 20:22:04.0488 4140 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:22:04.0541 4140 LSI_FC - ok 20:22:04.0556 4140 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:22:04.0594 4140 LSI_SAS - ok 20:22:04.0612 4140 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:22:04.0640 4140 LSI_SAS2 - ok 20:22:04.0663 4140 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:22:04.0718 4140 LSI_SCSI - ok 20:22:04.0746 4140 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 20:22:04.0827 4140 luafv - ok 20:22:04.0858 4140 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 20:22:04.0903 4140 Mcx2Svc - ok 20:22:04.0935 4140 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys 20:22:04.0958 4140 mdmxsdk - ok 20:22:04.0984 4140 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 20:22:05.0011 4140 megasas - ok 20:22:05.0040 4140 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 20:22:05.0085 4140 MegaSR - ok 20:22:05.0123 4140 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:22:05.0191 4140 MMCSS - ok 20:22:05.0205 4140 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 20:22:05.0247 4140 Modem - ok 20:22:05.0282 4140 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 20:22:05.0305 4140 monitor - ok 20:22:05.0339 4140 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 20:22:05.0381 4140 mouclass - ok 20:22:05.0406 4140 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 20:22:05.0461 4140 mouhid - ok 20:22:05.0491 4140 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 20:22:05.0558 4140 mountmgr - ok 20:22:05.0600 4140 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 20:22:05.0667 4140 mpio - ok 20:22:05.0708 4140 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 20:22:05.0796 4140 mpsdrv - ok 20:22:05.0891 4140 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 20:22:06.0064 4140 MpsSvc - ok 20:22:06.0111 4140 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 20:22:06.0205 4140 MRxDAV - ok 20:22:06.0257 4140 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:22:06.0329 4140 mrxsmb - ok 20:22:06.0360 4140 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:22:06.0416 4140 mrxsmb10 - ok 20:22:06.0438 4140 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:22:06.0487 4140 mrxsmb20 - ok 20:22:06.0524 4140 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 20:22:06.0551 4140 msahci - ok 20:22:06.0584 4140 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 20:22:06.0639 4140 msdsm - ok 20:22:06.0676 4140 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 20:22:06.0753 4140 MSDTC - ok 20:22:06.0787 4140 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 20:22:06.0870 4140 Msfs - ok 20:22:06.0888 4140 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 20:22:06.0979 4140 mshidkmdf - ok 20:22:06.0995 4140 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 20:22:07.0021 4140 msisadrv - ok 20:22:07.0054 4140 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 20:22:07.0135 4140 MSiSCSI - ok 20:22:07.0140 4140 msiserver - ok 20:22:07.0165 4140 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 20:22:07.0203 4140 MSKSSRV - ok 20:22:07.0211 4140 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 20:22:07.0259 4140 MSPCLOCK - ok 20:22:07.0263 4140 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 20:22:07.0305 4140 MSPQM - ok 20:22:07.0354 4140 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 20:22:07.0424 4140 MsRPC - ok 20:22:07.0464 4140 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 20:22:07.0486 4140 mssmbios - ok 20:22:07.0508 4140 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 20:22:07.0565 4140 MSTEE - ok 20:22:07.0581 4140 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 20:22:07.0615 4140 MTConfig - ok 20:22:07.0643 4140 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 20:22:07.0672 4140 Mup - ok 20:22:07.0742 4140 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 20:22:07.0873 4140 napagent - ok 20:22:07.0918 4140 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 20:22:08.0014 4140 NativeWifiP - ok 20:22:08.0117 4140 NDIS (760e38053bf56e501d562b70ad796b88) C:\Windows\system32\drivers\ndis.sys 20:22:08.0214 4140 NDIS - ok 20:22:08.0248 4140 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 20:22:08.0343 4140 NdisCap - ok 20:22:08.0374 4140 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 20:22:08.0431 4140 NdisTapi - ok 20:22:08.0464 4140 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 20:22:08.0510 4140 Ndisuio - ok 20:22:08.0549 4140 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 20:22:08.0663 4140 NdisWan - ok 20:22:08.0693 4140 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 20:22:08.0761 4140 NDProxy - ok 20:22:08.0824 4140 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll 20:22:08.0875 4140 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 20:22:08.0875 4140 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 20:22:08.0911 4140 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 20:22:09.0014 4140 NetBIOS - ok 20:22:09.0083 4140 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 20:22:09.0181 4140 NetBT - ok 20:22:09.0216 4140 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:22:09.0260 4140 Netlogon - ok 20:22:09.0312 4140 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 20:22:09.0399 4140 Netman - ok 20:22:09.0427 4140 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 20:22:09.0488 4140 netprofm - ok 20:22:09.0558 4140 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:22:09.0631 4140 NetTcpPortSharing - ok 20:22:10.0058 4140 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys 20:22:10.0302 4140 netw5v64 - ok 20:22:11.0032 4140 NETwNs64 (774c9eccef83ab8a3d1466f19809c95f) C:\Windows\system32\DRIVERS\NETwNs64.sys 20:22:11.0329 4140 NETwNs64 - ok 20:22:11.0432 4140 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 20:22:11.0489 4140 nfrd960 - ok 20:22:11.0553 4140 NlaSvc (8ad77806d336673f270db31645267293) C:\Windows\System32\nlasvc.dll 20:22:11.0636 4140 NlaSvc - ok 20:22:11.0650 4140 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 20:22:11.0705 4140 Npfs - ok 20:22:11.0731 4140 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 20:22:11.0770 4140 nsi - ok 20:22:11.0781 4140 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 20:22:11.0825 4140 nsiproxy - ok 20:22:11.0956 4140 Ntfs (e453acf4e7d44e5530b5d5f2b9ca8563) C:\Windows\system32\drivers\Ntfs.sys 20:22:12.0067 4140 Ntfs - ok 20:22:12.0168 4140 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 20:22:12.0239 4140 Null - ok 20:22:12.0282 4140 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 20:22:12.0351 4140 nvraid - ok 20:22:12.0400 4140 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 20:22:12.0456 4140 nvstor - ok 20:22:12.0493 4140 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 20:22:12.0548 4140 nv_agp - ok 20:22:12.0582 4140 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 20:22:12.0628 4140 ohci1394 - ok 20:22:12.0674 4140 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:22:12.0752 4140 p2pimsvc - ok 20:22:12.0789 4140 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 20:22:12.0836 4140 p2psvc - ok 20:22:12.0870 4140 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 20:22:12.0910 4140 Parport - ok 20:22:12.0945 4140 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 20:22:12.0975 4140 partmgr - ok 20:22:12.0998 4140 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 20:22:13.0051 4140 PcaSvc - ok 20:22:13.0138 4140 PCDSRVC{127174DC-C366ED8B-06020000}_0 (acd84d961942e2204a4475f9af356f2e) c:\program files\pc-doctor\pcdsrvc_x64.pkms 20:22:13.0195 4140 PCDSRVC{127174DC-C366ED8B-06020000}_0 - ok 20:22:13.0240 4140 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 20:22:13.0294 4140 pci - ok 20:22:13.0309 4140 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys 20:22:13.0335 4140 pciide - ok 20:22:13.0356 4140 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 20:22:13.0403 4140 pcmcia - ok 20:22:13.0421 4140 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 20:22:13.0440 4140 pcw - ok 20:22:13.0600 4140 PDF Architect Helper Service (a1688a4fb2ec49d040c027ef6dc7a87b) C:\Program Files (x86)\PDF Architect\HelperService.exe 20:22:13.0737 4140 PDF Architect Helper Service - ok 20:22:13.0828 4140 PDF Architect Service (e23ff9b2f8eeab2bdda681c21c48e843) C:\Program Files (x86)\PDF Architect\ConversionService.exe 20:22:13.0967 4140 PDF Architect Service - ok 20:22:14.0134 4140 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 20:22:14.0286 4140 PEAUTH - ok 20:22:14.0394 4140 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 20:22:14.0546 4140 PeerDistSvc - ok 20:22:14.0624 4140 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 20:22:14.0693 4140 PerfHost - ok 20:22:14.0880 4140 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 20:22:15.0027 4140 pla - ok 20:22:15.0091 4140 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 20:22:15.0190 4140 PlugPlay - ok 20:22:15.0251 4140 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll 20:22:15.0284 4140 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 20:22:15.0284 4140 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 20:22:15.0313 4140 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 20:22:15.0360 4140 PNRPAutoReg - ok 20:22:15.0395 4140 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 20:22:15.0422 4140 PNRPsvc - ok 20:22:15.0468 4140 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 20:22:15.0561 4140 PolicyAgent - ok 20:22:15.0585 4140 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 20:22:15.0628 4140 Power - ok 20:22:15.0808 4140 Power Manager DBC Service (75fc38862db8b5897cd96753aca133ed) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE 20:22:15.0931 4140 Power Manager DBC Service - ok 20:22:16.0074 4140 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 20:22:16.0153 4140 PptpMiniport - ok 20:22:16.0180 4140 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 20:22:16.0217 4140 Processor - ok 20:22:16.0276 4140 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 20:22:16.0351 4140 ProfSvc - ok 20:22:16.0391 4140 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:22:16.0436 4140 ProtectedStorage - ok 20:22:16.0469 4140 psadd (05a4779e4994b21473edbe85aabe8030) C:\Windows\system32\DRIVERS\psadd.sys 20:22:16.0512 4140 psadd - ok 20:22:16.0567 4140 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 20:22:16.0706 4140 Psched - ok 20:22:16.0798 4140 PwmEWSvc (dd080f6bf9de8e8dfbe3a7a4d90d3755) C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE 20:22:16.0864 4140 PwmEWSvc - ok 20:22:16.0999 4140 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 20:22:17.0125 4140 ql2300 - ok 20:22:17.0242 4140 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 20:22:17.0309 4140 ql40xx - ok 20:22:17.0346 4140 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 20:22:17.0431 4140 QWAVE - ok 20:22:17.0450 4140 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 20:22:17.0495 4140 QWAVEdrv - ok 20:22:17.0510 4140 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 20:22:17.0577 4140 RasAcd - ok 20:22:17.0613 4140 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:22:17.0697 4140 RasAgileVpn - ok 20:22:17.0707 4140 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 20:22:17.0779 4140 RasAuto - ok 20:22:17.0823 4140 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:22:17.0891 4140 Rasl2tp - ok 20:22:17.0946 4140 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 20:22:18.0060 4140 RasMan - ok 20:22:18.0079 4140 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 20:22:18.0130 4140 RasPppoe - ok 20:22:18.0151 4140 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 20:22:18.0204 4140 RasSstp - ok 20:22:18.0236 4140 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 20:22:18.0334 4140 rdbss - ok 20:22:18.0345 4140 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 20:22:18.0388 4140 rdpbus - ok 20:22:18.0401 4140 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:22:18.0464 4140 RDPCDD - ok 20:22:18.0506 4140 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 20:22:18.0554 4140 RDPDR - ok 20:22:18.0589 4140 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 20:22:18.0639 4140 RDPENCDD - ok 20:22:18.0645 4140 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 20:22:18.0682 4140 RDPREFMP - ok 20:22:18.0728 4140 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 20:22:18.0793 4140 RDPWD - ok 20:22:18.0847 4140 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 20:22:18.0896 4140 rdyboost - ok 20:22:19.0026 4140 RegSrvc (7196be857e29007470ff9b689c7f29a7) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 20:22:19.0134 4140 RegSrvc - ok 20:22:19.0174 4140 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 20:22:19.0258 4140 RemoteAccess - ok 20:22:19.0284 4140 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 20:22:19.0358 4140 RemoteRegistry - ok 20:22:19.0417 4140 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 20:22:19.0498 4140 RFCOMM - ok 20:22:19.0530 4140 rimmptsk (f45d6e12eb99a668f52201637c67c8f5) C:\Windows\system32\DRIVERS\rimmpx64.sys 20:22:19.0580 4140 rimmptsk - ok 20:22:19.0597 4140 rimsptsk (eac02ed935a9c1f2ddd8d985c465b854) C:\Windows\system32\DRIVERS\rimspx64.sys 20:22:19.0630 4140 rimsptsk - ok 20:22:19.0657 4140 rismxdp (931a8f843b4120df527c3684daf77fd9) C:\Windows\system32\DRIVERS\rixdpx64.sys 20:22:19.0682 4140 rismxdp - ok 20:22:19.0712 4140 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 20:22:19.0779 4140 RpcEptMapper - ok 20:22:19.0795 4140 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 20:22:19.0813 4140 RpcLocator - ok 20:22:19.0881 4140 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 20:22:19.0936 4140 RpcSs - ok 20:22:19.0991 4140 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 20:22:20.0116 4140 rspndr - ok 20:22:20.0142 4140 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 20:22:20.0190 4140 s3cap - ok 20:22:20.0225 4140 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:22:20.0271 4140 SamSs - ok 20:22:20.0292 4140 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 20:22:20.0322 4140 sbp2port - ok 20:22:20.0362 4140 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 20:22:20.0440 4140 SCardSvr - ok 20:22:20.0473 4140 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 20:22:20.0538 4140 scfilter - ok 20:22:20.0642 4140 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 20:22:20.0766 4140 Schedule - ok 20:22:20.0805 4140 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 20:22:20.0840 4140 SCPolicySvc - ok 20:22:20.0892 4140 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 20:22:20.0938 4140 sdbus - ok 20:22:20.0964 4140 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 20:22:21.0037 4140 SDRSVC - ok 20:22:21.0074 4140 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 20:22:21.0139 4140 secdrv - ok 20:22:21.0170 4140 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 20:22:21.0240 4140 seclogon - ok 20:22:21.0260 4140 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 20:22:21.0297 4140 SENS - ok 20:22:21.0314 4140 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 20:22:21.0378 4140 SensrSvc - ok 20:22:21.0402 4140 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 20:22:21.0440 4140 Serenum - ok 20:22:21.0468 4140 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 20:22:21.0500 4140 Serial - ok 20:22:21.0536 4140 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 20:22:21.0578 4140 sermouse - ok 20:22:21.0623 4140 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 20:22:21.0715 4140 SessionEnv - ok 20:22:21.0751 4140 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 20:22:21.0810 4140 sffdisk - ok 20:22:21.0820 4140 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 20:22:21.0858 4140 sffp_mmc - ok 20:22:21.0876 4140 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 20:22:21.0905 4140 sffp_sd - ok 20:22:21.0931 4140 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 20:22:21.0971 4140 sfloppy - ok 20:22:22.0011 4140 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 20:22:22.0113 4140 SharedAccess - ok 20:22:22.0149 4140 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 20:22:22.0202 4140 ShellHWDetection - ok 20:22:22.0231 4140 Shockprf (c3f190562fe82efda7ccef305ebad3e3) C:\Windows\system32\DRIVERS\Apsx64.sys 20:22:22.0259 4140 Shockprf - ok 20:22:22.0291 4140 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:22:22.0345 4140 SiSRaid2 - ok 20:22:22.0369 4140 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 20:22:22.0397 4140 SiSRaid4 - ok 20:22:22.0429 4140 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 20:22:22.0483 4140 Smb - ok 20:22:22.0518 4140 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 20:22:22.0565 4140 SNMPTRAP - ok 20:22:22.0855 4140 SNP2UVC (3bcd7556f3222221c31b1577b5527ed7) C:\Windows\system32\DRIVERS\snp2uvc.sys 20:22:23.0017 4140 SNP2UVC - ok 20:22:23.0132 4140 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 20:22:23.0171 4140 spldr - ok 20:22:23.0236 4140 Spooler (85daa09a98c9286d4ea2ba8d0e644377) C:\Windows\System32\spoolsv.exe 20:22:23.0365 4140 Spooler - ok 20:22:23.0657 4140 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 20:22:23.0898 4140 sppsvc - ok 20:22:24.0013 4140 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 20:22:24.0119 4140 sppuinotify - ok 20:22:24.0196 4140 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 20:22:24.0264 4140 srv - ok 20:22:24.0331 4140 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 20:22:24.0394 4140 srv2 - ok 20:22:24.0435 4140 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS 20:22:24.0518 4140 SrvHsfHDA - ok 20:22:24.0633 4140 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS 20:22:24.0738 4140 SrvHsfV92 - ok 20:22:24.0884 4140 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS 20:22:24.0981 4140 SrvHsfWinac - ok 20:22:25.0020 4140 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 20:22:25.0072 4140 srvnet - ok 20:22:25.0126 4140 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 20:22:25.0212 4140 SSDPSRV - ok 20:22:25.0237 4140 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 20:22:25.0308 4140 SstpSvc - ok 20:22:25.0331 4140 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 20:22:25.0358 4140 stexstor - ok 20:22:25.0437 4140 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 20:22:25.0539 4140 stisvc - ok 20:22:25.0572 4140 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 20:22:25.0601 4140 storflt - ok 20:22:25.0635 4140 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll 20:22:25.0677 4140 StorSvc - ok 20:22:25.0696 4140 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 20:22:25.0723 4140 storvsc - ok 20:22:25.0808 4140 SUService (59b5a060a31bd4bab030c4fcd1048292) C:\Program Files (x86)\Lenovo\System Update\SUService.exe 20:22:25.0835 4140 SUService - ok 20:22:25.0853 4140 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 20:22:25.0878 4140 swenum - ok 20:22:25.0942 4140 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 20:22:26.0058 4140 swprv - ok 20:22:26.0122 4140 SynTP (c0b7405c899c485aa0b6f9866a4061cd) C:\Windows\system32\DRIVERS\SynTP.sys 20:22:26.0199 4140 SynTP - ok 20:22:26.0352 4140 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 20:22:26.0491 4140 SysMain - ok 20:22:26.0601 4140 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 20:22:26.0676 4140 TabletInputService - ok 20:22:26.0741 4140 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 20:22:26.0816 4140 TapiSrv - ok 20:22:26.0853 4140 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 20:22:26.0921 4140 TBS - ok 20:22:27.0082 4140 Tcpip (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\drivers\tcpip.sys 20:22:27.0238 4140 Tcpip - ok 20:22:27.0486 4140 TCPIP6 (b62a953f2bf3922c8764a29c34a22899) C:\Windows\system32\DRIVERS\tcpip.sys 20:22:27.0549 4140 TCPIP6 - ok 20:22:27.0643 4140 tcpipreg (1b16d0bd9841794a6e0cde0cef744abc) C:\Windows\system32\drivers\tcpipreg.sys 20:22:27.0693 4140 tcpipreg - ok 20:22:27.0721 4140 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 20:22:27.0760 4140 TDPIPE - ok 20:22:27.0786 4140 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 20:22:27.0831 4140 TDTCP - ok 20:22:27.0886 4140 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 20:22:27.0985 4140 tdx - ok 20:22:28.0020 4140 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 20:22:28.0077 4140 TermDD - ok 20:22:28.0142 4140 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 20:22:28.0314 4140 TermService - ok 20:22:28.0351 4140 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 20:22:28.0387 4140 Themes - ok 20:22:28.0409 4140 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 20:22:28.0464 4140 THREADORDER - ok 20:22:28.0491 4140 TPDIGIMN (1bb77eccbfa3675b1ee8d6d6d37a1e1e) C:\Windows\system32\DRIVERS\ApsHM64.sys 20:22:28.0524 4140 TPDIGIMN - ok 20:22:28.0549 4140 TPHDEXLGSVC (88f81d810ff16ac65b02643daf308d4f) C:\Windows\system32\TPHDEXLG64.exe 20:22:28.0567 4140 TPHDEXLGSVC - ok 20:22:28.0674 4140 TPHKLOAD (83415782d47f8064fcafea308abb2246) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe 20:22:28.0732 4140 TPHKLOAD - ok 20:22:28.0755 4140 TPHKSVC (c04bb65441913ab621c58a8bd3169b23) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 20:22:28.0825 4140 TPHKSVC - ok 20:22:28.0864 4140 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys 20:22:28.0918 4140 TPM - ok 20:22:28.0951 4140 TPPWRIF (1df6e6c026ad1d428687fe3b427a87bc) C:\Windows\system32\drivers\Tppwr64v.sys 20:22:29.0001 4140 TPPWRIF - ok 20:22:29.0043 4140 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 20:22:29.0141 4140 TrkWks - ok 20:22:29.0209 4140 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 20:22:29.0263 4140 TrustedInstaller - ok 20:22:29.0321 4140 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:22:29.0400 4140 tssecsrv - ok 20:22:29.0435 4140 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 20:22:29.0494 4140 TsUsbFlt - ok 20:22:29.0543 4140 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 20:22:29.0590 4140 tunnel - ok 20:22:29.0605 4140 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 20:22:29.0625 4140 uagp35 - ok 20:22:29.0658 4140 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 20:22:29.0808 4140 udfs - ok 20:22:29.0852 4140 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 20:22:29.0884 4140 UI0Detect - ok 20:22:29.0930 4140 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 20:22:29.0958 4140 uliagpkx - ok 20:22:29.0991 4140 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 20:22:30.0020 4140 umbus - ok 20:22:30.0039 4140 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 20:22:30.0093 4140 UmPass - ok 20:22:30.0133 4140 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 20:22:30.0168 4140 UmRdpService - ok 20:22:30.0424 4140 UNS (86deac5ced845d55c63b125e0908685e) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe 20:22:30.0555 4140 UNS - ok 20:22:30.0675 4140 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 20:22:30.0780 4140 upnphost - ok 20:22:30.0819 4140 usbccgp (ebf228a52517042de4f38a40285bc8d9) C:\Windows\system32\DRIVERS\usbccgp.sys 20:22:30.0865 4140 usbccgp - ok 20:22:30.0914 4140 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 20:22:30.0995 4140 usbcir - ok 20:22:31.0020 4140 usbehci (6b3d5e6a9da786ec755b00bc180c700b) C:\Windows\system32\DRIVERS\usbehci.sys 20:22:31.0056 4140 usbehci - ok 20:22:31.0086 4140 usbhub (94abe9da48e466bbe84c73e0c6652ed1) C:\Windows\system32\DRIVERS\usbhub.sys 20:22:31.0133 4140 usbhub - ok 20:22:31.0152 4140 usbohci (660b2c08ce7103e71eaa26f85b0b0a56) C:\Windows\system32\drivers\usbohci.sys 20:22:31.0200 4140 usbohci - ok 20:22:31.0231 4140 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 20:22:31.0281 4140 usbprint - ok 20:22:31.0321 4140 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 20:22:31.0381 4140 usbscan - ok 20:22:31.0404 4140 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 20:22:31.0471 4140 USBSTOR - ok 20:22:31.0513 4140 usbuhci (1529632fc96032d337b298f8a285d640) C:\Windows\system32\DRIVERS\usbuhci.sys 20:22:31.0564 4140 usbuhci - ok 20:22:31.0607 4140 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 20:22:31.0685 4140 usbvideo - ok 20:22:31.0722 4140 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 20:22:31.0806 4140 UxSms - ok 20:22:31.0842 4140 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 20:22:31.0865 4140 VaultSvc - ok 20:22:31.0896 4140 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 20:22:31.0924 4140 vdrvroot - ok 20:22:31.0992 4140 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 20:22:32.0106 4140 vds - ok 20:22:32.0138 4140 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 20:22:32.0173 4140 vga - ok 20:22:32.0189 4140 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 20:22:32.0240 4140 VgaSave - ok 20:22:32.0278 4140 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 20:22:32.0308 4140 vhdmp - ok 20:22:32.0325 4140 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 20:22:32.0342 4140 viaide - ok 20:22:32.0370 4140 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 20:22:32.0400 4140 vmbus - ok 20:22:32.0417 4140 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 20:22:32.0435 4140 VMBusHID - ok 20:22:32.0449 4140 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 20:22:32.0469 4140 volmgr - ok 20:22:32.0526 4140 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 20:22:32.0591 4140 volmgrx - ok 20:22:32.0614 4140 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 20:22:32.0652 4140 volsnap - ok 20:22:32.0688 4140 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 20:22:32.0752 4140 vsmraid - ok 20:22:32.0911 4140 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 20:22:33.0127 4140 VSS - ok 20:22:33.0231 4140 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 20:22:33.0299 4140 vwifibus - ok 20:22:33.0319 4140 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 20:22:33.0367 4140 vwififlt - ok 20:22:33.0416 4140 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 20:22:33.0489 4140 W32Time - ok 20:22:33.0503 4140 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 20:22:33.0535 4140 WacomPen - ok 20:22:33.0583 4140 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:22:33.0669 4140 WANARP - ok 20:22:33.0672 4140 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 20:22:33.0706 4140 Wanarpv6 - ok 20:22:33.0844 4140 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 20:22:33.0962 4140 wbengine - ok 20:22:34.0084 4140 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 20:22:34.0184 4140 WbioSrvc - ok 20:22:34.0252 4140 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 20:22:34.0316 4140 wcncsvc - ok 20:22:34.0332 4140 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 20:22:34.0374 4140 WcsPlugInService - ok 20:22:34.0407 4140 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 20:22:34.0458 4140 Wd - ok 20:22:34.0555 4140 Wdf01000 (442783e2cb0da19873b7a63833ff4cb4) C:\Windows\system32\drivers\Wdf01000.sys 20:22:34.0669 4140 Wdf01000 - ok 20:22:34.0700 4140 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:22:34.0835 4140 WdiServiceHost - ok 20:22:34.0844 4140 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 20:22:34.0898 4140 WdiSystemHost - ok 20:22:34.0939 4140 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 20:22:35.0020 4140 WebClient - ok 20:22:35.0057 4140 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 20:22:35.0183 4140 Wecsvc - ok 20:22:35.0193 4140 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 20:22:35.0252 4140 wercplsupport - ok 20:22:35.0301 4140 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 20:22:35.0356 4140 WerSvc - ok 20:22:35.0409 4140 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 20:22:35.0509 4140 WfpLwf - ok 20:22:35.0528 4140 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 20:22:35.0546 4140 WIMMount - ok 20:22:35.0620 4140 winachsf (1edbbf412a382550af6eb35f5e46928e) C:\Windows\system32\DRIVERS\CAX_CNXT.sys 20:22:35.0722 4140 winachsf - ok 20:22:35.0753 4140 WinDefend - ok 20:22:35.0770 4140 WinHttpAutoProxySvc - ok 20:22:35.0846 4140 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 20:22:35.0963 4140 Winmgmt - ok 20:22:36.0175 4140 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 20:22:36.0385 4140 WinRM - ok 20:22:36.0509 4140 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys 20:22:36.0585 4140 WinUsb - ok 20:22:36.0678 4140 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 20:22:36.0764 4140 Wlansvc - ok 20:22:36.0859 4140 WMCoreService (f65b50fabf856987044196d797b8be63) C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe 20:22:36.0948 4140 WMCoreService ( UnsignedFile.Multi.Generic ) - warning 20:22:36.0949 4140 WMCoreService - detected UnsignedFile.Multi.Generic (1) 20:22:37.0020 4140 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 20:22:37.0063 4140 WmiAcpi - ok 20:22:37.0132 4140 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 20:22:37.0204 4140 wmiApSrv - ok 20:22:37.0209 4140 WMPNetworkSvc - ok 20:22:37.0242 4140 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 20:22:37.0290 4140 WPCSvc - ok 20:22:37.0324 4140 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 20:22:37.0368 4140 WPDBusEnum - ok 20:22:37.0389 4140 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 20:22:37.0449 4140 ws2ifsl - ok 20:22:37.0466 4140 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 20:22:37.0498 4140 wscsvc - ok 20:22:37.0502 4140 WSearch - ok 20:22:37.0686 4140 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 20:22:37.0820 4140 wuauserv - ok 20:22:37.0947 4140 WudfPf (ab886378eeb55c6c75b4f2d14b6c869f) C:\Windows\system32\drivers\WudfPf.sys 20:22:38.0015 4140 WudfPf - ok 20:22:38.0058 4140 WUDFRd (dda4caf29d8c0a297f886bfe561e6659) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:22:38.0146 4140 WUDFRd - ok 20:22:38.0193 4140 wudfsvc (b20f051b03a966392364c83f009f7d17) C:\Windows\System32\WUDFSvc.dll 20:22:38.0245 4140 wudfsvc - ok 20:22:38.0287 4140 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 20:22:38.0329 4140 WwanSvc - ok 20:22:38.0387 4140 WwanUsbServ (52693787521baec565a657a614b51919) C:\Windows\system32\DRIVERS\WwanUsbMp64.sys 20:22:38.0456 4140 WwanUsbServ - ok 20:22:38.0488 4140 XAudio (e8f3fa126a06f8e7088f63757112a186) C:\Windows\system32\DRIVERS\XAudio64.sys 20:22:38.0509 4140 XAudio - ok 20:22:38.0577 4140 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:22:38.0720 4140 \Device\Harddisk0\DR0 - ok 20:22:38.0726 4140 Boot (0x1200) (aa89d33f4c4b9cea204a98c4864b9685) \Device\Harddisk0\DR0\Partition0 20:22:38.0733 4140 \Device\Harddisk0\DR0\Partition0 - ok 20:22:38.0766 4140 Boot (0x1200) (3776398170206d7069ce934d91478d2b) \Device\Harddisk0\DR0\Partition1 20:22:38.0769 4140 \Device\Harddisk0\DR0\Partition1 - ok 20:22:38.0770 4140 ============================================================ 20:22:38.0770 4140 Scan finished 20:22:38.0770 4140 ============================================================ 20:22:38.0797 5824 Detected object count: 5 20:22:38.0797 5824 Actual detected object count: 5 |
|
27.02.2013, 20:30
| #8 |
| /// Malware-holic | Virus - ads by browse to save Ist recht. Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2013, 21:14
| #9 |
| | Virus - ads by browse to save hi, puh das ging jetzt ganz schön lange ... hier der text: Combofix Logfile: Code:
ATTFilter ComboFix 13-02-26.01 - user 27.02.2013 20:48:37.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.2968.1304 [GMT 1:00]
ausgeführt von:: c:\users\user\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-01-27 bis 2013-02-27 ))))))))))))))))))))))))))))))
.
.
2013-02-27 18:34 . 2013-02-27 18:34 -------- d-----w- C:\_OTL
2013-02-27 18:31 . 2013-02-27 18:31 -------- d-----w- c:\users\user\AppData\Local\Smartbar
2013-02-27 18:30 . 2013-02-27 18:30 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-02-27 18:30 . 2013-02-27 18:30 -------- d-----w- c:\windows\SysWow64\Extensions
2013-02-27 18:30 . 2013-02-27 18:30 -------- d-----w- c:\programdata\BrowserProtect
2013-02-27 18:30 . 2013-02-27 18:30 -------- d-----w- c:\users\user\AppData\Roaming\BabSolution
2013-02-27 18:29 . 2013-02-27 18:29 -------- d-----w- c:\program files (x86)\Delta
2013-02-27 18:29 . 2013-02-27 18:29 -------- d-----w- c:\users\user\AppData\Roaming\Delta
2013-02-27 18:29 . 2013-02-27 18:29 -------- d-----w- c:\users\user\AppData\Roaming\Babylon
2013-02-27 18:29 . 2013-02-27 18:29 -------- d-----w- c:\programdata\Babylon
2013-02-16 11:03 . 2013-02-20 12:03 -------- d-----w- C:\global
2013-02-14 07:45 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 07:45 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-14 06:49 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 06:49 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-14 06:49 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-14 06:49 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 06:49 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-14 06:49 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-14 06:49 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-14 06:49 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-14 06:49 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-14 06:49 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-14 06:49 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 06:49 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-12 08:42 . 2013-02-12 08:42 -------- d-----w- c:\users\user\AppData\Roaming\Avira
2013-02-12 08:36 . 2013-02-12 08:36 -------- d-----w- c:\program files (x86)\Ask.com
2013-02-12 08:36 . 2013-02-12 08:36 -------- d-----w- C:\Firefox
2013-02-12 08:36 . 2013-02-12 08:36 -------- d-----w- c:\users\user\AppData\Local\APN
2013-02-12 08:36 . 2012-12-03 14:36 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-02-12 08:36 . 2012-12-03 14:36 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-02-12 08:36 . 2012-11-16 19:17 27800 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-02-12 08:36 . 2013-02-12 08:36 -------- d-----w- c:\programdata\Avira
2013-02-12 08:36 . 2013-02-12 08:36 -------- d-----w- c:\program files (x86)\Avira
2013-02-11 12:38 . 2013-02-11 12:38 -------- d-----w- c:\users\user\AppData\Local\PackageAware
2013-02-11 12:38 . 2013-02-11 12:38 -------- d-----w- c:\users\user\EasternGraphics
2013-02-11 12:37 . 2013-02-11 12:37 -------- d--h--w- c:\programdata\{59E3981A-853B-4024-80E5-72FC64DF4CB7}
2013-02-11 12:37 . 2013-02-11 12:37 -------- d--h--w- c:\programdata\{7BE3E677-6B29-44AE-9DAC-F8C0C4964BA7}
2013-02-11 12:37 . 2013-02-11 12:37 -------- d-----w- c:\program files (x86)\EasternGraphics
2013-02-11 12:36 . 2013-02-11 12:36 -------- d-----w- c:\programdata\EasternGraphics
2013-02-11 12:31 . 2013-02-11 12:31 -------- d-----w- c:\program files (x86)\GadgetBox
2013-02-08 08:56 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5BDAC770-0875-4860-9291-8795E9C2F76E}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-14 07:49 . 2010-11-15 11:00 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-17 00:28 . 2010-11-15 10:37 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-11 10:39 . 2013-01-16 11:52 103936 ----a-w- c:\windows\system32\pdfcmon.dll
2013-01-09 13:52 . 1998-07-28 17:01 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2013-01-04 04:43 . 2013-02-14 06:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 09:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 09:06 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 09:06 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 09:06 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 12:44 441856 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 12:44 2746368 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 12:44 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 12:44 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 12:44 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 12:44 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 12:44 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 12:44 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 12:44 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 12:44 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 12:44 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 12:44 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 12:44 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 12:44 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 12:44 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 12:44 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 12:44 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 12:44 51712 ----a-w- c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 12:44 43520 ----a-w- c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 12:44 30720 ----a-w- c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 12:44 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 12:44 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 12:44 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 12:44 23552 ----a-w- c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 12:44 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 12:44 46592 ----a-w- c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 12:44 20480 ----a-w- c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 12:44 21504 ----a-w- c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 12:44 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 12:44 15360 ----a-w- c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 12:44 55296 ----a-w- c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 12:44 51712 ----a-w- c:\windows\SysWow64\esrb.rs
2012-11-30 05:45 . 2013-01-09 12:43 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 12:43 243200 ----a-w- c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 12:43 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-11-30 05:43 . 2013-01-09 12:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 12:43 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 12:43 1161216 ----a-w- c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:53 . 2013-01-09 12:43 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 12:43 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 12:43 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-01-23 12:24 247704 ----a-w- c:\program files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-12-20 20:56 1521952 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-12-20 1521952]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll" [2013-01-23 321944]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Browser Infrastructure Helper"="c:\users\user\AppData\Local\Smartbar\Application\QuickShare.exe" [2013-02-10 13824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"WorksFUD"="c:\program files (x86)\Microsoft Works\wkfud.exe" [2000-07-12 24576]
"Microsoft Works Portfolio"="c:\program files (x86)\Microsoft Works\WksSb.exe" [2000-07-12 311350]
"Microsoft Works Update Detection"="c:\program files (x86)\Microsoft Works\WkDetect.exe" [2000-07-21 28739]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-12-20 1574176]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-02-13 385248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2010-11-15 50688]
Erinnerungen in Microsoft Works-Kalender.lnk - c:\program files (x86)\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2000-7-12 24633]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisallowCpl"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll c:\progra~3\browse~1\261095~1.52\{c16c1~1\browserprotect.dll
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2010-02-05 130048]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys [2011-10-19 195072]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2012-03-15 320576]
R3 e36gbus;F3607gw Mobile Broadband Device driver (Win7);c:\windows\system32\DRIVERS\e36gbus.sys [2009-06-30 328704]
R3 e36gmdfl;F3607gw Mobile Broadband Data Modem Filter (Win7);c:\windows\system32\DRIVERS\e36gmdfl.sys [2009-06-30 19456]
R3 e36gmdm;F3607gw Mobile Broadband Data Modem Driver (Win7);c:\windows\system32\DRIVERS\e36gmdm.sys [2009-06-30 432128]
R3 e36gmgmt;F3607gw Mobile Broadband Device Management Drivers (Win7);c:\windows\system32\DRIVERS\e36gmgmt.sys [2009-06-30 376320]
R3 e36wgps;Mobile Broadband GPS Port;c:\windows\system32\DRIVERS\e36wgps64.sys [2009-07-10 96296]
R3 ecnssndis;Service for enabling selective suspend to NDIS device;c:\windows\system32\Drivers\wwuss64.sys [2009-09-22 12800]
R3 ecnssndisfltr;SSNDIS filter service;c:\windows\system32\Drivers\wwussf64.sys [2009-09-22 17408]
R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2011-10-13 10629184]
R3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 PCDSRVC{127174DC-C366ED8B-06020000}_0;PCDSRVC{127174DC-C366ED8B-06020000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms [2010-09-08 24560]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-03-15 1662528]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-03-15 165440]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WwanUsbServ;Ericsson WWAN Wireless Module Device Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys [2009-10-13 259624]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys [2012-03-15 29512]
S0 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\DRIVERS\iaNvStor.sys [2009-08-21 344600]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2011-03-29 23664]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-28 203776]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-10-19 661504]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-02-13 86752]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-02-13 565472]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\ATService.exe [2010-02-05 2713920]
S2 BrowserProtect;BrowserProtect;c:\programdata\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-02-21 2561488]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-10-20 135440]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2010-02-05 117760]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-07-27 50536]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-07-27 74088]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2011-07-12 133992]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe [2013-01-09 1324104]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe [2013-01-09 795208]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-02-04 2058776]
S2 WMCoreService;Mobile Broadband Core Service;c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-10-19 195072]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2010-02-05 736840]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2009-06-30 292864]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [2011-10-20 302296]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-06-23 56344]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-24 11:53 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 15:38]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 15:38]
.
2013-02-21 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2010-09-08 21:16]
.
2013-02-27 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdrcui.exe [2010-09-08 21:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"IaNvSrv"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2009-10-06 33304]
"TpShocks"="TpShocks.exe" [2011-03-29 380776]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2011-10-20 33344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-13 162584]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-13 386840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-13 417560]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=c4b6169a00000000000000216a5eb378
mStart Page = hxxp://search.gboxapp.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: microsoft.com
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: windowsupdate.com
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{5CBF2BDC-9B90-25A5-E02B-54803CFA7E6F} - c:\progra~3\INSTAL~1\{B66E4~1\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\LENOVO\HOTKEY\tposdsvc.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files (x86)\Intel\AMT\LMS.exe
c:\program files (x86)\Lenovo\System Update\SUService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-27 21:02:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-02-27 20:02
.
Vor Suchlauf: 15 Verzeichnis(se), 119.707.459.584 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 119.109.345.280 Bytes frei
.
- - End Of File - - 19F5314D718182D5813E15E3812256A0
|
|
27.02.2013, 21:23
| #10 |
| /// Malware-holic | Virus - ads by browse to save Hi, lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2013, 21:53
| #11 |
| | Virus - ads by browse to save Adobe Flash Player 10 ActiveX Adobe Systems, Inc. 24.10.2012 1,85MB 10.0.32.18NOTWENDIG Adobe Reader X (10.1.4) - Deutsch Adobe Systems Incorporated 04.10.2012 121MB 10.1.4NOTWENDIG Anzeige am Bildschirm 24.04.2012 6.60.03NOTWENDIG ATI Catalyst Install Manager ATI Technologies, Inc. 30.05.2012 22,4MB 3.0.800.0NOTWENDIG ATI Uninstaller ATI Technologies, Inc. 30.05.2012 8.792.5.1-111127b-129962C-LenovoNOTWENDIG Avira Free Antivirus Avira 13.02.2013 129MB 13.0.0.3185NOTWENDIG Avira SearchFree Toolbar plus Web Protection Ask.com 12.02.2013 9,27MB 1.15.13.0NOTWENDIG Avira SearchFree Toolbar plus Web Protection Updater Ask.com 12.02.2013 1.2.3.33021NOTWENDIG BrowserProtect Bit89 Inc 27.02.2013 NOTWENDIG CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inc. 13.10.2012 1.5.0.3NOTWENDIG Canon Internet Library for ZoomBrowser EX Canon Inc. 13.10.2012 1.6.1.6NOTWENDIG Canon RAW Image Task for ZoomBrowser EX Canon Inc. 13.10.2012 3.3.0.5NOTWENDIG Canon Utilities CameraWindow Canon Inc. 13.10.2012 7.1.0.2NOTWENDIG Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Inc. 13.10.2012 6.4.2.16NOTWENDIG Canon Utilities Digital Photo Professional 3.4 Canon Inc. 13.10.2012 3.4.0.0NOTWENDIG Canon Utilities EOS Utility Canon Inc. 13.10.2012 2.4.0.1NOTWENDIG Canon Utilities MyCamera Canon Inc. 13.10.2012 6.4.0.5NOTWENDIG Canon Utilities PhotoStitch Canon Inc. 13.10.2012 3.1.21.45NOTWENDIG Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Inc. 13.10.2012 1.7.1.9NOTWENDIG Canon Utilities ZoomBrowser EX Canon Inc. 13.10.2012 6.1.1.21NOTWENDIG Canon ZoomBrowser EX Memory Card Utility Canon Inc. 13.10.2012 1.1.0.8NOTWENDIG CCleaner Piriform 19.02.2013 3.28 UNNÖTIG Conexant 20561 SmartAudio HD Conexant 15.11.2010 4.92.12.0 UNNÖTIG CorelDRAW(R) Graphics Suite X4 Corel Corporation 08.12.2012 NOTWENDIG CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension Corel Corporation 08.12.2012 2,93MB NOTWENDIG Delta Chrome Toolbar Visual Tools 27.02.2013 NOTWENDIG Delta toolbar Delta 27.02.2013 1.8.10.0NOTWENDIG Dienstprogramm "ThinkPad UltraNav" Lenovo 15.11.2010 2.13.0Notwendig dm-Fotowelt 11.10.2012 UNNÖTIG EGR-ShellExtension EasternGraphics 11.02.2013 1.0.0.100UNNÖTIG Energie-Manager 30.05.2012 6.07UNNÖTIG GadgetBox GadgetBox 11.02.2013 2,00MB 1.0UNNÖTIG Google Chrome Google Inc. 26.09.2012 25.0.1364.97NOTWENDIG HP Customer Participation Program 14.0 HP 24.10.2012 14.0NOTWENDIG HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 HP 24.10.2012 14.0NOTWENDIG HP Imaging Device Functions 14.0 HP 24.10.2012 14.0NOTWENDIG HP Smart Web Printing 4.60 HP 24.10.2012 4.60NOTWENDIG HP Solution Center 14.0 HP 24.10.2012 14.0NOTWENDIG HP Update Hewlett-Packard 24.10.2012 2,97MB 5.002.002.002NOTWENDIG Integrated Camera Sonix 24.04.2012 5.8.53003.0NOTWENDIG Intel(R) C++ Redistributables for Windows* on Intel(R) 64 Intel CorporationNOTWENDIG 01.11.2012 46,7MB 11.1.048 Intel(R) Control Center Intel Corporation 24.04.2012 1.2.1.1007NOTWENDIG Intel(R) Graphics Media Accelerator Driver Intel Corporation 24.04.2012 NOTWENDIG 8.15.10.2555 Intel(R) Management Engine Interface Intel Corporation 15.11.2010 NOTWENDIG Intel(R) Network Connections Drivers Intel 24.04.2012 16.1NOTWENDIG Intel(R) PROSet/Wireless WiFi-Software Intel Corporation 24.04.2012 89,8MB 14.03.0000NOTWENDIG Intel® Active-Management-Technologie Intel Corporation 18.01.2012 NOTWENDIG Intel® Matrix Storage Manager und Intel® Turbo Memory Intel Corporation 15.11.2010 NOTWENDIG Intel® Turbo Memory Intel Corporation 15.11.2010 NOTWENDIG Lenovo Auto Scroll Utility 24.04.2012 1.11NOTWENDIG Lenovo Fingerprint Software AuthenTec, Inc. 15.11.2010 33,6MB 3.3.2.27NOTWENDIG Lenovo Patch Utility Lenovo Group Limited 30.05.2012 1,33MB 1.0.1.1NOTWENDIG Lenovo Patch Utility 64 bit Lenovo Group Limited 30.05.2012 1,35MB 1.2.0.1NOTWENDIG Lenovo System Interface Driver 18.01.2012 1.05NOTWENDIG Lenovo ThinkVantage Toolbox PC-Doctor, Inc. 15.11.2010 6.0.5692.08NOTWENDIG Microsoft .NET Framework 4 Client Profile Microsoft Corporation 18.01.2012 38,8MB 4.0.30319NOTWENDIG Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 18.01.2012 2,93MB 4.0.30319NOTWENDIG Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.11.2010 564KB 8.0.50727.42NOTWENDIG Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 15.11.2010 708KB 8.0.61000NOTWENDIG Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 11.10.2012 598KB 9.0.30729NOTWENDIG Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 30.05.2012 596KB 9.0.30729NOTWENDIG Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 30.05.2012 13,6MB 10.0.30319NOTWENDIG Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.02.2013 11,1MB 10.0.40219NOTWENDIG Microsoft Visual Studio Tools for Applications 2.0 - ENU Microsoft Corporation 01.11.2012 211MB 9.0.30729NOTWENDIG Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU Microsoft Corporation 01.11.2012 96,0MB 9.0.30729NOTWENDIG Microsoft Visual Studio Tools for Applications 2.0 Runtime Microsoft Corporation 01.11.2012 160KB 9.0.30729NOTWENDIG Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU Microsoft Corporation 01.11.2012 226KB 9.0.30729NOTWENDIG Microsoft Word 2000 SR-1 Microsoft Corporation 16.10.2012 93,7MB 9.00.3821NOTWENDIG Microsoft Word in Works Suite-Add-In Microsoft Corporation 16.10.2012 8,15MB 1.0.0.0000NOTWENDIG Microsoft Works 2001-Setup-Start 16.10.2012 NOTWENDIG Microsoft Works 6.0 Microsoft Corporation 16.10.2012 106MB 06.00.0000NOTWENDIG Mobile Broadband drivers Ericsson AB 24.04.2012 9,18MB 6.1.10.5UNNÖTIG MSXML 4.0 SP2 (KB954430) Microsoft Corporation 25.10.2012 1,27MB 4.20.9870.0UNNÖTIG MSXML 4.0 SP2 (KB973688) Microsoft Corporation 26.10.2012 1,33MB 4.20.9876.0UNNÖTIG pCon.planner 6.5 EasternGraphics 11.02.2013 6.5.0.101UNNÖTIG PDF Architect pdfforge 16.01.2013 91,1MB 1.0.52.8917UNNÖTIG PDFCreator pdfforge 16.01.2013 1.6.2NOTWENDIG QuickShare Linkury Inc. 27.02.2013 19,6MB 1.6.1.796UNNÖTIG RICOH R5U8xx Media Driver ver.3.64.02 RICOH 26.09.2012 3.64.02UNNÖTIG SaveByClick SaveByClick 16.01.2012 1.0UNNÖTIG Shop for HP Supplies HP 24.10.2012 14.0NOTWENDIG SProtector 1.74 11.02.2012 NOTWENDIG System Update Lenovo 30.05.2012 13,7MB 4.03.0012NOTWENDIG ThinkPad FullScreen Magnifier 18.01.2012 2.40NOTWENDIG ThinkPad Modem Adapter Conexant Systems 15.11.2010 7.80.5.0NOTWENDIG ThinkPad Power Management Driver 30.05.2012 1.65.05.20NOTWENDIG ThinkPad UltraNav Driver 24.04.2012 46,4MB 15.3.39.1NOTWENDIG ThinkVantage Access Connections Lenovo 30.05.2012 78,9MB 5.85NOTWENDIG ThinkVantage Communications Utility Lenovo 15.11.2010 2,43MB 1.42NOTWENDIG ThinkVantage GPS Lenovo 24.04.2012 35,2MB 2.73NOTWENDIG ThinkVantage System für aktiven Festplattenschutz Lenovo 30.05.2012 16,2MB 1.75NOTWENDIG ThinkVantage System Update 30.05.2012 NOTWENDIG Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) AuthenTec Inc. 15.11.2010NOTWENDIG 01/14/2010 8.6.0.13 |
|
27.02.2013, 21:57
| #12 |
| /// Malware-holic | Virus - ads by browse to save bitte überarbeiten und nicht die beschreibung an die Version drann packen so kann mans nicht lesen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.02.2013, 11:59
| #13 |
| | Virus - ads by browse to save hi, hat es mit der liste nicht geklappt oder war etwas nicht in ordnung? |
|
28.02.2013, 13:14
| #14 |
| /// Malware-holic | Virus - ads by browse to save steht über deinem post
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.02.2013, 19:36
| #15 |
| | Virus - ads by browse to save hiallo, passt es so? Adobe Flash Player 10 ActiveX Adobe Systems, Inc. 24.10.2012 1,85MB 10.0.32.18 NOTWENDIG Adobe Reader X (10.1.4) - Deutsch Adobe Systems Incorporated 04.10.2012 121MB 10.1.4 NOTWENDIG Anzeige am Bildschirm 24.04.2012 6.60.03 NOTWENDIG ATI Catalyst Install Manager ATI Technologies, Inc. 30.05.2012 22,4MB 3.0.800.0 NOTWENDIG ATI Uninstaller ATI Technologies, Inc. 30.05.2012 8.792.5.1-111127b-129962C-Lenovo NOTWENDIG Avira Free Antivirus Avira 13.02.2013 129MB 13.0.0.3185 NOTWENDIG Avira SearchFree Toolbar plus Web Protection Ask.com 12.02.2013 9,27MB 1.15.13.0 NOTWENDIG Avira SearchFree Toolbar plus Web Protection Updater Ask.com 12.02.2013 1.2.3.33021 NOTWENDIG BrowserProtect Bit89 Inc 27.02.2013 NOTWENDIG CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inc. 13.10.2012 1.5.0.3 NOTWENDIG Canon Internet Library for ZoomBrowser EX Canon Inc. 13.10.2012 1.6.1.6 NOTWENDIG Canon RAW Image Task for ZoomBrowser EX Canon Inc. 13.10.2012 3.3.0.5 NOTWENDIG Canon Utilities CameraWindow Canon Inc. 13.10.2012 7.1.0.2 NOTWENDIG Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Inc. 13.10.2012 6.4.2.16 NOTWENDIG Canon Utilities Digital Photo Professional 3.4 Canon Inc. 13.10.2012 3.4.0.0 NOTWENDIG Canon Utilities EOS Utility Canon Inc. 13.10.2012 2.4.0.1 NOTWENDIG Canon Utilities MyCamera Canon Inc. 13.10.2012 6.4.0.5 NOTWENDIG Canon Utilities PhotoStitch Canon Inc. 13.10.2012 3.1.21.45 NOTWENDIG Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Inc. 13.10.2012 1.7.1.9 NOTWENDIG Canon Utilities ZoomBrowser EX Canon Inc. 13.10.2012 6.1.1.21 NOTWENDIG Canon ZoomBrowser EX Memory Card Utility Canon Inc. 13.10.2012 1.1.0.8 NOTWENDIG CCleaner Piriform 19.02.2013 3.28 UNNÖTIG Conexant 20561 SmartAudio HD Conexant 15.11.2010 4.92.12.0 NOTWENDIG CorelDRAW(R) Graphics Suite X4 Corel Corporation 08.12.2012 NOTWENDIG CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension Corel Corporation 08.12.2012 2,93MB NOTWENDIG Delta Chrome Toolbar Visual Tools 27.02.2013 NOTWENDIG Delta toolbar Delta 27.02.2013 1.8.10.0 NOTWENDIG Dienstprogramm "ThinkPad UltraNav" Lenovo 15.11.2010 2.13.0 NOTWENDIG dm-Fotowelt 11.10.2012 UNNÖTIG EGR-ShellExtension EasternGraphics 11.02.2013 1.0.0.100 UNNÖTIG Energie-Manager 30.05.2012 6.07 NOTWENDIG GadgetBox GadgetBox 11.02.2013 2,00MB 1.0 UNBEKANNT UNNÖTIG Google Chrome Google Inc. 26.09.2012 25.0.1364.97 NOTWENDIG HP Customer Participation Program 14.0 HP 24.10.2012 14.0 NOTWENDIG HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 HP 24.10.2012 14.0 NOTWENDIG HP Imaging Device Functions 14.0 HP 24.10.2012 14.0 NOTWENDIG HP Smart Web Printing 4.60 HP 24.10.2012 4.60 NOTWENDIG HP Solution Center 14.0 HP 24.10.2012 14.0 NOTWENDIG HP Update Hewlett-Packard 24.10.2012 2,97MB 5.002.002.002 NOTWENDIG Integrated Camera Sonix 24.04.2012 5.8.53003.0 NOTWENDIG Intel(R) C++ Redistributables for Windows* on Intel(R) 64 Intel Corporation 01.11.2012 46,7MB 11.1.048 NOTWENDIG Intel(R) Control Center Intel Corporation 24.04.2012 1.2.1.1007 NOTWENDIG Intel(R) Graphics Media Accelerator Driver Intel Corporation 24.04.2012 8.15.10.2555 NOTWENDIG Intel(R) Management Engine Interface Intel Corporation 15.11.2010 NOTWENDIG Intel(R) Network Connections Drivers Intel 24.04.2012 16.1 NOTWENDIG Intel(R) PROSet/Wireless WiFi-Software Intel Corporation 24.04.2012 89,8MB 14.03.0000 NOTWENDIG Intel® Active-Management-Technologie Intel Corporation 18.01.2012 NOTWENDIG Intel® Matrix Storage Manager und Intel® Turbo Memory Intel Corporation 15.11.2010 NOTWENDIG Intel® Turbo Memory Intel Corporation 15.11.2010 NOTWENDIG Lenovo Auto Scroll Utility 24.04.2012 1.11 NOTWENDIG Lenovo Fingerprint Software AuthenTec, Inc. 15.11.2010 33,6MB 3.3.2.27 NOTWENDIG Lenovo Patch Utility Lenovo Group Limited 30.05.2012 1,33MB 1.0.1.1 NOTWENDIG Lenovo Patch Utility 64 bit Lenovo Group Limited 30.05.2012 1,35MB 1.2.0.1 NOTWENDIG Lenovo System Interface Driver 18.01.2012 1.05 NOTWENDIG Lenovo ThinkVantage Toolbox PC-Doctor, Inc. 15.11.2010 6.0.5692.08 NOTWENDIG Microsoft .NET Framework 4 Client Profile Microsoft Corporation 18.01.2012 38,8MB 4.0.30319 NOTWENDIG Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 18.01.2012 2,93MB 4.0.30319 NOTWENDIG Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 15.11.2010 564KB 8.0.50727.42 NOTWENDIG Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 15.11.2010 708KB 8.0.61000 NOTWENDIG Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 11.10.2012 598KB 9.0.30729 NOTWENDIG Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 30.05.2012 596KB 9.0.30729 NOTWENDIG Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 30.05.2012 13,6MB 10.0.30319 NOTWENDIG Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.02.2013 11,1MB 10.0.40219 NOTWENDIG Microsoft Visual Studio Tools for Applications 2.0 - ENU Microsoft Corporation 01.11.2012 211MB 9.0.30729 NOTWENDIG Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU Microsoft Corporation 01.11.2012 96,0MB 9.0.30729 NOTWENDIG Microsoft Visual Studio Tools for Applications 2.0 Runtime Microsoft Corporation 01.11.2012 160KB 9.0.30729 NOTWENDIG Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU Microsoft Corporation 01.11.2012 226KB 9.0.30729 NOTWENDIG Microsoft Word 2000 SR-1 Microsoft Corporation 16.10.2012 93,7MB 9.00.3821 NOTWENDIG Microsoft Word in Works Suite-Add-In Microsoft Corporation 16.10.2012 8,15MB 1.0.0.0000 NOTWENDIG Microsoft Works 2001-Setup-Start 16.10.2012 NOTWENDIG Microsoft Works 6.0 Microsoft Corporation 16.10.2012 106MB 06.00.0000 NOTWENDIG Mobile Broadband drivers Ericsson AB 24.04.2012 9,18MB 6.1.10.5 NOTWENDIG MSXML 4.0 SP2 (KB954430) Microsoft Corporation 25.10.2012 1,27MB 4.20.9870.0 NOTWENDIG MSXML 4.0 SP2 (KB973688) Microsoft Corporation 26.10.2012 1,33MB 4.20.9876.0 NOTWENDIG pCon.planner 6.5 EasternGraphics 11.02.2013 6.5.0.101 UNNÖTIG PDF Architect pdfforge 16.01.2013 91,1MB 1.0.52.8917 UNNÖTIG PDFCreator pdfforge 16.01.2013 1.6.2 NOTWENDIG QuickShare Linkury Inc. 27.02.2013 19,6MB 1.6.1.796 NOTWENDIG RICOH R5U8xx Media Driver ver.3.64.02 RICOH 26.09.2012 3.64.02 NOTWENDIG SaveByClick SaveByClick 16.01.2012 1.0 UNBEKANNT Shop for HP Supplies HP 24.10.2012 14.0 UNNÖTIG SProtector 1.74 11.02.2012 NOTWENDIG System Update Lenovo 30.05.2012 13,7MB 4.03.0012 NOTWENDIG ThinkPad FullScreen Magnifier 18.01.2012 2.40 NOTWENDIG ThinkPad Modem Adapter Conexant Systems 15.11.2010 7.80.5.0 NOTWENDIG ThinkPad Power Management Driver 30.05.2012 1.65.05.20 NOTWENDIG ThinkPad UltraNav Driver 24.04.2012 46,4MB 15.3.39.1 NOTWENDIG ThinkVantage Access Connections Lenovo 30.05.2012 78,9MB 5.85 NOTWENDIG ThinkVantage Communications Utility Lenovo 15.11.2010 2,43MB 1.42 NOTWENDIG ThinkVantage GPS Lenovo 24.04.2012 35,2MB 2.73 NOTWENDIG ThinkVantage System für aktiven Festplattenschutz Lenovo 30.05.2012 16,2MB 1.75 NOTWENDIG ThinkVantage System Update 30.05.2012 NOTWENDIG Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) AuthenTec Inc. 15.11.2010 01/14/2010 8.6.0.13 NOTWENDIG Ich kann es auch ordentlicher als dateianhang schicken, die tabs sind hier leider nicht sichtbar. |
|
| Themen zu Virus - ads by browse to save |
| ads, ads by browse to save, ahnungslos, beiträge, betrifft, browse, browse to save, compu, computer, dankbar, ergebnis, forum, gadgetbox, gen, helft, löschen, nichts, otl-scan, penetrant, virus, vollständig, zusammenhang |
Textbox. 
WARNUNG an die MITLESER: 
Linear-Darstellung
