| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7 Taskleiste friert ein nach StartWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.03.2013, 09:31
| #1 |
 |  Windows 7 Taskleiste friert ein nach Start Hallo, seit gestern Abend ist meine Taskleiste eingefroren. Heute kam noch dazu, das ich mir unbekannte Ordner und Dateien (normale Namen wie "Programme", bis hin zu Systemdateien) an allen möglichen Orten auf der Festplatte gefunden habe. Teilweise wird mir der Zugriff auf die Ordner verweigert. Einige der Dateien wurden schon vor Ewigkeiten (2009) erstellt/geändert, einige erst heute morgen mit dem Systemstart. Ich kann das Internet nur über die Wlan-Taste austellen, der Zugriff über die Systemsteuerung klappt nicht (obwohl die Systemsteuerung an sich funktioniert). Ein Malware-Scan hat nichts ergeben, daher poste ich das Log hier gar nicht erst. Gmer funktioniert nicht. OTL hab ich gestern abend schon gemacht und bei chip gepostet, bisher hat aber noch niemand geantwortet. Der PC ist erst zwei Monate alt. Ich brauch dringend Hilfe, da ich gerade in meiner Abschlussarbeit stecke und jeder Tag kostbar ist!! Vielen Dank OTL logfile created on: 06.03.2013 23:49:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kard2g\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,73 Gb Total Physical Memory | 5,40 Gb Available Physical Memory | 69,91% Memory free 15,46 Gb Paging File | 12,87 Gb Available in Paging File | 83,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 225,43 Gb Total Space | 155,78 Gb Free Space | 69,10% Space Free | Partition Type: NTFS Drive Q: | 11,97 Gb Total Space | 0,42 Gb Free Space | 3,54% Space Free | Partition Type: NTFS Computer Name: kard2g-PC | User Name: kard2g | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.03.06 23:48:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kard2g\Downloads\OTL.exe PRC - [2013.02.24 23:00:37 | 001,820,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe PRC - [2013.02.19 21:25:17 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.02.12 19:17:42 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.02.12 19:17:20 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.02.12 19:17:20 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.14 16:49:28 | 000,824,232 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.10.08 11:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.06.01 19:49:06 | 000,179,568 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\vcamsvc.exe PRC - [2012.06.01 19:48:58 | 000,061,296 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe PRC - [2012.06.01 19:48:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe PRC - [2012.05.15 22:32:00 | 000,128,608 | ---- | M] (Lenovo Group Limited) -- C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe PRC - [2012.05.15 15:45:22 | 000,065,336 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe PRC - [2012.04.19 08:32:12 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2012.04.18 23:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe PRC - [2012.02.28 09:20:58 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.02.28 09:20:56 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2012.02.28 09:20:40 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe PRC - [2012.01.25 08:44:56 | 000,567,360 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe PRC - [2012.01.17 07:29:24 | 000,169,776 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe PRC - [2011.12.29 11:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe PRC - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\micmute.exe PRC - [2010.03.11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2008.01.10 11:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe ========== Modules (No Company Name) ========== MOD - [2013.02.24 23:00:37 | 014,718,320 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll MOD - [2013.02.19 21:25:17 | 003,067,288 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.05.31 17:48:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ========== Services (SafeList) ========== SRV:64bit: - [2012.12.11 06:22:08 | 000,060,272 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC) SRV:64bit: - [2011.12.28 21:48:24 | 000,049,480 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.02.24 23:00:40 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.02.19 21:25:17 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.02.12 19:17:42 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.02.12 19:17:20 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.02.04 10:26:30 | 000,022,376 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService) SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.10.08 11:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.10.01 20:47:24 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2012.09.03 12:52:48 | 000,276,288 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.06.01 19:49:06 | 000,179,568 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\vcamsvc.exe -- (LENOVO.TVTVCAM) SRV - [2012.06.01 19:48:58 | 000,061,296 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC) SRV - [2012.06.01 19:48:38 | 000,058,224 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE) SRV - [2012.05.29 14:27:14 | 000,144,992 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc) SRV - [2012.05.23 22:15:08 | 000,216,072 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Programme\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe -- (NitroDriverReadSpool2) SRV - [2012.05.15 22:32:00 | 001,665,120 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE -- (PwmEWSvc) SRV - [2012.05.15 22:32:00 | 001,662,560 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service) SRV - [2012.05.15 22:32:00 | 000,320,576 | ---- | M] (Lenovo.) [On_Demand | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc) SRV - [2012.04.18 23:15:38 | 000,084,080 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService) SRV - [2012.04.01 11:21:52 | 000,957,216 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Programme\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2012.02.28 09:20:58 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.02.28 09:20:56 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.02.28 09:20:40 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service) SRV - [2012.02.26 04:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV - [2012.02.26 04:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2012.02.26 04:07:32 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2012.02.26 04:07:26 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2012.02.02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2012.01.17 07:29:24 | 000,169,776 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe -- (FastbootService) SRV - [2011.12.29 11:20:42 | 000,144,960 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC) SRV - [2011.07.12 08:54:00 | 000,133,992 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC) SRV - [2011.07.12 08:53:42 | 000,145,256 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD) SRV - [2011.07.12 08:53:26 | 000,101,736 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE) SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.11 13:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.01.10 11:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.12.11 06:22:08 | 000,042,824 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV) DRV:64bit: - [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.11.16 20:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.10.08 11:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2012.10.08 11:42:14 | 000,284,008 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt) DRV:64bit: - [2012.09.20 20:06:34 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.09.03 12:52:42 | 009,000,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012.05.30 05:42:10 | 000,569,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2012.05.15 22:32:00 | 000,029,512 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64) DRV:64bit: - [2012.05.15 22:32:00 | 000,019,784 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF) DRV:64bit: - [2012.04.19 16:36:26 | 000,035,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible) DRV:64bit: - [2012.04.19 16:36:26 | 000,025,528 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus) DRV:64bit: - [2012.04.19 08:32:08 | 000,789,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.04.19 08:32:06 | 000,356,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.04.19 08:32:06 | 000,019,224 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.04.08 16:18:54 | 000,429,328 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2012.04.01 03:52:30 | 000,184,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2012.04.01 03:52:26 | 000,594,472 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:64bit: - [2012.04.01 03:52:24 | 000,163,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums) DRV:64bit: - [2012.03.05 12:29:42 | 000,210,984 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2012.03.05 12:29:40 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2012.02.20 11:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64) DRV:64bit: - [2012.02.16 15:19:42 | 000,216,064 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877) DRV:64bit: - [2012.01.11 04:30:58 | 000,360,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) DRV:64bit: - [2011.12.28 21:48:24 | 000,147,784 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf) DRV:64bit: - [2011.12.28 21:48:24 | 000,025,416 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN) DRV:64bit: - [2011.12.26 10:10:44 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd) DRV:64bit: - [2011.12.08 22:06:07 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.12.08 22:06:07 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.12.07 17:59:52 | 000,027,432 | ---- | M] (ThinkVantage Communications Utility) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvtvcamd.sys -- (tvtvcamd) DRV:64bit: - [2011.09.17 01:38:52 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2011.05.29 11:48:04 | 000,040,248 | ---- | M] (Lenovo Information Product(ShenZhen China) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C) DRV:64bit: - [2011.05.25 16:23:00 | 000,101,888 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc) DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.11 01:33:56 | 000,118,016 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LenovoRd.sys -- (LenovoRd) DRV - [2012.03.26 15:07:06 | 000,033,344 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Programme\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE) DRV - [2011.05.30 17:21:40 | 000,013,128 | ---- | M] (Authentec Inc.) [Kernel | Auto | Running] -- C:\Programme\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE516 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://dub002.mail.live.com/default.aspx?n=1555247403&fid=93615b1a2d7b4d53a7e1a6c0629270c7#n=1192869769&fid=1" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( ) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP1X@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2012.09.20 10:37:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.19 21:25:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.19 21:25:17 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.27 20:09:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kard2g\AppData\Roaming\mozilla\Extensions [2013.02.25 11:08:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.25 11:08:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2013.02.19 21:25:17 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP CHR - Extension: Norton Identity Protection = C:\Users\kard2g\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll File not found O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.) O4 - HKLM..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor File not found O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C889D25-49BA-4A68-9B96-92759D32A44B}: DhcpNameServer = 172.168.111.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F17E90BC-D2C9-4BC8-93B5-4EFF9B7FA132}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\osf - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - Unable to obtain root file information for disk Q:\ O33 - MountPoints2\{dfc4a2d5-0302-11e2-ade7-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{dfc4a2d5-0302-11e2-ade7-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2011.12.15 04:05:40 | 000,267,576 | -HS- | M] (Lenovo Group Limited) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.06 23:43:51 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Roaming\Malwarebytes [2013.03.06 23:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.03.06 23:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.06 23:43:43 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.03.06 23:43:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.03.06 23:20:09 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\ElevatedDiagnostics [2013.03.06 23:20:00 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\Diagnostics [2013.03.06 23:03:46 | 000,000,000 | ---D | C] -- C:\Users\kard2g\Downloads\Desktop\Neuer Ordner [2013.03.03 22:47:10 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\{85C5C93D-5D0D-4471-BCF1-0497919BF460} [2013.03.03 22:47:10 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\{291E1D14-EABD-494B-8A65-90A3B533ABFC} [2013.02.25 11:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2013.02.25 11:08:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2013.02.25 11:07:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind [2013.02.25 11:07:21 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Local\Programs [2013.02.19 23:12:53 | 000,000,000 | -H-D | C] -- C:\Windows\AxInstSV [2013.02.19 21:25:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.02.11 10:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.02.11 10:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.02.11 10:29:04 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.02.07 17:04:55 | 000,000,000 | --SD | C] -- C:\Users\kard2g\Documents\Meine Shapes [2013.02.07 17:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft [2013.02.07 17:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2013.02.07 17:03:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.02.07 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\kard2g\AppData\Roaming\Ulead Systems [2013.02.07 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\kard2g\Documents\Ulead Burn.Now ========== Files - Modified Within 30 Days ========== [2013.03.06 23:43:44 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.06 23:29:35 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.06 23:29:35 | 000,034,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.06 23:28:40 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.03.06 23:28:40 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.03.06 23:28:40 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.03.06 23:28:40 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.03.06 23:28:40 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.03.06 23:23:26 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.06 23:22:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.06 23:22:20 | 1929,723,903 | -HS- | M] () -- C:\hiberfil.sys [2013.03.06 23:02:38 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.06 23:00:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.02.26 17:15:42 | 000,363,754 | ---- | M] () -- C:\Users\kard2g\Documents\Desalination plant.xmind [2013.02.13 18:08:55 | 000,464,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.09 15:05:28 | 000,972,018 | ---- | M] () -- C:\Users\kard2g\Downloads\Desktop\eigene comments.pdf [2013.02.08 17:35:16 | 000,022,803 | ---- | M] () -- C:\Users\kard2g\Downloads\Desktop\69zu48_n4.PNG [2013.02.08 17:15:31 | 001,441,854 | ---- | M] () -- C:\Users\kard2g\Downloads\Desktop\LTD prozess schema ver2.bmp [2013.02.07 16:36:52 | 000,435,082 | ---- | M] () -- C:\Users\kard2g\Downloads\Desktop\Bachelorarbeit 7 anmerkungen jw.pdf ========== Files Created - No Company Name ========== [2013.03.06 23:43:44 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.25 22:39:49 | 000,363,754 | ---- | C] () -- C:\Users\kard2g\Documents\Desalination plant.xmind [2013.02.08 17:35:16 | 000,022,803 | ---- | C] () -- C:\Users\kard2g\Downloads\Desktop\69zu48_n4.PNG [2013.02.08 17:15:28 | 001,441,854 | ---- | C] () -- C:\Users\kard2g\Downloads\Desktop\LTD prozess schema ver2.bmp [2013.02.08 11:45:59 | 000,972,018 | ---- | C] () -- C:\Users\kard2g\Downloads\Desktop\eigene comments.pdf [2013.02.06 16:00:35 | 000,435,082 | ---- | C] () -- C:\Users\kard2g\Downloads\Desktop\Bachelorarbeit 7 anmerkungen jw.pdf [2013.01.09 15:46:14 | 000,000,805 | ---- | C] () -- C:\Users\kard2g\AppData\Local\recently-used.xbel [2012.12.27 19:34:25 | 000,000,000 | ---- | C] () -- C:\Windows\firstboot.dat [2012.09.20 10:20:34 | 000,756,084 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin [2012.09.20 10:20:33 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin [2012.09.03 12:52:50 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin [2012.09.03 12:52:40 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.09.03 12:52:32 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin [2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.01.11 12:47:03 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\e-academy Inc [2013.01.06 19:19:43 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\EBSILONProfessional [2012.12.27 22:36:14 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\FileOpen [2013.01.09 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\inkscape [2012.12.27 19:37:24 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\Leadertech [2012.12.27 19:43:04 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\Lenovo [2012.12.27 19:44:26 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\LSC [2013.03.06 23:33:03 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\Nitro PDF [2012.12.27 20:33:06 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\PwrMgr [2013.01.07 16:09:58 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\SumatraPDF [2013.02.07 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\kard2g\AppData\Roaming\Ulead Systems ========== Purity Check ========== < End of report > OTL Extras logfile created on: 06.03.2013 23:49:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\kard2g\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,73 Gb Total Physical Memory | 5,40 Gb Available Physical Memory | 69,91% Memory free 15,46 Gb Paging File | 12,87 Gb Available in Paging File | 83,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 225,43 Gb Total Space | 155,78 Gb Free Space | 69,10% Space Free | Partition Type: NTFS Drive Q: | 11,97 Gb Total Space | 0,42 Gb Free Space | 3,54% Space Free | Partition Type: NTFS Computer Name: KARL-PC | User Name: kard2g | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{15320B06-6DB4-439B-9DBF-D6A9834DAE7E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{1F3E4926-DD8B-42B1-8A52-919FAD1CE1F9}" = lport=138 | protocol=17 | dir=in | app=system | "{2E3A5B77-12F4-4499-903D-EFD5191A8095}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{338C671A-85DA-4B40-93F9-39FB93A34ADC}" = rport=137 | protocol=17 | dir=out | app=system | "{3F065942-E44F-4DDC-BB0A-A8F370ED9FB4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{481875E5-CF9D-4063-A6EB-F679C2A05205}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4B4F2DAC-BCA4-4059-A10E-4FC859E8EB74}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5C953D40-EEB0-4009-A93E-983FA4D1507C}" = lport=2869 | protocol=6 | dir=in | app=system | "{5D4F9ED6-EE14-44A6-B601-0DBBB70F845D}" = lport=139 | protocol=6 | dir=in | app=system | "{657519FF-DDA1-452F-BA2F-E7ED1121B8C3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{673DCDC4-3724-43F0-BFA0-98EBF84FA85D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{76C33453-9D42-4E08-A7AD-A91019B19592}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{77F06321-07AC-4226-88B2-07A698C003F6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{7FF02ABC-F4DC-4A28-AD8E-75940A0C7841}" = lport=445 | protocol=6 | dir=in | app=system | "{8B9ED1FB-DFD0-4123-AA52-4A5E09B9B7D1}" = rport=139 | protocol=6 | dir=out | app=system | "{8D9D326C-FA02-44FC-837A-8DDC49243198}" = rport=10243 | protocol=6 | dir=out | app=system | "{91490B35-9D67-4405-9B38-1697AB2A370C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{96DAEBC6-0EBF-46D3-B108-2351B321336A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AB31F4FC-88DC-4A70-961F-B12B77EF23E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CDCF3D60-A7E1-4683-83D7-52EDD6BBF19F}" = rport=445 | protocol=6 | dir=out | app=system | "{D081980D-8273-4A3F-A6DC-A7C2B6E16DF0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{E61BE5D0-0AF5-43F6-9424-A499BFA8C37A}" = rport=138 | protocol=17 | dir=out | app=system | "{EB02E0D9-93D0-4AF5-AC54-B2B2D7D984ED}" = lport=137 | protocol=17 | dir=in | app=system | "{EF5FE835-2086-490F-9F2C-8A840D968191}" = lport=10243 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04B91F46-B627-41BF-A916-8F8CC5CC833A}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{0E71A867-506C-4113-9C47-3358F19C9876}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1257E659-B8F1-47AA-A951-DF08980F2AFD}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{168E3BEF-E04E-4466-8CD9-9EF2CB87E7BF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1DBFA70D-2737-409F-9382-30D7C803CC48}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1F835300-F167-4F24-9FBB-7EF7B05835B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{20D8ABB4-B6CA-43A5-93E6-45461D1D5176}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2D7DF4E3-F3A2-44BA-9342-A3D08E5BABAC}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | "{395E8847-52B9-4B35-929A-150182D1F110}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{3FBACBFD-ABAB-4DED-A424-1C28BBD61C97}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{45D66AF2-4D11-4946-8DEE-3D28C2FE3ACC}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{4F91EE19-A2DC-49E9-9138-C4FB5A9E45C5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{52531661-36DA-4622-9777-2A4AD50580BD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{573AEDC9-B362-41AA-A66B-086398FF94DC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{5A175EC1-0033-414F-9D38-D2714D7C82A8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{5C099F10-15C9-4536-B4B8-208D343E895C}" = protocol=6 | dir=out | app=system | "{674D28AF-B974-4183-8173-47F67C829815}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6C2F6765-15DE-451F-8A6D-6D4AF2D9643C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{704464AA-A1BC-45E1-BEE5-C64D2B289BB6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{94EC1AAB-AD75-48D8-B799-570BABF5DF38}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{9BE292D6-2BBC-4AFC-81DA-906DA72D313B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{AF63D274-FE40-4F83-A5EA-6C0FE373A480}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe | "{B680C102-13EB-4195-AC57-D9177516DC84}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{B9EFF577-6DEB-4B1B-BF48-184CE307A951}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{C25E6C29-E8EA-4B98-8A8C-0DAC3B0F6BF4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{C621C780-1E74-404C-A3B2-E77A0CBEC4F3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{C8ACE2E3-6663-42B7-8145-A77D7E04A871}" = dir=in | app=c:\program files\intel corporation\intel widi\widiapp.exe | "{CC814505-179F-4A60-AA00-0658B231060E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{DFB3AE70-5C29-4AF6-A1B5-342ADE49A0BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{EC5CABC7-827E-4719-8DE5-22486D0D3D3B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{FDE5F24D-41A2-4633-92D5-F9F690131430}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{0369F866-2CE0-4EB9-B426-88FA122C6E82}" = Lenovo Patch Utility 64 bit "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display "{36710189-55DF-4D75-8B6A-523CC61B7047}" = Nitro Pro 7 "{3849486C-FF09-4F5D-B491-3E179D58EE15}" = Message Center Plus "{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage System für aktiven Festplattenschutz "{479016BF-5B8D-445F-BE15-A187F25D81C8}" = ThinkVantage Fingerprint Software "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot Shield "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{728985C5-A04B-457C-9D62-15360F3EAF85}" = Intel(R) WiDi "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{90150000-002A-0000-1000-0000000FF1CE}" = Microsoft Office 64-bit Components 2013 "{90150000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2013 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = ThinkPad Bluetooth with Enhanced Data Rate Software "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{BF601122-9F0A-41A9-BA06-3158D9FB4B80}" = Lenovo SimpleTap "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DD00F699-6861-4DCF-A19F-8CF61E5E28ED}" = Lenovo Solution Center "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E97F409F-9E1C-42A0-B72D-765A78DF3696}" = Intel® PROSet/Wireless WiFi-Software "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "09839A9B5EDA69DA2DCC34637B5140AAF8A53B44" = Windows-Treiberpaket - Intel System (01/11/2012 9.3.0.1020) "64B3C27E4CF7B6AD920184EFFF6C488C55EF2892" = Windows-Treiberpaket - Synaptics (SynTP) Mouse (04/06/2012 16.1.1.0) "97EE1802A0385A37DE6323FA39EC76BEB2D73E41" = Windows-Treiberpaket - Intel USB (08/26/2011 9.3.0.1011) "9B84710FFAE6C50914FCE568B59E426F1386E7F6" = Windows-Treiberpaket - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1) "9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8" = Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) "D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35" = Windows-Treiberpaket - Intel System (08/26/2011 9.3.0.1011) "DisableAMTPopup" = Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 "E3535F123E7F666D573665142F90D3E5004DC326" = Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) "EC2A0F2B229770EC589265FCF2B4839A0C221993" = Windows-Treiberpaket - Intel (e1cexpress) Net (01/11/2012 11.15.16.0) "EnablePS" = Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 "LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "MiKTeX 2.9" = MiKTeX 2.9 "OnScreenDisplay" = Anzeige am Bildschirm "Power Management Driver" = Lenovo Power Management Driver "ProInst" = Intel PROSet Wireless "SynTPDeinstKey" = ThinkPad UltraNav Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{25C64847-B900-48AD-A164-1B4F9B774650}" = Lenovo System Update "{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37 "{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}" = Lenovo Welcome "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1 "{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media "{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory 7 "{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD "{5C39B297-EB2C-408C-8437-9F9EF31B6192}" = EBSILONProfessional 10.00 "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6E6E7725-C7BC-4C39-8B3F-14B67331A120}" = Lenovo Patch Utility "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{90150000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch "{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English "{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français "{90150000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano "{90150000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013 "{90150000-0054-0407-0000-0000000FF1CE}" = Microsoft Visio MUI (German) 2013 "{90150000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013 "{90150000-00E1-0407-0000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013 "{91150000-0051-0000-0000-0000000FF1CE}" = Microsoft Visio Professional 2013 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Burn.Now 4.5 "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A78800AF-1779-4AE8-8EBE-16E1BE727C71}" = Integrated Camera Driver Installer Package Ver.1.2.1.16 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA57D6F1-6360-4397-B2D9-B21C69863D97}" = Secure Download Manager "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2 "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Energie-Manager "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3 "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime "{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information "{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.14.18.01 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Avira AntiVir Desktop" = Avira Free Antivirus "EBSILONProfessional Update 10.01.01_pfu1" = EBSILONProfessional Update 10.01.01 "EBSILONProfessional Update 10.03_pfu1" = EBSILONProfessional Update 10.03 "ENTERPRISE" = Microsoft Office Enterprise 2007 "Fastboot" = RapidBoot HDD Accelerator "Google Chrome" = Google Chrome "Inkscape" = Inkscape 0.48.4 "InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = Corel DVD MovieFactory Lenovo Edition "InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}" = Corel Burn.Now Lenovo Edition "InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder "Intel AppUp(SM) center 33057" = Intel AppUp(SM) center "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100 "Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Office15.VISPROR" = Microsoft Visio Professional 2013 "SugarSync" = SugarSync Manager "SumatraPDF" = SumatraPDF "TeXnicCenter_is1" = TeXnicCenter Version 1 Beta 7.01 (Greengrass) "WinLiveSuite" = Windows Live Essentials "XMind_is1" = XMind 2012 (v3.3.1) ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 28.02.2013 06:20:12 | Computer Name = kard2g-PC | Source = WinMgmt | ID = 10 Description = Error - 02.03.2013 17:11:32 | Computer Name = kard2g-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\technische programme\Ebsilon\Safety\backup\component1\ebs2000.exe". Die abhängige Assemblierung "Ebsilon.libifcoremd,processorArchitecture="x86",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 02.03.2013 17:11:33 | Computer Name = kard2g-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\technische programme\Ebsilon\Safety2\backup\component1\ebs2000.exe". Die abhängige Assemblierung "Ebsilon.libifcoremd,processorArchitecture="x86",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 03.03.2013 08:09:38 | Computer Name = kard2g-PC | Source = WinMgmt | ID = 10 Description = Error - 03.03.2013 08:29:37 | Computer Name = kard2g-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\technische programme\Ebsilon\Safety\backup\component1\ebs2000.exe". Die abhängige Assemblierung "Ebsilon.libifcoremd,processorArchitecture="x86",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 03.03.2013 08:29:38 | Computer Name = kard2g-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\technische programme\Ebsilon\Safety2\backup\component1\ebs2000.exe". Die abhängige Assemblierung "Ebsilon.libifcoremd,processorArchitecture="x86",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 03.03.2013 16:18:45 | Computer Name = kard2g-PC | Source = WinMgmt | ID = 10 Description = Error - 04.03.2013 03:21:42 | Computer Name = kard2g-PC | Source = WinMgmt | ID = 10 Description = Error - 04.03.2013 03:55:17 | Computer Name = kard2g-PC | Source = WinMgmt | ID = 10 Description = Error - 04.03.2013 13:41:43 | Computer Name = kard2g-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 24.02.2013 03:22:33 | Computer Name = kard2g-PC | Source = Microsoft-Windows-Time-Service | ID = 34 Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um 172794 Sekunden geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.13:123) ordnungsgemäß ausgeführt wird. Error - 24.02.2013 14:08:26 | Computer Name = kard2g-PC | Source = Microsoft-Windows-Time-Service | ID = 34 Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um 172794 Sekunden geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.13:123) ordnungsgemäß ausgeführt wird. Error - 24.02.2013 17:10:07 | Computer Name = kard2g-PC | Source = Microsoft-Windows-Time-Service | ID = 34 Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um 172794 Sekunden geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.24:123) ordnungsgemäß ausgeführt wird. Error - 25.02.2013 04:12:09 | Computer Name = kard2g-PC | Source = Microsoft-Windows-Time-Service | ID = 34 Description = Der Zeitdienst hat festgestellt, dass die Systemzeit um 172794 Sekunden geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.14:123) ordnungsgemäß ausgeführt wird. Error - 26.02.2013 03:18:53 | Computer Name = kard2g-PC | Source = NetBT | ID = 4321 Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.123 registriert werden. Der Computer mit IP-Adresse 192.168.2.76 hat nicht zugelassen, dass dieser Computer diesen Namen verwendet. Error - 28.02.2013 06:21:54 | Computer Name = kard2g-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error - 02.03.2013 11:52:03 | Computer Name = kard2g-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error - 02.03.2013 18:44:07 | Computer Name = kard2g-PC | Source = DCOM | ID = 10010 Description = Error - 02.03.2013 20:49:32 | Computer Name = kard2g-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden. Error - 03.03.2013 17:42:47 | Computer Name = kard2g-PC | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. < End of report > |
|
07.03.2013, 12:19
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7 Taskleiste friert ein nach Start Hallo und
__________________ Zitat:
Wer braucht das als Heimanwender? Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?
__________________ |
|
07.03.2013, 12:58
| #3 |
| | Windows 7 Taskleiste friert ein nach Start Heyho,
__________________das ist nur ein privater Laptop, der aber teilweise für die Arbeit genutzt wird. Office Home gibts gratis von der Uni, Professional sollte irgendwann noch nachkommen. Könnte das was mit den beschriebenen Problemen zu tun haben? gruß |
|
07.03.2013, 13:37
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Und woher hast du das Enterprise Office?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.03.2013, 13:47
| #5 |
| | Windows 7 Taskleiste friert ein nach Start Ah, entschuldige, da war ich nicht ganz korrekt. Nur ein Teil des Office-Pakets ist von der Uni (z.B. Visio), der Rest ist von woanders..  Woher aber genau, weiß ich auch nicht mehr. Allerdings habe ich dieses Office schon lange vorher auf meinem alten Rechner (XP) verwendet. Hast du eine Vermutung? |
|
07.03.2013, 13:48
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Ok, machen wir erstmal weiter Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ --> Windows 7 Taskleiste friert ein nach Start |
|
07.03.2013, 14:00
| #7 |
| | Windows 7 Taskleiste friert ein nach Start OTL ist nur einmal durchgelaufen. Malwarebytes und Avira hatten nichts gefunden. Gmer hat nicht funktioniert (Avira war aber ausgeschaltet während des Durchlaufs) Ich bin aktuell im Büro, daher kann ich auch die Logs von Malwarebytes und Avira nicht posten, aber im Grunde habe ich da nichts spannendes gelesen. Immer nur: "nichts gefunden", etc.. |
|
07.03.2013, 14:03
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.03.2013, 14:12
| #9 |
| | Windows 7 Taskleiste friert ein nach Start Alles klar, vielen Dank! Ich werd mich dran machen, sobald ich wieder am Rechner bin. Kleine Fragen noch dazu: Soll ich die Programme direkt vom Rechner runterladen (Internet an/aus??) oder über extern? Soll Avira an oder aus sein? Früher wurde der Rechner bei sowas doch immer im abgesicherten Modus hochgefahren, soll ich das machen? Muchas Gracias |
|
07.03.2013, 14:16
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Lad die Programme alle vom betroffenen Rechner aus runter, Avira immer deaktivieren bevor du die Tools scannen lässt - Internetverbindung muss da sein, weil zB aswMBR Signaturen nachlädt, MBAR auch auch
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.03.2013, 18:53
| #11 |
| | Windows 7 Taskleiste friert ein nach Start Gleich beim ersten Schritt Probleme: Bei Klick auf mbar.exe folgende Meldung: Probable rootkit activity detected Registry value "AppInit_Dls" has been found, which may be caused by rootkit activity. Do you want to remove this value and restart the tool? Press No if you are not sure. What now? |
|
08.03.2013, 09:35
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Da bitte auf no klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.03.2013, 13:48
| #13 |
| | Windows 7 Taskleiste friert ein nach Start Hello, mbar.exe ist durchgelaufen. Angeblich nichts gefunden, ich hab trotzdem die zwei Durchläufe gemacht: Malwarebytes Anti-Rootkit BETA 1.01.0.1021 www.malwarebytes.org Database version: v2013.03.08.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 kard2g :: kard2g-PC [administrator] 08.03.2013 12:36:33 mbar-log-2013-03-08 (12-36-33).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 30422 Time elapsed: 2 minute(s), 46 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Malwarebytes Anti-Rootkit BETA 1.01.0.1021 www.malwarebytes.org Database version: v2013.03.08.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 kard2g :: kard2g-PC [administrator] 08.03.2013 12:40:23 mbar-log-2013-03-08 (12-40-23).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 22068 Time elapsed: 12 second(s) [aborted] Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Bei aswMBR konnte ich runterladen und upgraden, aber beim Surchlauf ist der PC irgendwann abgestürzt. Nach einem Neustart hab ich das Programm nochmals ausgeführt, diesmal ist der PC nicht abgestürzt, aber das Programm hat die Fehelrmeldung gegeben: aswMBR funktioniert nicht und muss beendet werden (oder so ähnlich) Soll ich mit dem nächsten Programm fortfahren? |
|
08.03.2013, 14:12
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7 Taskleiste friert ein nach Start Die Logs bitte in CODE-Tags - und ja, alle Tools sollst du ausführen  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.03.2013, 16:30
| #15 |
| | Windows 7 Taskleiste friert ein nach Start Alright. Hier der Log von TDSS. Laut Programm wurde auch nichts gefunden. Code:
ATTFilter 16:11:50.0213 3984 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:11:50.0977 3984 ============================================================
16:11:50.0977 3984 Current date / time: 2013/03/08 16:11:50.0977
16:11:50.0977 3984 SystemInfo:
16:11:50.0977 3984
16:11:50.0977 3984 OS Version: 6.1.7601 ServicePack: 1.0
16:11:50.0977 3984 Product type: Workstation
16:11:50.0977 3984 ComputerName: KARL-PC
16:11:50.0977 3984 UserName: Karl
16:11:50.0977 3984 Windows directory: C:\Windows
16:11:50.0977 3984 System windows directory: C:\Windows
16:11:50.0977 3984 Running under WOW64
16:11:50.0977 3984 Processor architecture: Intel x64
16:11:50.0977 3984 Number of processors: 4
16:11:50.0977 3984 Page size: 0x1000
16:11:50.0977 3984 Boot type: Normal boot
16:11:50.0977 3984 ============================================================
16:11:51.0164 3984 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:11:51.0180 3984 ============================================================
16:11:51.0180 3984 \Device\Harddisk0\DR0:
16:11:51.0180 3984 MBR partitions:
16:11:51.0180 3984 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x224800
16:11:51.0180 3984 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x225000, BlocksNum 0x1C2DB000
16:11:51.0180 3984 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1C500000, BlocksNum 0x17F3000
16:11:51.0180 3984 ============================================================
16:11:51.0180 3984 C: <-> \Device\Harddisk0\DR0\Partition2
16:11:51.0180 3984 Q: <-> \Device\Harddisk0\DR0\Partition3
16:11:51.0180 3984 ============================================================
16:11:51.0180 3984 Initialize success
16:11:51.0180 3984 ============================================================
16:11:53.0426 4352 ============================================================
16:11:53.0426 4352 Scan started
16:11:53.0426 4352 Mode: Manual;
16:11:53.0426 4352 ============================================================
16:11:53.0551 4352 ================ Scan system memory ========================
16:11:53.0551 4352 System memory - ok
16:11:53.0551 4352 ================ Scan services =============================
16:11:53.0582 4352 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:11:53.0582 4352 1394ohci - ok
16:11:53.0582 4352 [ 1F305C858E7B5E537C9B783D46243A7A ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
16:11:53.0582 4352 5U877 - ok
16:11:53.0582 4352 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:11:53.0598 4352 ACPI - ok
16:11:53.0598 4352 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:11:53.0598 4352 AcpiPmi - ok
16:11:53.0598 4352 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:11:53.0598 4352 AdobeARMservice - ok
16:11:53.0614 4352 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:11:53.0614 4352 AdobeFlashPlayerUpdateSvc - ok
16:11:53.0614 4352 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:11:53.0629 4352 adp94xx - ok
16:11:53.0629 4352 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:11:53.0629 4352 adpahci - ok
16:11:53.0629 4352 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:11:53.0629 4352 adpu320 - ok
16:11:53.0645 4352 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:11:53.0645 4352 AeLookupSvc - ok
16:11:53.0645 4352 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:11:53.0645 4352 AFD - ok
16:11:53.0660 4352 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:11:53.0660 4352 agp440 - ok
16:11:53.0660 4352 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:11:53.0660 4352 ALG - ok
16:11:53.0660 4352 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:11:53.0660 4352 aliide - ok
16:11:53.0676 4352 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:11:53.0676 4352 amdide - ok
16:11:53.0676 4352 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:11:53.0676 4352 AmdK8 - ok
16:11:53.0676 4352 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:11:53.0676 4352 AmdPPM - ok
16:11:53.0692 4352 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:11:53.0692 4352 amdsata - ok
16:11:53.0692 4352 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:11:53.0692 4352 amdsbs - ok
16:11:53.0692 4352 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:11:53.0692 4352 amdxata - ok
16:11:53.0707 4352 [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:11:53.0707 4352 AntiVirSchedulerService - ok
16:11:53.0707 4352 [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:11:53.0707 4352 AntiVirService - ok
16:11:53.0707 4352 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:11:53.0707 4352 AppID - ok
16:11:53.0723 4352 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:11:53.0723 4352 AppIDSvc - ok
16:11:53.0723 4352 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:11:53.0723 4352 Appinfo - ok
16:11:53.0723 4352 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:11:53.0723 4352 AppMgmt - ok
16:11:53.0723 4352 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:11:53.0723 4352 arc - ok
16:11:53.0738 4352 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:11:53.0738 4352 arcsas - ok
16:11:53.0738 4352 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:11:53.0738 4352 AsyncMac - ok
16:11:53.0738 4352 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:11:53.0738 4352 atapi - ok
16:11:53.0754 4352 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:11:53.0754 4352 AudioEndpointBuilder - ok
16:11:53.0770 4352 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:11:53.0770 4352 AudioSrv - ok
16:11:53.0770 4352 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:11:53.0770 4352 avgntflt - ok
16:11:53.0770 4352 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:11:53.0785 4352 avipbb - ok
16:11:53.0785 4352 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:11:53.0785 4352 avkmgr - ok
16:11:53.0785 4352 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:11:53.0785 4352 AxInstSV - ok
16:11:53.0801 4352 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:11:53.0801 4352 b06bdrv - ok
16:11:53.0801 4352 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:11:53.0801 4352 b57nd60a - ok
16:11:53.0816 4352 [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
16:11:53.0816 4352 bcbtums - ok
16:11:53.0816 4352 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:11:53.0816 4352 BDESVC - ok
16:11:53.0816 4352 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:11:53.0816 4352 Beep - ok
16:11:53.0832 4352 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:11:53.0832 4352 BFE - ok
16:11:53.0848 4352 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:11:53.0848 4352 BITS - ok
16:11:53.0848 4352 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:11:53.0848 4352 blbdrive - ok
16:11:53.0848 4352 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:11:53.0863 4352 bowser - ok
16:11:53.0863 4352 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:11:53.0863 4352 BrFiltLo - ok
16:11:53.0863 4352 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:11:53.0863 4352 BrFiltUp - ok
16:11:53.0863 4352 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:11:53.0863 4352 Browser - ok
16:11:53.0879 4352 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:11:53.0879 4352 Brserid - ok
16:11:53.0879 4352 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:11:53.0879 4352 BrSerWdm - ok
16:11:53.0879 4352 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:11:53.0879 4352 BrUsbMdm - ok
16:11:53.0894 4352 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:11:53.0894 4352 BrUsbSer - ok
16:11:53.0894 4352 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:11:53.0894 4352 BthEnum - ok
16:11:53.0894 4352 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:11:53.0894 4352 BTHMODEM - ok
16:11:53.0910 4352 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:11:53.0910 4352 BthPan - ok
16:11:53.0910 4352 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:11:53.0910 4352 BTHPORT - ok
16:11:53.0926 4352 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:11:53.0926 4352 bthserv - ok
16:11:53.0926 4352 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:11:53.0926 4352 BTHUSB - ok
16:11:53.0926 4352 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
16:11:53.0941 4352 btwampfl - ok
16:11:53.0941 4352 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:11:53.0941 4352 btwaudio - ok
16:11:53.0941 4352 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:11:53.0941 4352 btwavdt - ok
16:11:53.0957 4352 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
16:11:53.0972 4352 btwdins - ok
16:11:53.0972 4352 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:11:53.0972 4352 btwl2cap - ok
16:11:53.0988 4352 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:11:53.0988 4352 btwrchid - ok
16:11:53.0988 4352 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:11:53.0988 4352 cdfs - ok
16:11:53.0988 4352 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:11:53.0988 4352 cdrom - ok
16:11:53.0988 4352 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:11:54.0004 4352 CertPropSvc - ok
16:11:54.0004 4352 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:11:54.0004 4352 circlass - ok
16:11:54.0004 4352 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:11:54.0004 4352 CLFS - ok
16:11:54.0019 4352 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:11:54.0019 4352 clr_optimization_v2.0.50727_32 - ok
16:11:54.0019 4352 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:11:54.0035 4352 clr_optimization_v2.0.50727_64 - ok
16:11:54.0035 4352 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:11:54.0035 4352 clr_optimization_v4.0.30319_32 - ok
16:11:54.0035 4352 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:11:54.0035 4352 clr_optimization_v4.0.30319_64 - ok
16:11:54.0050 4352 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:11:54.0050 4352 CmBatt - ok
16:11:54.0050 4352 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:11:54.0050 4352 cmdide - ok
16:11:54.0050 4352 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
16:11:54.0066 4352 CNG - ok
16:11:54.0066 4352 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:11:54.0066 4352 Compbatt - ok
16:11:54.0066 4352 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:11:54.0066 4352 CompositeBus - ok
16:11:54.0066 4352 COMSysApp - ok
16:11:54.0082 4352 [ EB726E02074FDC44EBE97E01A2660AA6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:11:54.0082 4352 cphs - ok
16:11:54.0082 4352 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:11:54.0097 4352 crcdisk - ok
16:11:54.0097 4352 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:11:54.0097 4352 CryptSvc - ok
16:11:54.0113 4352 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
16:11:54.0113 4352 CSC - ok
16:11:54.0113 4352 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
16:11:54.0113 4352 CscService - ok
16:11:54.0128 4352 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:11:54.0128 4352 DcomLaunch - ok
16:11:54.0144 4352 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:11:54.0144 4352 defragsvc - ok
16:11:54.0144 4352 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:11:54.0144 4352 DfsC - ok
16:11:54.0144 4352 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:11:54.0160 4352 Dhcp - ok
16:11:54.0160 4352 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:11:54.0160 4352 discache - ok
16:11:54.0160 4352 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:11:54.0160 4352 Disk - ok
16:11:54.0160 4352 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:11:54.0160 4352 dmvsc - ok
16:11:54.0175 4352 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:11:54.0175 4352 Dnscache - ok
16:11:54.0175 4352 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:11:54.0175 4352 dot3svc - ok
16:11:54.0191 4352 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
16:11:54.0191 4352 DozeSvc - ok
16:11:54.0191 4352 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:11:54.0191 4352 DPS - ok
16:11:54.0191 4352 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:11:54.0191 4352 drmkaud - ok
16:11:54.0206 4352 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:11:54.0206 4352 DXGKrnl - ok
16:11:54.0206 4352 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
16:11:54.0206 4352 DzHDD64 - ok
16:11:54.0222 4352 [ 03F4C5C12FC1C69F838DA723475EF650 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:11:54.0222 4352 e1cexpress - ok
16:11:54.0222 4352 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:11:54.0222 4352 EapHost - ok
16:11:54.0253 4352 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:11:54.0269 4352 ebdrv - ok
16:11:54.0269 4352 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:11:54.0284 4352 EFS - ok
16:11:54.0284 4352 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:11:54.0300 4352 ehRecvr - ok
16:11:54.0300 4352 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:11:54.0300 4352 ehSched - ok
16:11:54.0316 4352 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:11:54.0316 4352 elxstor - ok
16:11:54.0316 4352 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:11:54.0316 4352 ErrDev - ok
16:11:54.0331 4352 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:11:54.0331 4352 EventSystem - ok
16:11:54.0347 4352 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:11:54.0347 4352 EvtEng - ok
16:11:54.0347 4352 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:11:54.0347 4352 exfat - ok
16:11:54.0347 4352 [ EB3A7D5663ACAC417DF986D4AEE12170 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
16:11:54.0347 4352 Fastboot - ok
16:11:54.0362 4352 [ 63511240AF70D10343A4AE05F8E2CA12 ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
16:11:54.0362 4352 FastbootService - ok
16:11:54.0362 4352 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:11:54.0362 4352 fastfat - ok
16:11:54.0378 4352 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:11:54.0378 4352 Fax - ok
16:11:54.0378 4352 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:11:54.0378 4352 fdc - ok
16:11:54.0394 4352 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:11:54.0394 4352 fdPHost - ok
16:11:54.0394 4352 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:11:54.0394 4352 FDResPub - ok
16:11:54.0394 4352 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:11:54.0394 4352 FileInfo - ok
16:11:54.0394 4352 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:11:54.0394 4352 Filetrace - ok
16:11:54.0409 4352 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:11:54.0409 4352 flpydisk - ok
16:11:54.0409 4352 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:11:54.0409 4352 FltMgr - ok
16:11:54.0425 4352 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
16:11:54.0425 4352 FontCache - ok
16:11:54.0425 4352 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:11:54.0440 4352 FontCache3.0.0.0 - ok
16:11:54.0440 4352 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:11:54.0440 4352 FsDepends - ok
16:11:54.0440 4352 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:11:54.0440 4352 Fs_Rec - ok
16:11:54.0440 4352 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:11:54.0456 4352 fvevol - ok
16:11:54.0456 4352 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:11:54.0456 4352 gagp30kx - ok
16:11:54.0456 4352 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:11:54.0472 4352 gpsvc - ok
16:11:54.0472 4352 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:11:54.0472 4352 gupdate - ok
16:11:54.0472 4352 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:11:54.0472 4352 gupdatem - ok
16:11:54.0487 4352 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:11:54.0487 4352 gusvc - ok
16:11:54.0487 4352 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:11:54.0487 4352 hcw85cir - ok
16:11:54.0487 4352 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:11:54.0487 4352 HdAudAddService - ok
16:11:54.0503 4352 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:11:54.0503 4352 HDAudBus - ok
16:11:54.0503 4352 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:11:54.0503 4352 HidBatt - ok
16:11:54.0503 4352 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:11:54.0503 4352 HidBth - ok
16:11:54.0518 4352 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:11:54.0518 4352 HidIr - ok
16:11:54.0518 4352 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:11:54.0518 4352 hidserv - ok
16:11:54.0518 4352 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:11:54.0518 4352 HidUsb - ok
16:11:54.0534 4352 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:11:54.0534 4352 hkmsvc - ok
16:11:54.0534 4352 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:11:54.0534 4352 HomeGroupListener - ok
16:11:54.0534 4352 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:11:54.0534 4352 HomeGroupProvider - ok
16:11:54.0550 4352 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:11:54.0550 4352 HpSAMD - ok
16:11:54.0550 4352 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:11:54.0565 4352 HTTP - ok
16:11:54.0565 4352 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:11:54.0565 4352 hwpolicy - ok
16:11:54.0565 4352 [ 16A7CA284629A4D002F7B992C9A49EF9 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
16:11:54.0581 4352 HyperW7Svc - ok
16:11:54.0581 4352 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:11:54.0581 4352 i8042prt - ok
16:11:54.0581 4352 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
16:11:54.0596 4352 iaStor - ok
16:11:54.0596 4352 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:11:54.0596 4352 iaStorV - ok
16:11:54.0596 4352 [ B21087E1A64FD474BF3E1A602A714F1F ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
16:11:54.0596 4352 IBMPMDRV - ok
16:11:54.0612 4352 [ A3E4DE0F77031061972485EF9BD8E4D0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
16:11:54.0612 4352 IBMPMSVC - ok
16:11:54.0612 4352 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:11:54.0643 4352 idsvc - ok
16:11:54.0690 4352 [ B9857625DF8B539ABCB90E15B5716568 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:11:54.0752 4352 igfx - ok
16:11:54.0752 4352 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:11:54.0752 4352 iirsp - ok
16:11:54.0768 4352 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:11:54.0768 4352 IKEEXT - ok
16:11:54.0784 4352 [ 314285071F7117263BD246E35C17FD82 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:11:54.0784 4352 intaud_WaveExtensible - ok
16:11:54.0815 4352 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:11:54.0830 4352 IntcAzAudAddService - ok
16:11:54.0830 4352 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:11:54.0846 4352 Intel(R) Capability Licensing Service Interface - ok
16:11:54.0846 4352 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:11:54.0846 4352 intelide - ok
16:11:54.0846 4352 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:11:54.0846 4352 intelppm - ok
16:11:54.0846 4352 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:11:54.0846 4352 IPBusEnum - ok
16:11:54.0862 4352 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:11:54.0862 4352 IpFilterDriver - ok
16:11:54.0862 4352 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:11:54.0862 4352 iphlpsvc - ok
16:11:54.0877 4352 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:11:54.0877 4352 IPMIDRV - ok
16:11:54.0877 4352 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:11:54.0877 4352 IPNAT - ok
16:11:54.0877 4352 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:11:54.0877 4352 IRENUM - ok
16:11:54.0893 4352 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:11:54.0893 4352 isapnp - ok
16:11:54.0893 4352 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:11:54.0893 4352 iScsiPrt - ok
16:11:54.0893 4352 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:11:54.0893 4352 iusb3hcs - ok
16:11:54.0908 4352 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
16:11:54.0908 4352 iusb3hub - ok
16:11:54.0908 4352 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
16:11:54.0924 4352 iusb3xhc - ok
16:11:54.0924 4352 [ 4487AD9C070D3973FE28AB4406555FC6 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
16:11:54.0924 4352 iwdbus - ok
16:11:54.0924 4352 [ 0043D9FB61C35F90886B1E93DD556FAF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:11:54.0924 4352 jhi_service - ok
16:11:54.0940 4352 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:11:54.0940 4352 kbdclass - ok
16:11:54.0940 4352 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:11:54.0940 4352 kbdhid - ok
16:11:54.0940 4352 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:11:54.0940 4352 KeyIso - ok
16:11:54.0955 4352 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:11:54.0955 4352 KSecDD - ok
16:11:54.0955 4352 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:11:54.0955 4352 KSecPkg - ok
16:11:54.0955 4352 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:11:54.0955 4352 ksthunk - ok
16:11:54.0971 4352 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:11:54.0971 4352 KtmRm - ok
16:11:54.0971 4352 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:11:54.0971 4352 LanmanServer - ok
16:11:54.0986 4352 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:11:54.0986 4352 LanmanWorkstation - ok
16:11:54.0986 4352 [ 4A0235E9822B220339E34D8C122BB6D1 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
16:11:54.0986 4352 LENOVO.CAMMUTE - ok
16:11:54.0986 4352 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
16:11:54.0986 4352 LENOVO.MICMUTE - ok
16:11:55.0002 4352 [ 93921A19D885755B9751C3744DBCB8FD ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
16:11:55.0002 4352 LENOVO.TPKNRSVC - ok
16:11:55.0002 4352 [ 79F99A4D59825839B7E563B4BCF52C5E ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
16:11:55.0002 4352 LENOVO.TVTVCAM - ok
16:11:55.0002 4352 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
16:11:55.0002 4352 Lenovo.VIRTSCRLSVC - ok
16:11:55.0018 4352 [ 606DA892A53FA863B67F8D3F8FF016A0 ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
16:11:55.0018 4352 LenovoRd - ok
16:11:55.0018 4352 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:11:55.0018 4352 lltdio - ok
16:11:55.0018 4352 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:11:55.0018 4352 lltdsvc - ok
16:11:55.0033 4352 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:11:55.0033 4352 lmhosts - ok
16:11:55.0033 4352 [ 2FB262276D1C689C6886B1C0710342FA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:11:55.0033 4352 LMS - ok
16:11:55.0033 4352 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:11:55.0049 4352 LSI_FC - ok
16:11:55.0049 4352 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:11:55.0049 4352 LSI_SAS - ok
16:11:55.0049 4352 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:11:55.0049 4352 LSI_SAS2 - ok
16:11:55.0049 4352 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:11:55.0049 4352 LSI_SCSI - ok
16:11:55.0064 4352 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:11:55.0064 4352 luafv - ok
16:11:55.0064 4352 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:11:55.0064 4352 MBAMProtector - ok
16:11:55.0064 4352 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:11:55.0080 4352 MBAMScheduler - ok
16:11:55.0080 4352 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:11:55.0080 4352 MBAMService - ok
16:11:55.0096 4352 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:11:55.0096 4352 Mcx2Svc - ok
16:11:55.0096 4352 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
16:11:55.0096 4352 megasas - ok
16:11:55.0096 4352 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:11:55.0096 4352 MegaSR - ok
16:11:55.0111 4352 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:11:55.0111 4352 MEIx64 - ok
16:11:55.0111 4352 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:11:55.0111 4352 Microsoft Office Groove Audit Service - ok
16:11:55.0127 4352 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:11:55.0127 4352 MMCSS - ok
16:11:55.0127 4352 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:11:55.0127 4352 Modem - ok
16:11:55.0127 4352 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:11:55.0127 4352 monitor - ok
16:11:55.0142 4352 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:11:55.0142 4352 mouclass - ok
16:11:55.0142 4352 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:11:55.0142 4352 mouhid - ok
16:11:55.0142 4352 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:11:55.0142 4352 mountmgr - ok
16:11:55.0142 4352 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:11:55.0142 4352 MozillaMaintenance - ok
16:11:55.0158 4352 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:11:55.0158 4352 mpio - ok
16:11:55.0158 4352 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:11:55.0158 4352 mpsdrv - ok
16:11:55.0174 4352 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:11:55.0174 4352 MpsSvc - ok
16:11:55.0174 4352 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:11:55.0174 4352 MRxDAV - ok
16:11:55.0189 4352 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:11:55.0189 4352 mrxsmb - ok
16:11:55.0189 4352 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:11:55.0189 4352 mrxsmb10 - ok
16:11:55.0205 4352 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:11:55.0205 4352 mrxsmb20 - ok
16:11:55.0205 4352 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:11:55.0205 4352 msahci - ok
16:11:55.0205 4352 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:11:55.0205 4352 msdsm - ok
16:11:55.0220 4352 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:11:55.0220 4352 MSDTC - ok
16:11:55.0220 4352 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:11:55.0220 4352 Msfs - ok
16:11:55.0220 4352 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:11:55.0236 4352 mshidkmdf - ok
16:11:55.0236 4352 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:11:55.0236 4352 msisadrv - ok
16:11:55.0236 4352 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:11:55.0236 4352 MSiSCSI - ok
16:11:55.0236 4352 msiserver - ok
16:11:55.0252 4352 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:11:55.0252 4352 MSKSSRV - ok
16:11:55.0252 4352 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:11:55.0252 4352 MSPCLOCK - ok
16:11:55.0252 4352 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:11:55.0252 4352 MSPQM - ok
16:11:55.0267 4352 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:11:55.0267 4352 MsRPC - ok
16:11:55.0267 4352 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:11:55.0267 4352 mssmbios - ok
16:11:55.0283 4352 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:11:55.0283 4352 MSTEE - ok
16:11:55.0283 4352 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:11:55.0283 4352 MTConfig - ok
16:11:55.0283 4352 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:11:55.0283 4352 Mup - ok
16:11:55.0283 4352 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:11:55.0298 4352 MyWiFiDHCPDNS - ok
16:11:55.0298 4352 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:11:55.0314 4352 napagent - ok
16:11:55.0314 4352 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:11:55.0314 4352 NativeWifiP - ok
16:11:55.0330 4352 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:11:55.0330 4352 NDIS - ok
16:11:55.0330 4352 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:11:55.0330 4352 NdisCap - ok
16:11:55.0330 4352 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:11:55.0345 4352 NdisTapi - ok
16:11:55.0345 4352 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:11:55.0345 4352 Ndisuio - ok
16:11:55.0345 4352 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:11:55.0345 4352 NdisWan - ok
16:11:55.0345 4352 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:11:55.0361 4352 NDProxy - ok
16:11:55.0361 4352 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:11:55.0361 4352 NetBIOS - ok
16:11:55.0361 4352 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:11:55.0361 4352 NetBT - ok
16:11:55.0361 4352 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:11:55.0376 4352 Netlogon - ok
16:11:55.0376 4352 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:11:55.0376 4352 Netman - ok
16:11:55.0376 4352 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:11:55.0392 4352 netprofm - ok
16:11:55.0392 4352 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:11:55.0392 4352 NetTcpPortSharing - ok
16:11:55.0470 4352 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
16:11:55.0532 4352 NETwNs64 - ok
16:11:55.0548 4352 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:11:55.0548 4352 nfrd960 - ok
16:11:55.0548 4352 [ BC4B7FA7F7EBE5E9CC70885A2CB727D0 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
16:11:55.0548 4352 NitroDriverReadSpool2 - ok
16:11:55.0564 4352 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:11:55.0564 4352 NlaSvc - ok
16:11:55.0564 4352 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:11:55.0564 4352 Npfs - ok
16:11:55.0564 4352 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:11:55.0564 4352 nsi - ok
16:11:55.0579 4352 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:11:55.0579 4352 nsiproxy - ok
16:11:55.0595 4352 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:11:55.0595 4352 Ntfs - ok
16:11:55.0610 4352 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:11:55.0610 4352 Null - ok
16:11:55.0610 4352 [ 65E6BB06A644533118BE007E9601B2C2 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
16:11:55.0610 4352 nvkflt - ok
16:11:55.0704 4352 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:11:55.0782 4352 nvlddmkm - ok
16:11:55.0782 4352 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
16:11:55.0782 4352 nvpciflt - ok
16:11:55.0798 4352 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:11:55.0798 4352 nvraid - ok
16:11:55.0798 4352 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:11:55.0798 4352 nvstor - ok
16:11:55.0813 4352 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
16:11:55.0813 4352 nvsvc - ok
16:11:55.0829 4352 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:11:55.0829 4352 nvUpdatusService - ok
16:11:55.0829 4352 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:11:55.0829 4352 nv_agp - ok
16:11:55.0844 4352 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:11:55.0844 4352 odserv - ok
16:11:55.0860 4352 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:11:55.0860 4352 ohci1394 - ok
16:11:55.0860 4352 [ 2B8E4C792BED0E5882702720BC528AE5 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:11:55.0860 4352 ose - ok
16:11:55.0907 4352 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:11:55.0922 4352 osppsvc - ok
16:11:55.0938 4352 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:11:55.0938 4352 p2pimsvc - ok
16:11:55.0938 4352 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:11:55.0938 4352 p2psvc - ok
16:11:55.0954 4352 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
16:11:55.0954 4352 Parport - ok
16:11:55.0954 4352 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:11:55.0954 4352 partmgr - ok
16:11:55.0954 4352 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:11:55.0954 4352 PcaSvc - ok
16:11:55.0969 4352 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:11:55.0969 4352 pci - ok
16:11:55.0969 4352 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:11:55.0969 4352 pciide - ok
16:11:55.0969 4352 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:11:55.0969 4352 pcmcia - ok
16:11:55.0985 4352 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:11:55.0985 4352 pcw - ok
16:11:55.0985 4352 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:11:55.0985 4352 PEAUTH - ok
16:11:56.0000 4352 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:11:56.0016 4352 PeerDistSvc - ok
16:11:56.0032 4352 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:11:56.0032 4352 PerfHost - ok
16:11:56.0032 4352 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
16:11:56.0032 4352 PHCORE - ok
16:11:56.0047 4352 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:11:56.0063 4352 pla - ok
16:11:56.0063 4352 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:11:56.0063 4352 PlugPlay - ok
16:11:56.0078 4352 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:11:56.0078 4352 PNRPAutoReg - ok
16:11:56.0078 4352 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:11:56.0078 4352 PNRPsvc - ok
16:11:56.0094 4352 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:11:56.0094 4352 PolicyAgent - ok
16:11:56.0094 4352 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
16:11:56.0110 4352 Power - ok
16:11:56.0110 4352 [ DEED60F99C5B8E386D507860F600D509 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
16:11:56.0125 4352 Power Manager DBC Service - ok
16:11:56.0125 4352 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:11:56.0125 4352 PptpMiniport - ok
16:11:56.0141 4352 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
16:11:56.0141 4352 Processor - ok
16:11:56.0141 4352 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:11:56.0141 4352 ProfSvc - ok
16:11:56.0141 4352 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:11:56.0141 4352 ProtectedStorage - ok
16:11:56.0156 4352 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
16:11:56.0156 4352 psadd - ok
16:11:56.0156 4352 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:11:56.0156 4352 Psched - ok
16:11:56.0156 4352 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:11:56.0156 4352 PSI_SVC_2 - ok
16:11:56.0172 4352 [ 68DCE950DCD2ABBB82362D383EC5836E ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
16:11:56.0188 4352 PwmEWSvc - ok
16:11:56.0203 4352 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:11:56.0219 4352 ql2300 - ok
16:11:56.0219 4352 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:11:56.0219 4352 ql40xx - ok
16:11:56.0219 4352 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:11:56.0234 4352 QWAVE - ok
16:11:56.0234 4352 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:11:56.0234 4352 QWAVEdrv - ok
16:11:56.0234 4352 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:11:56.0234 4352 RasAcd - ok
16:11:56.0234 4352 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:11:56.0250 4352 RasAgileVpn - ok
16:11:56.0250 4352 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:11:56.0250 4352 RasAuto - ok
16:11:56.0250 4352 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:11:56.0250 4352 Rasl2tp - ok
16:11:56.0266 4352 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:11:56.0266 4352 RasMan - ok
16:11:56.0266 4352 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:11:56.0266 4352 RasPppoe - ok
16:11:56.0266 4352 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:11:56.0266 4352 RasSstp - ok
16:11:56.0281 4352 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:11:56.0281 4352 rdbss - ok
16:11:56.0281 4352 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:11:56.0281 4352 rdpbus - ok
16:11:56.0281 4352 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:11:56.0281 4352 RDPCDD - ok
16:11:56.0297 4352 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:11:56.0297 4352 RDPDR - ok
16:11:56.0297 4352 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:11:56.0297 4352 RDPENCDD - ok
16:11:56.0297 4352 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:11:56.0297 4352 RDPREFMP - ok
16:11:56.0312 4352 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:11:56.0312 4352 RdpVideoMiniport - ok
16:11:56.0312 4352 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:11:56.0312 4352 RDPWD - ok
16:11:56.0328 4352 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:11:56.0328 4352 rdyboost - ok
16:11:56.0328 4352 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:11:56.0328 4352 RegSrvc - ok
16:11:56.0328 4352 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:11:56.0328 4352 RemoteAccess - ok
16:11:56.0344 4352 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:11:56.0344 4352 RemoteRegistry - ok
16:11:56.0344 4352 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:11:56.0344 4352 RFCOMM - ok
16:11:56.0359 4352 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
16:11:56.0359 4352 risdxc - ok
16:11:56.0359 4352 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:11:56.0359 4352 RpcEptMapper - ok
16:11:56.0359 4352 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:11:56.0359 4352 RpcLocator - ok
16:11:56.0375 4352 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:11:56.0375 4352 RpcSs - ok
16:11:56.0375 4352 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:11:56.0375 4352 rspndr - ok
16:11:56.0375 4352 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:11:56.0390 4352 s3cap - ok
16:11:56.0390 4352 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:11:56.0390 4352 SamSs - ok
16:11:56.0390 4352 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:11:56.0390 4352 sbp2port - ok
16:11:56.0390 4352 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:11:56.0406 4352 SCardSvr - ok
16:11:56.0406 4352 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:11:56.0406 4352 scfilter - ok
16:11:56.0406 4352 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:11:56.0422 4352 Schedule - ok
16:11:56.0422 4352 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:11:56.0422 4352 SCPolicySvc - ok
16:11:56.0437 4352 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:11:56.0437 4352 SDRSVC - ok
16:11:56.0437 4352 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:11:56.0437 4352 secdrv - ok
16:11:56.0437 4352 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:11:56.0437 4352 seclogon - ok
16:11:56.0453 4352 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:11:56.0453 4352 SENS - ok
16:11:56.0453 4352 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:11:56.0453 4352 SensrSvc - ok
16:11:56.0453 4352 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:11:56.0453 4352 Serenum - ok
16:11:56.0468 4352 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:11:56.0468 4352 Serial - ok
16:11:56.0468 4352 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:11:56.0468 4352 sermouse - ok
16:11:56.0484 4352 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:11:56.0484 4352 SessionEnv - ok
16:11:56.0484 4352 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:11:56.0484 4352 sffdisk - ok
16:11:56.0484 4352 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:11:56.0484 4352 sffp_mmc - ok
16:11:56.0500 4352 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:11:56.0500 4352 sffp_sd - ok
16:11:56.0500 4352 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:11:56.0500 4352 sfloppy - ok
16:11:56.0500 4352 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:11:56.0500 4352 SharedAccess - ok
16:11:56.0515 4352 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:11:56.0515 4352 ShellHWDetection - ok
16:11:56.0515 4352 [ 7AC6FBFC13ABA3F15B05986412D10E10 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
16:11:56.0515 4352 Shockprf - ok
16:11:56.0531 4352 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:11:56.0531 4352 SiSRaid2 - ok
16:11:56.0531 4352 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:11:56.0531 4352 SiSRaid4 - ok
16:11:56.0531 4352 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:11:56.0531 4352 SkypeUpdate - ok
16:11:56.0531 4352 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:11:56.0531 4352 Smb - ok
16:11:56.0546 4352 [ 3BC2844AF786CA422CC31D505ACFA9F2 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
16:11:56.0546 4352 smihlp - ok
16:11:56.0546 4352 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:11:56.0546 4352 SNMPTRAP - ok
16:11:56.0562 4352 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:11:56.0562 4352 spldr - ok
16:11:56.0562 4352 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:11:56.0562 4352 Spooler - ok
16:11:56.0593 4352 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:11:56.0609 4352 sppsvc - ok
16:11:56.0609 4352 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:11:56.0624 4352 sppuinotify - ok
16:11:56.0624 4352 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:11:56.0624 4352 srv - ok
16:11:56.0640 4352 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:11:56.0640 4352 srv2 - ok
16:11:56.0640 4352 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:11:56.0640 4352 srvnet - ok
16:11:56.0640 4352 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:11:56.0656 4352 SSDPSRV - ok
16:11:56.0656 4352 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:11:56.0656 4352 SstpSvc - ok
16:11:56.0656 4352 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:11:56.0656 4352 Stereo Service - ok
16:11:56.0671 4352 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:11:56.0671 4352 stexstor - ok
16:11:56.0671 4352 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:11:56.0671 4352 stisvc - ok
16:11:56.0687 4352 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:11:56.0687 4352 storflt - ok
16:11:56.0687 4352 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
16:11:56.0687 4352 StorSvc - ok
16:11:56.0687 4352 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:11:56.0687 4352 storvsc - ok
16:11:56.0702 4352 [ 5D8B9129DA2EB060BC9346FD9724632E ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
16:11:56.0702 4352 SUService - ok
16:11:56.0702 4352 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:11:56.0702 4352 swenum - ok
16:11:56.0702 4352 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:11:56.0718 4352 swprv - ok
16:11:56.0718 4352 [ 883D2880144FD3ED9F1C04B5B5B9B562 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:11:56.0718 4352 SynTP - ok
16:11:56.0734 4352 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:11:56.0749 4352 SysMain - ok
16:11:56.0749 4352 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:11:56.0749 4352 TabletInputService - ok
16:11:56.0749 4352 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:11:56.0765 4352 TapiSrv - ok
16:11:56.0765 4352 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:11:56.0765 4352 TBS - ok
16:11:56.0780 4352 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:11:56.0796 4352 Tcpip - ok
16:11:56.0812 4352 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:11:56.0812 4352 TCPIP6 - ok
16:11:56.0827 4352 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:11:56.0827 4352 tcpipreg - ok
16:11:56.0827 4352 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:11:56.0827 4352 TDPIPE - ok
16:11:56.0827 4352 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:11:56.0827 4352 TDTCP - ok
16:11:56.0843 4352 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:11:56.0843 4352 tdx - ok
16:11:56.0843 4352 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:11:56.0843 4352 TermDD - ok
16:11:56.0843 4352 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:11:56.0858 4352 TermService - ok
16:11:56.0858 4352 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:11:56.0858 4352 Themes - ok
16:11:56.0858 4352 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:11:56.0874 4352 THREADORDER - ok
16:11:56.0874 4352 [ BC148E3415BF8A9DE83364966F75044F ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
16:11:56.0874 4352 TPDIGIMN - ok
16:11:56.0874 4352 [ BBD91008BEC4A2BA5D383BC9A15D6F9E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
16:11:56.0874 4352 TPHDEXLGSVC - ok
16:11:56.0874 4352 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
16:11:56.0890 4352 TPHKLOAD - ok
16:11:56.0890 4352 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
16:11:56.0890 4352 TPHKSVC - ok
16:11:56.0890 4352 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
16:11:56.0890 4352 TPM - ok
16:11:56.0890 4352 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
16:11:56.0890 4352 TPPWRIF - ok
16:11:56.0905 4352 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:11:56.0905 4352 TrkWks - ok
16:11:56.0905 4352 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:11:56.0905 4352 TrustedInstaller - ok
16:11:56.0921 4352 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:11:56.0921 4352 tssecsrv - ok
16:11:56.0921 4352 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:11:56.0921 4352 TsUsbFlt - ok
16:11:56.0921 4352 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:11:56.0921 4352 TsUsbGD - ok
16:11:56.0921 4352 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:11:56.0936 4352 tunnel - ok
16:11:56.0936 4352 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
16:11:56.0936 4352 TVTI2C - ok
16:11:56.0936 4352 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
16:11:56.0936 4352 tvtvcamd - ok
16:11:56.0936 4352 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:11:56.0936 4352 uagp35 - ok
16:11:56.0952 4352 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:11:56.0952 4352 udfs - ok
16:11:56.0952 4352 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:11:56.0952 4352 UI0Detect - ok
16:11:56.0968 4352 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
16:11:56.0968 4352 UleadBurningHelper - ok
16:11:56.0968 4352 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:11:56.0968 4352 uliagpkx - ok
16:11:56.0968 4352 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:11:56.0968 4352 umbus - ok
16:11:56.0983 4352 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
16:11:56.0983 4352 UmPass - ok
16:11:56.0983 4352 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
16:11:56.0983 4352 UmRdpService - ok
16:11:56.0983 4352 [ CABEC311CEA77EAEA3DC04A1ADFC0459 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:11:56.0999 4352 UNS - ok
16:11:56.0999 4352 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:11:56.0999 4352 upnphost - ok
16:11:56.0999 4352 [ 6CC0985C3BB5931F73FF0846E06A9483 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:11:56.0999 4352 usbccgp - ok
16:11:57.0014 4352 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:11:57.0014 4352 usbcir - ok
16:11:57.0014 4352 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:11:57.0014 4352 usbehci - ok
16:11:57.0014 4352 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:11:57.0030 4352 usbhub - ok
16:11:57.0030 4352 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:11:57.0030 4352 usbohci - ok
16:11:57.0030 4352 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:11:57.0030 4352 usbprint - ok
16:11:57.0030 4352 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:11:57.0030 4352 usbscan - ok
16:11:57.0046 4352 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:11:57.0046 4352 USBSTOR - ok
16:11:57.0046 4352 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:11:57.0046 4352 usbuhci - ok
16:11:57.0046 4352 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:11:57.0046 4352 usbvideo - ok
16:11:57.0046 4352 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:11:57.0061 4352 UxSms - ok
16:11:57.0061 4352 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:11:57.0061 4352 VaultSvc - ok
16:11:57.0061 4352 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:11:57.0061 4352 vdrvroot - ok
16:11:57.0077 4352 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:11:57.0077 4352 vds - ok
16:11:57.0077 4352 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:11:57.0077 4352 vga - ok
16:11:57.0092 4352 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:11:57.0092 4352 VgaSave - ok
16:11:57.0092 4352 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:11:57.0092 4352 vhdmp - ok
16:11:57.0092 4352 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:11:57.0092 4352 viaide - ok
16:11:57.0108 4352 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
16:11:57.0108 4352 VIPAppService - ok
16:11:57.0108 4352 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:11:57.0108 4352 vmbus - ok
16:11:57.0108 4352 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:11:57.0108 4352 VMBusHID - ok
16:11:57.0124 4352 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:11:57.0124 4352 volmgr - ok
16:11:57.0124 4352 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:11:57.0124 4352 volmgrx - ok
16:11:57.0124 4352 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:11:57.0139 4352 volsnap - ok
16:11:57.0139 4352 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:11:57.0139 4352 vsmraid - ok
16:11:57.0155 4352 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:11:57.0170 4352 VSS - ok
16:11:57.0170 4352 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:11:57.0170 4352 vwifibus - ok
16:11:57.0170 4352 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:11:57.0170 4352 vwififlt - ok
16:11:57.0170 4352 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:11:57.0170 4352 vwifimp - ok
16:11:57.0186 4352 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:11:57.0186 4352 W32Time - ok
16:11:57.0186 4352 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:11:57.0186 4352 WacomPen - ok
16:11:57.0202 4352 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:11:57.0202 4352 WANARP - ok
16:11:57.0202 4352 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:11:57.0202 4352 Wanarpv6 - ok
16:11:57.0217 4352 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:11:57.0217 4352 wbengine - ok
16:11:57.0233 4352 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:11:57.0233 4352 WbioSrvc - ok
16:11:57.0233 4352 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:11:57.0248 4352 wcncsvc - ok
16:11:57.0248 4352 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:11:57.0248 4352 WcsPlugInService - ok
16:11:57.0248 4352 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
16:11:57.0248 4352 Wd - ok
16:11:57.0264 4352 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:11:57.0264 4352 Wdf01000 - ok
16:11:57.0264 4352 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:11:57.0264 4352 WdiServiceHost - ok
16:11:57.0264 4352 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:11:57.0280 4352 WdiSystemHost - ok
16:11:57.0280 4352 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:11:57.0280 4352 WebClient - ok
16:11:57.0280 4352 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:11:57.0295 4352 Wecsvc - ok
16:11:57.0295 4352 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:11:57.0295 4352 wercplsupport - ok
16:11:57.0295 4352 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:11:57.0295 4352 WerSvc - ok
16:11:57.0311 4352 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:11:57.0311 4352 WfpLwf - ok
16:11:57.0311 4352 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:11:57.0311 4352 WIMMount - ok
16:11:57.0311 4352 WinDefend - ok
16:11:57.0311 4352 WinHttpAutoProxySvc - ok
16:11:57.0326 4352 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:11:57.0326 4352 Winmgmt - ok
16:11:57.0342 4352 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:11:57.0358 4352 WinRM - ok
16:11:57.0358 4352 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
16:11:57.0358 4352 WinUsb - ok
16:11:57.0373 4352 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:11:57.0373 4352 Wlansvc - ok
16:11:57.0389 4352 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:11:57.0389 4352 wlcrasvc - ok
16:11:57.0404 4352 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:11:57.0420 4352 wlidsvc - ok
16:11:57.0420 4352 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:11:57.0420 4352 WmiAcpi - ok
16:11:57.0436 4352 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:11:57.0436 4352 wmiApSrv - ok
16:11:57.0436 4352 WMPNetworkSvc - ok
16:11:57.0436 4352 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:11:57.0451 4352 WPCSvc - ok
16:11:57.0451 4352 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:11:57.0451 4352 WPDBusEnum - ok
16:11:57.0451 4352 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:11:57.0451 4352 ws2ifsl - ok
16:11:57.0467 4352 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
16:11:57.0467 4352 wscsvc - ok
16:11:57.0467 4352 WSearch - ok
16:11:57.0482 4352 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:11:57.0498 4352 wuauserv - ok
16:11:57.0498 4352 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:11:57.0498 4352 WudfPf - ok
16:11:57.0514 4352 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:57.0514 4352 WUDFRd - ok
16:11:57.0514 4352 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:11:57.0514 4352 wudfsvc - ok
16:11:57.0529 4352 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:11:57.0529 4352 WwanSvc - ok
16:11:57.0545 4352 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
16:11:57.0560 4352 ZeroConfigService - ok
16:11:57.0576 4352 ================ Scan global ===============================
16:11:57.0576 4352 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:11:57.0576 4352 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:11:57.0576 4352 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:11:57.0592 4352 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:11:57.0592 4352 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:11:57.0592 4352 [Global] - ok
16:11:57.0592 4352 ================ Scan MBR ==================================
16:11:57.0592 4352 [ C325549D07816418609926B52AB3DE9C ] \Device\Harddisk0\DR0
16:11:57.0638 4352 \Device\Harddisk0\DR0 - ok
16:11:57.0638 4352 ================ Scan VBR ==================================
16:11:57.0638 4352 [ 0D68217E0CBDCC8805330F6D84618CC7 ] \Device\Harddisk0\DR0\Partition1
16:11:57.0638 4352 \Device\Harddisk0\DR0\Partition1 - ok
16:11:57.0638 4352 [ 396714E6EF2A4F3B63FB7A386838581C ] \Device\Harddisk0\DR0\Partition2
16:11:57.0638 4352 \Device\Harddisk0\DR0\Partition2 - ok
16:11:57.0638 4352 [ 0A6C061F61DF224F4DEF20B3BABAE1AA ] \Device\Harddisk0\DR0\Partition3
16:11:57.0638 4352 \Device\Harddisk0\DR0\Partition3 - ok
16:11:57.0638 4352 ============================================================
16:11:57.0638 4352 Scan finished
16:11:57.0638 4352 ============================================================
16:11:57.0654 5820 Detected object count: 0
16:11:57.0654 5820 Actual detected object count: 0
16:12:30.0929 6660 ============================================================
16:12:30.0929 6660 Scan started
16:12:30.0929 6660 Mode: Manual;
16:12:30.0929 6660 ============================================================
16:12:31.0038 6660 ================ Scan system memory ========================
16:12:31.0038 6660 System memory - ok
16:12:31.0038 6660 ================ Scan services =============================
16:12:31.0069 6660 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:12:31.0069 6660 1394ohci - ok
16:12:31.0069 6660 [ 1F305C858E7B5E537C9B783D46243A7A ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
16:12:31.0069 6660 5U877 - ok
16:12:31.0085 6660 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:12:31.0085 6660 ACPI - ok
16:12:31.0085 6660 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:12:31.0085 6660 AcpiPmi - ok
16:12:31.0085 6660 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:12:31.0085 6660 AdobeARMservice - ok
16:12:31.0100 6660 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:12:31.0100 6660 AdobeFlashPlayerUpdateSvc - ok
16:12:31.0100 6660 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:12:31.0116 6660 adp94xx - ok
16:12:31.0116 6660 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:12:31.0116 6660 adpahci - ok
16:12:31.0116 6660 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:12:31.0116 6660 adpu320 - ok
16:12:31.0132 6660 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:12:31.0132 6660 AeLookupSvc - ok
16:12:31.0132 6660 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:12:31.0132 6660 AFD - ok
16:12:31.0147 6660 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:12:31.0147 6660 agp440 - ok
16:12:31.0147 6660 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:12:31.0147 6660 ALG - ok
16:12:31.0147 6660 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:12:31.0147 6660 aliide - ok
16:12:31.0147 6660 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:12:31.0163 6660 amdide - ok
16:12:31.0163 6660 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:12:31.0163 6660 AmdK8 - ok
16:12:31.0163 6660 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:12:31.0163 6660 AmdPPM - ok
16:12:31.0163 6660 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:12:31.0163 6660 amdsata - ok
16:12:31.0178 6660 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:12:31.0178 6660 amdsbs - ok
16:12:31.0178 6660 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:12:31.0178 6660 amdxata - ok
16:12:31.0178 6660 [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:12:31.0178 6660 AntiVirSchedulerService - ok
16:12:31.0194 6660 [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:12:31.0194 6660 AntiVirService - ok
16:12:31.0194 6660 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:12:31.0194 6660 AppID - ok
16:12:31.0194 6660 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:12:31.0194 6660 AppIDSvc - ok
16:12:31.0210 6660 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:12:31.0210 6660 Appinfo - ok
16:12:31.0210 6660 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:12:31.0210 6660 AppMgmt - ok
16:12:31.0210 6660 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
16:12:31.0210 6660 arc - ok
16:12:31.0210 6660 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:12:31.0225 6660 arcsas - ok
16:12:31.0225 6660 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:12:31.0225 6660 AsyncMac - ok
16:12:31.0225 6660 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:12:31.0225 6660 atapi - ok
16:12:31.0241 6660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:12:31.0241 6660 AudioEndpointBuilder - ok
16:12:31.0241 6660 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:12:31.0241 6660 AudioSrv - ok
16:12:31.0256 6660 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:12:31.0256 6660 avgntflt - ok
16:12:31.0256 6660 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:12:31.0256 6660 avipbb - ok
16:12:31.0256 6660 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:12:31.0256 6660 avkmgr - ok
16:12:31.0272 6660 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:12:31.0272 6660 AxInstSV - ok
16:12:31.0272 6660 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:12:31.0272 6660 b06bdrv - ok
16:12:31.0288 6660 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:12:31.0288 6660 b57nd60a - ok
16:12:31.0288 6660 [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
16:12:31.0288 6660 bcbtums - ok
16:12:31.0288 6660 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:12:31.0288 6660 BDESVC - ok
16:12:31.0303 6660 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:12:31.0303 6660 Beep - ok
16:12:31.0303 6660 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:12:31.0303 6660 BFE - ok
16:12:31.0319 6660 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:12:31.0319 6660 BITS - ok
16:12:31.0319 6660 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:12:31.0319 6660 blbdrive - ok
16:12:31.0334 6660 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:12:31.0334 6660 bowser - ok
16:12:31.0334 6660 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:12:31.0334 6660 BrFiltLo - ok
16:12:31.0334 6660 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:12:31.0334 6660 BrFiltUp - ok
16:12:31.0350 6660 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:12:31.0350 6660 Browser - ok
16:12:31.0350 6660 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:12:31.0350 6660 Brserid - ok
16:12:31.0350 6660 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:12:31.0350 6660 BrSerWdm - ok
16:12:31.0366 6660 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:12:31.0366 6660 BrUsbMdm - ok
16:12:31.0366 6660 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:12:31.0366 6660 BrUsbSer - ok
16:12:31.0366 6660 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
16:12:31.0366 6660 BthEnum - ok
16:12:31.0366 6660 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:12:31.0366 6660 BTHMODEM - ok
16:12:31.0381 6660 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:12:31.0381 6660 BthPan - ok
16:12:31.0381 6660 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:12:31.0381 6660 BTHPORT - ok
16:12:31.0397 6660 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:12:31.0397 6660 bthserv - ok
16:12:31.0397 6660 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:12:31.0397 6660 BTHUSB - ok
16:12:31.0397 6660 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
16:12:31.0412 6660 btwampfl - ok
16:12:31.0412 6660 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
16:12:31.0412 6660 btwaudio - ok
16:12:31.0412 6660 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
16:12:31.0412 6660 btwavdt - ok
16:12:31.0428 6660 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
16:12:31.0428 6660 btwdins - ok
16:12:31.0428 6660 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
16:12:31.0444 6660 btwl2cap - ok
16:12:31.0444 6660 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
16:12:31.0444 6660 btwrchid - ok
16:12:31.0444 6660 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:12:31.0444 6660 cdfs - ok
16:12:31.0444 6660 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:12:31.0444 6660 cdrom - ok
16:12:31.0459 6660 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:12:31.0459 6660 CertPropSvc - ok
16:12:31.0459 6660 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
16:12:31.0459 6660 circlass - ok
16:12:31.0459 6660 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:12:31.0475 6660 CLFS - ok
16:12:31.0475 6660 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:12:31.0475 6660 clr_optimization_v2.0.50727_32 - ok
16:12:31.0475 6660 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:12:31.0475 6660 clr_optimization_v2.0.50727_64 - ok
16:12:31.0490 6660 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:12:31.0490 6660 clr_optimization_v4.0.30319_32 - ok
16:12:31.0490 6660 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:12:31.0490 6660 clr_optimization_v4.0.30319_64 - ok
16:12:31.0490 6660 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:12:31.0490 6660 CmBatt - ok
16:12:31.0506 6660 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:12:31.0506 6660 cmdide - ok
16:12:31.0506 6660 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
16:12:31.0506 6660 CNG - ok
16:12:31.0506 6660 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:12:31.0506 6660 Compbatt - ok
16:12:31.0522 6660 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:12:31.0522 6660 CompositeBus - ok
16:12:31.0522 6660 COMSysApp - ok
16:12:31.0522 6660 [ EB726E02074FDC44EBE97E01A2660AA6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:12:31.0522 6660 cphs - ok
16:12:31.0537 6660 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:12:31.0537 6660 crcdisk - ok
16:12:31.0537 6660 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:12:31.0537 6660 CryptSvc - ok
16:12:31.0553 6660 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
16:12:31.0553 6660 CSC - ok
16:12:31.0553 6660 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
16:12:31.0553 6660 CscService - ok
16:12:31.0568 6660 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:12:31.0568 6660 DcomLaunch - ok
16:12:31.0584 6660 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:12:31.0584 6660 defragsvc - ok
16:12:31.0584 6660 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:12:31.0584 6660 DfsC - ok
16:12:31.0584 6660 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:12:31.0584 6660 Dhcp - ok
16:12:31.0600 6660 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:12:31.0600 6660 discache - ok
16:12:31.0600 6660 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
16:12:31.0600 6660 Disk - ok
16:12:31.0600 6660 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:12:31.0600 6660 dmvsc - ok
16:12:31.0600 6660 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:12:31.0615 6660 Dnscache - ok
16:12:31.0615 6660 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:12:31.0615 6660 dot3svc - ok
16:12:31.0615 6660 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
16:12:31.0631 6660 DozeSvc - ok
16:12:31.0631 6660 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:12:31.0631 6660 DPS - ok
16:12:31.0631 6660 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:12:31.0631 6660 drmkaud - ok
16:12:31.0646 6660 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:12:31.0646 6660 DXGKrnl - ok
16:12:31.0646 6660 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
16:12:31.0646 6660 DzHDD64 - ok
16:12:31.0662 6660 [ 03F4C5C12FC1C69F838DA723475EF650 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
16:12:31.0662 6660 e1cexpress - ok
16:12:31.0662 6660 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:12:31.0662 6660 EapHost - ok
16:12:31.0693 6660 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:12:31.0693 6660 ebdrv - ok
16:12:31.0709 6660 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:12:31.0709 6660 EFS - ok
16:12:31.0709 6660 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:12:31.0709 6660 ehRecvr - ok
16:12:31.0724 6660 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:12:31.0724 6660 ehSched - ok
16:12:31.0724 6660 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:12:31.0724 6660 elxstor - ok
16:12:31.0740 6660 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:12:31.0740 6660 ErrDev - ok
16:12:31.0740 6660 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:12:31.0740 6660 EventSystem - ok
16:12:31.0756 6660 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:12:31.0756 6660 EvtEng - ok
16:12:31.0756 6660 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:12:31.0756 6660 exfat - ok
16:12:31.0771 6660 [ EB3A7D5663ACAC417DF986D4AEE12170 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
16:12:31.0771 6660 Fastboot - ok
16:12:31.0771 6660 [ 63511240AF70D10343A4AE05F8E2CA12 ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
16:12:31.0771 6660 FastbootService - ok
16:12:31.0771 6660 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:12:31.0771 6660 fastfat - ok
16:12:31.0787 6660 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:12:31.0787 6660 Fax - ok
16:12:31.0787 6660 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
16:12:31.0787 6660 fdc - ok
16:12:31.0787 6660 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:12:31.0802 6660 fdPHost - ok
16:12:31.0802 6660 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:12:31.0802 6660 FDResPub - ok
16:12:31.0802 6660 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:12:31.0802 6660 FileInfo - ok
16:12:31.0802 6660 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:12:31.0802 6660 Filetrace - ok
16:12:31.0818 6660 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:12:31.0818 6660 flpydisk - ok
16:12:31.0818 6660 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:12:31.0818 6660 FltMgr - ok
16:12:31.0834 6660 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
16:12:31.0834 6660 FontCache - ok
16:12:31.0834 6660 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:12:31.0834 6660 FontCache3.0.0.0 - ok
16:12:31.0849 6660 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:12:31.0849 6660 FsDepends - ok
16:12:31.0849 6660 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:12:31.0849 6660 Fs_Rec - ok
16:12:31.0849 6660 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:12:31.0849 6660 fvevol - ok
16:12:31.0865 6660 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:12:31.0865 6660 gagp30kx - ok
16:12:31.0865 6660 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:12:31.0865 6660 gpsvc - ok
16:12:31.0880 6660 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:31.0880 6660 gupdate - ok
16:12:31.0880 6660 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:31.0880 6660 gupdatem - ok
16:12:31.0880 6660 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:12:31.0880 6660 gusvc - ok
16:12:31.0896 6660 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:12:31.0896 6660 hcw85cir - ok
16:12:31.0896 6660 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:12:31.0896 6660 HdAudAddService - ok
16:12:31.0896 6660 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:12:31.0912 6660 HDAudBus - ok
16:12:31.0912 6660 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:12:31.0912 6660 HidBatt - ok
16:12:31.0912 6660 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:12:31.0912 6660 HidBth - ok
16:12:31.0912 6660 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
16:12:31.0912 6660 HidIr - ok
16:12:31.0927 6660 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:12:31.0927 6660 hidserv - ok
16:12:31.0927 6660 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:12:31.0927 6660 HidUsb - ok
16:12:31.0927 6660 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:12:31.0927 6660 hkmsvc - ok
16:12:31.0943 6660 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:12:31.0943 6660 HomeGroupListener - ok
16:12:31.0943 6660 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:12:31.0943 6660 HomeGroupProvider - ok
16:12:31.0943 6660 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:12:31.0943 6660 HpSAMD - ok
16:12:31.0958 6660 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:12:31.0958 6660 HTTP - ok
16:12:31.0958 6660 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:12:31.0958 6660 hwpolicy - ok
16:12:31.0974 6660 [ 16A7CA284629A4D002F7B992C9A49EF9 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
16:12:31.0974 6660 HyperW7Svc - ok
16:12:31.0974 6660 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:12:31.0974 6660 i8042prt - ok
16:12:31.0990 6660 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
16:12:31.0990 6660 iaStor - ok
16:12:31.0990 6660 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:12:31.0990 6660 iaStorV - ok
16:12:31.0990 6660 [ B21087E1A64FD474BF3E1A602A714F1F ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
16:12:31.0990 6660 IBMPMDRV - ok
16:12:32.0005 6660 [ A3E4DE0F77031061972485EF9BD8E4D0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
16:12:32.0005 6660 IBMPMSVC - ok
16:12:32.0005 6660 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:12:32.0021 6660 idsvc - ok
16:12:32.0068 6660 [ B9857625DF8B539ABCB90E15B5716568 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:12:32.0099 6660 igfx - ok
16:12:32.0114 6660 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:12:32.0114 6660 iirsp - ok
16:12:32.0114 6660 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:12:32.0130 6660 IKEEXT - ok
16:12:32.0130 6660 [ 314285071F7117263BD246E35C17FD82 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:12:32.0130 6660 intaud_WaveExtensible - ok
16:12:32.0161 6660 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:12:32.0177 6660 IntcAzAudAddService - ok
16:12:32.0192 6660 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:12:32.0192 6660 Intel(R) Capability Licensing Service Interface - ok
16:12:32.0192 6660 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:12:32.0192 6660 intelide - ok
16:12:32.0192 6660 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:12:32.0208 6660 intelppm - ok
16:12:32.0208 6660 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:12:32.0208 6660 IPBusEnum - ok
16:12:32.0208 6660 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:12:32.0208 6660 IpFilterDriver - ok
16:12:32.0224 6660 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:12:32.0224 6660 iphlpsvc - ok
16:12:32.0224 6660 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:12:32.0224 6660 IPMIDRV - ok
16:12:32.0224 6660 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:12:32.0224 6660 IPNAT - ok
16:12:32.0239 6660 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:12:32.0239 6660 IRENUM - ok
16:12:32.0239 6660 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:12:32.0239 6660 isapnp - ok
16:12:32.0239 6660 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:12:32.0239 6660 iScsiPrt - ok
16:12:32.0255 6660 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:12:32.0255 6660 iusb3hcs - ok
16:12:32.0255 6660 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
16:12:32.0255 6660 iusb3hub - ok
16:12:32.0270 6660 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
16:12:32.0270 6660 iusb3xhc - ok
16:12:32.0270 6660 [ 4487AD9C070D3973FE28AB4406555FC6 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
16:12:32.0270 6660 iwdbus - ok
16:12:32.0286 6660 [ 0043D9FB61C35F90886B1E93DD556FAF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:12:32.0286 6660 jhi_service - ok
16:12:32.0286 6660 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:12:32.0286 6660 kbdclass - ok
16:12:32.0286 6660 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:12:32.0286 6660 kbdhid - ok
16:12:32.0286 6660 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:12:32.0286 6660 KeyIso - ok
16:12:32.0302 6660 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:12:32.0302 6660 KSecDD - ok
16:12:32.0302 6660 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:12:32.0302 6660 KSecPkg - ok
16:12:32.0302 6660 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:12:32.0302 6660 ksthunk - ok
16:12:32.0317 6660 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:12:32.0317 6660 KtmRm - ok
16:12:32.0317 6660 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:12:32.0317 6660 LanmanServer - ok
16:12:32.0333 6660 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:12:32.0333 6660 LanmanWorkstation - ok
16:12:32.0333 6660 [ 4A0235E9822B220339E34D8C122BB6D1 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
16:12:32.0333 6660 LENOVO.CAMMUTE - ok
16:12:32.0333 6660 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
16:12:32.0348 6660 LENOVO.MICMUTE - ok
16:12:32.0348 6660 [ 93921A19D885755B9751C3744DBCB8FD ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
16:12:32.0348 6660 LENOVO.TPKNRSVC - ok
|
|
| Themen zu Windows 7 Taskleiste friert ein nach Start |
| adobe reader xi, antivir, autorun, avira, bho, desktop, dringend, error, fehler, festplatte, firefox, flash player, install.exe, internet, lenovo, logfile, maximal, mozilla, nvidia update, nvpciflt.sys, office 2007, plug-in, popup, prozess, pwmtr64v.dll, realtek, registry, security, senden, svchost.exe, symantec, usb, windows |
Linear-Darstellung
