Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Benutzerkonto: Programme starten nicht

Benutzerkonto: Programme starten nicht


Plagegeister aller Art und deren Bekämpfung: Benutzerkonto: Programme starten nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.09.2013, 14:25   #1
Secure
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hallo liebe Leute!

Da ich bei euch immer guten Rat bekommen habe, bräuchte ich einmal eure Einschätzung, da ich mir nicht sicher bin, ob überhaupt ein Virenproblem besteht oder ob lediglich Win7 Probleme macht.

Seit kurzem habe ich Probleme mit meinem Benutzerkonto (nicht Adminkonto) bei Win7 (64bit). Der Laptop lässt sich ohne Probleme hochfahren, evtl. etwas langsamer als vorher - könnte aber auch subjektives Empfinden sein. Das Problem entsteht erst nach der Anmeldung beim Benutzerkonto, indem sich Programme nicht ordnungsgemäß starten lassen. Auch Microsoft Sec. Ess. ist nicht im Echtzeitschutz aktiviert. Browser (Firefox) funktioniert aber bspw., wie auch MS Word. Die WLan-Anzeige ist jedoch im Aufbau eingefroren und manchmal auch der Desktop (nach versuchtem Start eines Programms), sodass ich mithilfe des Taskmanagers neu starten muss.
Dies alles geschieht jedoch nicht im Adminkonto und auch im abgesicherten Modus gibts keine Probleme.
Scans von MSE und Mbam ergaben keinerlei Funde, wirklich null - daher habe ich auch noch keine Logfiles beigefügt.

Könnte das ganze auch einfach ein Softwarefehler oder Systemfehler sein?

Wäre super, wenn ihr mir eure Einschätzung mitteilen könntet.

Besten Dank schonmal!
Secure

Alt 21.09.2013, 15:29   #2
aharonov
/// TB-Ausbilder
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hallo,

vielleicht sieht man ja in einem Log etwas mehr..


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 22.09.2013, 11:23   #3
Secure
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hallo aharonov,

vielen Dank für deine Antwort!
Habe das Programm im abgesicherten Modus durchlaufen lassen.
Hier die beiden Logs dazu:

FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2013
Ran by *** (administrator) on ***-PC on 22-09-2013 12:05:30
Running from C:\Users\***\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [293672 2013-06-14] (Lenovo Group Limited)
HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [382248 2013-06-20] (Lenovo.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2950456 2012-10-02] (Synaptics Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
MountPoints2: {f08c4190-cee0-11e2-b591-806e6f6e6963} - E:\autorun.exe
HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Vimicro)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\itunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6617384 2013-06-14] (Lenovo Group Limited)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - c:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-08-08] (Lenovo)
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - c:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-08-08] (Lenovo)

==================== Internet (Whitelisted) ====================

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\itunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: adblockpopups - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==================== Services (Whitelisted) =================

S2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [187688 2013-06-14] (Lenovo Group Limited)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 LSCWinService; c:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-06-26] ()
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-02] (Synaptics Incorporated)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1045248 2013-03-01] (Vimicro Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-22 12:05 - 2013-09-22 12:05 - 00000000 ____D C:\FRST
2013-09-22 12:04 - 2013-09-22 12:04 - 01956670 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-09-21 14:40 - 2013-09-21 14:40 - 00000000 ____D C:\Users\***_2\AppData\Roaming\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 13:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-21 13:52 - 2013-09-21 13:52 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 20:56 - 2013-09-21 14:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 20:56 - 2013-09-19 20:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-11 13:07 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 13:07 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 13:07 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 13:07 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 13:07 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 13:07 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 13:07 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 13:06 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 13:06 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 13:06 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 13:06 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 13:06 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 13:06 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 13:06 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 13:06 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 13:06 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 20:26 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 20:26 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-10 20:26 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-10 20:26 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-10 20:26 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-10 20:26 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-10 20:26 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-10 20:26 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-10 20:26 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-10 20:26 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-10 20:26 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-10 20:26 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-10 20:26 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-10 20:26 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-10 20:26 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-10 20:26 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-10 20:26 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-10 20:26 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-10 20:26 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-10 20:26 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-10 20:26 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-10 20:26 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-10 20:25 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-10 20:25 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 20:25 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-10 20:25 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-05 12:51 - 2013-09-05 12:52 - 00000000 ____D C:\Users\***_2\Downloads\CoreTemp32_rc5
2013-09-05 12:51 - 2013-09-05 12:51 - 00338140 _____ C:\Users\***_2\Downloads\CoreTemp32_rc5.zip
2013-09-05 12:02 - 2013-09-05 12:02 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-09-05 11:59 - 2013-09-21 14:37 - 00815389 _____ C:\Windows\WindowsUpdate.log
2013-09-05 11:59 - 2013-09-05 11:59 - 00002408 _____ C:\QcOSD.txt
2013-09-05 11:58 - 2013-09-05 11:58 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-09-05 11:58 - 2013-06-14 06:01 - 02852136 _____ (Lenovo Group Limited) C:\Windows\system32\PWMCP64V.cpl
2013-09-05 11:58 - 2013-06-14 06:01 - 02692904 ____N (Lenovo Group Limited) C:\Windows\PWMBTHLV.EXE
2013-09-05 11:58 - 2013-06-14 06:01 - 00020736 _____ (Lenovo Group Limited) C:\Windows\system32\Drivers\TPPWR64V.SYS
2013-09-05 11:54 - 2013-09-21 14:43 - 00005824 _____ C:\Windows\setupact.log
2013-09-05 11:54 - 2013-09-05 11:54 - 00000000 _____ C:\Windows\setuperr.log
2013-09-05 11:50 - 2013-09-05 11:50 - 26299176 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\powermanager.exe
2013-09-05 11:50 - 2013-09-05 11:50 - 01286168 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\powermanager driver.exe
2013-09-05 11:48 - 2013-09-05 11:48 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-05 11:46 - 2013-09-05 11:46 - 04454952 _____ (Piriform Ltd) C:\Users\***_2\Downloads\ccsetup405.exe
2013-09-05 11:36 - 2013-09-05 11:36 - 09816728 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\gevu60ew.exe
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\PwrMgr
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default\AppData\Local\Lenovo
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\PwrMgr
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Lenovo
2013-09-05 10:54 - 2013-09-05 10:54 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2013-09-05 10:54 - 2013-09-05 10:54 - 00000000 ____D C:\Users\***\AppData\Roaming\LSC
2013-08-24 00:19 - 2013-08-24 00:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-09-22 12:05 - 2013-09-22 12:05 - 00000000 ____D C:\FRST
2013-09-22 12:04 - 2013-09-22 12:04 - 01956670 _____ (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-09-21 14:43 - 2013-09-05 11:54 - 00005824 _____ C:\Windows\setupact.log
2013-09-21 14:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-21 14:40 - 2013-09-21 14:40 - 00000000 ____D C:\Users\***_2\AppData\Roaming\Malwarebytes
2013-09-21 14:38 - 2009-07-14 06:45 - 00311152 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-21 14:37 - 2013-09-05 11:59 - 00815389 _____ C:\Windows\WindowsUpdate.log
2013-09-21 14:36 - 2013-06-08 22:36 - 00068328 _____ C:\Users\***_2\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-21 14:29 - 2013-06-08 00:13 - 00068328 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-21 14:28 - 2009-07-14 06:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-21 14:28 - 2009-07-14 06:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-21 14:27 - 2011-04-12 09:43 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-09-21 14:27 - 2011-04-12 09:43 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-09-21 14:27 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-21 14:26 - 2013-06-08 00:13 - 00001912 _____ C:\Windows\epplauncher.mif
2013-09-21 14:26 - 2013-06-08 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-09-21 14:26 - 2013-06-08 00:12 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-21 14:24 - 2013-06-06 21:49 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 14:24 - 2013-06-06 21:49 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-21 14:23 - 2013-09-19 20:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-21 14:01 - 2013-06-08 22:53 - 00000000 ____D C:\Users\***_2\Desktop\Uni
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 13:52 - 2013-09-21 13:52 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 20:56 - 2013-09-19 20:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-19 20:56 - 2013-06-08 22:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 20:56 - 2013-06-08 22:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-14 12:36 - 2013-06-07 19:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 13:56 - 2013-06-08 22:36 - 00000000 ___RD C:\Users\***_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-11 13:56 - 2013-06-08 22:36 - 00000000 ___RD C:\Users\***_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 13:54 - 2013-06-06 22:40 - 00000000 ____D C:\Windows\Panther
2013-09-11 13:54 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-11 13:06 - 2013-08-15 22:07 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 13:04 - 2013-06-07 21:05 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-05 12:52 - 2013-09-05 12:51 - 00000000 ____D C:\Users\***_2\Downloads\CoreTemp32_rc5
2013-09-05 12:51 - 2013-09-05 12:51 - 00338140 _____ C:\Users\***_2\Downloads\CoreTemp32_rc5.zip
2013-09-05 12:02 - 2013-09-05 12:02 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-09-05 11:59 - 2013-09-05 11:59 - 00002408 _____ C:\QcOSD.txt
2013-09-05 11:58 - 2013-09-05 11:58 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-09-05 11:58 - 2013-06-08 00:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-05 11:58 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2013-09-05 11:54 - 2013-09-05 11:54 - 00000000 _____ C:\Windows\setuperr.log
2013-09-05 11:50 - 2013-09-05 11:50 - 26299176 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\powermanager.exe
2013-09-05 11:50 - 2013-09-05 11:50 - 01286168 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\powermanager driver.exe
2013-09-05 11:48 - 2013-09-05 11:48 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-05 11:46 - 2013-09-05 11:46 - 04454952 _____ (Piriform Ltd) C:\Users\***_2\Downloads\ccsetup405.exe
2013-09-05 11:36 - 2013-09-05 11:36 - 09816728 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\gevu60ew.exe
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\PwrMgr
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default\AppData\Local\Lenovo
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\PwrMgr
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Lenovo
2013-09-05 11:03 - 2013-06-08 22:36 - 00000000 ____D C:\Users\***_2\AppData\Local\Lenovo
2013-09-05 10:54 - 2013-09-05 10:54 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2013-09-05 10:54 - 2013-09-05 10:54 - 00000000 ____D C:\Users\***\AppData\Roaming\LSC
2013-09-05 10:54 - 2013-06-08 22:38 - 00000000 ____D C:\Users\***_2\AppData\Local\LSC
2013-09-05 10:54 - 2013-06-08 22:37 - 00000000 ____D C:\Users\***_2\AppData\Roaming\LSC
2013-09-05 10:54 - 2013-06-07 20:28 - 00000000 ____D C:\Program Files\Lenovo
2013-09-05 10:54 - 2013-06-07 19:38 - 00000000 ____D C:\ldiag
2013-09-05 10:54 - 2013-06-07 19:31 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2013-09-05 10:53 - 2013-06-07 19:30 - 00000000 ____D C:\Windows\Downloaded Installations
2013-09-01 17:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-24 13:19 - 2013-06-08 00:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-24 00:19 - 2013-08-24 00:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 16:52

==================== End Of Log ============================
--- --- ---



Und hier die Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2013
Ran by *** at 2013-09-22 12:06:12
Running from C:\Users\***\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.8.0.1280)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Anzeige am Bildschirm (Version: 7.12.20)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
EaseUS Partition Master 9.2.2 (x32)
Energie-Manager (x32 Version: 6.61.1)
Integrated Camera (x32 Version: 5.13.312.31)
Intel PROSet Wireless
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.1.0.0140)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.225)
Intel® PROSet/Wireless WiFi-Software (Version: 15.01.0000.0830)
iTunes (Version: 11.0.4.4)
Lenovo Auto Scroll Utility (Version: 2.01)
Lenovo Patch Utility (x32 Version: 1.3.1.1)
Lenovo Patch Utility 64 bit (Version: 1.3.1.1)
Lenovo Power Management Driver (Version: 1.67.00.02)
Lenovo Solution Center (Version: 2.2.002.00)
Lenovo System Update (x32 Version: 5.02.0018)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Realtek Ethernet Controller Driver (x32 Version: 7.65.1025.2012)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.28116)
ThinkPad UltraNav Driver (Version: 16.2.17.3)
ThinkVantage Communications Utility (Version: 3.0.45.0)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.77.0.26)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {0E2A6FA7-82F6-4CFD-AC63-31DDF70B2AD0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => c:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: {1CE15D08-CC64-4EEB-9E94-430EB232A8FD} - System32\Tasks\Lenovo\LSC\RebootCountTask => c:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {58ACC800-AB28-4209-9D02-E857F49B2CBF} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\pla.dll [2010-11-21] (Microsoft Corporation)
Task: {71B73244-5E31-4C0D-BC20-727EE17D4E6E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {8730EF86-2455-4D52-AA3C-CC585C14757E} - System32\Tasks\Lenovo\LSC\Time72Task => c:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {AA63E78F-7BD3-4D08-91D3-13680B0D52D3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {C3454F18-9D39-41DE-98BE-AEE806AD1D24} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {C9FC6211-E5D7-4CE7-B251-608FDE280F05} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {CAE142B3-5899-4923-8C6A-606C1762C76E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-06-26] ()
Task: {EB406975-63B3-41A0-8BEC-58AC6A72B23C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)
Task: {EBF7F632-8443-40F1-92B6-88292E9FDF40} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-08-08] (Lenovo)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 11:58 - 2013-06-14 06:01 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2013-08-24 00:19 - 2013-08-24 00:19 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) ======


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2013 00:02:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 02:46:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 02:23:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 01:51:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2013 10:52:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2013 10:20:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2013 08:53:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2013 08:24:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/14/2013 00:32:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2013 10:45:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/22/2013 00:04:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/22/2013 00:04:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/22/2013 00:04:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/22/2013 00:04:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/22/2013 00:04:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/22/2013 00:04:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/22/2013 00:04:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/22/2013 00:04:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/22/2013 00:04:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/22/2013 00:03:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 3117.16 MB
Available physical RAM: 2248.4 MB
Total Pagefile: 6232.5 MB
Available Pagefile: 5411.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:43.93 GB) (Free:17.04 GB) NTFS
Drive d: () (Fixed) (Total:253.15 GB) (Free:252.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: CE224451)
Partition 1: (Active) - (Size=1 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=44 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=253 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Schonmal besten Dank fürs durchsehen!

Gruß, Secure
__________________
Alt 24.09.2013, 00:05   #4
aharonov
/// TB-Ausbilder
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hallo,

nicht viel zu sehen bisher.


Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
cheers,
Leo

Alt 24.09.2013, 08:59   #5
Secure
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Moin aharonov!

Das im ersten Post beschriebene Problem hat sich irgendwie etwas verändert. Jetzt lassen sich Programme zwar starten, aber sie frieren ein und ich muss mit dem Taskmanager beenden.
Das ganze ist jetzt auch beim Adminkonto so. Ich weiß ja nicht, ob dir das hilft, dachte aber, es wäre erwähnenswert.

Ich habe TdssKiller dann im abgesicherten Modus scannen lassen. Hier die Logfile:

Code:
ATTFilter
09:45:36.0248 1356  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:45:36.0622 1356  ============================================================
09:45:36.0622 1356  Current date / time: 2013/09/24 09:45:36.0622
09:45:36.0622 1356  SystemInfo:
09:45:36.0622 1356  
09:45:36.0622 1356  OS Version: 6.1.7601 ServicePack: 1.0
09:45:36.0622 1356  Product type: Workstation
09:45:36.0622 1356  ComputerName: ***-PC
09:45:36.0622 1356  UserName: ***
09:45:36.0622 1356  Windows directory: C:\Windows
09:45:36.0622 1356  System windows directory: C:\Windows
09:45:36.0622 1356  Running under WOW64
09:45:36.0622 1356  Processor architecture: Intel x64
09:45:36.0622 1356  Number of processors: 4
09:45:36.0622 1356  Page size: 0x1000
09:45:36.0622 1356  Boot type: Safe boot with network
09:45:36.0622 1356  ============================================================
09:45:37.0121 1356  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:45:37.0137 1356  ============================================================
09:45:37.0137 1356  \Device\Harddisk0\DR0:
09:45:37.0137 1356  MBR partitions:
09:45:37.0137 1356  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0x200000
09:45:37.0137 1356  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x200800, BlocksNum 0x57DEA6A
09:45:37.0137 1356  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x59E3128, BlocksNum 0x1FA4A599
09:45:37.0137 1356  ============================================================
09:45:37.0152 1356  C: <-> \Device\Harddisk0\DR0\Partition2
09:45:37.0184 1356  D: <-> \Device\Harddisk0\DR0\Partition3
09:45:37.0184 1356  ============================================================
09:45:37.0184 1356  Initialize success
09:45:37.0184 1356  ============================================================
09:46:29.0303 1548  ============================================================
09:46:29.0303 1548  Scan started
09:46:29.0303 1548  Mode: Manual; SigCheck; TDLFS; 
09:46:29.0303 1548  ============================================================
09:46:29.0615 1548  ================ Scan system memory ========================
09:46:29.0615 1548  System memory - ok
09:46:29.0615 1548  ================ Scan services =============================
09:46:29.0724 1548  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:46:29.0974 1548  1394ohci - ok
09:46:29.0974 1548  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:46:29.0990 1548  ACPI - ok
09:46:30.0005 1548  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:46:30.0052 1548  AcpiPmi - ok
09:46:30.0114 1548  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:46:30.0130 1548  AdobeARMservice - ok
09:46:30.0224 1548  [ 3109B16A0939BA11696EEB04F345D099 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:46:30.0239 1548  AdobeFlashPlayerUpdateSvc - ok
09:46:30.0270 1548  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:46:30.0286 1548  adp94xx - ok
09:46:30.0286 1548  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:46:30.0302 1548  adpahci - ok
09:46:30.0317 1548  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:46:30.0333 1548  adpu320 - ok
09:46:30.0348 1548  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:46:30.0458 1548  AeLookupSvc - ok
09:46:30.0504 1548  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
09:46:30.0551 1548  AFD - ok
09:46:30.0551 1548  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:46:30.0567 1548  agp440 - ok
09:46:30.0582 1548  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
09:46:30.0614 1548  ALG - ok
09:46:30.0645 1548  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:46:30.0660 1548  aliide - ok
09:46:30.0692 1548  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
09:46:30.0692 1548  amdide - ok
09:46:30.0707 1548  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:46:30.0738 1548  AmdK8 - ok
09:46:30.0738 1548  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:46:30.0770 1548  AmdPPM - ok
09:46:30.0785 1548  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:46:30.0801 1548  amdsata - ok
09:46:30.0816 1548  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:46:30.0832 1548  amdsbs - ok
09:46:30.0848 1548  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:46:30.0848 1548  amdxata - ok
09:46:30.0879 1548  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
09:46:31.0019 1548  AppID - ok
09:46:31.0035 1548  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:46:31.0066 1548  AppIDSvc - ok
09:46:31.0113 1548  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
09:46:31.0144 1548  Appinfo - ok
09:46:31.0175 1548  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:46:31.0191 1548  Apple Mobile Device - ok
09:46:31.0222 1548  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
09:46:31.0238 1548  arc - ok
09:46:31.0253 1548  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:46:31.0253 1548  arcsas - ok
09:46:31.0269 1548  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:46:31.0316 1548  AsyncMac - ok
09:46:31.0347 1548  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
09:46:31.0347 1548  atapi - ok
09:46:31.0394 1548  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:46:31.0440 1548  AudioEndpointBuilder - ok
09:46:31.0456 1548  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:46:31.0472 1548  AudioSrv - ok
09:46:31.0550 1548  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:46:31.0596 1548  AxInstSV - ok
09:46:31.0643 1548  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:46:31.0659 1548  b06bdrv - ok
09:46:31.0674 1548  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:46:31.0706 1548  b57nd60a - ok
09:46:31.0721 1548  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:46:31.0752 1548  BDESVC - ok
09:46:31.0752 1548  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:46:31.0784 1548  Beep - ok
09:46:31.0830 1548  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
09:46:31.0877 1548  BFE - ok
09:46:31.0908 1548  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
09:46:32.0064 1548  BITS - ok
09:46:32.0096 1548  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:46:32.0096 1548  blbdrive - ok
09:46:32.0174 1548  [ A52EA1D8C2900055323C93DDB252A3DA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
09:46:32.0220 1548  Bluetooth Device Monitor - ok
09:46:32.0236 1548  [ 091210450CA7CED08F360D9D7FEC5D11 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
09:46:32.0283 1548  Bluetooth Media Service - ok
09:46:32.0314 1548  [ 392450754E17FF778CBC5B9D20583AD1 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
09:46:32.0345 1548  Bluetooth OBEX Service - ok
09:46:32.0408 1548  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:46:32.0423 1548  Bonjour Service - ok
09:46:32.0454 1548  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:46:32.0470 1548  bowser - ok
09:46:32.0501 1548  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:46:32.0532 1548  BrFiltLo - ok
09:46:32.0548 1548  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:46:32.0548 1548  BrFiltUp - ok
09:46:32.0564 1548  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
09:46:32.0579 1548  Browser - ok
09:46:32.0595 1548  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:46:32.0626 1548  Brserid - ok
09:46:32.0626 1548  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:46:32.0642 1548  BrSerWdm - ok
09:46:32.0657 1548  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:46:32.0673 1548  BrUsbMdm - ok
09:46:32.0673 1548  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:46:32.0688 1548  BrUsbSer - ok
09:46:32.0720 1548  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
09:46:32.0751 1548  BthEnum - ok
09:46:32.0766 1548  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:46:32.0782 1548  BTHMODEM - ok
09:46:32.0798 1548  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:46:32.0813 1548  BthPan - ok
09:46:32.0844 1548  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
09:46:32.0891 1548  BTHPORT - ok
09:46:32.0907 1548  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
09:46:32.0938 1548  bthserv - ok
09:46:32.0969 1548  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
09:46:32.0985 1548  BTHUSB - ok
09:46:33.0016 1548  [ 988CC6CC49303665D3B2435C51505C3F ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
09:46:33.0032 1548  btmaux - ok
09:46:33.0078 1548  [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
09:46:33.0125 1548  btmhsf - ok
09:46:33.0156 1548  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:46:33.0203 1548  cdfs - ok
09:46:33.0234 1548  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:46:33.0250 1548  cdrom - ok
09:46:33.0281 1548  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
09:46:33.0312 1548  CertPropSvc - ok
09:46:33.0328 1548  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
09:46:33.0328 1548  circlass - ok
09:46:33.0359 1548  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
09:46:33.0375 1548  CLFS - ok
09:46:33.0437 1548  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:46:33.0437 1548  clr_optimization_v2.0.50727_32 - ok
09:46:33.0468 1548  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:46:33.0484 1548  clr_optimization_v2.0.50727_64 - ok
09:46:33.0546 1548  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:46:33.0593 1548  clr_optimization_v4.0.30319_32 - ok
09:46:33.0640 1548  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:46:33.0640 1548  clr_optimization_v4.0.30319_64 - ok
09:46:33.0671 1548  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:46:33.0687 1548  CmBatt - ok
09:46:33.0718 1548  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:46:33.0718 1548  cmdide - ok
09:46:33.0749 1548  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
09:46:33.0780 1548  CNG - ok
09:46:33.0796 1548  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:46:33.0812 1548  Compbatt - ok
09:46:33.0812 1548  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:46:33.0843 1548  CompositeBus - ok
09:46:33.0858 1548  COMSysApp - ok
09:46:33.0890 1548  [ 815F3180B5117E42E422188E9CCC89C6 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
09:46:33.0983 1548  cphs - ok
09:46:33.0983 1548  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:46:33.0983 1548  crcdisk - ok
09:46:34.0030 1548  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:46:34.0061 1548  CryptSvc - ok
09:46:34.0092 1548  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:46:34.0124 1548  DcomLaunch - ok
09:46:34.0155 1548  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
09:46:34.0202 1548  defragsvc - ok
09:46:34.0233 1548  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:46:34.0264 1548  DfsC - ok
09:46:34.0295 1548  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:46:34.0311 1548  Dhcp - ok
09:46:34.0326 1548  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
09:46:34.0358 1548  discache - ok
09:46:34.0389 1548  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
09:46:34.0389 1548  Disk - ok
09:46:34.0420 1548  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:46:34.0436 1548  Dnscache - ok
09:46:34.0451 1548  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:46:34.0498 1548  dot3svc - ok
09:46:34.0514 1548  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
09:46:34.0560 1548  DPS - ok
09:46:34.0607 1548  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:46:34.0623 1548  drmkaud - ok
09:46:34.0654 1548  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:46:34.0685 1548  DXGKrnl - ok
09:46:34.0701 1548  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
09:46:34.0732 1548  EapHost - ok
09:46:34.0810 1548  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:46:34.0904 1548  ebdrv - ok
09:46:34.0935 1548  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
09:46:34.0950 1548  EFS - ok
09:46:34.0982 1548  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:46:35.0013 1548  ehRecvr - ok
09:46:35.0028 1548  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
09:46:35.0044 1548  ehSched - ok
09:46:35.0075 1548  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:46:35.0091 1548  elxstor - ok
09:46:35.0138 1548  [ 6106653B08F4F72EEAA7F099E7C408A4 ] epmntdrv        C:\Windows\system32\epmntdrv.sys
09:46:35.0138 1548  epmntdrv - ok
09:46:35.0138 1548  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:46:35.0153 1548  ErrDev - ok
09:46:35.0184 1548  [ 991C04A31777ED77CB92A4F96F14C2E2 ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
09:46:35.0200 1548  EuGdiDrv - ok
09:46:35.0216 1548  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
09:46:35.0262 1548  EventSystem - ok
09:46:35.0340 1548  [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:46:35.0387 1548  EvtEng - ok
09:46:35.0387 1548  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
09:46:35.0418 1548  exfat - ok
09:46:35.0450 1548  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:46:35.0481 1548  fastfat - ok
09:46:35.0512 1548  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
09:46:35.0559 1548  Fax - ok
09:46:35.0559 1548  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
09:46:35.0590 1548  fdc - ok
09:46:35.0606 1548  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:46:35.0637 1548  fdPHost - ok
09:46:35.0637 1548  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:46:35.0684 1548  FDResPub - ok
09:46:35.0684 1548  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:46:35.0699 1548  FileInfo - ok
09:46:35.0699 1548  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:46:35.0730 1548  Filetrace - ok
09:46:35.0746 1548  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:46:35.0746 1548  flpydisk - ok
09:46:35.0762 1548  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:46:35.0777 1548  FltMgr - ok
09:46:35.0808 1548  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
09:46:35.0855 1548  FontCache - ok
09:46:35.0886 1548  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:46:35.0902 1548  FontCache3.0.0.0 - ok
09:46:35.0902 1548  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:46:35.0902 1548  FsDepends - ok
09:46:35.0918 1548  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:46:35.0918 1548  Fs_Rec - ok
09:46:35.0949 1548  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:46:35.0964 1548  fvevol - ok
09:46:35.0964 1548  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:46:35.0964 1548  gagp30kx - ok
09:46:35.0996 1548  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:46:36.0011 1548  GEARAspiWDM - ok
09:46:36.0027 1548  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
09:46:36.0074 1548  gpsvc - ok
09:46:36.0074 1548  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:46:36.0089 1548  hcw85cir - ok
09:46:36.0136 1548  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:46:36.0152 1548  HdAudAddService - ok
09:46:36.0167 1548  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:46:36.0183 1548  HDAudBus - ok
09:46:36.0198 1548  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:46:36.0230 1548  HidBatt - ok
09:46:36.0245 1548  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:46:36.0276 1548  HidBth - ok
09:46:36.0276 1548  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:46:36.0292 1548  HidIr - ok
09:46:36.0308 1548  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
09:46:36.0339 1548  hidserv - ok
09:46:36.0354 1548  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:46:36.0354 1548  HidUsb - ok
09:46:36.0370 1548  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:46:36.0401 1548  hkmsvc - ok
09:46:36.0417 1548  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:46:36.0432 1548  HomeGroupListener - ok
09:46:36.0448 1548  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:46:36.0464 1548  HomeGroupProvider - ok
09:46:36.0479 1548  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:46:36.0479 1548  HpSAMD - ok
09:46:36.0510 1548  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:46:36.0557 1548  HTTP - ok
09:46:36.0557 1548  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:46:36.0557 1548  hwpolicy - ok
09:46:36.0573 1548  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:46:36.0588 1548  i8042prt - ok
09:46:36.0635 1548  [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:46:36.0635 1548  iaStor - ok
09:46:36.0651 1548  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:46:36.0666 1548  iaStorV - ok
09:46:36.0698 1548  [ 680571D47188A16DA2DB8A1F3EFE3786 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
09:46:36.0698 1548  IBMPMDRV - ok
09:46:36.0713 1548  [ CFDDA03A8A346BC30A8B31CF867AFE4E ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
09:46:36.0713 1548  IBMPMSVC - ok
09:46:36.0744 1548  [ 60CC7AE9AEDB4D1E7923BD053B176D97 ] ibtfltcoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
09:46:36.0760 1548  ibtfltcoex - ok
09:46:36.0822 1548  [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
09:46:36.0900 1548  IconMan_R - ok
09:46:36.0932 1548  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:46:36.0963 1548  idsvc - ok
09:46:37.0072 1548  [ 348214F96642FD4FEF630DE021BA3540 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:46:37.0212 1548  igfx - ok
09:46:37.0228 1548  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:46:37.0244 1548  iirsp - ok
09:46:37.0275 1548  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:46:37.0322 1548  IKEEXT - ok
09:46:37.0337 1548  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
09:46:37.0353 1548  intelide - ok
09:46:37.0368 1548  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:46:37.0368 1548  intelppm - ok
09:46:37.0384 1548  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:46:37.0431 1548  IPBusEnum - ok
09:46:37.0431 1548  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:46:37.0462 1548  IpFilterDriver - ok
09:46:37.0478 1548  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:46:37.0493 1548  iphlpsvc - ok
09:46:37.0509 1548  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:46:37.0524 1548  IPMIDRV - ok
09:46:37.0540 1548  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:46:37.0571 1548  IPNAT - ok
09:46:37.0602 1548  [ 0FF335D687C85097725A53458160E81E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:46:37.0634 1548  iPod Service - ok
09:46:37.0649 1548  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:46:37.0665 1548  IRENUM - ok
09:46:37.0665 1548  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:46:37.0680 1548  isapnp - ok
09:46:37.0696 1548  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:46:37.0712 1548  iScsiPrt - ok
09:46:37.0727 1548  [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:46:37.0727 1548  iusb3hcs - ok
09:46:37.0758 1548  [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
09:46:37.0774 1548  iusb3hub - ok
09:46:37.0790 1548  [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:46:37.0805 1548  iusb3xhc - ok
09:46:37.0821 1548  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:46:37.0821 1548  kbdclass - ok
09:46:37.0836 1548  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:46:37.0852 1548  kbdhid - ok
09:46:37.0868 1548  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
09:46:37.0868 1548  KeyIso - ok
09:46:37.0899 1548  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:46:37.0914 1548  KSecDD - ok
09:46:37.0930 1548  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:46:37.0930 1548  KSecPkg - ok
09:46:37.0930 1548  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:46:37.0977 1548  ksthunk - ok
09:46:38.0008 1548  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:46:38.0039 1548  KtmRm - ok
09:46:38.0055 1548  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:46:38.0102 1548  LanmanServer - ok
09:46:38.0117 1548  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:46:38.0164 1548  LanmanWorkstation - ok
09:46:38.0226 1548  [ 11FC26E38C26D8311AB2FDAA07500ACE ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
09:46:38.0242 1548  LENOVO.CAMMUTE - ok
09:46:38.0289 1548  [ 7CFE36AF06E9C0984021796EDC8AC207 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
09:46:38.0289 1548  LENOVO.MICMUTE - ok
09:46:38.0320 1548  [ 2722E5533481E828C7F5CC3826965049 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
09:46:38.0320 1548  LENOVO.TPKNRSVC - ok
09:46:38.0336 1548  [ 9B39D86427B8C022F577A5CEF3E54A80 ] LENOVO.TVTVCAM  C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
09:46:38.0351 1548  LENOVO.TVTVCAM - ok
09:46:38.0398 1548  [ D253E6009F05776F505F96866CCF460F ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
09:46:38.0398 1548  Lenovo.VIRTSCRLSVC - ok
09:46:38.0429 1548  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:46:38.0460 1548  lltdio - ok
09:46:38.0476 1548  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:46:38.0523 1548  lltdsvc - ok
09:46:38.0538 1548  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:46:38.0570 1548  lmhosts - ok
09:46:38.0663 1548  [ 2808470E5E91D8838243D9045588C303 ] LSCWinService   c:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
09:46:38.0679 1548  LSCWinService - ok
09:46:38.0694 1548  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:46:38.0710 1548  LSI_FC - ok
09:46:38.0726 1548  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:46:38.0726 1548  LSI_SAS - ok
09:46:38.0726 1548  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:46:38.0741 1548  LSI_SAS2 - ok
09:46:38.0741 1548  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:46:38.0757 1548  LSI_SCSI - ok
09:46:38.0772 1548  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
09:46:38.0804 1548  luafv - ok
09:46:38.0819 1548  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:46:38.0835 1548  Mcx2Svc - ok
09:46:38.0835 1548  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:46:38.0850 1548  megasas - ok
09:46:38.0866 1548  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:46:38.0882 1548  MegaSR - ok
09:46:38.0913 1548  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
09:46:38.0913 1548  MEIx64 - ok
09:46:38.0928 1548  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
09:46:38.0960 1548  MMCSS - ok
09:46:38.0960 1548  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
09:46:38.0991 1548  Modem - ok
09:46:39.0022 1548  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:46:39.0053 1548  monitor - ok
09:46:39.0053 1548  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:46:39.0053 1548  mouclass - ok
09:46:39.0069 1548  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:46:39.0084 1548  mouhid - ok
09:46:39.0084 1548  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:46:39.0084 1548  mountmgr - ok
09:46:39.0131 1548  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:46:39.0131 1548  MozillaMaintenance - ok
09:46:39.0162 1548  [ FC1D590039EF06A381768710E6C07E75 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
09:46:39.0178 1548  MpFilter - ok
09:46:39.0194 1548  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:46:39.0209 1548  mpio - ok
09:46:39.0209 1548  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:46:39.0240 1548  mpsdrv - ok
09:46:39.0272 1548  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:46:39.0318 1548  MpsSvc - ok
09:46:39.0318 1548  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:46:39.0350 1548  MRxDAV - ok
09:46:39.0365 1548  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:46:39.0396 1548  mrxsmb - ok
09:46:39.0396 1548  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:46:39.0412 1548  mrxsmb10 - ok
09:46:39.0443 1548  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:46:39.0443 1548  mrxsmb20 - ok
09:46:39.0474 1548  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:46:39.0474 1548  msahci - ok
09:46:39.0474 1548  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:46:39.0490 1548  msdsm - ok
09:46:39.0506 1548  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
09:46:39.0521 1548  MSDTC - ok
09:46:39.0537 1548  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:46:39.0568 1548  Msfs - ok
09:46:39.0568 1548  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:46:39.0599 1548  mshidkmdf - ok
09:46:39.0599 1548  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:46:39.0615 1548  msisadrv - ok
09:46:39.0630 1548  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:46:39.0677 1548  MSiSCSI - ok
09:46:39.0677 1548  msiserver - ok
09:46:39.0677 1548  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:46:39.0724 1548  MSKSSRV - ok
09:46:39.0771 1548  [ 66238063B53E51ADDA16764BAB9A3F7C ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:46:39.0771 1548  MsMpSvc - ok
09:46:39.0786 1548  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:46:39.0818 1548  MSPCLOCK - ok
09:46:39.0818 1548  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:46:39.0849 1548  MSPQM - ok
09:46:39.0864 1548  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:46:39.0880 1548  MsRPC - ok
09:46:39.0880 1548  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:46:39.0880 1548  mssmbios - ok
09:46:39.0896 1548  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:46:39.0911 1548  MSTEE - ok
09:46:39.0927 1548  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:46:39.0927 1548  MTConfig - ok
09:46:39.0927 1548  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:46:39.0942 1548  Mup - ok
09:46:39.0958 1548  [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:46:39.0989 1548  MyWiFiDHCPDNS - ok
09:46:40.0020 1548  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
09:46:40.0052 1548  napagent - ok
09:46:40.0083 1548  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:46:40.0114 1548  NativeWifiP - ok
09:46:40.0161 1548  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:46:40.0192 1548  NDIS - ok
09:46:40.0208 1548  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:46:40.0223 1548  NdisCap - ok
09:46:40.0254 1548  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:46:40.0270 1548  NdisTapi - ok
09:46:40.0286 1548  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:46:40.0317 1548  Ndisuio - ok
09:46:40.0332 1548  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:46:40.0364 1548  NdisWan - ok
09:46:40.0379 1548  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:46:40.0426 1548  NDProxy - ok
09:46:40.0426 1548  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:46:40.0457 1548  NetBIOS - ok
09:46:40.0488 1548  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:46:40.0520 1548  NetBT - ok
09:46:40.0520 1548  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
09:46:40.0535 1548  Netlogon - ok
09:46:40.0566 1548  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
09:46:40.0613 1548  Netman - ok
09:46:40.0629 1548  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
09:46:40.0676 1548  netprofm - ok
09:46:40.0691 1548  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:46:40.0707 1548  NetTcpPortSharing - ok
09:46:40.0878 1548  [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
09:46:41.0112 1548  NETwNs64 - ok
09:46:41.0128 1548  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:46:41.0128 1548  nfrd960 - ok
09:46:41.0175 1548  [ 8FB3C853E886E1E4D57271672486111C ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:46:41.0190 1548  NisDrv - ok
09:46:41.0206 1548  [ 869A808253726EA11939EC4FE76346A4 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
09:46:41.0222 1548  NisSrv - ok
09:46:41.0253 1548  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:46:41.0268 1548  NlaSvc - ok
09:46:41.0268 1548  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:46:41.0300 1548  Npfs - ok
09:46:41.0315 1548  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
09:46:41.0346 1548  nsi - ok
09:46:41.0362 1548  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:46:41.0393 1548  nsiproxy - ok
09:46:41.0440 1548  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:46:41.0487 1548  Ntfs - ok
09:46:41.0502 1548  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
09:46:41.0534 1548  Null - ok
09:46:41.0565 1548  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:46:41.0580 1548  nvraid - ok
09:46:41.0580 1548  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:46:41.0596 1548  nvstor - ok
09:46:41.0612 1548  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:46:41.0627 1548  nv_agp - ok
09:46:41.0799 1548  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:46:41.0830 1548  odserv - ok
09:46:41.0830 1548  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:46:41.0846 1548  ohci1394 - ok
09:46:41.0892 1548  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:46:41.0892 1548  ose - ok
09:46:41.0970 1548  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:46:41.0986 1548  p2pimsvc - ok
09:46:42.0017 1548  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:46:42.0033 1548  p2psvc - ok
09:46:42.0048 1548  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
09:46:42.0064 1548  Parport - ok
09:46:42.0080 1548  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:46:42.0095 1548  partmgr - ok
09:46:42.0126 1548  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:46:42.0142 1548  PcaSvc - ok
09:46:42.0158 1548  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
09:46:42.0158 1548  pci - ok
09:46:42.0189 1548  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
09:46:42.0189 1548  pciide - ok
09:46:42.0189 1548  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:46:42.0204 1548  pcmcia - ok
09:46:42.0220 1548  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:46:42.0236 1548  pcw - ok
09:46:42.0251 1548  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:46:42.0298 1548  PEAUTH - ok
09:46:42.0345 1548  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:46:42.0376 1548  PerfHost - ok
09:46:42.0407 1548  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
09:46:42.0485 1548  pla - ok
09:46:42.0516 1548  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:46:42.0548 1548  PlugPlay - ok
09:46:42.0563 1548  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:46:42.0579 1548  PNRPAutoReg - ok
09:46:42.0594 1548  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:46:42.0594 1548  PNRPsvc - ok
09:46:42.0626 1548  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:46:42.0672 1548  PolicyAgent - ok
09:46:42.0688 1548  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll
09:46:42.0704 1548  Power - ok
09:46:42.0813 1548  [ F4D3057622523C47C087B791408D3839 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
09:46:42.0860 1548  Power Manager DBC Service - ok
09:46:42.0891 1548  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:46:42.0922 1548  PptpMiniport - ok
09:46:42.0938 1548  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
09:46:42.0953 1548  Processor - ok
09:46:42.0984 1548  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:46:43.0000 1548  ProfSvc - ok
09:46:43.0016 1548  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:46:43.0016 1548  ProtectedStorage - ok
09:46:43.0047 1548  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:46:43.0078 1548  Psched - ok
09:46:43.0156 1548  [ 33F701C3C07F45DE0072ABA909AF4433 ] PwmEWSvc        C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
09:46:43.0203 1548  PwmEWSvc - ok
09:46:43.0234 1548  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:46:43.0281 1548  ql2300 - ok
09:46:43.0281 1548  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:46:43.0296 1548  ql40xx - ok
09:46:43.0312 1548  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
09:46:43.0328 1548  QWAVE - ok
09:46:43.0343 1548  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:46:43.0359 1548  QWAVEdrv - ok
09:46:43.0374 1548  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:46:43.0406 1548  RasAcd - ok
09:46:43.0421 1548  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:46:43.0452 1548  RasAgileVpn - ok
09:46:43.0468 1548  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
09:46:43.0499 1548  RasAuto - ok
09:46:43.0499 1548  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:46:43.0530 1548  Rasl2tp - ok
09:46:43.0562 1548  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
09:46:43.0593 1548  RasMan - ok
09:46:43.0593 1548  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:46:43.0640 1548  RasPppoe - ok
09:46:43.0671 1548  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:46:43.0702 1548  RasSstp - ok
09:46:43.0702 1548  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:46:43.0733 1548  rdbss - ok
09:46:43.0749 1548  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:46:43.0749 1548  rdpbus - ok
09:46:43.0764 1548  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:46:43.0780 1548  RDPCDD - ok
09:46:43.0811 1548  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:46:43.0842 1548  RDPENCDD - ok
09:46:43.0858 1548  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:46:43.0874 1548  RDPREFMP - ok
09:46:43.0905 1548  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:46:43.0920 1548  RdpVideoMiniport - ok
09:46:43.0936 1548  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:46:43.0967 1548  RDPWD - ok
09:46:43.0967 1548  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:46:43.0983 1548  rdyboost - ok
09:46:44.0030 1548  [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:46:44.0045 1548  RegSrvc - ok
09:46:44.0061 1548  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:46:44.0092 1548  RemoteAccess - ok
09:46:44.0108 1548  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:46:44.0154 1548  RemoteRegistry - ok
09:46:44.0186 1548  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:46:44.0217 1548  RFCOMM - ok
09:46:44.0232 1548  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:46:44.0264 1548  RpcEptMapper - ok
09:46:44.0279 1548  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
09:46:44.0295 1548  RpcLocator - ok
09:46:44.0310 1548  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
09:46:44.0326 1548  RpcSs - ok
09:46:44.0357 1548  [ D0E95321A6180BFF82117E38E130C524 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
09:46:44.0357 1548  RSPCIESTOR - ok
09:46:44.0388 1548  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:46:44.0420 1548  rspndr - ok
09:46:44.0466 1548  [ B358C047E081AC70035017BD1D7ED818 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:46:44.0466 1548  RTL8167 - ok
09:46:44.0482 1548  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
09:46:44.0482 1548  SamSs - ok
09:46:44.0498 1548  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:46:44.0513 1548  sbp2port - ok
09:46:44.0513 1548  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:46:44.0544 1548  SCardSvr - ok
09:46:44.0560 1548  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:46:44.0591 1548  scfilter - ok
09:46:44.0607 1548  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
09:46:44.0669 1548  Schedule - ok
09:46:44.0700 1548  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:46:44.0716 1548  SCPolicySvc - ok
09:46:44.0732 1548  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:46:44.0747 1548  SDRSVC - ok
09:46:44.0763 1548  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:46:44.0810 1548  secdrv - ok
09:46:44.0825 1548  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
09:46:44.0841 1548  seclogon - ok
09:46:44.0856 1548  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
09:46:44.0888 1548  SENS - ok
09:46:44.0903 1548  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:46:44.0919 1548  SensrSvc - ok
09:46:44.0950 1548  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:46:44.0966 1548  Serenum - ok
09:46:44.0981 1548  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
09:46:44.0997 1548  Serial - ok
09:46:45.0012 1548  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:46:45.0012 1548  sermouse - ok
09:46:45.0044 1548  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:46:45.0075 1548  SessionEnv - ok
09:46:45.0075 1548  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:46:45.0090 1548  sffdisk - ok
09:46:45.0090 1548  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:46:45.0106 1548  sffp_mmc - ok
09:46:45.0106 1548  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:46:45.0122 1548  sffp_sd - ok
09:46:45.0137 1548  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:46:45.0137 1548  sfloppy - ok
09:46:45.0168 1548  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:46:45.0200 1548  SharedAccess - ok
09:46:45.0215 1548  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:46:45.0246 1548  ShellHWDetection - ok
09:46:45.0278 1548  [ 21144BECAEC1012FF0F6C6C1D6177232 ] Shockprf        C:\Windows\system32\DRIVERS\Apsx64.sys
09:46:45.0293 1548  Shockprf - ok
09:46:45.0293 1548  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:46:45.0309 1548  SiSRaid2 - ok
09:46:45.0324 1548  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:46:45.0324 1548  SiSRaid4 - ok
09:46:45.0356 1548  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:46:45.0387 1548  Smb - ok
09:46:45.0402 1548  [ 8664402BD0049E249337973FB9C8F399 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
09:46:45.0402 1548  SmbDrvI - ok
09:46:45.0418 1548  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:46:45.0434 1548  SNMPTRAP - ok
09:46:45.0449 1548  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:46:45.0465 1548  spldr - ok
09:46:45.0480 1548  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
09:46:45.0512 1548  Spooler - ok
09:46:45.0574 1548  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
09:46:45.0668 1548  sppsvc - ok
09:46:45.0683 1548  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:46:45.0699 1548  sppuinotify - ok
09:46:45.0730 1548  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:46:45.0746 1548  srv - ok
09:46:45.0761 1548  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:46:45.0777 1548  srv2 - ok
09:46:45.0808 1548  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:46:45.0824 1548  srvnet - ok
09:46:45.0839 1548  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:46:45.0870 1548  SSDPSRV - ok
09:46:45.0870 1548  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:46:45.0902 1548  SstpSvc - ok
09:46:45.0902 1548  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:46:45.0917 1548  stexstor - ok
09:46:45.0948 1548  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
09:46:45.0980 1548  stisvc - ok
09:46:46.0042 1548  [ B4351A27305C7C009B92C40102BC9161 ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
09:46:46.0058 1548  SUService - ok
09:46:46.0058 1548  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:46:46.0058 1548  swenum - ok
09:46:46.0073 1548  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
09:46:46.0120 1548  swprv - ok
09:46:46.0136 1548  [ 2BE78F3E0D6DCF0692E2956CF1184FFE ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:46:46.0151 1548  SynTP - ok
09:46:46.0198 1548  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
09:46:46.0245 1548  SysMain - ok
09:46:46.0260 1548  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:46:46.0276 1548  TabletInputService - ok
09:46:46.0292 1548  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:46:46.0323 1548  TapiSrv - ok
09:46:46.0338 1548  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
09:46:46.0354 1548  TBS - ok
09:46:46.0416 1548  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:46:46.0463 1548  Tcpip - ok
09:46:46.0510 1548  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:46:46.0526 1548  TCPIP6 - ok
09:46:46.0557 1548  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:46:46.0557 1548  tcpipreg - ok
09:46:46.0572 1548  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:46:46.0588 1548  TDPIPE - ok
09:46:46.0604 1548  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:46:46.0619 1548  TDTCP - ok
09:46:46.0635 1548  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:46:46.0666 1548  tdx - ok
09:46:46.0666 1548  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:46:46.0666 1548  TermDD - ok
09:46:46.0682 1548  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
09:46:46.0728 1548  TermService - ok
09:46:46.0728 1548  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
09:46:46.0744 1548  Themes - ok
09:46:46.0760 1548  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
09:46:46.0791 1548  THREADORDER - ok
09:46:46.0806 1548  [ 8CC4CABFC4D35B61ABF596CE024C438C ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM64.sys
09:46:46.0822 1548  TPDIGIMN - ok
09:46:46.0838 1548  [ 25AD1E90D51382173D49F55963B59C64 ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG64.exe
09:46:46.0853 1548  TPHDEXLGSVC - ok
09:46:46.0884 1548  [ EEE8F526111B627ADF5A9CE0FAC4D383 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
09:46:46.0900 1548  TPHKLOAD - ok
09:46:46.0916 1548  [ 5B62F45C87CC0FB176C5358EEA6CFB4C ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
09:46:46.0916 1548  TPHKSVC - ok
09:46:46.0962 1548  [ A9EF6C7E62DC3B01C51CFB92C1596C62 ] TPPWRIF         C:\Windows\system32\drivers\Tppwr64v.sys
09:46:46.0962 1548  TPPWRIF - ok
09:46:46.0978 1548  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
09:46:47.0025 1548  TrkWks - ok
09:46:47.0056 1548  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:46:47.0087 1548  TrustedInstaller - ok
09:46:47.0118 1548  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:46:47.0134 1548  tssecsrv - ok
09:46:47.0150 1548  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:46:47.0165 1548  TsUsbFlt - ok
09:46:47.0181 1548  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:46:47.0196 1548  TsUsbGD - ok
09:46:47.0228 1548  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:46:47.0259 1548  tunnel - ok
09:46:47.0306 1548  [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd        C:\Windows\system32\DRIVERS\tvtvcamd.sys
09:46:47.0306 1548  tvtvcamd - ok
09:46:47.0306 1548  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:46:47.0321 1548  uagp35 - ok
09:46:47.0352 1548  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:46:47.0384 1548  udfs - ok
09:46:47.0399 1548  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:46:47.0415 1548  UI0Detect - ok
09:46:47.0430 1548  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:46:47.0446 1548  uliagpkx - ok
09:46:47.0446 1548  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:46:47.0462 1548  umbus - ok
09:46:47.0462 1548  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:46:47.0477 1548  UmPass - ok
09:46:47.0493 1548  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
09:46:47.0524 1548  upnphost - ok
09:46:47.0555 1548  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:46:47.0571 1548  usbccgp - ok
09:46:47.0586 1548  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:46:47.0602 1548  usbcir - ok
09:46:47.0618 1548  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:46:47.0633 1548  usbehci - ok
09:46:47.0664 1548  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:46:47.0696 1548  usbhub - ok
09:46:47.0696 1548  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:46:47.0711 1548  usbohci - ok
09:46:47.0727 1548  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
09:46:47.0742 1548  usbprint - ok
09:46:47.0758 1548  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:46:47.0774 1548  USBSTOR - ok
09:46:47.0789 1548  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:46:47.0789 1548  usbuhci - ok
09:46:47.0820 1548  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
09:46:47.0836 1548  usbvideo - ok
09:46:47.0867 1548  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
09:46:47.0898 1548  UxSms - ok
09:46:47.0914 1548  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
09:46:47.0930 1548  VaultSvc - ok
09:46:47.0945 1548  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:46:47.0945 1548  vdrvroot - ok
09:46:47.0961 1548  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
09:46:48.0008 1548  vds - ok
09:46:48.0023 1548  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:46:48.0023 1548  vga - ok
09:46:48.0039 1548  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:46:48.0070 1548  VgaSave - ok
09:46:48.0086 1548  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:46:48.0086 1548  vhdmp - ok
09:46:48.0117 1548  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:46:48.0117 1548  viaide - ok
09:46:48.0148 1548  [ D1ABC88F0A9A0A06658AF978B763C9EF ] vm331avs        C:\Windows\system32\Drivers\vm331avs.sys
09:46:48.0195 1548  vm331avs - ok
09:46:48.0210 1548  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:46:48.0226 1548  volmgr - ok
09:46:48.0242 1548  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:46:48.0242 1548  volmgrx - ok
09:46:48.0257 1548  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:46:48.0273 1548  volsnap - ok
09:46:48.0273 1548  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:46:48.0288 1548  vsmraid - ok
09:46:48.0320 1548  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
09:46:48.0398 1548  VSS - ok
09:46:48.0398 1548  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:46:48.0429 1548  vwifibus - ok
09:46:48.0429 1548  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:46:48.0444 1548  vwififlt - ok
09:46:48.0460 1548  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:46:48.0476 1548  vwifimp - ok
09:46:48.0491 1548  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
09:46:48.0522 1548  W32Time - ok
09:46:48.0522 1548  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:46:48.0538 1548  WacomPen - ok
09:46:48.0569 1548  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:46:48.0600 1548  WANARP - ok
09:46:48.0600 1548  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:46:48.0632 1548  Wanarpv6 - ok
09:46:48.0663 1548  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
09:46:48.0710 1548  wbengine - ok
09:46:48.0725 1548  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:46:48.0741 1548  WbioSrvc - ok
09:46:48.0741 1548  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:46:48.0772 1548  wcncsvc - ok
09:46:48.0788 1548  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:46:48.0803 1548  WcsPlugInService - ok
09:46:48.0803 1548  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
09:46:48.0819 1548  Wd - ok
09:46:48.0866 1548  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:46:48.0897 1548  Wdf01000 - ok
09:46:48.0912 1548  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:46:48.0944 1548  WdiServiceHost - ok
09:46:48.0944 1548  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:46:48.0944 1548  WdiSystemHost - ok
09:46:48.0975 1548  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
09:46:48.0990 1548  WebClient - ok
09:46:49.0006 1548  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:46:49.0037 1548  Wecsvc - ok
09:46:49.0037 1548  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:46:49.0068 1548  wercplsupport - ok
09:46:49.0084 1548  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:46:49.0115 1548  WerSvc - ok
09:46:49.0131 1548  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:46:49.0162 1548  WfpLwf - ok
09:46:49.0162 1548  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:46:49.0178 1548  WIMMount - ok
09:46:49.0209 1548  WinDefend - ok
09:46:49.0224 1548  WinHttpAutoProxySvc - ok
09:46:49.0271 1548  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:46:49.0302 1548  Winmgmt - ok
09:46:49.0349 1548  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
09:46:49.0412 1548  WinRM - ok
09:46:49.0443 1548  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:46:49.0490 1548  Wlansvc - ok
09:46:49.0505 1548  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:46:49.0521 1548  WmiAcpi - ok
09:46:49.0536 1548  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:46:49.0552 1548  wmiApSrv - ok
09:46:49.0568 1548  WMPNetworkSvc - ok
09:46:49.0583 1548  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:46:49.0599 1548  WPCSvc - ok
09:46:49.0599 1548  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:46:49.0630 1548  WPDBusEnum - ok
09:46:49.0661 1548  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:46:49.0677 1548  ws2ifsl - ok
09:46:49.0692 1548  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
09:46:49.0708 1548  wscsvc - ok
09:46:49.0708 1548  WSearch - ok
09:46:49.0755 1548  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:46:49.0833 1548  wuauserv - ok
09:46:49.0848 1548  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:46:49.0864 1548  WudfPf - ok
09:46:49.0880 1548  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:46:49.0895 1548  WUDFRd - ok
09:46:49.0911 1548  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:46:49.0926 1548  wudfsvc - ok
09:46:49.0942 1548  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:46:50.0004 1548  WwanSvc - ok
09:46:50.0036 1548  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
09:46:50.0051 1548  xusb21 - ok
09:46:50.0114 1548  [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
09:46:50.0192 1548  ZeroConfigService - ok
09:46:50.0207 1548  ================ Scan global ===============================
09:46:50.0223 1548  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:46:50.0254 1548  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
09:46:50.0270 1548  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
09:46:50.0285 1548  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:46:50.0301 1548  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:46:50.0316 1548  [Global] - ok
09:46:50.0316 1548  ================ Scan MBR ==================================
09:46:50.0316 1548  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:46:50.0722 1548  \Device\Harddisk0\DR0 - ok
09:46:50.0722 1548  ================ Scan VBR ==================================
09:46:50.0722 1548  [ C31750807DECAD1D5C4643149F281B48 ] \Device\Harddisk0\DR0\Partition1
09:46:50.0722 1548  \Device\Harddisk0\DR0\Partition1 - ok
09:46:50.0753 1548  [ C54C0854F9C4AFAF6B5A0B9C45F7693C ] \Device\Harddisk0\DR0\Partition2
09:46:50.0769 1548  \Device\Harddisk0\DR0\Partition2 - ok
09:46:50.0784 1548  [ 052A6A13891DCADCC77EAC744CFB28B8 ] \Device\Harddisk0\DR0\Partition3
09:46:50.0784 1548  \Device\Harddisk0\DR0\Partition3 - ok
09:46:50.0784 1548  ============================================================
09:46:50.0784 1548  Scan finished
09:46:50.0784 1548  ============================================================
09:46:50.0784 1464  Detected object count: 0
09:46:50.0784 1464  Actual detected object count: 0
09:47:25.0588 1488  Deinitialize success

Beste Grüße und vielen Dank!

Secure


Alt 26.09.2013, 17:38   #6
aharonov
/// TB-Ausbilder
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hi,

mach bitte neue FRST-Logs:


Starte noch einmal FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.
__________________
--> Benutzerkonto: Programme starten nicht

Alt 26.09.2013, 19:51   #7
Secure
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hi!

Danke für deine schnelle Reaktion auf meinen Post von eben!
Ok, also hier die beiden neuen Farbar-Logs:

FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2013
Ran by *** (administrator) on ***-PC on 26-09-2013 20:39:44
Running from C:\Users\***\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [293672 2013-06-14] (Lenovo Group Limited)
HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [382248 2013-06-20] (Lenovo.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2950456 2012-10-02] (Synaptics Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
MountPoints2: {f08c4190-cee0-11e2-b591-806e6f6e6963} - E:\autorun.exe
HKLM-x32\...\Run: [EaseUS EPM tray] - C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Vimicro)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\itunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [PWMTRV] - C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL [6617384 2013-06-14] (Lenovo Group Limited)
HKU\Default\...\RunOnce: [Lenovo.ShowBand] - c:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-08-08] (Lenovo)
HKU\Default User\...\RunOnce: [Lenovo.ShowBand] - c:\Program Files\Lenovo\SimpleTap DeskBand\ShowBand.exe [52584 2013-08-08] (Lenovo)

==================== Internet (Whitelisted) ====================

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\itunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: adblockpopups - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default\Extensions\adblockpopups@jessehakanen.net.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\x7jfjph8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==================== Services (Whitelisted) =================

S2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [187688 2013-06-14] (Lenovo Group Limited)
S2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 LSCWinService; c:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22376 2013-06-26] ()
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-02] (Synaptics Incorporated)
S3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1045248 2013-03-01] (Vimicro Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-26 20:38 - 2013-09-26 20:39 - 01956432 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-09-24 09:44 - 2013-09-24 09:44 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\***_2\Desktop\tdsskiller.exe
2013-09-22 12:06 - 2013-09-22 12:06 - 00031523 _____ C:\Users\***\Downloads\FRST.txt
2013-09-22 12:06 - 2013-09-22 12:06 - 00013797 _____ C:\Users\***\Downloads\Addition.txt
2013-09-22 12:05 - 2013-09-22 12:05 - 00000000 ____D C:\FRST
2013-09-21 14:40 - 2013-09-21 14:40 - 00000000 ____D C:\Users\***_2\AppData\Roaming\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 13:53 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-21 13:52 - 2013-09-21 13:52 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 20:56 - 2013-09-21 14:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 20:56 - 2013-09-19 20:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-11 13:07 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 13:07 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 13:07 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 13:07 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 13:07 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 13:07 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 13:07 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 13:07 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 13:07 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 13:06 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 13:06 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 13:06 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 13:06 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 13:06 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 13:06 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 13:06 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 13:06 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 13:06 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-10 20:26 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-10 20:26 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-10 20:26 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-10 20:26 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-10 20:26 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-10 20:26 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-10 20:26 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-10 20:26 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-10 20:26 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-10 20:26 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-10 20:26 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-10 20:26 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-10 20:26 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-10 20:26 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-10 20:26 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-10 20:26 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-10 20:26 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-10 20:26 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-10 20:26 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-10 20:26 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-10 20:26 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-10 20:26 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-10 20:26 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-10 20:25 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-10 20:25 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-10 20:25 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-10 20:25 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-05 12:51 - 2013-09-05 12:52 - 00000000 ____D C:\Users\***_2\Downloads\CoreTemp32_rc5
2013-09-05 12:51 - 2013-09-05 12:51 - 00338140 _____ C:\Users\***_2\Downloads\CoreTemp32_rc5.zip
2013-09-05 12:02 - 2013-09-05 12:02 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-09-05 11:59 - 2013-09-24 09:52 - 00816737 _____ C:\Windows\WindowsUpdate.log
2013-09-05 11:59 - 2013-09-05 11:59 - 00002408 _____ C:\QcOSD.txt
2013-09-05 11:58 - 2013-09-05 11:58 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-09-05 11:58 - 2013-06-14 06:01 - 02852136 _____ (Lenovo Group Limited) C:\Windows\system32\PWMCP64V.cpl
2013-09-05 11:58 - 2013-06-14 06:01 - 02692904 ____N (Lenovo Group Limited) C:\Windows\PWMBTHLV.EXE
2013-09-05 11:58 - 2013-06-14 06:01 - 00020736 _____ (Lenovo Group Limited) C:\Windows\system32\Drivers\TPPWR64V.SYS
2013-09-05 11:54 - 2013-09-24 09:41 - 00006216 _____ C:\Windows\setupact.log
2013-09-05 11:54 - 2013-09-05 11:54 - 00000000 _____ C:\Windows\setuperr.log
2013-09-05 11:50 - 2013-09-05 11:50 - 26299176 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\powermanager.exe
2013-09-05 11:50 - 2013-09-05 11:50 - 01286168 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\powermanager driver.exe
2013-09-05 11:48 - 2013-09-05 11:48 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-05 11:46 - 2013-09-05 11:46 - 04454952 _____ (Piriform Ltd) C:\Users\***_2\Downloads\ccsetup405.exe
2013-09-05 11:36 - 2013-09-05 11:36 - 09816728 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\gevu60ew.exe
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\PwrMgr
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default\AppData\Local\Lenovo
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\PwrMgr
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Lenovo
2013-09-05 10:54 - 2013-09-05 10:54 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2013-09-05 10:54 - 2013-09-05 10:54 - 00000000 ____D C:\Users\***\AppData\Roaming\LSC

==================== One Month Modified Files and Folders =======

2013-09-26 20:39 - 2013-09-26 20:38 - 01956432 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2013-09-24 09:52 - 2013-09-05 11:59 - 00816737 _____ C:\Windows\WindowsUpdate.log
2013-09-24 09:44 - 2013-09-24 09:44 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\***_2\Desktop\tdsskiller.exe
2013-09-24 09:41 - 2013-09-05 11:54 - 00006216 _____ C:\Windows\setupact.log
2013-09-24 09:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-22 12:06 - 2013-09-22 12:06 - 00031523 _____ C:\Users\***\Downloads\FRST.txt
2013-09-22 12:06 - 2013-09-22 12:06 - 00013797 _____ C:\Users\***\Downloads\Addition.txt
2013-09-22 12:05 - 2013-09-22 12:05 - 00000000 ____D C:\FRST
2013-09-21 14:40 - 2013-09-21 14:40 - 00000000 ____D C:\Users\***_2\AppData\Roaming\Malwarebytes
2013-09-21 14:38 - 2009-07-14 06:45 - 00311152 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-21 14:36 - 2013-06-08 22:36 - 00068328 _____ C:\Users\***_2\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-21 14:29 - 2013-06-08 00:13 - 00068328 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-21 14:28 - 2009-07-14 06:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-21 14:28 - 2009-07-14 06:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-21 14:27 - 2011-04-12 09:43 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-09-21 14:27 - 2011-04-12 09:43 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-09-21 14:27 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-21 14:26 - 2013-06-08 00:13 - 00001912 _____ C:\Windows\epplauncher.mif
2013-09-21 14:26 - 2013-06-08 00:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-09-21 14:26 - 2013-06-08 00:12 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-09-21 14:24 - 2013-06-06 21:49 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-21 14:24 - 2013-06-06 21:49 - 00000000 ___RD C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-21 14:23 - 2013-09-19 20:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-21 14:01 - 2013-06-08 22:53 - 00000000 ____D C:\Users\***_2\Desktop\Uni
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\Users\***\AppData\Roaming\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-21 13:53 - 2013-09-21 13:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-21 13:52 - 2013-09-21 13:52 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\***\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 20:56 - 2013-09-19 20:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-19 20:56 - 2013-06-08 22:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 20:56 - 2013-06-08 22:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-14 12:36 - 2013-06-07 19:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 13:56 - 2013-06-08 22:36 - 00000000 ___RD C:\Users\***_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-11 13:56 - 2013-06-08 22:36 - 00000000 ___RD C:\Users\***_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 13:54 - 2013-06-06 22:40 - 00000000 ____D C:\Windows\Panther
2013-09-11 13:54 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-11 13:06 - 2013-08-15 22:07 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 13:04 - 2013-06-07 21:05 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-05 12:52 - 2013-09-05 12:51 - 00000000 ____D C:\Users\***_2\Downloads\CoreTemp32_rc5
2013-09-05 12:51 - 2013-09-05 12:51 - 00338140 _____ C:\Users\***_2\Downloads\CoreTemp32_rc5.zip
2013-09-05 12:02 - 2013-09-05 12:02 - 00000000 ____D C:\Program Files\Common Files\Lenovo
2013-09-05 11:59 - 2013-09-05 11:59 - 00002408 _____ C:\QcOSD.txt
2013-09-05 11:58 - 2013-09-05 11:58 - 00000000 ____D C:\Program Files (x86)\ThinkPad
2013-09-05 11:58 - 2013-06-08 00:26 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-05 11:58 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2013-09-05 11:54 - 2013-09-05 11:54 - 00000000 _____ C:\Windows\setuperr.log
2013-09-05 11:50 - 2013-09-05 11:50 - 26299176 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\powermanager.exe
2013-09-05 11:50 - 2013-09-05 11:50 - 01286168 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\powermanager driver.exe
2013-09-05 11:48 - 2013-09-05 11:48 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-09-05 11:46 - 2013-09-05 11:46 - 04454952 _____ (Piriform Ltd) C:\Users\***_2\Downloads\ccsetup405.exe
2013-09-05 11:36 - 2013-09-05 11:36 - 09816728 _____ (Lenovo Group Limited                                        ) C:\Users\***_2\Downloads\gevu60ew.exe
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\PwrMgr
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default\AppData\Local\Lenovo
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\PwrMgr
2013-09-05 11:14 - 2013-09-05 11:14 - 00000000 ____D C:\Users\Default User\AppData\Local\Lenovo
2013-09-05 11:03 - 2013-06-08 22:36 - 00000000 ____D C:\Users\***_2\AppData\Local\Lenovo
2013-09-05 10:54 - 2013-09-05 10:54 - 00001991 _____ C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2013-09-05 10:54 - 2013-09-05 10:54 - 00000000 ____D C:\Users\***\AppData\Roaming\LSC
2013-09-05 10:54 - 2013-06-08 22:38 - 00000000 ____D C:\Users\***_2\AppData\Local\LSC
2013-09-05 10:54 - 2013-06-08 22:37 - 00000000 ____D C:\Users\***_2\AppData\Roaming\LSC
2013-09-05 10:54 - 2013-06-07 20:28 - 00000000 ____D C:\Program Files\Lenovo
2013-09-05 10:54 - 2013-06-07 19:38 - 00000000 ____D C:\ldiag
2013-09-05 10:54 - 2013-06-07 19:31 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
2013-09-05 10:53 - 2013-06-07 19:30 - 00000000 ____D C:\Windows\Downloaded Installations
2013-09-01 17:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 16:52

==================== End Of Log ============================
--- --- ---



Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2013
Ran by *** at 2013-09-26 20:40:26
Running from C:\Users\***\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.8.0.1280)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Anzeige am Bildschirm (Version: 7.12.20)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
EaseUS Partition Master 9.2.2 (x32)
Energie-Manager (x32 Version: 6.61.1)
Integrated Camera (x32 Version: 5.13.312.31)
Intel PROSet Wireless
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.1.0.0140)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.225)
Intel® PROSet/Wireless WiFi-Software (Version: 15.01.0000.0830)
iTunes (Version: 11.0.4.4)
Lenovo Auto Scroll Utility (Version: 2.01)
Lenovo Patch Utility (x32 Version: 1.3.1.1)
Lenovo Patch Utility 64 bit (Version: 1.3.1.1)
Lenovo Power Management Driver (Version: 1.67.00.02)
Lenovo Solution Center (Version: 2.2.002.00)
Lenovo System Update (x32 Version: 5.02.0018)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Realtek Ethernet Controller Driver (x32 Version: 7.65.1025.2012)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.28116)
ThinkPad UltraNav Driver (Version: 16.2.17.3)
ThinkVantage Communications Utility (Version: 3.0.45.0)
ThinkVantage System für aktiven Festplattenschutz (Version: 1.77.0.26)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0E2A6FA7-82F6-4CFD-AC63-31DDF70B2AD0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => c:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: {1CE15D08-CC64-4EEB-9E94-430EB232A8FD} - System32\Tasks\Lenovo\LSC\RebootCountTask => c:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {58ACC800-AB28-4209-9D02-E857F49B2CBF} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\pla.dll [2010-11-21] (Microsoft Corporation)
Task: {71B73244-5E31-4C0D-BC20-727EE17D4E6E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {8730EF86-2455-4D52-AA3C-CC585C14757E} - System32\Tasks\Lenovo\LSC\Time72Task => c:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {AA63E78F-7BD3-4D08-91D3-13680B0D52D3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {C9FC6211-E5D7-4CE7-B251-608FDE280F05} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {CAE142B3-5899-4923-8C6A-606C1762C76E} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2013-06-26] ()
Task: {EB406975-63B3-41A0-8BEC-58AC6A72B23C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)
Task: {EBF7F632-8443-40F1-92B6-88292E9FDF40} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-08-08] (Lenovo)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-09-10 20:26 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-10 20:26 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll
2013-09-10 20:26 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNELBASE.dll
2010-11-21 05:24 - 2010-11-21 05:24 - 00640512 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll
2013-06-07 20:35 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll
2009-07-14 01:11 - 2009-07-14 03:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2013-08-15 21:18 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll
2013-06-07 20:48 - 2012-08-24 18:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\syswow64\SspiCli.dll
2009-07-14 01:12 - 2009-07-14 03:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\syswow64\CRYPTBASE.dll
2010-11-21 05:24 - 2010-11-21 05:24 - 00311296 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll
2010-11-21 05:24 - 2010-11-21 05:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll
2009-07-14 01:25 - 2009-07-14 03:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.dll
2013-06-07 20:48 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll
2010-11-21 05:23 - 2010-11-21 05:23 - 00350208 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll
2010-11-21 05:23 - 2010-11-21 05:23 - 00485888 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll
2013-09-10 20:25 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll
2010-11-21 05:24 - 2010-11-21 05:24 - 01414144 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll
2013-06-07 20:35 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll
2009-07-14 01:15 - 2009-07-14 03:16 - 00006144 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL
2013-09-11 13:06 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll
2009-07-14 01:15 - 2009-07-14 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\syswow64\normaliz.DLL
2013-09-11 13:07 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll
2010-11-21 05:23 - 2010-11-21 05:23 - 00206848 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll
2009-07-14 01:12 - 2009-07-14 03:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll
2009-07-14 01:28 - 2009-07-14 03:15 - 00828928 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll
2010-11-21 05:23 - 2010-11-21 05:23 - 01667584 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll
2013-06-07 20:40 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\syswow64\CFGMGR32.dll
2013-06-07 20:40 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\syswow64\DEVOBJ.dll
2009-07-14 01:44 - 2009-07-14 03:15 - 00522240 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/26/2013 08:35:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2013 09:44:21 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2013 00:26:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/22/2013 00:02:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 02:46:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 02:23:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2013 01:51:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2013 10:52:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2013 10:20:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/19/2013 08:53:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/26/2013 08:39:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/26/2013 08:39:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/26/2013 08:39:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/26/2013 08:39:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/26/2013 08:39:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/26/2013 08:39:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/26/2013 08:38:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/26/2013 08:38:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/26/2013 08:38:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/26/2013 08:37:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 20%
Total physical RAM: 3117.16 MB
Available physical RAM: 2487.19 MB
Total Pagefile: 6232.5 MB
Available Pagefile: 5627.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:43.93 GB) (Free:17.03 GB) NTFS
Drive d: () (Fixed) (Total:253.15 GB) (Free:252.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: CE224451)
Partition 1: (Active) - (Size=1 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=44 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=253 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Danke fürs ansehen!

Beste Grüße, Secure

Alt 26.09.2013, 19:58   #8
aharonov
/// TB-Ausbilder
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


ok.


Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.


__________________
cheers,
Leo

Alt 26.09.2013, 20:09   #9
Secure
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Alles klar!

Hab ich gemacht. Hier das Log:

Code:
ATTFilter
Farbar Service Scanner Version: 13-09-2013
Ran by *** (administrator) on 26-09-2013 at 21:05:19
Running from "C:\Users\***\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy: 
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
Hast du schon eine Idee, was da los ist?

Alt 26.09.2013, 20:52   #10
aharonov
/// TB-Ausbilder
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Versuch mal das hier. Wenn es fertig ist, den Rechner neustarten und ein frisches FSS-Log machen und posten.


Schritt 1

Downloade dir bitte Windows Repair (all in one) und entpacke das Archiv auf den Desktop.
  • Starte nun die darin enthaltene Repair_Windows.exe.
  • Wähle den Reiter Step 2 (optional) und drücke auf Do It. Der Rechner wird neu gestartet.
  • Öffne das Programm erneut und klicke im Reiter Step 3 (optional) ebenfalls auf Do It. Starte danach den Rechner neu.
  • Im Reiter Step 4 (optional) drücke dann unter System Restore auf Create.
  • Danach drücke im Reiter Start Repairs auf Start.
  • Klicke auf Select All, setze den Haken bei Restart/Shutdown System When Finished und wähle die Option Restart System.
  • Deaktiviere temporär dein Antivirenprogramm und drücke auf Start.
Starte danach den Rechner neu auf.



Schritt 2

Starte nochmals FSS, hake alle Optionen an und scanne. Poste das Log.
__________________
cheers,
Leo

Alt 27.09.2013, 17:08   #11
Secure
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hallo!

So, es hat etwas gedauert, aber es lief alles ohne Probleme. Ich konnte auch wieder ohne abgesicherten Modus arbeiten.

Hier ist das neue FSS-Log zur Einsicht:

Code:
ATTFilter
Farbar Service Scanner Version: 13-09-2013
Ran by *** (administrator) on 27-09-2013 at 18:00:03
Running from "C:\Users\***\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
Besten Dank schonmal!

Secure

Alt 27.09.2013, 18:25   #12
aharonov
/// TB-Ausbilder
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hallo,

wie ist denn der Zustand jetzt? Welche Probleme bestehen genau noch?
__________________
cheers,
Leo

Alt 28.09.2013, 11:34   #13
Secure
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hi!

Ich habe heute vormittag jetzt mal ausprobiert verschiedene Programme zu starten usw. und es scheint, als ob wieder alles ok ist. Das beschriebene Problem ist zumindest verschwunden. Auch die Bootvorgänge und das Herunterfahren scheinen wieder schneller zu gehen.

Spontan würde ich jetzt sagen, es ist wieder alles ok.

Woran hat es letztendlich gelegen, kannst du das sagen? Oder hat Windows einfach wieder mal schlapp gemacht?!

Alt 28.09.2013, 12:22   #14
aharonov
/// TB-Ausbilder
 
Benutzerkonto: Programme starten nicht - Standard

Benutzerkonto: Programme starten nicht


Hi,

ich kann dir nicht genau sagen, was da nicht gepasst hat. Man hat im Log gesehen, dass die Dinge etwas vermurkst waren. Und dass das Repair-Tool geholfen hat. Ich würd sagen, wir belassen es mal so und wenn doch etwas noch nicht gut läuft, meldest du dich einfach wieder.


Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu Benutzerkonto: Programme starten nicht
anmeldung, aufbau, benutzerkonto, browser, desktop, firefox, funktioniert, langsamer, laptop, logfiles, mbam, meldung, microsoft, neu, problem, probleme, programme, programme starten nicht, schutz, softwarefehler, starten, starten nicht, super, systemfehler, virenproblem, win, win7


« Browser langsam, masetupcleaner.exe | Windows Vista schwarzer Bildschirm nur Maus »


Ähnliche Themen: Benutzerkonto: Programme starten nicht


  1. Win 7 Programme starten nicht
    Plagegeister aller Art und deren Bekämpfung - 18.08.2013 (3)
  2. Manche Programme starten nicht
    Log-Analyse und Auswertung - 19.10.2010 (19)
  3. Programme starten nicht, kein Internet, AntiViruss. funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 30.07.2009 (6)
  4. programme starten nicht und firefox öffnet nicht alle Seiten
    Plagegeister aller Art und deren Bekämpfung - 16.06.2009 (5)
  5. programme starten nicht
    Plagegeister aller Art und deren Bekämpfung - 23.03.2009 (6)
  6. Programme frieren ein bzw. starten nicht
    Log-Analyse und Auswertung - 13.02.2009 (0)
  7. Programme, die nicht starten
    Log-Analyse und Auswertung - 26.08.2008 (12)
  8. Programme starten nicht (exe)
    Log-Analyse und Auswertung - 21.01.2008 (0)
  9. Mal wieder: Programme starten nicht
    Plagegeister aller Art und deren Bekämpfung - 09.10.2007 (6)
  10. Programme Starten nicht richtig und lassen sich nicht beenden
    Plagegeister aller Art und deren Bekämpfung - 08.09.2007 (1)
  11. Programme starten nicht mehr
    Log-Analyse und Auswertung - 18.06.2007 (1)
  12. Programme starten nicht, kann nicht runterfahren-nach antivir und adware
    Plagegeister aller Art und deren Bekämpfung - 05.05.2007 (31)
  13. Programme starten nicht unter XP
    Log-Analyse und Auswertung - 18.03.2007 (4)
  14. Diverse Programme starten nicht
    Plagegeister aller Art und deren Bekämpfung - 24.06.2006 (3)
  15. Programme starten nicht
    Log-Analyse und Auswertung - 16.06.2006 (2)
  16. Programme starten nicht mehr
    Log-Analyse und Auswertung - 26.03.2006 (5)
  17. Programme starten nicht mehr
    Log-Analyse und Auswertung - 04.02.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Benutzerkonto: Programme starten nicht - Hallo liebe Leute! Da ich bei euch immer guten Rat bekommen habe, bräuchte ich einmal eure Einschätzung, da ich mir nicht sicher bin, ob überhaupt ein Virenproblem besteht oder ob - Benutzerkonto: Programme starten nicht...
Archiv
Du betrachtest: Benutzerkonto: Programme starten nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55