| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere ProblemeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
12.11.2014, 20:32
| #1 |
 |  Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme Liebe trojaner-board Mitglieder, folgende Probleme tretten bei mir zurzeiT gehäuft auf: 1. Die Groß/Kleinschreibung wEchselt ganz plötzlIch. Wie man in diesem Satz lesen kann. 2. Wenn Ich Firefox Tabs ÖffNe öffnet SIch stattdesen EIN neues Fenster. 3. Ich kann sEhr schwer z.B. auf dem Desktop ein bestimmtes Icon anklickeN WEil sich gleiCh Mehere markieren. Das gleiche VerHALTEN auCh ich Ordnern. Herzliche Grüße PaulanerPC |
|
12.11.2014, 20:33
| #2 |
| /// the machine /// TB-Ausbilder    | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
12.11.2014, 21:53
| #3 |
| | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme Lieber Schrauber,
__________________danke für die schnelle Antowort. Das mIt dem mArkieren strg_a funktiniert nicHt. deshalb auf diesem weg. icH hoffe das ist ok. GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Rootkit scan 2014-11-09 16:40:31
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000069 HITACHI_ rev.ES2Z 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Timur\AppData\Local\Temp\pwloyuow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800031f3000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800031f302f 16 bytes [00, 00, 10, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Windows\SMIKsSTI.exe[2112] C:\Windows\SysWOW64\ksuser.dll!KsCreatePin + 35 000000005df711a8 2 bytes [F7, 5D]
.text C:\Windows\SMIKsSTI.exe[2112] C:\Windows\SysWOW64\ksuser.dll!KsCreateAllocator + 21 000000005df713a8 2 bytes [F7, 5D]
.text C:\Windows\SMIKsSTI.exe[2112] C:\Windows\SysWOW64\ksuser.dll!KsCreateClock + 21 000000005df71422 2 bytes [F7, 5D]
.text C:\Windows\SMIKsSTI.exe[2112] C:\Windows\SysWOW64\ksuser.dll!KsCreateTopologyNode + 19 000000005df71498 2 bytes [F7, 5D]
.text C:\Windows\SMIKsSTI.exe[2112] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 195 00000000689e1b41 2 bytes [9E, 68]
.text C:\Windows\SMIKsSTI.exe[2112] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 362 00000000689e1be8 2 bytes [9E, 68]
.text C:\Windows\SMIKsSTI.exe[2112] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 418 00000000689e1c20 2 bytes [9E, 68]
.text C:\Windows\SMIKsSTI.exe[2112] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 596 00000000689e1cd2 2 bytes [9E, 68]
.text C:\Windows\SMIKsSTI.exe[2112] C:\Windows\SysWOW64\d3d8thk.dll!OsThunkDdWaitForVerticalBlank + 628 00000000689e1cf2 2 bytes [9E, 68]
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5856:6112] 000007fefbf32bf8
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5856:6124] 000007feec544830
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5856:5588] 000007fef3fa5124
Thread C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [4304:3508] 0000000077b83e85
Thread C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [4304:4352] 0000000076777587
Thread C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [4304:3684] 0000000077b82e65
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{E757B791-D660-4885-8377-6AD8586A1616}\Connection@Name isatap.{BB7BB673-8D68-4718-8653-FF6698388726}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind \Device\{43E42AF2-5321-4B90-BEA6-4688980FC31C}?\Device\{E757B791-D660-4885-8377-6AD8586A1616}?\Device\{1AE42E5D-A7B2-4614-84E0-110086711771}?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route "{43E42AF2-5321-4B90-BEA6-4688980FC31C}"?"{E757B791-D660-4885-8377-6AD8586A1616}"?"{1AE42E5D-A7B2-4614-84E0-110086711771}"?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export \Device\TCPIP6TUNNEL_{43E42AF2-5321-4B90-BEA6-4688980FC31C}?\Device\TCPIP6TUNNEL_{E757B791-D660-4885-8377-6AD8586A1616}?\Device\TCPIP6TUNNEL_{1AE42E5D-A7B2-4614-84E0-110086711771}?
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78eb7869
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78eb7869@b0ec71d9d83b 0xD4 0xD1 0x1E 0x60 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78eb7869@cc051bd5ceef 0x08 0xFF 0xB3 0x4F ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78eb7869@00230103f990 0x6E 0x98 0x6D 0x40 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{E757B791-D660-4885-8377-6AD8586A1616}@InterfaceName isatap.{BB7BB673-8D68-4718-8653-FF6698388726}
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{E757B791-D660-4885-8377-6AD8586A1616}@ReusableType 0
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78eb7869 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78eb7869@b0ec71d9d83b 0xD4 0xD1 0x1E 0x60 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78eb7869@cc051bd5ceef 0x08 0xFF 0xB3 0x4F ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78eb7869@00230103f990 0x6E 0x98 0x6D 0x40 ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014
Ran by Timur (administrator) on TIMURS_WELT on 09-11-2014 15:46:04
Running from C:\Users\Timur\Downloads
Loaded Profile: Timur (Available profiles: Timur & Paula)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\KMWDSrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Silicon Motion) C:\Windows\SMIKsSTI.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(troubadix) C:\Program Files\TPFanControl\TPFanControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\StartAutorun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\KMCONFIG.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Lenovo) C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\KMProcess.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Users\Timur\Downloads\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SMI_SSE_V5] => C:\Windows\SMIKsSTI.EXE [212992 2011-04-11] (Silicon Motion)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-03-24] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo Group Limited)
HKLM\...\Run: [TPFanControl] => C:\Program Files\TPFanControl\TPFanControl.exe [153600 2012-06-07] (troubadix)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-04-14] (Lenovo)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [161040 2010-03-19] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Silvercrest MTS2118 driver\StartAutorun.exe KMConfig.exe
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-208810273-1353525685-880446501-1000\...\Run: [Google Update] => C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-10] (Google Inc.)
HKU\S-1-5-21-208810273-1353525685-880446501-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-208810273-1353525685-880446501-1000\...\Run: [Google+ Auto Backup] => "C:\Users\Timur\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
HKU\S-1-5-21-208810273-1353525685-880446501-1000\...\MountPoints2: D - D:\LaunchU3.exe -a
HKU\S-1-5-21-208810273-1353525685-880446501-1000\...\MountPoints2: {19ed20ca-0ea6-11e4-86c4-ccaf78eb7869} - D:\LaunchU3.exe -a
HKU\S-1-5-21-208810273-1353525685-880446501-1000\...\MountPoints2: {75834c1a-f5cb-11e0-a216-e89a8f4e52a8} - D:\autorun.exe
HKU\S-1-5-21-208810273-1353525685-880446501-1000\...\MountPoints2: {bfc93a72-b79c-11e0-9066-806e6f6e6963} - Q:\LenovoQDrive.exe
Lsa: [Notification Packages] scecli ACGina
Startup: C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Home - Welcome to Lenovo
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Home - Welcome to Lenovo
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {14AAFA68-7DBC-4106-BECD-A4FA128278BF} URL =
SearchScopes: HKCU - {14AAFA68-7DBC-4106-BECD-A4FA128278BF} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKCU - {C731C52B-0332-41A8-9DD3-7442821F6E1E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: FGCatchUrl -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\jccatch.dll (FlashGet(??)-Best Download Manager)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FlashGet GetFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll (FlashGet(??)-Best Download Manager)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Timur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Timur\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Timur\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Timur\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-11-03]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-11-03]
FF Extension: NoScript - C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-17]
Chrome:
=======
CHR Profile: C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18]
CHR Extension: (Google Drive) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-18]
CHR Extension: (YouTube) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-18]
CHR Extension: (Google-Suche) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-18]
CHR Extension: (Avira Browser Safety) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-18]
CHR Extension: (Google Wallet) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18]
CHR Extension: (Google Mail) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
S2 BrazosTweaker; C:\Program Files\BrazosTweaker\BrazosTweakerService.exe [187904 2012-01-21] () [File not signed]
R2 KMWDSERVICE; C:\Program Files (x86)\Silvercrest MTS2118 driver\KMWDSrv.exe [208896 2007-06-16] (UASSOFT.COM) [File not signed]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [443240 2011-03-02] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145680 2010-03-19] (4G Systems GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2011-10-13] (Mobile Connector)
S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [210048 2011-04-11] (SMI)
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-09 15:46 - 2014-11-09 15:48 - 00021876 _____ () C:\Users\Timur\Downloads\FRST.txt
2014-11-09 15:45 - 2014-11-09 15:46 - 00000000 ____D () C:\FRST
2014-11-09 15:43 - 2014-11-09 15:43 - 02115584 _____ (Farbar) C:\Users\Timur\Downloads\FRST64.exe
2014-11-09 15:39 - 2014-11-09 15:39 - 00000472 _____ () C:\Users\Timur\Downloads\defogger_disable.log
2014-11-09 15:39 - 2014-11-09 15:39 - 00000000 _____ () C:\Users\Timur\defogger_reenable
2014-11-09 15:35 - 2014-11-09 15:35 - 00050477 _____ () C:\Users\Timur\Downloads\Defogger.exe
2014-11-09 14:46 - 2014-11-09 14:46 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-07 13:48 - 2014-11-07 13:49 - 00000000 ____D () C:\Users\Timur\AppData\Local\{410E4198-BD32-4C84-98E2-A0B02B521F50}
2014-11-03 15:38 - 2014-11-03 15:38 - 01054912 _____ (Adobe) C:\Users\Timur\Downloads\install_flashplayer15x32au_mssd_aaa_aih(1).exe
2014-10-29 11:11 - 2014-10-29 11:11 - 00000000 ____D () C:\Windows\pss
2014-10-29 10:25 - 2014-10-29 10:25 - 00000017 _____ () C:\Windows\SysWOW64\shortcut_ex.dat
2014-10-25 12:14 - 2014-10-25 12:14 - 00000189 _____ () C:\Users\Timur\Documents\capslock2shift.reg.txt
2014-10-25 11:15 - 2014-03-08 13:26 - 00450770 _____ () C:\Windows\system32\Drivers\etc\hosts.20141025-121514.backup
2014-10-24 20:00 - 2014-10-24 20:01 - 00373352 _____ () C:\Windows\Minidump\102414-39405-01.dmp
2014-10-23 19:22 - 2014-10-23 19:23 - 00000000 ____D () C:\8a9c394ada2cd8e467357e
2014-10-22 14:15 - 2014-10-22 14:15 - 00000000 ____D () C:\Users\Timur\Downloads\jquery-slider-master
2014-10-18 20:38 - 2014-10-18 20:38 - 00034808 _____ () C:\Users\Timur\Documents\Finanzamt xps.xps
2014-10-18 20:36 - 2014-10-18 20:36 - 00034804 _____ () C:\Users\Timur\Documents\Finanzamt .xps
2014-10-18 20:25 - 2014-10-18 20:30 - 00000000 ____D () C:\Users\Timur\Documents\Fax
2014-10-17 15:41 - 2014-10-17 15:42 - 12464009 _____ () C:\Users\Timur\Downloads\jquery-slider-master.zip
2014-10-17 14:34 - 2014-10-17 14:35 - 33679507 _____ () C:\Users\Timur\Downloads\Der verbummelte Nikolaus.mp4
2014-10-17 14:24 - 2014-10-17 14:25 - 29812104 _____ (DVDVideoSoft Ltd. ) C:\Users\Timur\Downloads\FreeYouTubeDownload.exe
2014-10-17 14:21 - 2014-10-17 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-10-17 14:11 - 2014-10-17 14:12 - 29729624 _____ (DVDVideoSoft Ltd. ) C:\Users\Timur\Downloads\FreeYouTubeDownload_3.2.45.923.exe
2014-10-17 14:11 - 2014-10-17 14:11 - 01054912 _____ (Adobe) C:\Users\Timur\Downloads\install_flashplayer15x32au_mssd_aaa_aih.exe
2014-10-17 00:14 - 2014-10-17 00:14 - 00006628 _____ () C:\Users\Timur\Downloads\LayerSlider_Export_2014-10-16_at_23.14.04.json
2014-10-16 11:34 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 11:34 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 11:34 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 11:34 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 11:34 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 11:34 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 11:34 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 11:34 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 11:34 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 11:34 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 11:34 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 11:34 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 11:34 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 11:34 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 11:34 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 11:34 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 11:34 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 11:34 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 11:34 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 11:34 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 11:34 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 11:34 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 11:34 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 11:33 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 11:33 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 11:33 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 11:33 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 11:33 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 11:33 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 11:33 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 11:33 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 11:33 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 11:33 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 11:33 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 11:33 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 11:33 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 11:33 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 11:33 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 11:33 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 11:33 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 11:33 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 11:33 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 11:33 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 11:33 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 11:33 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 11:33 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 11:33 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 11:33 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 11:33 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 11:33 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 11:33 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 11:33 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 11:33 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 11:33 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 11:33 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 11:33 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 11:33 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 11:33 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 11:33 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 11:33 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 11:33 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 11:33 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 11:33 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 11:33 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 11:30 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 11:30 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 11:30 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 11:30 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 11:29 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 11:29 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 11:29 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 11:29 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 11:29 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 11:29 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 11:29 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 11:29 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 11:29 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 11:29 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 11:29 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 11:29 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 11:29 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 11:28 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 11:28 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-10 15:23 - 2014-10-10 15:23 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\TeamViewer
2014-10-10 15:14 - 2014-10-10 15:14 - 00001185 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-10-10 15:14 - 2014-10-10 15:14 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-10-10 15:11 - 2014-10-10 15:11 - 06626832 _____ (TeamViewer GmbH) C:\Users\Timur\Downloads\TeamViewer_Setup_de-m.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-09 15:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-11-09 15:42 - 2011-09-09 08:44 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-11-09 15:41 - 2013-12-14 20:21 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA.job
2014-11-09 15:39 - 2011-09-09 08:43 - 00000000 ____D () C:\Users\Timur
2014-11-09 15:38 - 2012-03-29 11:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-09 15:12 - 2011-09-09 19:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 15:03 - 2011-07-26 16:37 - 01670517 _____ () C:\Windows\WindowsUpdate.log
2014-11-09 15:01 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 15:01 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 14:53 - 2013-10-31 12:53 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-11-09 14:51 - 2011-09-09 19:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 14:50 - 2013-12-26 16:26 - 00019995 _____ () C:\Windows\setupact.log
2014-11-09 14:50 - 2012-10-13 18:34 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA.job
2014-11-09 14:50 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-09 14:46 - 2014-08-14 14:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-09 14:46 - 2012-10-18 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-09 14:45 - 2012-10-18 16:49 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-09 14:42 - 2012-10-13 18:34 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core.job
2014-11-08 12:19 - 2011-09-09 08:44 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-11-08 12:18 - 2011-07-26 17:10 - 00000000 ____D () C:\ProgramData\PCDr
2014-11-08 12:01 - 2014-01-29 21:46 - 00016858 _____ () C:\Windows\PFRO.log
2014-11-08 12:01 - 2013-08-17 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-08 12:01 - 2012-05-14 20:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-08 11:52 - 2013-12-14 20:21 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core.job
2014-11-08 11:49 - 2013-07-18 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-07 22:02 - 2013-09-06 00:30 - 00287232 ___SH () C:\Users\Timur\Desktop\Thumbs.db
2014-11-07 21:49 - 2013-09-05 10:05 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\Skype
2014-11-07 19:52 - 2012-03-29 11:02 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-07 19:52 - 2012-03-29 11:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-07 19:52 - 2011-09-09 20:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-07 17:57 - 2011-09-09 08:44 - 00003498 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-11-06 19:42 - 2013-12-10 09:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-06 18:23 - 2011-07-27 02:17 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-11-06 18:23 - 2011-07-27 02:17 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-11-06 18:23 - 2009-07-14 06:13 - 01622228 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-03 11:42 - 2011-09-09 18:51 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\Mozilla
2014-10-29 11:19 - 2012-11-21 10:39 - 00000000 ____D () C:\Program Files (x86)\BlueGriffon
2014-10-29 10:36 - 2013-12-14 20:21 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA
2014-10-29 10:36 - 2013-12-14 20:21 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core
2014-10-29 09:48 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-25 10:04 - 2014-09-10 09:59 - 00000000 ____D () C:\Users\Timur\Desktop\Alte Firefox-Daten
2014-10-24 20:00 - 2014-01-11 20:38 - 421380719 _____ () C:\Windows\MEMORY.DMP
2014-10-24 20:00 - 2011-12-05 01:05 - 00000000 ____D () C:\Windows\Minidump
2014-10-24 19:07 - 2011-09-09 19:11 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-24 19:07 - 2011-09-09 19:11 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-23 19:27 - 2009-07-14 05:45 - 00300824 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-23 19:13 - 2013-07-14 01:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-23 18:45 - 2011-09-09 17:28 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-22 16:27 - 2011-09-09 08:44 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-10-22 16:24 - 2013-09-30 19:24 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\SoftGrid Client
2014-10-22 11:33 - 2013-12-12 21:43 - 00195072 ___SH () C:\Users\Timur\Documents\Thumbs.db
2014-10-22 10:20 - 2011-09-09 08:44 - 00004238 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-10-18 11:36 - 2013-05-26 22:57 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-10-17 14:28 - 2013-01-07 00:32 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-17 14:27 - 2012-09-30 00:02 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\DVDVideoSoft
2014-10-17 14:09 - 2013-10-31 21:16 - 00000000 ____D () C:\Program Files (x86)\SuperMailer
2014-10-17 00:42 - 2014-06-07 22:48 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-16 23:59 - 2011-09-09 08:47 - 00000000 ____D () C:\Users\Timur\AppData\Local\VirtualStore
2014-10-14 22:09 - 2013-05-07 15:46 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 22:09 - 2013-04-03 21:15 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 22:09 - 2013-04-03 21:15 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-10 18:03 - 2011-09-09 08:48 - 00065112 _____ () C:\Users\Timur\AppData\Local\GDIPFONTCACHEV1.DAT
Some content of TEMP:
====================
C:\Users\Paula\AppData\Local\Temp\AskSLib.dll
C:\Users\Paula\AppData\Local\Temp\avgnt.exe
C:\Users\Paula\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Timur\AppData\Local\Temp\avgnt.exe
C:\Users\Timur\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-03 13:28
==================== End Of Log ============================
--- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014
Ran by Timur at 2014-11-09 15:51:14
Running from C:\Users\Timur\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )
Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{98D85483-CF35-1E97-988B-B07885964EEF}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.813.4-110505a-118728C-Lenovo - ATI Technologies, Inc.)
AudioEdit Deluxe (HKLM-x32\...\AudioEdit Deluxe) (Version: - Mystik Media)
AudioEdit Deluxe (x32 Version: 4.x - Mystik Media) Hidden
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
BrazosTweaker (HKLM\...\{2CD600E3-55E9-47B3-9611-6FE0ECC04BF9}) (Version: 1.0.7 - Martin Kinkelin and Sven Wittek)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2100 - Broadcom Corporation)
calibre (HKLM-x32\...\{8D8C1516-D6D5-41F1-B98B-DCCCF17F8ED2}) (Version: 1.36.0 - Kovid Goyal)
ccc-core-static (x32 Version: 2011.0506.720.11242 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.27.0 - Conexant)
CPUID CPU-Z 1.61.5 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 1.6.11 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.3.14949 - Landesfinanzdirektion Thüringen)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.32 - )
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileZilla Client 3.9.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
FlashGet 1.9.6.1073 (HKLM-x32\...\FlashGet) (Version: 1.9.6.1073 - FlashGet(??)-Best Download Manager)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{95763F66-297E-30CE-9728-6D0F20BF97F5}) (Version: 5.38.5.0 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Integrated Camera (HKLM\...\Integrated Camera) (Version: 5.50.3.8 - Silicon Motion)
Integrated Camera (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 5.50.3.8 - Silicon Motion)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.07 - Lenovo)
Lenovo SimpleTap (HKLM\...\{CFD2C9F6-AE2F-4422-A7E9-182B47F1E72E}) (Version: 1.3.0005.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Ludwig 3.0 (HKLM-x32\...\{AE9A9F43-194E-41A7-B687-358CEF39E9C7}) (Version: 3.0.0.1 - ChessBase)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word Viewer 97 (HKLM-x32\...\Viewer97) (Version: - )
Mozilla Firefox 33.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MyMicroBalance (HKLM-x32\...\{CAF30EE3-A2E2-47BE-A37B-96524BCB3EF5}) (Version: 2.5.5 - startzentrum GmbH & Co KG)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
RapidBoot (x32 Version: 1.00 - Lenovo) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.69 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.3.11082_152 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.0.3.11082_152 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.4.0 - SAMSUNG Electronics Co., Ltd.)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
SendBlaster 3 (HKLM-x32\...\{486575DF-CC13-4F89-8636-C2CC5BDA7246}) (Version: 003.001.00000 - eDisplay srl)
Silvercrest MTS2118 driver (HKLM-x32\...\InstallShield_{2F2B569E-2024-48B8-867B-DB1BF2338F38}) (Version: 5.10.15 - Targa GmbH)
Silvercrest MTS2118 driver (x32 Version: 5.10.15 - Targa GmbH) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2100 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0029.8 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.83 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.02 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)
TPFanControl v0.62 (HKLM\...\{717F5741-5C2E-4469-BDA0-B5EC2243646F}_is1) (Version: - troubadix)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - AMD (amdsata) HDC (04/07/2010 1.2.001.197) (HKLM\...\3D5883D4EEEDE8214CC2E81FE1EDC4A8B4FCF5DB) (Version: 04/07/2010 1.2.001.197 - AMD)
Windows-Treiberpaket - AMD USB (03/30/2010 1.0.0.5) (HKLM\...\D38587A239DFF85877AA1BCAA58B37B5CF7A6AF5) (Version: 03/30/2010 1.0.0.5 - AMD)
Windows-Treiberpaket - Lenovo 1.62.00.00 (01/19/2011 1.62.00.00) (HKLM\...\D01A7EE241898C810674C69EB908D655D149BE77) (Version: 01/19/2011 1.62.00.00 - Lenovo)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
XSManager (HKLM-x32\...\XSManager) (Version: 3.0 - XSManager)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Timur\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timur\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timur\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timur\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timur\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-208810273-1353525685-880446501-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
22-10-2014 09:28:05 Windows Update
23-10-2014 17:44:17 Windows Update
23-10-2014 18:41:26 Windows Update
29-10-2014 08:51:09 Windows Update
03-11-2014 10:02:54 Windows Update
07-11-2014 17:08:59 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-03-08 13:26 - 00450770 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 Gadgets And More
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {000BDAAA-D318-4F79-B817-CA85B111ADC3} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {0EC9CD42-7508-46CE-A9BD-C737ADBBF8C1} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {1D6EE556-86F7-483E-B511-515713C49C5B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA => C:\Users\Timur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {225B510B-D3B7-4092-BA1C-181BDDEABF64} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core => C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-10] (Google Inc.)
Task: {38C66D02-22C4-4F33-B98E-C3803DDF91F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-07] (Adobe Systems Incorporated)
Task: {45AB47F3-EC80-419C-BE18-A7549BC193EF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {47982768-CCF1-4A83-95F8-CB10B8AF0391} - System32\Tasks\{7DB1F245-8088-4193-81AD-B60A52883DED} => C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [2011-03-24] (Broadcom Corporation.)
Task: {4898E0F5-B97C-4B04-B086-67C9C926456F} - System32\Tasks\{BD4760B3-89D7-4BD9-9206-3BFC83D15428} => Firefox.exe hxxp://ui.skype.com/ui/0/5.0.0.152.375/de/go/help.faq.installer?LastError=1603
Task: {561BE97D-D7CF-4A05-908B-C6D918C63C60} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {606CD33E-CD72-4C9A-9A33-E1A0B1B3055C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA => C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-10] (Google Inc.)
Task: {72BEF8B7-4970-4060-8710-DE0B1A703D37} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {8D09E790-EB93-4AA5-B35D-3985C9CC5D70} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {9782E92A-D53A-43C8-9106-9185141A6816} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {9A4B54B3-316E-46DB-A85E-2F292ABCCFBC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {9A765825-4814-47A4-8E7B-23952EB47FCB} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor_shim.exe [2014-09-01] ()
Task: {9DFE354C-8804-4B8C-ADD1-E697DFA1C09A} - System32\Tasks\Lenovo\SROptimizer => %TRPATH%\SRORest.exe
Task: {9F5EBAFE-93BA-4713-8D7B-6424F2820A50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {A8AC61DF-BD00-405D-A1B2-22878241D8FC} - System32\Tasks\Lenovo\SimpleTap Watermark Launcher => C:\Program Files\lenovo\simpletap\simpletap.exe [2011-02-08] (Lenovo)
Task: {B5A17784-6F0D-4601-8330-ACFB394A6DF6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C752CF05-3C96-4F7D-96BD-BF30BD814D40} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {CC67252B-A919-43E2-9641-73F124B5F422} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core => C:\Users\Timur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {DAD88378-3319-4DD2-825E-C10EC114A2D9} - System32\Tasks\{FEB9899B-57F0-47FA-8299-94DCDBC5D520} => Firefox.exe Skype für den Desktop herunterladen
Task: {EE210EB1-0EFE-4586-B907-3330F0EEA67E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {F575CE51-8AA4-47EA-9E8F-48B345A630F8} - System32\Tasks\{2F3F0415-90A1-4B2D-92B8-458AC41CC2D8} => C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe [2011-03-24] (Broadcom Corporation.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core.job => C:\Users\Timur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA.job => C:\Users\Timur\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core.job => C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA.job => C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Loaded Modules (whitelisted) =============
2012-09-19 20:36 - 2012-05-16 05:32 - 00103936 _____ () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-07-26 16:54 - 2010-10-26 04:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2011-10-13 19:47 - 2009-06-22 14:21 - 00304592 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2011-02-08 17:36 - 2011-02-08 17:36 - 01530168 _____ () C:\Program Files\lenovo\simpletap\SimpleTapResources.dll
2011-02-08 17:36 - 2011-02-08 17:36 - 00024576 _____ () C:\Program Files\lenovo\simpletap\de\SimpleTapResources.resources.dll
2011-02-08 17:36 - 2011-02-08 17:36 - 00027448 _____ () C:\Program Files\lenovo\simpletap\Add-ons\Lenovo\Audio\CoreAudioApi.dll
2011-07-26 16:45 - 2009-10-23 17:50 - 00326144 _____ () C:\Windows\system32\370prop.ax
2011-02-08 17:36 - 2011-02-08 17:36 - 00014136 _____ () C:\Program Files\lenovo\simpletap\Add-ons\Lenovo\Brightness\DisplayBrightnessApi.dll
2011-02-08 17:36 - 2011-02-08 17:36 - 00014648 _____ () C:\Program Files\lenovo\simpletap\Add-ons\Lenovo\ScreenLock\TouchScreenApi.dll
2009-05-27 21:09 - 2009-05-27 21:09 - 00049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2014-11-09 15:35 - 2014-11-09 15:35 - 00050477 _____ () C:\Users\Timur\Downloads\Defogger.exe
2011-04-14 11:15 - 2011-04-14 11:15 - 00086016 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2013-12-10 09:06 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-10 09:06 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-10 09:06 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-10 09:06 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-10 09:06 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-07-26 16:45 - 2010-11-04 09:17 - 00393216 _____ () C:\Windows\SMIKsLIB.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2007-03-29 12:17 - 2007-03-29 12:17 - 00106496 _____ () C:\Program Files (x86)\Silvercrest MTS2118 driver\keydll.dll
2005-05-04 19:12 - 2005-05-04 19:12 - 00028672 _____ () C:\Program Files (x86)\Silvercrest MTS2118 driver\MouseHook.dll
2014-09-16 20:43 - 2014-11-07 22:09 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
1997-03-31 23:00 - 1997-03-31 23:00 - 00022016 _____ () C:\Windows\SysWow64\docobj.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:90EF0C9C
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: ALCKRESI.EXE => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: Facebook Update => "C:\Users\Timur\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: KiesHelper => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-208810273-1353525685-880446501-500 - Administrator - Disabled)
Gast (S-1-5-21-208810273-1353525685-880446501-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-208810273-1353525685-880446501-1002 - Limited - Enabled)
Paula (S-1-5-21-208810273-1353525685-880446501-1003 - Limited - Enabled) => C:\Users\Paula
Timur (S-1-5-21-208810273-1353525685-880446501-1000 - Administrator - Enabled) => C:\Users\Timur
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/09/2014 02:50:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/08/2014 00:40:08 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (6756) Asapi: (12:40:08:8950)(6756) S3LogPusherPlugin.Helper - Error -- 334 Unable to storage the test log to medium
Error: (11/08/2014 00:02:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/07/2014 09:59:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/05/2014 05:12:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/03/2014 06:59:33 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7008. Meldungs-ID: [0x2509].
Error: (11/03/2014 06:00:20 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5116. Meldungs-ID: [0x2509].
Error: (11/03/2014 05:56:31 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 1156. Meldungs-ID: [0x2509].
Error: (11/03/2014 05:36:01 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 6996. Meldungs-ID: [0x2509].
Error: (11/03/2014 05:29:55 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 4760. Meldungs-ID: [0x2509].
System errors:
=============
Error: (11/09/2014 03:49:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (11/09/2014 03:47:19 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (11/09/2014 03:44:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (11/09/2014 03:39:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (11/09/2014 03:26:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (11/09/2014 03:12:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Error: (11/09/2014 02:51:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (11/09/2014 02:46:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (11/09/2014 02:45:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (11/09/2014 02:41:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Dnscache erreicht.
Microsoft Office Sessions:
=========================
Error: (11/09/2014 02:50:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/08/2014 00:40:08 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (6756) Asapi: (12:40:08:8950)(6756) S3LogPusherPlugin.Helper - Error -- 334 Unable to storage the test log to medium
Error: (11/08/2014 00:02:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/07/2014 09:59:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/05/2014 05:12:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/03/2014 06:59:33 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 7008. Meldungs-ID: [0x2509].
Error: (11/03/2014 06:00:20 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5116. Meldungs-ID: [0x2509].
Error: (11/03/2014 05:56:31 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 1156. Meldungs-ID: [0x2509].
Error: (11/03/2014 05:36:01 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 6996. Meldungs-ID: [0x2509].
Error: (11/03/2014 05:29:55 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 4760. Meldungs-ID: [0x2509].
==================== Memory info ===========================
Processor: AMD E-350 Processor
Percentage of memory in use: 42%
Total physical RAM: 3688.67 MB
Available physical RAM: 2121.45 MB
Total Pagefile: 7375.52 MB
Available Pagefile: 5034.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:285.2 GB) (Free:110.45 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:3.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 6B53DF10)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=285.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
12.11.2014, 21:54
| #4 |
| | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme defogger_disable by jpshortstuff (23.02.10.1) Log created at 15:39 on 09/11/2014 (Timur) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- |
|
13.11.2014, 17:16
| #5 |
| /// the machine /// TB-Ausbilder | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme hi, ist das ein Laptop und internes KEyboard und Touchpad haben diese Probleme? Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.11.2014, 19:03
| #6 |
| | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme hallo scHrauber, icH benutze hauptsäcHlicH interne mAus und tastaur. bei meiner funkmAus tritt das gleicHe problem aucH auf. icH hatte die virtuelle tastatur vOn windows angemAcht und da sah icH dass sie in unregelmäßigen abständen zwsicHen groß und kleinscHreibung springt. auch öffnet firefox bei jeder aktion ein neues fenster. icH kann auch nicht mehr mIt dem laptop arbeiten weil beim anklicken von einer datei gleicH mehrere gleicHzeitig markiert werden. frust 18:49:21.0243 0x04e0 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34 18:49:26.0989 0x04e0 ============================================================ 18:49:26.0989 0x04e0 Current date / time: 2014/11/13 18:49:26.0989 18:49:26.0989 0x04e0 SystemInfo: 18:49:26.0989 0x04e0 18:49:26.0989 0x04e0 OS Version: 6.1.7601 ServicePack: 1.0 18:49:26.0989 0x04e0 Product type: Workstation 18:49:26.0989 0x04e0 ComputerName: TIMURS_WELT 18:49:26.0989 0x04e0 UserName: Timur 18:49:26.0989 0x04e0 Windows directory: C:\Windows 18:49:26.0989 0x04e0 System windows directory: C:\Windows 18:49:26.0989 0x04e0 Running under WOW64 18:49:26.0989 0x04e0 Processor architecture: Intel x64 18:49:26.0989 0x04e0 Number of processors: 2 18:49:26.0989 0x04e0 Page size: 0x1000 18:49:26.0989 0x04e0 Boot type: Normal boot 18:49:26.0989 0x04e0 ============================================================ 18:49:30.0390 0x04e0 KLMD registered as C:\Windows\system32\drivers\13505285.sys 18:49:31.0763 0x04e0 System UUID: {BDC76482-A155-0EF2-B6D8-08AE9636674C} 18:49:34.0789 0x04e0 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:49:34.0805 0x04e0 ============================================================ 18:49:34.0805 0x04e0 \Device\Harddisk0\DR0: 18:49:34.0805 0x04e0 MBR partitions: 18:49:34.0805 0x04e0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000 18:49:34.0805 0x04e0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x23A65800 18:49:34.0805 0x04e0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23CBE000, BlocksNum 0x1770000 18:49:34.0805 0x04e0 ============================================================ 18:49:34.0836 0x04e0 C: <-> \Device\Harddisk0\DR0\Partition2 18:49:34.0883 0x04e0 Q: <-> \Device\Harddisk0\DR0\Partition3 18:49:34.0883 0x04e0 ============================================================ 18:49:34.0899 0x04e0 Initialize success 18:49:34.0899 0x04e0 ============================================================ 18:49:52.0339 0x1c58 ============================================================ 18:49:52.0339 0x1c58 Scan started 18:49:52.0339 0x1c58 Mode: Manual; 18:49:52.0339 0x1c58 ============================================================ 18:49:52.0339 0x1c58 KSN ping started 18:49:55.0912 0x1c58 KSN ping finished: true 18:49:58.0423 0x1c58 ================ Scan system memory ======================== 18:49:58.0423 0x1c58 System memory - ok 18:49:58.0423 0x1c58 ================ Scan services ============================= 18:49:58.0704 0x1c58 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:49:58.0767 0x1c58 1394ohci - ok 18:49:58.0923 0x1c58 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:49:58.0985 0x1c58 ACPI - ok 18:49:59.0047 0x1c58 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:49:59.0063 0x1c58 AcpiPmi - ok 18:49:59.0281 0x1c58 [ DEECCADBD25F65D65293A09721B3A447, D5F23A5DCD0564DE0FFD48307CE1E743572C7A3FF32500327C813CF05588781B ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe 18:49:59.0328 0x1c58 AcPrfMgrSvc - ok 18:49:59.0453 0x1c58 [ A7753804C6C66C9C80F4E29659FD721C, 08A4C3A7A86E8D52E849A62EC16A72CE2638B633ED2869DDC319BB7E36CB286B ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe 18:49:59.0547 0x1c58 AcSvc - ok 18:49:59.0671 0x1c58 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:49:59.0703 0x1c58 AdobeARMservice - ok 18:49:59.0937 0x1c58 [ D51145F6B0CE987850F13A61DAD5E531, 67CB6AB8C42781FA717CBEF81F3C658747E3B7814383056A56EDA99583FDBFD5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:49:59.0999 0x1c58 AdobeFlashPlayerUpdateSvc - ok 18:50:00.0108 0x1c58 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 18:50:00.0171 0x1c58 adp94xx - ok 18:50:00.0264 0x1c58 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 18:50:00.0327 0x1c58 adpahci - ok 18:50:00.0451 0x1c58 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 18:50:00.0483 0x1c58 adpu320 - ok 18:50:00.0545 0x1c58 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:50:00.0592 0x1c58 AeLookupSvc - ok 18:50:00.0717 0x1c58 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 18:50:00.0795 0x1c58 AFD - ok 18:50:00.0857 0x1c58 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 18:50:00.0888 0x1c58 agp440 - ok 18:50:00.0951 0x1c58 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 18:50:00.0966 0x1c58 ALG - ok 18:50:01.0029 0x1c58 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 18:50:01.0060 0x1c58 aliide - ok 18:50:01.0138 0x1c58 [ 643B0E0002D96AE7DB610494C43EB4B7, A3830B5812BBBC07BFA2952E088F9CFD4365857A2390E458657B8562B3F5A9BD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 18:50:01.0185 0x1c58 AMD External Events Utility - ok 18:50:01.0263 0x1c58 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 18:50:01.0278 0x1c58 amdide - ok 18:50:01.0387 0x1c58 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 18:50:01.0419 0x1c58 AmdK8 - ok 18:50:02.0277 0x1c58 [ A1DD42B62B657F2076D67AF26CE2521F, 573FE8A0D0B1762A6977CDB72F6317FA809CC1DD63004B5C4C172BDBA7EE581E ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 18:50:03.0244 0x1c58 amdkmdag - ok 18:50:03.0462 0x1c58 [ AC517CDF8FC9C43312EDCCA110FF8119, CD1370A8F9CA852C305F818C8654043D0C71231A6CAB874E90FFC1E91D416964 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 18:50:03.0509 0x1c58 amdkmdap - ok 18:50:03.0571 0x1c58 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 18:50:03.0603 0x1c58 AmdPPM - ok 18:50:03.0634 0x1c58 [ CC3021D064EB6D3C2F949530E2B0BA47, 3BEFF55082E742454283CC963624B3E11EE0BB4AA8B605D8F26CCCDB9FF4AE38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys 18:50:03.0649 0x1c58 amdsata - ok 18:50:03.0712 0x1c58 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 18:50:03.0759 0x1c58 amdsbs - ok 18:50:03.0805 0x1c58 [ FFC5A0F6263574EF0D5467496B721F77, 85C949FA223099B33AFCFBC8AC85E82E6CDAAA315F13B7AF1189AC917CB70331 ] amdxata C:\Windows\system32\drivers\amdxata.sys 18:50:03.0821 0x1c58 amdxata - ok 18:50:04.0024 0x1c58 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 18:50:04.0086 0x1c58 AntiVirSchedulerService - ok 18:50:04.0211 0x1c58 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 18:50:04.0273 0x1c58 AntiVirService - ok 18:50:04.0351 0x1c58 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 18:50:04.0383 0x1c58 AppID - ok 18:50:04.0445 0x1c58 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:50:04.0476 0x1c58 AppIDSvc - ok 18:50:04.0570 0x1c58 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 18:50:04.0601 0x1c58 Appinfo - ok 18:50:04.0663 0x1c58 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 18:50:04.0741 0x1c58 arc - ok 18:50:04.0835 0x1c58 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 18:50:04.0866 0x1c58 arcsas - ok 18:50:05.0022 0x1c58 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:50:05.0053 0x1c58 aspnet_state - ok 18:50:05.0100 0x1c58 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:50:05.0116 0x1c58 AsyncMac - ok 18:50:05.0163 0x1c58 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 18:50:05.0178 0x1c58 atapi - ok 18:50:05.0272 0x1c58 [ E02B26650ACC2F4901342D4A66774AD7, 632A88C5AE6E71BB86C5306566EA08C4678F3F949479C8D1BEB8B01DD6724B88 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 18:50:05.0319 0x1c58 AtiHDAudioService - ok 18:50:05.0475 0x1c58 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:50:05.0584 0x1c58 AudioEndpointBuilder - ok 18:50:05.0662 0x1c58 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:50:05.0724 0x1c58 AudioSrv - ok 18:50:05.0818 0x1c58 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 18:50:05.0865 0x1c58 avgntflt - ok 18:50:05.0974 0x1c58 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 18:50:06.0021 0x1c58 avipbb - ok 18:50:06.0177 0x1c58 [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe 18:50:06.0223 0x1c58 Avira.OE.ServiceHost - ok 18:50:06.0301 0x1c58 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 18:50:06.0333 0x1c58 avkmgr - ok 18:50:06.0426 0x1c58 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:50:06.0473 0x1c58 AxInstSV - ok 18:50:06.0582 0x1c58 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 18:50:06.0645 0x1c58 b06bdrv - ok 18:50:06.0723 0x1c58 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:50:06.0769 0x1c58 b57nd60a - ok 18:50:06.0847 0x1c58 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 18:50:06.0894 0x1c58 BDESVC - ok 18:50:06.0925 0x1c58 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 18:50:06.0941 0x1c58 Beep - ok 18:50:07.0066 0x1c58 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 18:50:07.0191 0x1c58 BFE - ok 18:50:07.0315 0x1c58 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 18:50:07.0518 0x1c58 BITS - ok 18:50:07.0549 0x0f14 Object required for P2P: [ D51145F6B0CE987850F13A61DAD5E531 ] AdobeFlashPlayerUpdateSvc 18:50:07.0581 0x1c58 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 18:50:07.0596 0x1c58 blbdrive - ok 18:50:07.0659 0x1c58 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:50:07.0690 0x1c58 bowser - ok 18:50:07.0830 0x1c58 [ BB2DFF9D111C35AE0119E969987A7A2C, EBF7F4B39B41A61BD8F6F3C7E856C1DA0511E2F7F21B728E9E8D41C318C61286 ] BrazosTweaker C:\Program Files\BrazosTweaker\BrazosTweakerService.exe 18:50:07.0877 0x1c58 BrazosTweaker - ok 18:50:07.0924 0x1c58 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 18:50:07.0939 0x1c58 BrFiltLo - ok 18:50:07.0955 0x1c58 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 18:50:07.0971 0x1c58 BrFiltUp - ok 18:50:08.0033 0x1c58 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 18:50:08.0080 0x1c58 Browser - ok 18:50:08.0142 0x1c58 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:50:08.0220 0x1c58 Brserid - ok 18:50:08.0267 0x1c58 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:50:08.0298 0x1c58 BrSerWdm - ok 18:50:08.0392 0x1c58 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:50:08.0392 0x1c58 BrUsbMdm - ok 18:50:08.0439 0x1c58 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:50:08.0454 0x1c58 BrUsbSer - ok 18:50:08.0517 0x1c58 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 18:50:08.0548 0x1c58 BthEnum - ok 18:50:08.0595 0x1c58 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 18:50:08.0610 0x1c58 BTHMODEM - ok 18:50:08.0673 0x1c58 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 18:50:08.0704 0x1c58 BthPan - ok 18:50:08.0797 0x1c58 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 18:50:08.0875 0x1c58 BTHPORT - ok 18:50:08.0938 0x1c58 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 18:50:08.0985 0x1c58 bthserv - ok 18:50:09.0016 0x1c58 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 18:50:09.0047 0x1c58 BTHUSB - ok 18:50:09.0172 0x1c58 [ 8767C8B416B6D583881F0FD7A0555135, 0A8FBFCC24012475E30256DF3EB4D7C01062A700F5AF5E365F23CE7D56E81E45 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys 18:50:09.0234 0x1c58 BTWAMPFL - ok 18:50:09.0312 0x1c58 [ AB95865207E68FE9245BA942AE20D09A, C74A28247DD912DB2362AB541543CBCB0DF2021C8A7761C2E85B9AA6AA59B4FF ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 18:50:09.0359 0x1c58 btwaudio - ok 18:50:09.0437 0x1c58 [ 3CF91081B85241B624876CEE7C1F5BBD, 95E1F256C72E692CFEC2A2145BAE8826A8BDF811CCAFB29F48277499B4EBB681 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 18:50:09.0468 0x1c58 btwavdt - ok 18:50:09.0640 0x1c58 [ CEAD84B8E5902AE6C61F5B0F05C097FF, 8E8034808F30F0F6E12BCE8F9BB969C213D9C42CF6BADFCA80ED9D367051A9E3 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe 18:50:09.0780 0x1c58 btwdins - ok 18:50:09.0827 0x1c58 [ B9354F9F111C64F2495B60F1E24CB453, 67B3F5867B00F84832EF5AD649D817D27B3F200351C7C53579A63D30F8E2BFDD ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 18:50:09.0874 0x1c58 btwl2cap - ok 18:50:09.0905 0x1c58 [ D08EA90B392C173DCE0FDC0370D6BC9C, D6B727953487707C3E5F2B53864271E1A1143BEF5C3AEA078FCA2B9EF7F79C5D ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 18:50:09.0921 0x1c58 btwrchid - ok 18:50:09.0967 0x1c58 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:50:09.0999 0x1c58 cdfs - ok 18:50:10.0092 0x1c58 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:50:10.0139 0x1c58 cdrom - ok 18:50:10.0186 0x1c58 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 18:50:10.0233 0x0f14 Object send P2P result: true 18:50:10.0248 0x1c58 CertPropSvc - ok 18:50:10.0295 0x1c58 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 18:50:10.0326 0x1c58 circlass - ok 18:50:10.0435 0x1c58 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 18:50:10.0498 0x1c58 CLFS - ok 18:50:10.0576 0x1c58 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:50:10.0607 0x1c58 clr_optimization_v2.0.50727_32 - ok 18:50:10.0685 0x1c58 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:50:10.0716 0x1c58 clr_optimization_v2.0.50727_64 - ok 18:50:10.0841 0x1c58 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:50:10.0903 0x1c58 clr_optimization_v4.0.30319_32 - ok 18:50:10.0981 0x1c58 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:50:11.0013 0x1c58 clr_optimization_v4.0.30319_64 - ok 18:50:11.0075 0x1c58 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 18:50:11.0091 0x1c58 CmBatt - ok 18:50:11.0137 0x1c58 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:50:11.0153 0x1c58 cmdide - ok 18:50:11.0215 0x1c58 [ 2B3B8CBEA1BA1BCE5700607FBDB31034, 39F12CE67E1789C96326297B9431830C83CBF5CA5B6B7D7BCC0666776980FBE2 ] cmnsusbser C:\Windows\system32\DRIVERS\cmnsusbser.sys 18:50:11.0247 0x1c58 cmnsusbser - ok 18:50:11.0340 0x1c58 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 18:50:11.0418 0x1c58 CNG - ok 18:50:11.0621 0x1c58 [ 290CD2777CAF8A5E5499C7FC9E74CB87, F7E42190F1E4D2F8ADD829EFDE1805194EB33D507898D65C376AC11E993C4D33 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys 18:50:11.0808 0x1c58 CnxtHdAudService - ok 18:50:11.0886 0x1c58 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 18:50:11.0902 0x1c58 Compbatt - ok 18:50:11.0964 0x1c58 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 18:50:11.0995 0x1c58 CompositeBus - ok 18:50:12.0027 0x1c58 COMSysApp - ok 18:50:12.0058 0x1c58 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 18:50:12.0089 0x1c58 crcdisk - ok 18:50:12.0167 0x1c58 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:50:12.0214 0x1c58 CryptSvc - ok 18:50:12.0463 0x1c58 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 18:50:12.0588 0x1c58 cvhsvc - ok 18:50:12.0666 0x1c58 [ 9D0D050170D47E778B624A28C90F23DE, 48528AA9EB0C9FB5086D992EF1F9556C8249D267C2E3D4E681D5C8B6BC316C71 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe 18:50:12.0713 0x1c58 CxAudMsg - ok 18:50:12.0822 0x1c58 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:50:12.0885 0x1c58 DcomLaunch - ok 18:50:12.0947 0x1c58 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 18:50:13.0009 0x1c58 defragsvc - ok 18:50:13.0072 0x1c58 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:50:13.0103 0x1c58 DfsC - ok 18:50:13.0165 0x1c58 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 18:50:13.0181 0x1c58 dg_ssudbus - ok 18:50:13.0275 0x1c58 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 18:50:13.0337 0x1c58 Dhcp - ok 18:50:13.0399 0x1c58 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 18:50:13.0431 0x1c58 discache - ok 18:50:13.0509 0x1c58 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 18:50:13.0555 0x1c58 Disk - ok 18:50:13.0633 0x1c58 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:50:13.0680 0x1c58 Dnscache - ok 18:50:13.0758 0x1c58 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 18:50:13.0821 0x1c58 dot3svc - ok 18:50:13.0867 0x1c58 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 18:50:13.0914 0x1c58 DPS - ok 18:50:13.0992 0x1c58 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:50:13.0992 0x1c58 drmkaud - ok 18:50:14.0133 0x1c58 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:50:14.0257 0x1c58 DXGKrnl - ok 18:50:14.0413 0x1c58 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 18:50:14.0460 0x1c58 EapHost - ok 18:50:14.0819 0x1c58 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 18:50:15.0256 0x1c58 ebdrv - ok 18:50:15.0318 0x1c58 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe 18:50:15.0349 0x1c58 EFS - ok 18:50:15.0505 0x1c58 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:50:15.0599 0x1c58 ehRecvr - ok 18:50:15.0661 0x1c58 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 18:50:15.0708 0x1c58 ehSched - ok 18:50:15.0817 0x1c58 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 18:50:15.0880 0x1c58 elxstor - ok 18:50:16.0005 0x1c58 [ DFEB7EE15BA8BA03E722C375F7E6A379, 6B73561E91D699576FD28AE36FB194443E3807C3696B435224B9D60808803344 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE 18:50:16.0067 0x1c58 EPSON_PM_RPCV4_05 - ok 18:50:16.0114 0x1c58 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:50:16.0129 0x1c58 ErrDev - ok 18:50:16.0239 0x1c58 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 18:50:16.0301 0x1c58 EventSystem - ok 18:50:16.0410 0x1c58 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 18:50:16.0441 0x1c58 exfat - ok 18:50:16.0488 0x1c58 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:50:16.0535 0x1c58 fastfat - ok 18:50:16.0660 0x1c58 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 18:50:16.0753 0x1c58 Fax - ok 18:50:16.0800 0x1c58 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 18:50:16.0816 0x1c58 fdc - ok 18:50:16.0878 0x1c58 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 18:50:16.0894 0x1c58 fdPHost - ok 18:50:16.0925 0x1c58 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 18:50:16.0956 0x1c58 FDResPub - ok 18:50:17.0003 0x1c58 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:50:17.0050 0x1c58 FileInfo - ok 18:50:17.0065 0x1c58 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:50:17.0097 0x1c58 Filetrace - ok 18:50:17.0143 0x1c58 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 18:50:17.0159 0x1c58 flpydisk - ok 18:50:17.0237 0x1c58 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:50:17.0284 0x1c58 FltMgr - ok 18:50:17.0502 0x1c58 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 18:50:17.0658 0x1c58 FontCache - ok 18:50:17.0721 0x1c58 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:50:17.0752 0x1c58 FontCache3.0.0.0 - ok 18:50:17.0799 0x1c58 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:50:17.0830 0x1c58 FsDepends - ok 18:50:17.0861 0x1c58 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:50:17.0877 0x1c58 Fs_Rec - ok 18:50:17.0970 0x1c58 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:50:18.0017 0x1c58 fvevol - ok 18:50:18.0079 0x1c58 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 18:50:18.0111 0x1c58 gagp30kx - ok 18:50:18.0220 0x1c58 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 18:50:18.0329 0x1c58 gpsvc - ok 18:50:18.0454 0x1c58 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:50:18.0501 0x1c58 gupdate - ok 18:50:18.0532 0x1c58 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:50:18.0547 0x1c58 gupdatem - ok 18:50:18.0625 0x1c58 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 18:50:18.0672 0x1c58 gusvc - ok 18:50:18.0719 0x1c58 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:50:18.0750 0x1c58 hcw85cir - ok 18:50:18.0813 0x1c58 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:50:18.0891 0x1c58 HdAudAddService - ok 18:50:18.0937 0x1c58 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 18:50:18.0969 0x1c58 HDAudBus - ok 18:50:19.0000 0x1c58 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 18:50:19.0015 0x1c58 HidBatt - ok 18:50:19.0062 0x1c58 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 18:50:19.0093 0x1c58 HidBth - ok 18:50:19.0140 0x1c58 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 18:50:19.0156 0x1c58 HidIr - ok 18:50:19.0203 0x1c58 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 18:50:19.0234 0x1c58 hidserv - ok 18:50:19.0296 0x1c58 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:50:19.0327 0x1c58 HidUsb - ok 18:50:19.0405 0x1c58 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:50:19.0468 0x1c58 hkmsvc - ok 18:50:19.0515 0x1c58 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:50:19.0593 0x1c58 HomeGroupListener - ok 18:50:19.0655 0x1c58 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:50:19.0702 0x1c58 HomeGroupProvider - ok 18:50:19.0764 0x1c58 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:50:19.0795 0x1c58 HpSAMD - ok 18:50:19.0920 0x1c58 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:50:20.0029 0x1c58 HTTP - ok 18:50:20.0061 0x1c58 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:50:20.0076 0x1c58 hwpolicy - ok 18:50:20.0201 0x1c58 [ 9149907FF8681AD6475607EEBF62DD2F, F3F766ED689BCD69DC8BC705FF08BE9830B562D8CB85AD74A12FE370F5DA9668 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe 18:50:20.0248 0x1c58 HyperW7Svc - ok 18:50:20.0310 0x1c58 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 18:50:20.0341 0x1c58 i8042prt - ok 18:50:20.0451 0x1c58 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:50:20.0513 0x1c58 iaStorV - ok 18:50:20.0575 0x1c58 [ 6C7FE2FD06EF34A7972E34C876FC78DF, B545A10DEEF59B8145D3D20361DA7F1C0FD27B6273B126B500594D6456C3FC06 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys 18:50:20.0607 0x1c58 IBMPMDRV - ok 18:50:20.0653 0x1c58 [ 5A1E3B4BA187327DF5FF122F96FA753A, AED93AA268F75D46752FCE5189392EE41225DA45F7D67C73B77629C8227E5084 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe 18:50:20.0685 0x1c58 IBMPMSVC - ok 18:50:20.0841 0x1c58 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:50:20.0997 0x1c58 idsvc - ok 18:50:21.0043 0x1c58 IEEtwCollectorService - ok 18:50:21.0106 0x1c58 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 18:50:21.0137 0x1c58 iirsp - ok 18:50:21.0277 0x1c58 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 18:50:21.0387 0x1c58 IKEEXT - ok 18:50:21.0465 0x1c58 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 18:50:21.0480 0x1c58 intelide - ok 18:50:21.0543 0x1c58 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 18:50:21.0574 0x1c58 intelppm - ok 18:50:21.0636 0x1c58 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:50:21.0699 0x1c58 IPBusEnum - ok 18:50:21.0730 0x1c58 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:50:21.0745 0x1c58 IpFilterDriver - ok 18:50:21.0855 0x1c58 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:50:21.0948 0x1c58 iphlpsvc - ok 18:50:21.0995 0x1c58 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:50:22.0026 0x1c58 IPMIDRV - ok 18:50:22.0073 0x1c58 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:50:22.0104 0x1c58 IPNAT - ok 18:50:22.0151 0x1c58 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:50:22.0167 0x1c58 IRENUM - ok 18:50:22.0213 0x1c58 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:50:22.0245 0x1c58 isapnp - ok 18:50:22.0307 0x1c58 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 18:50:22.0494 0x1c58 iScsiPrt - ok 18:50:22.0557 0x1c58 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:50:22.0572 0x1c58 kbdclass - ok 18:50:22.0635 0x1c58 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:50:22.0650 0x1c58 kbdhid - ok 18:50:22.0697 0x1c58 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe 18:50:22.0697 0x1c58 KeyIso - ok 18:50:22.0759 0x1c58 [ 07071C1E3CD8F0F9114AAC8B072CA1E5, F72E49D9A77BBE28B135D5DDBD9037083D90400A6D61DA45B5D53C4ACFFAF932 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys 18:50:22.0775 0x1c58 KMWDFILTER - ok 18:50:22.0837 0x1c58 [ 393B6C708B318C457317A32A1F45C545, 18A88519CB883169EEFECA0F8CA19DAD35D9201DFE00AF9230FEBD7C342395FC ] KMWDSERVICE C:\Program Files (x86)\Silvercrest MTS2118 driver\KMWDSrv.exe 18:50:22.0900 0x1c58 KMWDSERVICE - ok 18:50:22.0947 0x1c58 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:50:22.0978 0x1c58 KSecDD - ok 18:50:23.0009 0x1c58 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:50:23.0056 0x1c58 KSecPkg - ok 18:50:23.0118 0x1c58 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:50:23.0134 0x1c58 ksthunk - ok 18:50:23.0212 0x1c58 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 18:50:23.0274 0x1c58 KtmRm - ok 18:50:23.0352 0x1c58 [ 173666119D217E3739205C169E2BF0E5, 19F6E5B4496DB4151A6C68F58C42E73361D24F6D56FF9F375015515BF36B0309 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 18:50:23.0383 0x1c58 L1C - ok 18:50:23.0477 0x1c58 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 18:50:23.0524 0x1c58 LanmanServer - ok 18:50:23.0571 0x1c58 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:50:23.0617 0x1c58 LanmanWorkstation - ok 18:50:23.0695 0x1c58 [ 1EF45F1BD62B8F4C19458326A3E91930, 3EABD2DC53815FE69A0A599FCD7CB486EE0C95AC35376D11257E6595D77B8526 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe 18:50:23.0711 0x1c58 LENOVO.CAMMUTE - ok 18:50:23.0805 0x1c58 [ A062A18F4F792534F898AEB3BD723D01, 4B620E9BBADAC69F4F116F19BA00B07E49F01DE0516A6091772E8515A8636B72 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 18:50:23.0851 0x1c58 LENOVO.MICMUTE - ok 18:50:23.0883 0x1c58 [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys 18:50:23.0898 0x1c58 lenovo.smi - ok 18:50:23.0945 0x1c58 [ 448BE3E001004A55E8A959C57E17F6D8, 229CA631876CF493C42A23DB92E5D75653CC57F5E78A52D6829235AE49D5F588 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe 18:50:23.0976 0x1c58 LENOVO.TPKNRSVC - ok 18:50:24.0039 0x1c58 [ 6F2CC57EB5836D2AC9BD37F3554D55F8, C877F63AACA68AD3505EC4A8B8916FA2E07C2CB29E74FA368A103F612E18499E ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe 18:50:24.0070 0x1c58 Lenovo.VIRTSCRLSVC - ok 18:50:24.0195 0x1c58 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:50:24.0226 0x1c58 lltdio - ok 18:50:24.0304 0x1c58 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:50:24.0382 0x1c58 lltdsvc - ok 18:50:24.0444 0x1c58 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:50:24.0460 0x1c58 lmhosts - ok 18:50:24.0522 0x1c58 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 18:50:24.0553 0x1c58 LSI_FC - ok 18:50:24.0600 0x1c58 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 18:50:24.0631 0x1c58 LSI_SAS - ok 18:50:24.0678 0x1c58 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 18:50:24.0709 0x1c58 LSI_SAS2 - ok 18:50:24.0756 0x1c58 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 18:50:24.0787 0x1c58 LSI_SCSI - ok 18:50:24.0834 0x1c58 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 18:50:24.0865 0x1c58 luafv - ok 18:50:24.0943 0x1c58 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:50:24.0990 0x1c58 Mcx2Svc - ok 18:50:25.0021 0x1c58 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 18:50:25.0053 0x1c58 megasas - ok 18:50:25.0099 0x1c58 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 18:50:25.0146 0x1c58 MegaSR - ok 18:50:25.0240 0x1c58 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 18:50:25.0271 0x1c58 MMCSS - ok 18:50:25.0318 0x1c58 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 18:50:25.0365 0x1c58 Modem - ok 18:50:25.0489 0x1c58 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:50:25.0505 0x1c58 monitor - ok 18:50:25.0583 0x1c58 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:50:25.0614 0x1c58 mouclass - ok 18:50:25.0677 0x1c58 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:50:25.0692 0x1c58 mouhid - ok 18:50:25.0739 0x1c58 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:50:25.0770 0x1c58 mountmgr - ok 18:50:25.0879 0x1c58 [ 28048289E32294004A86935CC40A3252, D397C3BAD6BCDA33FA0982E10677598E8BDF69A0933D19A36873CB45BA4FB819 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:50:25.0911 0x1c58 MozillaMaintenance - ok 18:50:25.0957 0x1c58 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 18:50:26.0004 0x1c58 mpio - ok 18:50:26.0067 0x1c58 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:50:26.0082 0x1c58 mpsdrv - ok 18:50:26.0191 0x1c58 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:50:26.0316 0x1c58 MpsSvc - ok 18:50:26.0410 0x1c58 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:50:26.0441 0x1c58 MRxDAV - ok 18:50:26.0503 0x1c58 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:50:26.0535 0x1c58 mrxsmb - ok 18:50:26.0581 0x1c58 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:50:26.0644 0x1c58 mrxsmb10 - ok 18:50:26.0675 0x1c58 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:50:26.0706 0x1c58 mrxsmb20 - ok 18:50:26.0737 0x1c58 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 18:50:26.0769 0x1c58 msahci - ok 18:50:26.0815 0x1c58 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:50:26.0862 0x1c58 msdsm - ok 18:50:26.0893 0x1c58 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 18:50:26.0940 0x1c58 MSDTC - ok 18:50:26.0987 0x1c58 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:50:27.0003 0x1c58 Msfs - ok 18:50:27.0018 0x1c58 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:50:27.0034 0x1c58 mshidkmdf - ok 18:50:27.0065 0x1c58 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:50:27.0081 0x1c58 msisadrv - ok 18:50:27.0143 0x1c58 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:50:27.0190 0x1c58 MSiSCSI - ok 18:50:27.0205 0x1c58 msiserver - ok 18:50:27.0252 0x1c58 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:50:27.0268 0x1c58 MSKSSRV - ok 18:50:27.0299 0x1c58 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:50:27.0315 0x1c58 MSPCLOCK - ok 18:50:27.0393 0x1c58 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:50:27.0408 0x1c58 MSPQM - ok 18:50:27.0455 0x1c58 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:50:27.0517 0x1c58 MsRPC - ok 18:50:27.0580 0x1c58 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 18:50:27.0595 0x1c58 mssmbios - ok 18:50:27.0642 0x1c58 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:50:27.0658 0x1c58 MSTEE - ok 18:50:27.0689 0x1c58 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 18:50:27.0705 0x1c58 MTConfig - ok 18:50:27.0736 0x1c58 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 18:50:27.0751 0x1c58 Mup - ok 18:50:27.0829 0x1c58 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 18:50:27.0923 0x1c58 napagent - ok 18:50:28.0032 0x1c58 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:50:28.0079 0x1c58 NativeWifiP - ok 18:50:28.0235 0x1c58 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 18:50:28.0375 0x1c58 NDIS - ok 18:50:28.0438 0x1c58 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:50:28.0453 0x1c58 NdisCap - ok 18:50:28.0516 0x1c58 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:50:28.0531 0x1c58 NdisTapi - ok 18:50:28.0563 0x1c58 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:50:28.0578 0x1c58 Ndisuio - ok 18:50:28.0625 0x1c58 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:50:28.0672 0x1c58 NdisWan - ok 18:50:28.0703 0x1c58 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:50:28.0734 0x1c58 NDProxy - ok 18:50:28.0781 0x1c58 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:50:28.0797 0x1c58 NetBIOS - ok 18:50:28.0859 0x1c58 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:50:28.0906 0x1c58 NetBT - ok 18:50:28.0953 0x1c58 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe 18:50:28.0953 0x1c58 Netlogon - ok 18:50:29.0031 0x1c58 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 18:50:29.0109 0x1c58 Netman - ok 18:50:29.0171 0x1c58 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:50:29.0233 0x1c58 NetMsmqActivator - ok 18:50:29.0249 0x1c58 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:50:29.0265 0x1c58 NetPipeActivator - ok 18:50:29.0358 0x1c58 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 18:50:29.0452 0x1c58 netprofm - ok 18:50:29.0514 0x1c58 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:50:29.0530 0x1c58 NetTcpActivator - ok 18:50:29.0545 0x1c58 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:50:29.0561 0x1c58 NetTcpPortSharing - ok 18:50:29.0623 0x1c58 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 18:50:29.0655 0x1c58 nfrd960 - ok 18:50:29.0733 0x1c58 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:50:29.0795 0x1c58 NlaSvc - ok 18:50:29.0826 0x1c58 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:50:29.0857 0x1c58 Npfs - ok 18:50:29.0873 0x1c58 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 18:50:29.0904 0x1c58 nsi - ok 18:50:29.0951 0x1c58 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:50:29.0967 0x1c58 nsiproxy - ok 18:50:30.0169 0x1c58 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:50:30.0357 0x1c58 Ntfs - ok 18:50:30.0419 0x1c58 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 18:50:30.0419 0x1c58 Null - ok 18:50:30.0481 0x1c58 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:50:30.0528 0x1c58 nvraid - ok 18:50:30.0559 0x1c58 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:50:30.0606 0x1c58 nvstor - ok 18:50:30.0653 0x1c58 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:50:30.0684 0x1c58 nv_agp - ok 18:50:30.0715 0x1c58 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:50:30.0747 0x1c58 ohci1394 - ok 18:50:30.0809 0x1c58 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:50:30.0856 0x1c58 ose - ok 18:50:31.0402 0x1c58 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:50:31.0995 0x1c58 osppsvc - ok 18:50:32.0073 0x1c58 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:50:32.0151 0x1c58 p2pimsvc - ok 18:50:32.0213 0x1c58 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 18:50:32.0291 0x1c58 p2psvc - ok 18:50:32.0338 0x1c58 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 18:50:32.0369 0x1c58 Parport - ok 18:50:32.0431 0x1c58 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:50:32.0463 0x1c58 partmgr - ok 18:50:32.0509 0x1c58 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 18:50:32.0556 0x1c58 PcaSvc - ok 18:50:32.0697 0x1c58 [ 4B5F5774FF1C577B9515FDD2B5C535C5, 1D053020079124AC526D84AFFB17BF4A1563ECD872C83B4B6299C9AA6A732557 ] PCDSRVC{127174DC-C366ED8B-06020200}_0 c:\program files\pc-doctor\pcdsrvc_x64.pkms 18:50:32.0775 0x1c58 PCDSRVC{127174DC-C366ED8B-06020200}_0 - ok 18:50:32.0821 0x1c58 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 18:50:32.0868 0x1c58 pci - ok 18:50:32.0899 0x1c58 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 18:50:32.0915 0x1c58 pciide - ok 18:50:32.0962 0x1c58 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 18:50:33.0024 0x1c58 pcmcia - ok 18:50:33.0040 0x1c58 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 18:50:33.0071 0x1c58 pcw - ok 18:50:33.0149 0x1c58 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:50:33.0258 0x1c58 PEAUTH - ok 18:50:33.0414 0x1c58 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:50:33.0461 0x1c58 PerfHost - ok 18:50:33.0539 0x1c58 [ 18EEA095AF22AC5FA16FC27FB98C82D3, B9E7D8D7172E873650FB61604F192958E86BE51EDCD22278995F4F0441167E39 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS 18:50:33.0555 0x1c58 PHCORE - ok 18:50:33.0742 0x1c58 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 18:50:33.0913 0x1c58 pla - ok 18:50:34.0007 0x1c58 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:50:34.0085 0x1c58 PlugPlay - ok 18:50:34.0116 0x1c58 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:50:34.0163 0x1c58 PNRPAutoReg - ok 18:50:34.0210 0x1c58 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:50:34.0241 0x1c58 PNRPsvc - ok 18:50:34.0335 0x1c58 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:50:34.0413 0x1c58 PolicyAgent - ok 18:50:34.0491 0x1c58 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll 18:50:34.0537 0x1c58 Power - ok 18:50:34.0818 0x1c58 [ DEED60F99C5B8E386D507860F600D509, 1662F4F7C2CB305C6794B0FF546550393DC7C7FCC709C2D342A7092B446830AA ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE 18:50:35.0005 0x1c58 Power Manager DBC Service - ok 18:50:35.0083 0x1c58 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:50:35.0115 0x1c58 PptpMiniport - ok 18:50:35.0146 0x1c58 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 18:50:35.0177 0x1c58 Processor - ok 18:50:35.0255 0x1c58 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 18:50:35.0302 0x1c58 ProfSvc - ok 18:50:35.0364 0x1c58 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:50:35.0364 0x1c58 ProtectedStorage - ok 18:50:35.0427 0x1c58 [ A70AD30223866947E39BC221DF4C2306, E1714080D6DDF966413311D8D2F7AFF57195BB681B1BE194DE2237DA7B05D7A6 ] psadd C:\Windows\system32\DRIVERS\psadd.sys 18:50:35.0442 0x1c58 psadd - ok 18:50:35.0489 0x1c58 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:50:35.0536 0x1c58 Psched - ok 18:50:35.0770 0x1c58 [ 68DCE950DCD2ABBB82362D383EC5836E, 5A3E0ABE32BA53A0D719757222455BE9308844C4968CA27B178C86BCF6FDC4DC ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE 18:50:35.0973 0x1c58 PwmEWSvc - ok 18:50:36.0175 0x1c58 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 18:50:36.0347 0x1c58 ql2300 - ok 18:50:36.0409 0x1c58 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 18:50:36.0441 0x1c58 ql40xx - ok 18:50:36.0503 0x1c58 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 18:50:36.0565 0x1c58 QWAVE - ok 18:50:36.0612 0x1c58 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:50:36.0628 0x1c58 QWAVEdrv - ok 18:50:36.0659 0x1c58 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:50:36.0675 0x1c58 RasAcd - ok 18:50:36.0721 0x1c58 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:50:36.0753 0x1c58 RasAgileVpn - ok 18:50:36.0799 0x1c58 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 18:50:36.0846 0x1c58 RasAuto - ok 18:50:36.0909 0x1c58 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:50:36.0955 0x1c58 Rasl2tp - ok 18:50:37.0033 0x1c58 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 18:50:37.0111 0x1c58 RasMan - ok 18:50:37.0189 0x1c58 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:50:37.0221 0x1c58 RasPppoe - ok 18:50:37.0252 0x1c58 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:50:37.0283 0x1c58 RasSstp - ok 18:50:37.0330 0x1c58 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:50:37.0392 0x1c58 rdbss - ok 18:50:37.0439 0x1c58 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 18:50:37.0455 0x1c58 rdpbus - ok 18:50:37.0470 0x1c58 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:50:37.0486 0x1c58 RDPCDD - ok 18:50:37.0533 0x1c58 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:50:37.0548 0x1c58 RDPENCDD - ok 18:50:37.0595 0x1c58 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:50:37.0595 0x1c58 RDPREFMP - ok 18:50:37.0704 0x1c58 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 18:50:37.0720 0x1c58 RdpVideoMiniport - ok 18:50:37.0782 0x1c58 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:50:37.0829 0x1c58 RDPWD - ok 18:50:37.0907 0x1c58 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:50:37.0954 0x1c58 rdyboost - ok 18:50:38.0016 0x1c58 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:50:38.0063 0x1c58 RemoteAccess - ok 18:50:38.0110 0x1c58 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:50:38.0157 0x1c58 RemoteRegistry - ok 18:50:38.0203 0x1c58 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 18:50:38.0235 0x1c58 RFCOMM - ok 18:50:38.0297 0x1c58 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:50:38.0344 0x1c58 RpcEptMapper - ok 18:50:38.0391 0x1c58 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 18:50:38.0406 0x1c58 RpcLocator - ok 18:50:38.0500 0x1c58 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 18:50:38.0547 0x1c58 RpcSs - ok 18:50:38.0625 0x1c58 [ CA327A84085F68200452E6761F943298, 1D502EF26714D2B162BFF9DEC8204A2DC3DD1200104D0FC02FFD5A77D4014663 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys 18:50:38.0671 0x1c58 RSPCIESTOR - ok 18:50:38.0734 0x1c58 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:50:38.0765 0x1c58 rspndr - ok 18:50:38.0921 0x1c58 [ 513338976B722822B555D739D78F9E9F, 4BF2E756BBD2155DA9214A52DB176EA7DA324E8854FF9EFC73CBDC92FAAD3A9F ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys 18:50:39.0061 0x1c58 RTL8192Ce - ok 18:50:39.0108 0x1c58 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe 18:50:39.0124 0x1c58 SamSs - ok 18:50:39.0139 0x1c58 SAService - ok 18:50:39.0186 0x1c58 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:50:39.0217 0x1c58 sbp2port - ok 18:50:39.0264 0x1c58 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:50:39.0327 0x1c58 SCardSvr - ok 18:50:39.0389 0x1c58 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:50:39.0420 0x1c58 scfilter - ok 18:50:39.0576 0x1c58 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 18:50:39.0732 0x1c58 Schedule - ok 18:50:39.0795 0x1c58 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 18:50:39.0810 0x1c58 SCPolicySvc - ok 18:50:39.0857 0x1c58 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:50:39.0935 0x1c58 SDRSVC - ok 18:50:40.0450 0x1c58 [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 18:50:40.0933 0x1c58 SDScannerService - ok 18:50:41.0121 0x1c58 [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 18:50:41.0292 0x1c58 SDUpdateService - ok 18:50:41.0417 0x1c58 [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 18:50:41.0433 0x1c58 SDWSCService - ok 18:50:41.0479 0x1c58 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:50:41.0511 0x1c58 secdrv - ok 18:50:41.0542 0x1c58 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 18:50:41.0573 0x1c58 seclogon - ok 18:50:41.0589 0x1c58 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 18:50:41.0620 0x1c58 SENS - ok 18:50:41.0682 0x1c58 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:50:41.0713 0x1c58 SensrSvc - ok 18:50:41.0760 0x1c58 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 18:50:41.0776 0x1c58 Serenum - ok 18:50:41.0807 0x1c58 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 18:50:41.0838 0x1c58 Serial - ok 18:50:41.0885 0x1c58 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 18:50:41.0901 0x1c58 sermouse - ok 18:50:41.0994 0x1c58 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 18:50:42.0041 0x1c58 SessionEnv - ok 18:50:42.0119 0x1c58 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:50:42.0135 0x1c58 sffdisk - ok 18:50:42.0197 0x1c58 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:50:42.0275 0x1c58 sffp_mmc - ok 18:50:42.0415 0x1c58 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:50:42.0509 0x1c58 sffp_sd - ok 18:50:42.0540 0x1c58 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 18:50:42.0556 0x1c58 sfloppy - ok 18:50:42.0681 0x1c58 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 18:50:42.0790 0x1c58 Sftfs - ok 18:50:42.0899 0x1c58 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 18:50:42.0977 0x1c58 sftlist - ok 18:50:43.0039 0x1c58 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 18:50:43.0086 0x1c58 Sftplay - ok 18:50:43.0117 0x1c58 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 18:50:43.0133 0x1c58 Sftredir - ok 18:50:43.0195 0x1c58 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 18:50:43.0211 0x1c58 Sftvol - ok 18:50:43.0258 0x1c58 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 18:50:43.0320 0x1c58 sftvsa - ok 18:50:43.0461 0x1c58 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:50:43.0539 0x1c58 SharedAccess - ok 18:50:43.0617 0x1c58 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:50:43.0679 0x1c58 ShellHWDetection - ok 18:50:43.0726 0x1c58 [ C3F190562FE82EFDA7CCEF305EBAD3E3, BE809035A9B11945B3BB630F73A7651BBD4D1EA2091060378BCF7AD20003BBE4 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys 18:50:43.0757 0x1c58 Shockprf - ok 18:50:43.0835 0x1c58 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 18:50:43.0851 0x1c58 SiSRaid2 - ok 18:50:43.0882 0x1c58 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 18:50:43.0913 0x1c58 SiSRaid4 - ok 18:50:44.0022 0x1c58 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 18:50:44.0225 0x1c58 SkypeUpdate - ok 18:50:44.0303 0x1c58 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:50:44.0334 0x1c58 Smb - ok 18:50:44.0428 0x1c58 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:50:44.0459 0x1c58 SNMPTRAP - ok 18:50:44.0475 0x1c58 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 18:50:44.0490 0x1c58 spldr - ok 18:50:44.0584 0x1c58 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 18:50:44.0677 0x1c58 Spooler - ok 18:50:45.0052 0x1c58 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 18:50:45.0473 0x1c58 sppsvc - ok 18:50:45.0551 0x1c58 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:50:45.0598 0x1c58 sppuinotify - ok 18:50:45.0707 0x1c58 [ 47118A04B1D4DCCCE3A1CDA3C10095B9, 797E6E575BBCD413B3ADBA1FAD0183EBAC994A482118D423EC885BF7920254D0 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe 18:50:45.0785 0x1c58 SROSVC - ok 18:50:45.0863 0x1c58 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 18:50:45.0941 0x1c58 srv - ok 18:50:46.0004 0x1c58 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:50:46.0082 0x1c58 srv2 - ok 18:50:46.0128 0x1c58 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:50:46.0175 0x1c58 srvnet - ok 18:50:46.0238 0x1c58 [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys 18:50:46.0284 0x1c58 ssadbus - ok 18:50:46.0300 0x1c58 [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys 18:50:46.0316 0x1c58 ssadmdfl - ok 18:50:46.0409 0x1c58 [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys 18:50:46.0456 0x1c58 ssadmdm - ok 18:50:46.0534 0x1c58 [ ED161B91FDF7EAA39469D72D463D5F4E, FC793E378FB709313D0AC44F59BF5C9488D73235AA2B1A21C50C3DED91C6BE62 ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys 18:50:46.0565 0x1c58 sscdbus - ok 18:50:46.0628 0x1c58 [ 4CB09E77593DBD8D7AF33B37375CA715, 7B14851A8EDAA996D28335FD4DA812C6114DD5012E1E929F4813797CDC77E5BC ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys 18:50:46.0643 0x1c58 sscdmdfl - ok 18:50:46.0706 0x1c58 [ C7B4CF53497A6E5363F3439427663882, 993278ADAAC18F12FE00CCF76681461451DA335F67BB581FC7326045048EC085 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys 18:50:46.0752 0x1c58 sscdmdm - ok 18:50:46.0784 0x1c58 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:50:46.0846 0x1c58 SSDPSRV - ok 18:50:46.0877 0x1c58 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:50:46.0908 0x1c58 SstpSvc - ok 18:50:46.0986 0x1c58 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 18:50:47.0033 0x1c58 ssudmdm - ok 18:50:47.0111 0x1c58 [ EF806D212D34B0E173BAEB3564D53E37, 6EF229A7B7AFF0268CDF47B77F961BD44335C3B35499BB00CBA494A22B2BA39E ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys 18:50:47.0158 0x1c58 ss_bbus - ok 18:50:47.0174 0x1c58 [ 08B1B34ABEBEB6AC2DEA06900C56411E, 928EF9B9F194DB07049BA2D7127756B021C2729F562E54F7FECD0F2B2FF5A209 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys 18:50:47.0189 0x1c58 ss_bmdfl - ok 18:50:47.0236 0x1c58 [ 71A9DA6BEAA4CB54DFB827FB78600A5D, 6393CA17CF6A6F30447FF599B2D27CAB44BA1A709D986AC5E14463303094BE5F ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys 18:50:47.0283 0x1c58 ss_bmdm - ok 18:50:47.0470 0x1c58 [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 18:50:47.0720 0x1c58 Steam Client Service - ok 18:50:47.0766 0x1c58 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 18:50:47.0782 0x1c58 stexstor - ok 18:50:47.0876 0x1c58 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 18:50:47.0969 0x1c58 stisvc - ok 18:50:48.0047 0x1c58 [ BC2CF20E9C24423FF8826C601104A4CC, E71D5070B7BA59CDC61D555FB9D8ADD178521FB186174CB522852522929D62D4 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe 18:50:48.0078 0x1c58 SUService - ok 18:50:48.0110 0x1c58 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 18:50:48.0125 0x1c58 swenum - ok 18:50:48.0219 0x1c58 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 18:50:48.0297 0x1c58 swprv - ok 18:50:48.0453 0x1c58 [ AEAE48AF681BAF5904608FF5D84E3C9C, 39B362E9E64A43B9AF5CCE2E704CCAE5E10B5BA0B45E535098BC0E40A4F772A8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 18:50:48.0515 0x1c58 SynTP - ok 18:50:48.0718 0x1c58 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 18:50:48.0921 0x1c58 SysMain - ok 18:50:48.0952 0x1c58 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:50:48.0999 0x1c58 TabletInputService - ok 18:50:49.0077 0x1c58 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 18:50:49.0139 0x1c58 TapiSrv - ok 18:50:49.0170 0x1c58 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 18:50:49.0217 0x1c58 TBS - ok 18:50:49.0467 0x1c58 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:50:49.0732 0x1c58 Tcpip - ok 18:50:50.0013 0x1c58 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:50:50.0169 0x1c58 TCPIP6 - ok 18:50:50.0247 0x1c58 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:50:50.0262 0x1c58 tcpipreg - ok 18:50:50.0309 0x1c58 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:50:50.0325 0x1c58 TDPIPE - ok 18:50:50.0387 0x1c58 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:50:50.0403 0x1c58 TDTCP - ok 18:50:50.0465 0x1c58 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:50:50.0496 0x1c58 tdx - ok 18:50:51.0198 0x1c58 [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe 18:50:51.0978 0x1c58 TeamViewer9 - ok 18:50:52.0041 0x1c58 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 18:50:52.0072 0x1c58 TermDD - ok 18:50:52.0181 0x1c58 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll 18:50:52.0290 0x1c58 TermService - ok 18:50:52.0384 0x1c58 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 18:50:52.0431 0x1c58 Themes - ok 18:50:52.0462 0x1c58 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 18:50:52.0478 0x1c58 THREADORDER - ok 18:50:52.0524 0x1c58 [ 1BB77ECCBFA3675B1EE8D6D6D37A1E1E, 6C22ED2FC9FF1EDFAFFA9C5F89A65D348B45F0087885401D056D6448F56F97AF ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys 18:50:52.0540 0x1c58 TPDIGIMN - ok 18:50:52.0587 0x1c58 [ 88F81D810FF16AC65B02643DAF308D4F, FDD4AFD1836D2CB528F92A788CEEC0D7800CC18B861E7D7601DA69543F0AD315 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe 18:50:52.0618 0x1c58 TPHDEXLGSVC - ok 18:50:52.0712 0x1c58 [ 6FE3085AB39EA391FCABE7275C8A380C, A3BBD17237D29BE9C11E1CA15C89028218ECAEB5E1151047D12957CEB7F434E2 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe 18:50:52.0758 0x1c58 TPHKLOAD - ok 18:50:52.0805 0x1c58 [ F7B2314456B1676777AA9FFEF6776B45, FC6B4909BB698BC9EC151EC68357F1C27725E8F0AF8074338FD9502B1DEBCD0B ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 18:50:52.0852 0x1c58 TPHKSVC - ok 18:50:52.0899 0x1c58 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys 18:50:52.0930 0x1c58 TPM - ok 18:50:52.0992 0x1c58 [ 1DF6E6C026AD1D428687FE3B427A87BC, DA8F17A1030A0DEC81F5356B4DC99EC1F93FAD1292779191FDD53FEE530F9520 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys 18:50:53.0008 0x1c58 TPPWRIF - ok 18:50:53.0070 0x1c58 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 18:50:53.0117 0x1c58 TrkWks - ok 18:50:53.0195 0x1c58 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:50:53.0226 0x1c58 TrustedInstaller - ok 18:50:53.0289 0x1c58 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:50:53.0304 0x1c58 tssecsrv - ok 18:50:53.0429 0x1c58 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:50:53.0460 0x1c58 TsUsbFlt - ok 18:50:53.0507 0x1c58 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 18:50:53.0523 0x1c58 TsUsbGD - ok 18:50:53.0601 0x1c58 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:50:53.0632 0x1c58 tunnel - ok 18:50:53.0726 0x1c58 [ A65643ED30A30E46317C0B25818BC9B7, 9C9AB56C8BCF5EC958E7C2346F23A3027F69ABDF8AF923B591518EEE64AD98AD ] TVicPort64 C:\Windows\system32\drivers\TVicPort64.sys 18:50:53.0741 0x1c58 TVicPort64 - ok 18:50:53.0804 0x1c58 [ 4DAAE0413CD4E816258838E2FAFB3147, 7D45621A0148C2EEA4302A5852D9407DCEF1947936E9E840788F01625E869CDD ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys 18:50:53.0819 0x1c58 TVTI2C - ok 18:50:53.0866 0x1c58 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 18:50:53.0897 0x1c58 uagp35 - ok 18:50:53.0944 0x1c58 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:50:54.0006 0x1c58 udfs - ok 18:50:54.0069 0x1c58 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:50:54.0131 0x1c58 UI0Detect - ok 18:50:54.0194 0x1c58 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:50:54.0240 0x1c58 uliagpkx - ok 18:50:54.0287 0x1c58 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:50:54.0318 0x1c58 umbus - ok 18:50:54.0428 0x1c58 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 18:50:54.0443 0x1c58 UmPass - ok 18:50:54.0506 0x1c58 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 18:50:54.0568 0x1c58 upnphost - ok 18:50:54.0646 0x1c58 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 18:50:54.0677 0x1c58 usbaudio - ok 18:50:54.0740 0x1c58 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:50:54.0771 0x1c58 usbccgp - ok 18:50:54.0833 0x1c58 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:50:54.0864 0x1c58 usbcir - ok 18:50:54.0927 0x1c58 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 18:50:54.0942 0x1c58 usbehci - ok 18:50:55.0005 0x1c58 [ 76E2FFAD301490BA27B947C6507752FB, A4C6FC5C3BF428C624D0792873CB01C8F16F49B0E8B36422025A1094F0AAE231 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys 18:50:55.0036 0x1c58 usbfilter - ok 18:50:55.0130 0x1c58 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:50:55.0192 0x1c58 usbhub - ok 18:50:55.0239 0x1c58 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 18:50:55.0254 0x1c58 usbohci - ok 18:50:55.0317 0x1c58 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 18:50:55.0332 0x1c58 usbprint - ok 18:50:55.0442 0x1c58 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 18:50:55.0473 0x1c58 usbscan - ok 18:50:55.0520 0x1c58 [ 51B9608E661F5FA21680F3C33E18C044, 1849E73131E1D99F1FA2983FD34DF4E59BCAB944369BBC1A782FD5095C01D9EA ] usbsmi C:\Windows\system32\DRIVERS\SMIksdrv.sys 18:50:55.0566 0x1c58 usbsmi - ok 18:50:55.0613 0x1c58 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:50:55.0644 0x1c58 USBSTOR - ok 18:50:55.0676 0x1c58 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:50:55.0707 0x1c58 usbuhci - ok 18:50:55.0769 0x1c58 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 18:50:55.0816 0x1c58 usbvideo - ok 18:50:55.0863 0x1c58 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 18:50:55.0878 0x1c58 usb_rndisx - ok 18:50:55.0925 0x1c58 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 18:50:55.0956 0x1c58 UxSms - ok 18:50:56.0003 0x1c58 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe 18:50:56.0003 0x1c58 VaultSvc - ok 18:50:56.0066 0x1c58 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:50:56.0081 0x1c58 vdrvroot - ok 18:50:56.0175 0x1c58 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 18:50:56.0253 0x1c58 vds - ok 18:50:56.0315 0x1c58 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:50:56.0331 0x1c58 vga - ok 18:50:56.0393 0x1c58 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 18:50:56.0409 0x1c58 VgaSave - ok 18:50:56.0456 0x1c58 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:50:56.0502 0x1c58 vhdmp - ok 18:50:56.0534 0x1c58 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 18:50:56.0549 0x1c58 viaide - ok 18:50:56.0596 0x1c58 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:50:56.0627 0x1c58 volmgr - ok 18:50:56.0690 0x1c58 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:50:56.0752 0x1c58 volmgrx - ok 18:50:56.0814 0x1c58 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:50:56.0861 0x1c58 volsnap - ok 18:50:56.0924 0x1c58 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 18:50:56.0970 0x1c58 vsmraid - ok 18:50:57.0158 0x1c58 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 18:50:57.0329 0x1c58 VSS - ok 18:50:57.0407 0x1c58 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 18:50:57.0438 0x1c58 vwifibus - ok 18:50:57.0470 0x1c58 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 18:50:57.0485 0x1c58 vwififlt - ok 18:50:57.0548 0x1c58 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 18:50:57.0563 0x1c58 vwifimp - ok 18:50:57.0626 0x1c58 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 18:50:57.0704 0x1c58 W32Time - ok 18:50:57.0766 0x1c58 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 18:50:57.0797 0x1c58 WacomPen - ok 18:50:57.0953 0x1c58 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:50:57.0984 0x1c58 WANARP - ok 18:50:58.0094 0x1c58 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:50:58.0109 0x1c58 Wanarpv6 - ok 18:50:58.0296 0x1c58 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 18:50:58.0515 0x1c58 WatAdminSvc - ok 18:50:58.0733 0x1c58 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 18:50:58.0905 0x1c58 wbengine - ok 18:50:58.0952 0x1c58 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:50:59.0014 0x1c58 WbioSrvc - ok 18:50:59.0092 0x1c58 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:50:59.0170 0x1c58 wcncsvc - ok 18:50:59.0201 0x1c58 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:50:59.0248 0x1c58 WcsPlugInService - ok 18:50:59.0279 0x1c58 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 18:50:59.0295 0x1c58 Wd - ok 18:50:59.0498 0x1c58 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:50:59.0622 0x1c58 Wdf01000 - ok 18:50:59.0685 0x1c58 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:50:59.0716 0x1c58 WdiServiceHost - ok 18:50:59.0747 0x1c58 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:50:59.0763 0x1c58 WdiSystemHost - ok 18:50:59.0825 0x1c58 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 18:50:59.0872 0x1c58 WebClient - ok 18:50:59.0934 0x1c58 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:51:00.0012 0x1c58 Wecsvc - ok 18:51:00.0059 0x1c58 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:51:00.0090 0x1c58 wercplsupport - ok 18:51:00.0153 0x1c58 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 18:51:00.0200 0x1c58 WerSvc - ok 18:51:00.0262 0x1c58 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:51:00.0278 0x1c58 WfpLwf - ok 18:51:00.0309 0x1c58 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:51:00.0324 0x1c58 WIMMount - ok 18:51:00.0371 0x1c58 WinDefend - ok 18:51:00.0402 0x1c58 WinHttpAutoProxySvc - ok 18:51:00.0480 0x1c58 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:51:00.0543 0x1c58 Winmgmt - ok 18:51:00.0777 0x1c58 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 18:51:01.0011 0x1c58 WinRM - ok 18:51:01.0104 0x1c58 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 18:51:01.0151 0x1c58 WinUsb - ok 18:51:01.0260 0x1c58 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 18:51:01.0401 0x1c58 Wlansvc - ok 18:51:01.0494 0x1c58 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 18:51:01.0526 0x1c58 wlcrasvc - ok 18:51:01.0838 0x1c58 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:51:02.0072 0x1c58 wlidsvc - ok 18:51:02.0134 0x1c58 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 18:51:02.0150 0x1c58 WmiAcpi - ok 18:51:02.0212 0x1c58 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:51:02.0259 0x1c58 wmiApSrv - ok 18:51:02.0306 0x1c58 WMPNetworkSvc - ok 18:51:02.0384 0x1c58 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:51:02.0415 0x1c58 WPCSvc - ok 18:51:02.0446 0x1c58 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:51:02.0493 0x1c58 WPDBusEnum - ok 18:51:02.0540 0x1c58 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:51:02.0555 0x1c58 ws2ifsl - ok 18:51:02.0602 0x1c58 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 18:51:02.0633 0x1c58 wscsvc - ok 18:51:02.0711 0x1c58 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 18:51:02.0727 0x1c58 WSDPrintDevice - ok 18:51:02.0789 0x1c58 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\drivers\WSDScan.sys 18:51:02.0805 0x1c58 WSDScan - ok 18:51:02.0820 0x1c58 WSearch - ok 18:51:02.0961 0x1c58 [ 67C1BCCCB4B59552BD62827F812A3A8B, 720E1E5FFC99AF803F1257446AE2DA492B494FC8A8B8E73F96B9CA98C3BBCFE6 ] WTGService C:\Program Files (x86)\XSManager\WTGService.exe 18:51:03.0039 0x1c58 WTGService - ok 18:51:03.0460 0x1c58 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll 18:51:03.0803 0x1c58 wuauserv - ok 18:51:03.0881 0x1c58 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:51:03.0912 0x1c58 WudfPf - ok 18:51:03.0990 0x1c58 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:51:04.0037 0x1c58 WUDFRd - ok 18:51:04.0068 0x1c58 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:51:04.0100 0x1c58 wudfsvc - ok 18:51:04.0162 0x1c58 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 18:51:04.0224 0x1c58 WwanSvc - ok 18:51:04.0302 0x1c58 [ 1EA18D9ADA8FE282D7B5822F1BD05E8F, 5401FC8E362497DB42813CDAF320F56466B6B955E45F9B7D9FFB1144CFFC78A7 ] XS Stick Service C:\Windows\service4g.exe 18:51:04.0349 0x1c58 XS Stick Service - ok 18:51:04.0412 0x1c58 ================ Scan global =============================== 18:51:04.0458 0x1c58 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 18:51:04.0552 0x1c58 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 18:51:04.0630 0x1c58 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 18:51:04.0677 0x1c58 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 18:51:04.0755 0x1c58 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 18:51:04.0817 0x1c58 [ Global ] - ok 18:51:04.0833 0x1c58 ================ Scan MBR ================================== 18:51:04.0848 0x1c58 [ 0D8CCFD941FCD953F608374FEB7ACC05 ] \Device\Harddisk0\DR0 18:51:05.0301 0x1c58 \Device\Harddisk0\DR0 - ok 18:51:05.0301 0x1c58 ================ Scan VBR ================================== 18:51:05.0394 0x1c58 [ 33AF5B4F294E964EFF1A725BB95CB288 ] \Device\Harddisk0\DR0\Partition1 18:51:05.0410 0x1c58 \Device\Harddisk0\DR0\Partition1 - ok 18:51:05.0426 0x1c58 [ CFBC9803B4ACE036458383F32BA301AC ] \Device\Harddisk0\DR0\Partition2 18:51:05.0426 0x1c58 \Device\Harddisk0\DR0\Partition2 - ok 18:51:05.0472 0x1c58 [ 92607C25B34CC4E24C7E4CEE33F8BCE4 ] \Device\Harddisk0\DR0\Partition3 18:51:05.0472 0x1c58 \Device\Harddisk0\DR0\Partition3 - ok 18:51:05.0472 0x1c58 ================ Scan generic autorun ====================== 18:51:05.0535 0x1c58 [ 96CCA171343E31196C29899376F61210, 80C5AE5E9B8A1370BCA77D1B62DED97546851B414B93C0B72808A29A30F0157F ] C:\Windows\SMIKsSTI.EXE 18:51:05.0597 0x1c58 SMI_SSE_V5 - ok 18:51:05.0675 0x1c58 [ 6B640D9B1C114DDB8A534A9101DCEF29, 2993E6282D8DC6CD431D7B79C9C7EB3AF9AB3BBDD8F90C85142D14DC2575BB99 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe 18:51:05.0753 0x1c58 SmartAudio - ok 18:51:05.0784 0x1c58 [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe 18:51:05.0816 0x1c58 ForteConfig - ok 18:51:05.0862 0x1c58 [ DE286A742DB9B4E37EF5FA2D9BDF1BE6, D9A2CDE82A3C496FCB8961914CFFDA2E173B2581B010E072D8F47347BCB4AC9B ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe 18:51:05.0894 0x1c58 LENOVO.TPKNRRES - ok 18:51:05.0956 0x1c58 [ FBB2E2B9AFAB42F23A2362EAF2AECF3A, F7CE8F506FDB4D15109F024AA6BB520181EA0B08311C36EF41FEA96BB48ECA07 ] C:\Program Files\TPFanControl\TPFanControl.exe 18:51:06.0003 0x1c58 TPFanControl - ok 18:51:06.0003 0x1c58 SynTPEnh - ok 18:51:06.0143 0x1c58 [ AD510092FB0CC2A3C1DB51B9AE02FAC0, 9633C89ABCEAB3040DBAE983E32562BD334113519EBA1682CC79977352D10A76 ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe 18:51:06.0174 0x1c58 AcWin7Hlpr - ok 18:51:06.0221 0x1c58 [ 2508FA41A1B58C97D94FFF044111492F, 656AC5EC110C5F8CE68CE1962D6B2CBD47EE6CE20A181C88BB1E5481793F0578 ] C:\Windows\system32\TpShocks.exe 18:51:06.0299 0x1c58 TpShocks - ok 18:51:06.0471 0x1c58 [ BA3A1EEF7196D7722D8CB4AE7AD03696, EE6849885B7F8DCEDBBC163C3DFBD35868DE393936E4C9305B38BDDFFD308A55 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 18:51:06.0549 0x1c58 StartCCC - ok 18:51:06.0564 0x1c58 PWMTRV - ok 18:51:07.0001 0x1c58 [ 91E2D8CFD3051CBE19A2445A4D7D06D8, B59BF1CD4E0E87707BF71D40D9984B842B37573ECE4D7FD2E72D92954747F543 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe 18:51:07.0594 0x1c58 Lenovo Registration - ok 18:51:07.0672 0x1c58 [ 672638C5D3FB989ADC6159EC3B3C7438, EF3CD662EFD319B2DE48BDFE98EB8FB1C63F13B300CE61EFC70583E71767B14F ] C:\Windows\starter4g.exe 18:51:07.0719 0x1c58 starter4g - ok 18:51:07.0766 0x1c58 [ E6DEED311D830678E1A0B4889F3C2F0E, 99D34ED089BCC653DE3941C179C4201CC7158F1E4CAE50604908DBB11ACB3905 ] C:\Program Files (x86)\Silvercrest MTS2118 driver\StartAutorun.exe 18:51:07.0828 0x1c58 KMCONFIG - ok 18:51:08.0000 0x1c58 [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 18:51:08.0093 0x1c58 avgnt - ok 18:51:08.0249 0x1c58 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 18:51:08.0390 0x1c58 Adobe ARM - ok 18:51:09.0029 0x1c58 [ AF49D1C79EA49A7833017F290EE63B82, FFE98E8F6AE3BFAB324B3A7C6C6C00545C597A6861CBDD82ACE97591C6A1D287 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 18:51:09.0747 0x1c58 SDTray - ok 18:51:10.0199 0x1c58 [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 18:51:10.0605 0x1c58 DivXUpdate - ok 18:51:10.0730 0x1c58 [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 18:51:10.0761 0x1c58 Avira Systray - ok 18:51:10.0932 0x1c58 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 18:51:11.0104 0x1c58 Sidebar - ok 18:51:11.0151 0x1c58 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 18:51:11.0182 0x1c58 mctadmin - ok 18:51:11.0307 0x1c58 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 18:51:11.0400 0x1c58 Sidebar - ok 18:51:11.0463 0x1c58 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 18:51:11.0478 0x1c58 mctadmin - ok 18:51:11.0650 0x1c58 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe 18:51:11.0697 0x1c58 Google Update - ok 18:51:12.0087 0x1c58 [ 771293BC7EACB6FB7A78F8B7A954F019, DF06F0D0C8E38F17AD155CAB009A5A2969E7638B88AFBC2A75450EB1239ECAB4 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe 18:51:12.0570 0x1c58 Spybot-S&D Cleaning - ok 18:51:12.0602 0x1c58 Google+ Auto Backup - ok 18:51:12.0820 0x1c58 [ C664CAF57AB0D22FD97E7395D1423185, 36D5487AC098BDC2B49BEB8EE0E7412CF1AFE8D368158B3814A4205E5E3DF803 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe 18:51:12.0945 0x1c58 FlashPlayerUpdate - ok 18:51:12.0992 0x1c58 Skype - ok 18:51:13.0101 0x1c58 [ 36760CAFDC2D5A93618AC867697F335E, ACC1733EC3907B8B2E3D14175F8F683D4D204C16D3F15B0D1C9149A29F1A341B ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe 18:51:13.0116 0x1c58 KiesPDLR - ok 18:51:13.0226 0x1c58 [ 6320CA4A7C486D412D01391E202745F6, D694D6A6C696AF16F14A000E0DD09D7BD6F177CEDAF6BD20012AEED4CB531EE4 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE 18:51:13.0272 0x1c58 EPLTarget\P0000000000000001 - ok 18:51:13.0272 0x1c58 Waiting for KSN requests completion. In queue: 132 18:51:14.0286 0x1c58 Waiting for KSN requests completion. In queue: 132 18:51:15.0300 0x1c58 Waiting for KSN requests completion. In queue: 132 18:51:16.0314 0x1c58 Waiting for KSN requests completion. In queue: 132 18:51:17.0640 0x1c58 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated ) 18:51:17.0703 0x1c58 Win FW state via NFP2: enabled 18:51:21.0462 0x1c58 ============================================================ 18:51:21.0462 0x1c58 Scan finished 18:51:21.0462 0x1c58 ============================================================ 18:51:21.0494 0x1a14 Detected object count: 0 18:51:21.0494 0x1a14 Actual detected object count: 0 18:52:06.0640 0x1cfc Deinitialize success |
|
14.11.2014, 18:14
| #7 |
| /// the machine /// TB-Ausbilder | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.11.2014, 22:05
| #8 |
| | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere ProblemeCode:
ATTFilter ComboFix 14-11-15.01 - Timur 14.11.2014 20:17:58.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3689.1128 [GMT 1:00]
ausgeführt von:: c:\users\Timur\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Timur\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Timur\AppData\Roaming\Microsoft\Windows\Recent\Registrierung.url
c:\windows\SysWow64\MailBee.dll
c:\windows\wininit.ini
Q:\AUTORUN.INF
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-10-14 bis 2014-11-14 ))))))))))))))))))))))))))))))
.
.
2014-11-14 20:10 . 2014-11-14 20:10 -------- d-----w- c:\users\Paula\AppData\Local\temp
2014-11-14 20:10 . 2014-11-14 20:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-14 12:05 . 2014-10-14 19:59 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1FC2553C-103D-4A96-BA98-B7876F236D17}\mpengine.dll
2014-11-14 10:39 . 2014-11-14 10:39 0 ----a-w- c:\windows\SysWow64\sho7E9D.tmp
2014-11-12 20:45 . 2014-11-07 19:23 815280 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2014-11-12 19:44 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 19:44 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-12 19:34 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-12 19:34 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-12 19:34 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-12 19:34 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-12 19:34 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-12 19:34 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-12 19:34 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-11-12 19:34 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-12 19:34 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-11-12 19:29 . 2014-09-19 09:42 342016 ----a-w- c:\windows\system32\schannel.dll
2014-11-12 19:20 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-12 19:20 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-12 19:20 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-12 19:20 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-12 19:20 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-09 14:45 . 2014-11-09 14:54 -------- d-----w- C:\FRST
2014-11-07 21:10 . 2014-11-14 11:20 220784 ----a-w- c:\program files (x86)\Mozilla Firefox\sandboxbroker.dll
2014-10-23 18:22 . 2014-10-23 18:23 -------- d-----w- C:\8a9c394ada2cd8e467357e
2014-10-16 10:34 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-10-16 10:34 . 2014-06-18 22:23 1943696 ----a-w- c:\windows\system32\dfshim.dll
2014-10-16 10:34 . 2014-06-18 22:23 156312 ----a-w- c:\windows\system32\mscorier.dll
2014-10-16 10:34 . 2014-06-18 22:23 156824 ----a-w- c:\windows\SysWow64\mscorier.dll
2014-10-16 10:34 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\SysWow64\dfshim.dll
2014-10-16 10:34 . 2014-06-18 22:23 73880 ----a-w- c:\windows\system32\mscories.dll
2014-10-16 10:34 . 2014-06-18 22:23 81560 ----a-w- c:\windows\SysWow64\mscories.dll
2014-10-16 10:30 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2014-10-16 10:30 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2014-10-16 10:29 . 2014-07-17 02:07 235520 ----a-w- c:\windows\system32\winsta.dll
2014-10-16 10:29 . 2014-07-17 02:07 150528 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-10-16 10:29 . 2014-07-17 02:07 455168 ----a-w- c:\windows\system32\winlogon.exe
2014-10-16 10:29 . 2014-07-17 01:40 157696 ----a-w- c:\windows\SysWow64\winsta.dll
2014-10-16 10:29 . 2014-07-17 01:21 212480 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-10-16 10:29 . 2014-07-17 01:21 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-10-16 10:29 . 2014-09-05 02:11 6584320 ----a-w- c:\windows\system32\mstscax.dll
2014-10-16 10:29 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-14 10:10 . 2011-09-09 16:28 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-11-14 10:00 . 2012-03-29 10:02 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-14 10:00 . 2011-09-09 19:43 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-28 05:34 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-14 21:09 . 2013-05-07 14:46 43064 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-10-14 21:09 . 2013-04-03 20:15 131608 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-10-14 21:09 . 2013-04-03 20:15 119272 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-09-25 02:08 . 2014-10-01 10:41 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 10:41 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-09 22:11 . 2014-09-25 08:36 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-25 08:36 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-08-28 21:51 . 2012-08-02 21:44 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-27 19:57 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-27 19:57 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-06 336384]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-05-16 5941344]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-02-09 4309184]
"starter4g"="c:\windows\starter4g.exe" [2010-03-19 161040]
"KMCONFIG"="c:\program files (x86)\Silvercrest MTS2118 driver\StartAutorun.exe" [2007-03-06 212992]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-10-14 703736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-10-22 124208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 BrazosTweaker;BrazosTweaker service;c:\program files\BrazosTweaker\BrazosTweakerService.exe;c:\program files\BrazosTweaker\BrazosTweakerService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmnsusbser.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 PCDSRVC{127174DC-C366ED8B-06020200}_0;PCDSRVC{127174DC-C366ED8B-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc_x64.pkms;c:\program files\pc-doctor\pcdsrvc_x64.pkms [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files (x86)\Silvercrest MTS2118 driver\KMWDSrv.exe;c:\program files (x86)\Silvercrest MTS2118 driver\KMWDSrv.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe;c:\windows\SYSNATIVE\SAsrv.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SROSVC;Screen Reading Optimizer Service Program;c:\program files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe;c:\program files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 TVicPort64;TVicPort64; [x]
S2 WTGService;WTGService;c:\program files (x86)\XSManager\WTGService.exe;c:\program files (x86)\XSManager\WTGService.exe [x]
S2 XS Stick Service;XS Stick Service;c:\windows\service4g.exe;c:\windows\service4g.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys;c:\windows\SYSNATIVE\DRIVERS\Tvti2c.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 usbsmi;Integrated Camera Service Display Name V1;c:\windows\system32\DRIVERS\SMIksdrv.sys;c:\windows\SYSNATIVE\DRIVERS\SMIksdrv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - BEEP
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-03 10:14 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 10:00]
.
2014-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-09 18:07]
.
2014-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-09 18:07]
.
2014-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core.job
- c:\users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-14 07:28]
.
2014-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA.job
- c:\users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-14 07:28]
.
2014-10-22 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
2014-11-14 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\uaclauncher.exe [2011-03-31 15:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 16:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMI_SSE_V5"="c:\windows\SMIKsSTI.EXE" [2011-04-11 212992]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2011-03-24 310912]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2011-04-04 41320]
"TPFanControl"="c:\program files\TPFanControl\TPFanControl.exe" [2012-06-07 153600]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2011-04-14 31592]
"TpShocks"="TpShocks.exe" [2011-03-29 380776]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://lenovo.msn.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Alles mit FlashGet laden - c:\program files (x86)\FlashGet\jc_all.htm
IE: &Mit FlashGet laden - c:\program files (x86)\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube to MP3 Converter - c:\users\Timur\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Google+ Auto Backup - c:\users\Timur\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-OpenAL - c:\program files (x86)\OpenAL\oalinst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{127174DC-C366ED8B-06020200}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_223_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_223_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_223_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_223_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_223.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_223.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_223.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_223.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE
c:\progra~1\LENOVO\VIRTSCRL\virtscrl.exe
c:\windows\SysWOW64\SAsrv.exe
c:\program files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
c:\program files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
c:\program files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-11-14 21:28:48 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-11-14 20:28
.
Vor Suchlauf: 16 Verzeichnis(se), 121.426.685.952 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 123.597.451.264 Bytes frei
.
- - End Of File - - 9D1C2E116E112CDE1E5B69206214292B
0D8CCFD941FCD953F608374FEB7ACC05
|
|
15.11.2014, 20:05
| #9 |
| /// the machine /// TB-Ausbilder | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.11.2014, 23:47
| #10 |
| | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere ProblemeCode:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by Timur on 20.11.2014 at 22:44:37,49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Timur\AppData\Roaming\pcdr"
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{01426A77-85A9-4454-BD52-E88EE605C55A}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{036D6DB4-17B9-49A2-919A-630D34950F41}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{08FB1CAC-156D-482D-B444-17D0F9325DCC}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{110B4A7C-7A4B-4D18-BA7E-C6FDC760CFD9}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{13AFDF76-6E74-41F5-AF92-B2FBB87550A0}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{1478FEEE-19CB-46B3-9C40-BC2201986618}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{190B6271-021F-49F3-AEA7-07245E53E403}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{1CB6B89E-76B1-447E-915B-6CE26DE1D2F0}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{1D9EF808-A8E0-4809-8EA0-B2BF9A7D0B96}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{244BC474-5D87-4268-8DF1-249925A165C4}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{33D0BFC9-38F4-4821-808F-ED41AE998405}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{409724D5-44C2-4016-9971-D9FD6A2816AB}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{40A91E59-AA73-45A2-B06F-91133724BAB8}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{410E4198-BD32-4C84-98E2-A0B02B521F50}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{415C8A92-1139-4BE8-AEA4-5BD8498FA547}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{4277C77D-4254-4800-ACF9-BE790061E484}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{4B31062D-CEBD-402D-98CA-77669D3FA71C}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{5B748219-7209-4216-BAD3-3F93043D7030}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{5C1E511E-37BD-427A-8145-74B7729B56F4}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{5D43E9EB-ADF3-4F38-8977-5E8E0EA1B75B}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{5D5198BC-9C12-4BF4-AC73-424E8C55DE39}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{608B9B70-5AB4-46F9-9E93-34C197773353}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{61B36990-5D42-4829-8B62-E026BC6C9415}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{62A371D9-1C71-4842-BE5F-AE8F33CB401F}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{64AB8BD7-9A0F-4855-ADB3-769182B4F318}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{6705AA34-D235-434C-9302-9D0C40A569EF}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{68D030EF-B0A7-42D5-B25F-46D14EDD9574}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{6978951A-F056-466D-A90D-D5FABB5F3722}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{83F16213-E813-4322-8512-669E05440205}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{88350EA3-D99D-4A9B-936C-5F67E77B287F}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{88D34642-ED93-4EE6-BBF9-86A6F217BDE5}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{89F8585F-7624-4868-AAB2-5F39ABCFD06A}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{8A1ED559-A9BD-4AA5-A67A-C8584C1D5007}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{9091B221-8DD5-4C93-83C8-C5ECCAB63BE0}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{972EF200-0782-4A50-8175-541E4B436D40}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{97817915-3F72-4877-918A-DC405D370727}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{983F6F73-1D1B-456B-8DC5-2F3737BD1413}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{99ED8EFF-0CA0-48DF-B1A7-B04100DDF9ED}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{9B7F0499-2170-4C03-B778-FEC58B02B03A}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{9C84069D-CAA2-43F4-8AF0-8E59AC60C0E5}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{9F22120A-3C8E-40D3-8F7B-18FF8C22ED85}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{A49C48D4-2D7F-44B2-B00C-7684F775E6DA}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{A5D44062-5D90-4779-9175-B3AE7EAF81AF}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{A6BA1BFC-7946-4958-B3DE-EC3B31DA9D75}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{A74C2FFA-7F96-4ACC-ADDA-E61EAAC3CBD5}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{A7FDD60E-4135-4553-8EF7-A34523679F54}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{A984982C-C9DD-4CEA-9B0C-FD80D7EB9964}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{B52A61EF-6C6B-4181-8FB3-D4DAE1143C40}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{B7616EA8-01D4-47CC-9786-FBD2A575078A}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{B93FB6D0-6E6B-4A88-BAEA-E2C4198D26D1}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{B9F082B3-D9DB-4BF2-97E2-83ED1690F4DF}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{BCAA3CA2-FA4F-4646-ABDA-CC99BD5E3411}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{C19F3DD8-24A0-495C-8E28-6626F6B8CB13}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{C63B09BA-6677-477F-AEA4-C033517A96B0}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{D012D9EF-1C99-4279-B427-38BF734C86E7}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{D47CDB4A-4BD1-429F-AC8E-A62AE343A3FF}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{D641734B-E0D7-46BA-9807-D9963C1EEAE1}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{DCF7ACE3-91E6-452C-B85B-A5E961E2DECA}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{DE3673AF-F775-47BE-B184-EA06F914DC0D}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{E1D6CBA6-6740-4589-8AE4-19CD18893D61}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{E45B1526-C215-4D9C-9A00-41997E8B5580}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{E71B8117-75B4-4EBF-A88D-E9A682AF704C}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{E797B02F-3E2E-44A0-91A2-6A71B74EB691}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{E9ABC2B8-B5FE-4070-9256-7685F6CFF339}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{ED2AA380-203F-4BC7-93E3-4AB0851F5726}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{ED3567E8-5BD8-437A-9C4D-3529023F90E9}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{EF6D9078-5C56-4901-80F6-79948CD26AD1}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{F007198E-E3A1-4CC8-9EE7-2A0FED316706}
Successfully deleted: [Empty Folder] C:\Users\Timur\appdata\local\{FE964875-163D-4E68-A162-067511269D17}
~~~ FireFox
Emptied folder: C:\Users\Timur\AppData\Roaming\mozilla\firefox\profiles\zvx37y5k.default-1414227857682\minidumps [7 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.11.2014 at 23:16:13,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v4.101 - Bericht erstellt am 20/11/2014 um 22:24:00
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-16.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Timur - TIMURS_WELT
# Gestartet von : C:\Users\Timur\Downloads\AdwCleaner_4.101.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Trymedia
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.1 (x86 de)
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.FirstTime", "true");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.FirstTimeFF3", "true");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.LoginRevertSettingsEnabled", true);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.UserID", "UN38777069523159666");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.addressBarTakeOverEnabledInHidden", "true");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.browser.search.defaultthis.engineName", true);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.countryCode", "DE");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.enableAlerts", "always");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.enableFix404ByUser", "FALSE");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.firstTimeDialogOpened", "true");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.fixPageNotFoundErrorByUser", "TRUE");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.fixPageNotFoundErrorInHidden", "true");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.fixUrls", true);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.fullUserID", "UN38777069523159666.UP.20130813175312");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.installType", "DirectDownload");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.isCheckedStartAsHidden", true);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.isFirstTimeToolbarLoading", "false");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.isPerformedSmartBarTransition", "true");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.keyword", true);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.lastVersion", "10.23.0.822");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.migrateAppsAndComponents", true);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://kijiji-berlin.communityto[...]
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT105780&SearchSource=2&CUI=UN38777069523159666&UM=&q=");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.searchInNewTabEnabledByUser", "false");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.searchInNewTabEnabledInHidden", "true");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.searchSuggestEnabledByUser", "true");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT105780\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://kijiji-berlin.communitytoolbars.com//xpi\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Kijiji Berlin \"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_Configuration_lastUpdate", "1391153734663");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1390998418590");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_appsMetadata_lastUpdate", "1391153733947");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1390410118929");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_location_lastUpdate", "1376297688671");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.14.350.531_lastUpdate", "1363007456274");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364312527967");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360746515090");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.14.65.43_lastUpdate", "1362134395048");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.15.0.562_lastUpdate", "1376340106244");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.15.2.523_lastUpdate", "1367621611574");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.16.1.521_lastUpdate", "1368082240464");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.16.2.509_lastUpdate", "1373184532147");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.16.70.505_lastUpdate", "1381741278376");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.16.9.506_lastUpdate", "1378670513984");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.20.0.513_lastUpdate", "1381829322065");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.20.1.508_lastUpdate", "1383310044801");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.21.1.507_lastUpdate", "1385679684332");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.22.5.510_lastUpdate", "1387820700782");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_login_10.23.0.822_lastUpdate", "1391175871365");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_menu_418c09072453546a14a3742a33d57d9a_lastUpdate", "1382293853931");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1390410119053");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_searchAPI_lastUpdate", "1391153734507");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_serviceMap_lastUpdate", "1391153733974");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_toolbarContextMenu_lastUpdate", "1391153733993");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_toolbarSettings_lastUpdate", "1391183635829");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.serviceLayer_services_translation_lastUpdate", "1391153733179");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.settingsINI", true);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.smartbar.CTID", "CT105780");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.smartbar.Uninstall", "0");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.smartbar.isHidden", true);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.smartbar.toolbarName", "Kijiji Berlin ");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.startPage", "userChanged");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.toolbarBornServerTime", "11-2-2013");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.toolbarCurrentServerTime", "31-1-2014");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780.toolbarLoginClientTime", "Mon Mar 11 2013 18:25:45 GMT+0100");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("CT105780_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1391184518028,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT105780");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("plugin.state.npconduitfirefoxplugin", 2);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT105780");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT105780&SearchSource=2&CUI=UN38777069523159666&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT10[...]
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.machineId", "8LMWWJ7HSMQKMJX8LXQFTUW1N/CEP3QGDWMSA36WRRJGD66/LEA3MNDH246JHV0JGOSXVOKNPCLDEAJZ6LIBXW");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.originalSearchAddressUrl", "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.originalSearchEngine", "Google");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("valueApps.CT105780.mam_gk_currentVersion", "312E31322E302E35");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("valueApps.CT105780.mam_gk_currentVersion.storedInFile", false);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("valueApps.CT105780.mam_gk_globalKeysMigratedToLocalStorage", "31");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("valueApps.CT105780.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("valueApps.CT105780.mam_gk_migrated_from_ls", "31");
[vkf1tnk8.default\prefs.js] - Zeile gelöscht : user_pref("valueApps.CT105780.mam_gk_migrated_from_ls.storedInFile", false);
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R0].txt - [14898 octets] - [20/11/2014 21:58:28]
AdwCleaner[S0].txt - [15350 octets] - [20/11/2014 22:24:00]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15411 octets] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 20.11.2014 Suchlauf-Zeit: 19:07:56 Logdatei: MBAM.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.11.20.06 Rootkit Datenbank: v2014.11.18.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Timur Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 382086 Verstrichene Zeit: 2 Std, 37 Min, 10 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 6 PUP.Optional.YTDToolbar, HKU\S-1-5-21-208810273-1353525685-880446501-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F3FEE66E-E034-436A-86E4-9690573BEE8A}, Löschen bei Neustart, [d53139054438fe38707bd0eea65c9070], PUP.Optional.YTDToolbar, HKU\S-1-5-21-208810273-1353525685-880446501-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F3FEE66E-E034-436A-86E4-9690573BEE8A}, Löschen bei Neustart, [d53139054438fe38707bd0eea65c9070], PUP.Optional.Softonic.A, HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Löschen bei Neustart, [f90d43fbafcd76c0e068ff66b053837d], PUP.Optional.Spigot.A, HKU\S-1-5-21-208810273-1353525685-880446501-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Settings, Löschen bei Neustart, [b6502b13aad24ee86bc50aa262a214ec], PUP.Optional.Conduit.A, HKU\S-1-5-21-208810273-1353525685-880446501-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\FF, Löschen bei Neustart, [e81e82bcef8d71c56442603121e3be42], PUP.Optional.ValueApps.A, HKU\S-1-5-21-208810273-1353525685-880446501-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps, Löschen bei Neustart, [58aef44ad7a54cea83f2106638cbd030], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 5 PUP.Optional.ValueApps.A, C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\vkf1tnk8.default\valueApps, In Quarantäne, [37cf61dddaa2d3632a407e902bd8ce32], PUP.Optional.ValueApps.A, C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\vkf1tnk8.default\valueApps\CT105780, In Quarantäne, [37cf61dddaa2d3632a407e902bd8ce32], PUP.Optional.Spigot.A, C:\Users\Paula\AppData\LocalLow\Search Settings, In Quarantäne, [3ec80638552796a02f5b021e36cd5fa1], PUP.Optional.Spigot.A, C:\Users\Paula\AppData\LocalLow\Search Settings\res, In Quarantäne, [3ec80638552796a02f5b021e36cd5fa1], PUP.Optional.Spigot.A, C:\Users\Paula\AppData\LocalLow\Search Settings\temp, In Quarantäne, [3ec80638552796a02f5b021e36cd5fa1], Dateien: 7 PUP.Optional.SweetIM, C:\Windows\Installer\1d565660.msi, In Quarantäne, [c1452d11463670c62c6b482c6b9ad32d], PUP.Optional.SweetIM, C:\Windows\Installer\1d565661.msi, In Quarantäne, [52b45ce2572502343a5dcba9b15444bc], PUP.Optional.SweetIM, C:\Windows\Installer\1d565667.msi, In Quarantäne, [60a699a5de9eab8b0a8d95df8b7a5fa1], PUP.Optional.SweetIM, C:\Windows\Installer\MSI4D7A.tmp, In Quarantäne, [9e685ee06e0ede581186aec61de80000], PUP.Optional.Conduit.A, C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\vkf1tnk8.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT105780&SearchSource=2&CUI=UN38777069523159666&UM=&q=");), Ersetzt,[dc2a013dee8e0c2a680394f232d3ec14] PUP.Optional.Conduit.A, C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\vkf1tnk8.default\prefs.js, Gut: (), Schlecht: (user_pref("CT105780.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT105780&SearchSource=2&CUI=UN38777069523159666&q=");), Ersetzt,[709692acec9048ee07785a2cfa0ba65a] PUP.Optional.Conduit.A, C:\Users\Paula\AppData\Roaming\Mozilla\Firefox\Profiles\vkf1tnk8.default\prefs.js, Gut: (), Schlecht: (user_pref("CT105780.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT105780&octid=CT105780&SearchSource=15&CUI=UN38777069523159666&SSPV=&Lay=1&UM=\"}");), Ersetzt,[a85edd6169138ea8137a46407f867b85] Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-11-2014 Ran by Timur (administrator) on TIMURS_WELT on 20-11-2014 23:22:48 Running from C:\Users\Timur\Downloads Loaded Profile: Timur (Available profiles: Timur & Paula) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (AMD) C:\Windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (AMD) C:\Windows\System32\atieclxx.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\KMWDSrv.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Silicon Motion) C:\Windows\SMIKsSTI.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (troubadix) C:\Program Files\TPFanControl\TPFanControl.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe (Lenovo) C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe (4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe (UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\StartAutorun.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe () C:\Program Files (x86)\XSManager\WTGService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\KMCONFIG.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (4G Systems GmbH & Co. KG) C:\Windows\service4g.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe (UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\KMProcess.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE () C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SMI_SSE_V5] => C:\Windows\SMIKsSTI.EXE [212992 2011-04-11] (Silicon Motion) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-03-24] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo Group Limited) HKLM\...\Run: [TPFanControl] => C:\Program Files\TPFanControl\TPFanControl.exe [153600 2012-06-07] (troubadix) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated) HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [31592 2011-04-14] (Lenovo) HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.) HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [161040 2010-03-19] (4G Systems GmbH & Co. KG) HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Silvercrest MTS2118 driver\StartAutorun.exe KMConfig.exe HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG) Startup: C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File) Startup: C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-208810273-1353525685-880446501-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-208810273-1353525685-880446501-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKU\S-1-5-21-208810273-1353525685-880446501-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad HKU\S-1-5-21-208810273-1353525685-880446501-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000 -> DefaultScope {14AAFA68-7DBC-4106-BECD-A4FA128278BF} URL = SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000 -> {14AAFA68-7DBC-4106-BECD-A4FA128278BF} URL = SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000 -> {C731C52B-0332-41A8-9DD3-7442821F6E1E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: FGCatchUrl -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: FlashGet GetFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Timur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @talk.google.com/O1DPlugin -> C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Timur\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Timur\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Timur\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF Extension: WOT - C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-11-03] FF Extension: 1-Click YouTube Video Downloader - C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-11-03] FF Extension: NoScript - C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-03] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-17] Chrome: ======= CHR Profile: C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18] CHR Extension: (Google Drive) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-18] CHR Extension: (YouTube) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-18] CHR Extension: (Google-Suche) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-18] CHR Extension: (Avira Browser Safety) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-18] CHR Extension: (Google Wallet) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18] CHR Extension: (Google Mail) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-18] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-20] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG) S2 BrazosTweaker; C:\Program Files\BrazosTweaker\BrazosTweakerService.exe [187904 2012-01-21] () [File not signed] R2 KMWDSERVICE; C:\Program Files (x86)\Silvercrest MTS2118 driver\KMWDSrv.exe [208896 2007-06-16] (UASSOFT.COM) [File not signed] R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [443240 2011-03-02] (Lenovo Group Limited) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] () R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] () R2 XS Stick Service; C:\Windows\service4g.exe [145680 2010-03-19] (4G Systems GmbH & Co. KG) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2011-10-13] (Mobile Connector) S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-20] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.) R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [210048 2011-04-11] (SMI) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-20 23:22 - 2014-11-20 23:22 - 00000000 ____D () C:\Users\Timur\Downloads\FRST-OlderVersion 2014-11-20 23:16 - 2014-11-20 23:17 - 00008210 _____ () C:\Users\Timur\Desktop\JRT.txt 2014-11-20 22:44 - 2014-11-20 22:44 - 00000000 ____D () C:\Windows\ERUNT 2014-11-20 22:39 - 2014-11-20 22:39 - 01707532 _____ (Thisisu) C:\Users\Timur\Downloads\JRT(1).exe 2014-11-20 22:35 - 2014-11-20 22:35 - 00015540 _____ () C:\Users\Timur\Desktop\AdwCleaner[S0].txt 2014-11-20 21:58 - 2014-11-20 22:24 - 00000000 ____D () C:\AdwCleaner 2014-11-20 21:53 - 2014-11-20 21:53 - 00004620 _____ () C:\Users\Timur\Desktop\MBAM.txt 2014-11-20 19:06 - 2014-11-20 23:13 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-20 19:05 - 2014-11-20 19:05 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-20 19:05 - 2014-11-20 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-20 19:05 - 2014-11-20 19:05 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-20 19:05 - 2014-11-20 19:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-20 19:05 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-20 19:05 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-20 19:05 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-20 19:02 - 2014-11-20 19:03 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Timur\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-20 18:59 - 2014-11-20 18:59 - 01707532 _____ (Thisisu) C:\Users\Timur\Downloads\JRT.exe 2014-11-20 18:51 - 2014-11-20 18:51 - 02140160 _____ () C:\Users\Timur\Downloads\AdwCleaner_4.101.exe 2014-11-14 21:28 - 2014-11-14 21:28 - 00029671 _____ () C:\ComboFix.txt 2014-11-14 20:11 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-11-14 20:11 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-11-14 20:11 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-11-14 20:10 - 2014-11-14 21:29 - 00000000 ____D () C:\ComboFix 2014-11-14 19:37 - 2014-11-14 19:37 - 00000000 ____D () C:\Users\Timur\Documents\ProcAlyzer Dumps 2014-11-14 19:32 - 2014-11-14 21:28 - 00000000 ____D () C:\Qoobox 2014-11-14 19:31 - 2014-11-14 21:21 - 00000000 ____D () C:\Windows\erdnt 2014-11-14 19:30 - 2014-11-14 19:30 - 05598504 ____R (Swearware) C:\Users\Timur\Downloads\ComboFix.exe 2014-11-14 11:39 - 2014-11-14 11:39 - 00000000 _____ () C:\Windows\SysWOW64\sho7E9D.tmp 2014-11-13 18:47 - 2014-11-13 18:48 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Timur\Downloads\tdsskiller.exe 2014-11-12 21:46 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 21:46 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-12 21:46 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 21:46 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 21:46 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 21:46 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 21:46 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-12 21:46 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-12 21:46 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-12 21:46 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-12 21:46 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 21:46 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-12 21:46 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-12 21:46 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 21:46 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 21:46 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-12 21:46 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-12 21:46 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-12 21:46 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-12 21:46 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 21:46 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-12 21:46 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-12 21:45 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 21:45 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 21:45 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 21:45 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 21:45 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 21:45 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 21:45 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 21:45 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 21:45 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 21:45 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 21:45 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 21:45 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 21:45 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 21:45 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-12 21:45 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-12 21:45 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-12 21:45 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 21:45 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-12 21:45 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 21:45 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-12 21:45 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-12 21:45 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 21:45 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-12 21:45 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 21:45 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 21:45 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 21:45 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-12 21:45 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 21:45 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-12 21:45 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-12 21:45 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 21:45 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-12 21:45 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-12 21:45 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-12 20:44 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 20:44 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-12 20:34 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 20:34 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 20:34 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 20:34 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 20:34 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-12 20:34 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-12 20:34 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-12 20:34 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-12 20:34 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-12 20:32 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 20:32 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 20:32 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 20:32 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 20:32 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 20:32 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-12 20:32 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-12 20:32 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-12 20:32 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 20:32 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 20:32 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-12 20:32 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-12 20:32 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 20:32 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-12 20:29 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-12 20:20 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 20:20 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-12 20:20 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 20:20 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-12 20:20 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 20:12 - 2014-11-14 22:00 - 00000000 ____D () C:\Users\Timur\Desktop\A 2014-11-09 16:40 - 2014-11-09 16:40 - 00006585 _____ () C:\Users\Timur\Downloads\GMER LOG 09.11.14.log 2014-11-09 16:01 - 2014-11-09 16:01 - 00380416 _____ () C:\Users\Timur\Downloads\Gmer-19357.exe 2014-11-09 15:51 - 2014-11-09 15:54 - 00038951 _____ () C:\Users\Timur\Downloads\Addition.txt 2014-11-09 15:46 - 2014-11-20 23:24 - 00021096 _____ () C:\Users\Timur\Downloads\FRST.txt 2014-11-09 15:45 - 2014-11-20 23:23 - 00000000 ____D () C:\FRST 2014-11-09 15:43 - 2014-11-20 23:22 - 02117632 _____ (Farbar) C:\Users\Timur\Downloads\FRST64.exe 2014-11-09 15:39 - 2014-11-09 15:39 - 00000472 _____ () C:\Users\Timur\Downloads\defogger_disable.log 2014-11-09 15:39 - 2014-11-09 15:39 - 00000000 _____ () C:\Users\Timur\defogger_reenable 2014-11-09 15:35 - 2014-11-09 15:35 - 00050477 _____ () C:\Users\Timur\Downloads\Defogger.exe 2014-11-09 14:46 - 2014-11-09 14:46 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-11-03 15:38 - 2014-11-03 15:38 - 01054912 _____ (Adobe) C:\Users\Timur\Downloads\install_flashplayer15x32au_mssd_aaa_aih(1).exe 2014-10-29 11:11 - 2014-10-29 11:11 - 00000000 ____D () C:\Windows\pss 2014-10-29 10:25 - 2014-10-29 10:25 - 00000017 _____ () C:\Windows\SysWOW64\shortcut_ex.dat 2014-10-25 12:14 - 2014-10-25 12:14 - 00000189 _____ () C:\Users\Timur\Documents\capslock2shift.reg.txt 2014-10-25 11:15 - 2014-03-08 13:26 - 00450770 _____ () C:\Windows\system32\Drivers\etc\hosts.20141025-121514.backup 2014-10-24 20:00 - 2014-10-24 20:01 - 00373352 _____ () C:\Windows\Minidump\102414-39405-01.dmp 2014-10-23 19:22 - 2014-10-23 19:23 - 00000000 ____D () C:\8a9c394ada2cd8e467357e 2014-10-22 14:15 - 2014-10-22 14:15 - 00000000 ____D () C:\Users\Timur\Downloads\jquery-slider-master ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-20 23:24 - 2011-09-09 08:44 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job 2014-11-20 23:19 - 2011-09-09 19:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-20 23:16 - 2011-09-09 08:44 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job 2014-11-20 22:47 - 2013-12-14 20:21 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA.job 2014-11-20 22:42 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-20 22:42 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-20 22:38 - 2012-03-29 11:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-20 22:36 - 2013-10-31 12:53 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-11-20 22:33 - 2011-09-09 19:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-20 22:32 - 2014-01-29 21:46 - 00023686 _____ () C:\Windows\PFRO.log 2014-11-20 22:32 - 2013-12-26 16:26 - 00020499 _____ () C:\Windows\setupact.log 2014-11-20 22:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-20 22:31 - 2011-07-26 16:37 - 02018113 _____ () C:\Windows\WindowsUpdate.log 2014-11-20 21:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2014-11-20 21:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2014-11-14 22:14 - 2011-09-09 19:11 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-14 22:14 - 2011-09-09 19:11 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-14 21:30 - 2011-09-09 08:44 - 00003498 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2014-11-14 21:30 - 2011-09-09 08:44 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher 2014-11-14 21:28 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2014-11-14 21:15 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-11-14 21:12 - 2009-07-14 03:34 - 83099648 _____ () C:\Windows\system32\config\software.bak 2014-11-14 21:12 - 2009-07-14 03:34 - 19398656 _____ () C:\Windows\system32\config\system.bak 2014-11-14 21:12 - 2009-07-14 03:34 - 05242880 _____ () C:\Windows\system32\config\default.bak 2014-11-14 21:12 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak 2014-11-14 21:12 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak 2014-11-14 20:03 - 2013-12-10 09:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-11-14 20:03 - 2012-05-14 20:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-14 19:36 - 2012-07-14 11:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-11-14 16:47 - 2013-12-14 20:21 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core.job 2014-11-14 16:42 - 2013-12-14 20:21 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA 2014-11-14 16:42 - 2013-12-14 20:21 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core 2014-11-14 12:21 - 2013-08-17 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-14 12:05 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-14 12:05 - 2009-07-14 05:45 - 00300824 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-14 11:27 - 2013-07-14 01:28 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-14 11:10 - 2011-09-09 17:28 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-14 11:01 - 2011-07-27 02:17 - 00700118 _____ () C:\Windows\system32\perfh007.dat 2014-11-14 11:01 - 2011-07-27 02:17 - 00149968 _____ () C:\Windows\system32\perfc007.dat 2014-11-14 11:01 - 2009-07-14 06:13 - 01622228 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-14 11:00 - 2012-03-29 11:02 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-14 11:00 - 2012-03-29 11:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-14 11:00 - 2011-09-09 20:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-12 19:56 - 2014-07-21 16:28 - 00006653 _____ () C:\Users\Timur\Desktop\Neues Textdokument.txt 2014-11-12 19:56 - 2013-09-30 19:24 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\SoftGrid Client 2014-11-12 19:49 - 2011-09-09 18:51 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\Mozilla 2014-11-09 15:39 - 2011-09-09 08:43 - 00000000 ____D () C:\Users\Timur 2014-11-09 14:46 - 2014-08-14 14:36 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-09 14:46 - 2012-10-18 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-11-09 14:45 - 2012-10-18 16:49 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-11-08 11:49 - 2013-07-18 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-11-07 22:02 - 2013-09-06 00:30 - 00287232 ___SH () C:\Users\Timur\Desktop\Thumbs.db 2014-11-07 21:49 - 2013-09-05 10:05 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\Skype 2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-29 11:19 - 2012-11-21 10:39 - 00000000 ____D () C:\Program Files (x86)\BlueGriffon 2014-10-29 09:48 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-10-25 10:04 - 2014-09-10 09:59 - 00000000 ____D () C:\Users\Timur\Desktop\Alte Firefox-Daten 2014-10-24 20:00 - 2014-01-11 20:38 - 421380719 _____ () C:\Windows\MEMORY.DMP 2014-10-24 20:00 - 2011-12-05 01:05 - 00000000 ____D () C:\Windows\Minidump 2014-10-22 11:33 - 2013-12-12 21:43 - 00195072 ___SH () C:\Users\Timur\Documents\Thumbs.db 2014-10-22 10:20 - 2011-09-09 08:44 - 00004238 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask Some content of TEMP: ==================== C:\Users\Timur\AppData\Local\Temp\avgnt.exe C:\Users\Timur\AppData\Local\Temp\Quarantine.exe C:\Users\Timur\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-14 13:40 ==================== End Of Log ============================ --- --- --- |
|
21.11.2014, 17:40
| #11 |
| /// the machine /// TB-Ausbilder | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere ProblemeESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.11.2014, 23:13
| #12 |
| | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere ProblemeCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ea3d8841ed57774e93983a73200f5a46
# engine=21206
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-22 12:51:53
# local_time=2014-11-22 01:51:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 36802 70542099 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 36218 168247363 0 0
# scanned=204705
# found=7
# cleaned=0
# scan_time=21131
sh=BBB8DA37255AE27AE1E343E5A6DAA4FD6CBB5876 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM125.zip"
sh=3288E9A22B4466DEF478E69B0933CA3F80635975 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM34.zip"
sh=63A3E4BBC3A205FACEA22C418EE99C1F27370628 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\ProgramData\Spybot - Search & Destroy\Recovery\SweetIM35.zip"
sh=BBB8DA37255AE27AE1E343E5A6DAA4FD6CBB5876 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM125.zip"
sh=3288E9A22B4466DEF478E69B0933CA3F80635975 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM34.zip"
sh=63A3E4BBC3A205FACEA22C418EE99C1F27370628 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip Wurm" ac=I fn="C:\Users\All Users\Spybot - Search & Destroy\Recovery\SweetIM35.zip"
sh=445BCCA20D40E2493528626BF7DE1EA03DDDDD1C ft=1 fh=c2cdec92b89ae136 vn="Win32/DownWare.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Timur\Documents\Timur\Downloads\setup-bluegriffon.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.90 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` JavaFX 2.1.1 Java 7 Update 67 Java version out of Date! Adobe Flash Player 15.0.0.223 Adobe Reader XI Mozilla Firefox (33.1) Mozilla Thunderbird (24.5.0) Google Chrome (38.0.2125.104) Google Chrome (38.0.2125.111) Google Chrome (chrome.exe..) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-11-2014 01 Ran by Timur (administrator) on TIMURS_WELT on 22-11-2014 23:10:09 Running from C:\Users\Timur\Downloads Loaded Profiles: Timur & (Available profiles: Timur & Paula) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (AMD) C:\Windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (AMD) C:\Windows\System32\atieclxx.exe (Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\KMWDSrv.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Lenovo) C:\Config.Msi\ed67cd.rbf (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\XSManager\WTGService.exe (4G Systems GmbH & Co. KG) C:\Windows\service4g.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe (4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe (Lenovo) C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Silicon Motion) C:\Windows\SMIKsSTI.exe (Lenovo) C:\Config.Msi\ed68b0.rbf () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (troubadix) C:\Program Files\TPFanControl\TPFanControl.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\StartAutorun.exe (UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\KMCONFIG.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (UASSOFT.COM) C:\Program Files (x86)\Silvercrest MTS2118 driver\KMProcess.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE () C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SMI_SSE_V5] => C:\Windows\SMIKsSTI.EXE [212992 2011-04-11] (Silicon Motion) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [310912 2011-03-24] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-04-04] (Lenovo Group Limited) HKLM\...\Run: [TPFanControl] => C:\Program Files\TPFanControl\TPFanControl.exe [153600 2012-06-07] (troubadix) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated) HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63832 2014-03-14] (Lenovo) HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4309184 2011-02-09] (Lenovo, Inc.) HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [161040 2010-03-19] (4G Systems GmbH & Co. KG) HKLM-x32\...\Run: [KMCONFIG] => C:\Program Files (x86)\Silvercrest MTS2118 driver\StartAutorun.exe KMConfig.exe HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-11-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG) Startup: C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File) Startup: C:\Users\Paula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-208810273-1353525685-880446501-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-208810273-1353525685-880446501-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKU\S-1-5-21-208810273-1353525685-880446501-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad HKU\S-1-5-21-208810273-1353525685-880446501-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000 -> DefaultScope {14AAFA68-7DBC-4106-BECD-A4FA128278BF} URL = SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000 -> {14AAFA68-7DBC-4106-BECD-A4FA128278BF} URL = SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000 -> {C731C52B-0332-41A8-9DD3-7442821F6E1E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {14AAFA68-7DBC-4106-BECD-A4FA128278BF} URL = SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {14AAFA68-7DBC-4106-BECD-A4FA128278BF} URL = SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C731C52B-0332-41A8-9DD3-7442821F6E1E} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: FGCatchUrl -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: FlashGet GetFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Timur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @talk.google.com/O1DPlugin -> C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Timur\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Timur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Timur\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-208810273-1353525685-880446501-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Timur\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Timur\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Timur\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF Extension: WOT - C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-11-03] FF Extension: 1-Click YouTube Video Downloader - C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-11-03] FF Extension: NoScript - C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\zvx37y5k.default-1414227857682\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-03] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-17] Chrome: ======= CHR Profile: C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18] CHR Extension: (Google Drive) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-18] CHR Extension: (YouTube) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-18] CHR Extension: (Google-Suche) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-18] CHR Extension: (Avira Browser Safety) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-18] CHR Extension: (Google Wallet) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18] CHR Extension: (Google Mail) - C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-18] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-11-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-11-20] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG) S2 BrazosTweaker; C:\Program Files\BrazosTweaker\BrazosTweakerService.exe [187904 2012-01-21] () [File not signed] R2 KMWDSERVICE; C:\Program Files (x86)\Silvercrest MTS2118 driver\KMWDSrv.exe [208896 2007-06-16] (UASSOFT.COM) [File not signed] R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [443240 2011-03-02] (Lenovo Group Limited) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] () R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [304592 2009-06-22] () R2 XS Stick Service; C:\Windows\service4g.exe [145680 2010-03-19] (4G Systems GmbH & Co. KG) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG) S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2011-10-13] (Mobile Connector) S3 cmnsusbser; C:\Windows\SysWOW64\DRIVERS\cmnsusbser.sys [117888 2008-10-31] (Mobile Connector) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation) R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.) R3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [210048 2011-04-11] (SMI) S3 catchme; \??\C:\ComboFix\catchme.sys [X] R3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-22 22:59 - 2014-11-22 22:59 - 00001096 _____ () C:\Users\Timur\Desktop\checkup.txt 2014-11-22 19:48 - 2014-11-22 19:48 - 00854414 _____ () C:\Users\Timur\Downloads\SecurityCheck.exe 2014-11-21 21:10 - 2014-11-21 21:10 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\PCDr 2014-11-21 20:29 - 2014-11-21 20:29 - 00000000 ____D () C:\ProgramData\PCDr 2014-11-21 19:54 - 2014-11-21 19:54 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-11-21 19:50 - 2014-11-21 19:51 - 02347384 _____ (ESET) C:\Users\Timur\Downloads\esetsmartinstaller_deu.exe 2014-11-20 23:26 - 2014-11-20 23:26 - 00045006 _____ () C:\Users\Timur\Desktop\FRST.txt 2014-11-20 23:22 - 2014-11-22 23:10 - 00000000 ____D () C:\Users\Timur\Downloads\FRST-OlderVersion 2014-11-20 23:16 - 2014-11-20 23:17 - 00008210 _____ () C:\Users\Timur\Desktop\JRT.txt 2014-11-20 22:44 - 2014-11-20 22:44 - 00000000 ____D () C:\Windows\ERUNT 2014-11-20 22:39 - 2014-11-20 22:39 - 01707532 _____ (Thisisu) C:\Users\Timur\Downloads\JRT(1).exe 2014-11-20 22:35 - 2014-11-20 22:35 - 00015540 _____ () C:\Users\Timur\Desktop\AdwCleaner[S0].txt 2014-11-20 21:58 - 2014-11-20 22:24 - 00000000 ____D () C:\AdwCleaner 2014-11-20 21:53 - 2014-11-20 21:53 - 00004620 _____ () C:\Users\Timur\Desktop\MBAM.txt 2014-11-20 19:06 - 2014-11-22 23:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-20 19:05 - 2014-11-20 19:05 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-20 19:05 - 2014-11-20 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-20 19:05 - 2014-11-20 19:05 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-20 19:05 - 2014-11-20 19:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-20 19:05 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-20 19:05 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-20 19:05 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-20 19:02 - 2014-11-20 19:03 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Timur\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-20 18:59 - 2014-11-20 18:59 - 01707532 _____ (Thisisu) C:\Users\Timur\Downloads\JRT.exe 2014-11-20 18:51 - 2014-11-20 18:51 - 02140160 _____ () C:\Users\Timur\Downloads\AdwCleaner_4.101.exe 2014-11-20 18:47 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-20 18:47 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-20 18:47 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-20 18:47 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2014-11-14 21:28 - 2014-11-14 21:28 - 00029671 _____ () C:\ComboFix.txt 2014-11-14 20:11 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-11-14 20:11 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-11-14 20:11 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-11-14 20:11 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-11-14 20:10 - 2014-11-14 21:29 - 00000000 ____D () C:\ComboFix 2014-11-14 19:37 - 2014-11-14 19:37 - 00000000 ____D () C:\Users\Timur\Documents\ProcAlyzer Dumps 2014-11-14 19:32 - 2014-11-14 21:28 - 00000000 ____D () C:\Qoobox 2014-11-14 19:31 - 2014-11-14 21:21 - 00000000 ____D () C:\Windows\erdnt 2014-11-14 19:30 - 2014-11-14 19:30 - 05598504 ____R (Swearware) C:\Users\Timur\Downloads\ComboFix.exe 2014-11-14 11:39 - 2014-11-14 11:39 - 00000000 _____ () C:\Windows\SysWOW64\sho7E9D.tmp 2014-11-13 18:47 - 2014-11-13 18:48 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Timur\Downloads\tdsskiller.exe 2014-11-12 21:46 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 21:46 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-12 21:46 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 21:46 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 21:46 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 21:46 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 21:46 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-12 21:46 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-12 21:46 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-12 21:46 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-12 21:46 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 21:46 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-12 21:46 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-12 21:46 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 21:46 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 21:46 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-12 21:46 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-12 21:46 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-12 21:46 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-12 21:46 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 21:46 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-12 21:46 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-12 21:45 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 21:45 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 21:45 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 21:45 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 21:45 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 21:45 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 21:45 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 21:45 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 21:45 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 21:45 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 21:45 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 21:45 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 21:45 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 21:45 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-12 21:45 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-12 21:45 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-12 21:45 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 21:45 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-12 21:45 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 21:45 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-12 21:45 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-12 21:45 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 21:45 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-12 21:45 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 21:45 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 21:45 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 21:45 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-12 21:45 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 21:45 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-12 21:45 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-12 21:45 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 21:45 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-12 21:45 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-12 21:45 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-12 20:44 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 20:44 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-12 20:34 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 20:34 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 20:34 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 20:34 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 20:34 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-12 20:34 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-12 20:34 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-12 20:34 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-12 20:34 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-12 20:32 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 20:32 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 20:32 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 20:32 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 20:32 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 20:32 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-12 20:32 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-12 20:32 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-12 20:32 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 20:32 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 20:32 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-12 20:32 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-12 20:32 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 20:32 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-12 20:29 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-12 20:29 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-12 20:29 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-12 20:20 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 20:20 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-12 20:20 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 20:20 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-12 20:20 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 20:12 - 2014-11-14 22:00 - 00000000 ____D () C:\Users\Timur\Desktop\A 2014-11-09 16:40 - 2014-11-09 16:40 - 00006585 _____ () C:\Users\Timur\Downloads\GMER LOG 09.11.14.log 2014-11-09 16:01 - 2014-11-09 16:01 - 00380416 _____ () C:\Users\Timur\Downloads\Gmer-19357.exe 2014-11-09 15:51 - 2014-11-09 15:54 - 00038951 _____ () C:\Users\Timur\Downloads\Addition.txt 2014-11-09 15:46 - 2014-11-22 23:10 - 00023806 _____ () C:\Users\Timur\Downloads\FRST.txt 2014-11-09 15:45 - 2014-11-22 23:10 - 00000000 ____D () C:\FRST 2014-11-09 15:43 - 2014-11-22 23:10 - 02118144 _____ (Farbar) C:\Users\Timur\Downloads\FRST64.exe 2014-11-09 15:39 - 2014-11-09 15:39 - 00000472 _____ () C:\Users\Timur\Downloads\defogger_disable.log 2014-11-09 15:39 - 2014-11-09 15:39 - 00000000 _____ () C:\Users\Timur\defogger_reenable 2014-11-09 15:35 - 2014-11-09 15:35 - 00050477 _____ () C:\Users\Timur\Downloads\Defogger.exe 2014-11-09 14:46 - 2014-11-09 14:46 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-11-03 15:38 - 2014-11-03 15:38 - 01054912 _____ (Adobe) C:\Users\Timur\Downloads\install_flashplayer15x32au_mssd_aaa_aih(1).exe 2014-10-29 11:11 - 2014-10-29 11:11 - 00000000 ____D () C:\Windows\pss 2014-10-29 10:25 - 2014-10-29 10:25 - 00000017 _____ () C:\Windows\SysWOW64\shortcut_ex.dat 2014-10-25 12:14 - 2014-10-25 12:14 - 00000189 _____ () C:\Users\Timur\Documents\capslock2shift.reg.txt 2014-10-25 11:15 - 2014-03-08 13:26 - 00450770 _____ () C:\Windows\system32\Drivers\etc\hosts.20141025-121514.backup 2014-10-24 20:00 - 2014-10-24 20:01 - 00373352 _____ () C:\Windows\Minidump\102414-39405-01.dmp 2014-10-23 19:22 - 2014-10-23 19:23 - 00000000 ____D () C:\8a9c394ada2cd8e467357e ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-22 23:09 - 2011-09-09 19:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-22 23:01 - 2011-09-09 08:44 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job 2014-11-22 22:59 - 2011-09-09 19:11 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-22 22:57 - 2013-12-14 20:21 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA.job 2014-11-22 22:57 - 2012-03-29 11:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-22 19:50 - 2011-07-26 16:37 - 01054252 _____ () C:\Windows\WindowsUpdate.log 2014-11-22 19:42 - 2013-12-14 20:21 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core.job 2014-11-21 21:10 - 2011-09-09 08:44 - 00003498 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2014-11-21 21:09 - 2011-09-09 08:44 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher 2014-11-21 20:49 - 2014-09-04 10:27 - 00000000 ____D () C:\Windows\System32\Tasks\TVT 2014-11-21 20:45 - 2011-07-26 17:18 - 00000000 ____D () C:\Windows\Downloaded Installations 2014-11-21 20:29 - 2011-09-09 08:44 - 00004238 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2014-11-21 20:29 - 2011-09-09 08:44 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job 2014-11-21 16:37 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-21 16:37 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-21 16:31 - 2013-10-31 12:53 - 00196608 _____ () C:\Windows\system32\Ikeext.etl 2014-11-21 16:26 - 2013-12-26 16:26 - 00020611 _____ () C:\Windows\setupact.log 2014-11-21 16:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-20 22:32 - 2014-01-29 21:46 - 00023686 _____ () C:\Windows\PFRO.log 2014-11-20 22:26 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2014-11-20 21:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2014-11-14 22:14 - 2011-09-09 19:11 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-14 22:14 - 2011-09-09 19:11 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-14 21:28 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2014-11-14 21:15 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-11-14 21:12 - 2009-07-14 03:34 - 83099648 _____ () C:\Windows\system32\config\software.bak 2014-11-14 21:12 - 2009-07-14 03:34 - 19398656 _____ () C:\Windows\system32\config\system.bak 2014-11-14 21:12 - 2009-07-14 03:34 - 05242880 _____ () C:\Windows\system32\config\default.bak 2014-11-14 21:12 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.bak 2014-11-14 21:12 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak 2014-11-14 20:03 - 2013-12-10 09:05 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-11-14 20:03 - 2012-05-14 20:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-14 19:36 - 2012-07-14 11:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-11-14 16:42 - 2013-12-14 20:21 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000UA 2014-11-14 16:42 - 2013-12-14 20:21 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-208810273-1353525685-880446501-1000Core 2014-11-14 12:21 - 2013-08-17 22:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-14 12:05 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-14 12:05 - 2009-07-14 05:45 - 00300824 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-14 11:27 - 2013-07-14 01:28 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-14 11:10 - 2011-09-09 17:28 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-14 11:01 - 2011-07-27 02:17 - 00700118 _____ () C:\Windows\system32\perfh007.dat 2014-11-14 11:01 - 2011-07-27 02:17 - 00149968 _____ () C:\Windows\system32\perfc007.dat 2014-11-14 11:01 - 2009-07-14 06:13 - 01622228 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-14 11:00 - 2012-03-29 11:02 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-14 11:00 - 2012-03-29 11:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-11-14 11:00 - 2011-09-09 20:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-12 19:56 - 2014-07-21 16:28 - 00006653 _____ () C:\Users\Timur\Desktop\Neues Textdokument.txt 2014-11-12 19:56 - 2013-09-30 19:24 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\SoftGrid Client 2014-11-12 19:49 - 2011-09-09 18:51 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\Mozilla 2014-11-09 15:39 - 2011-09-09 08:43 - 00000000 ____D () C:\Users\Timur 2014-11-09 14:46 - 2014-08-14 14:36 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-09 14:46 - 2012-10-18 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-11-09 14:45 - 2012-10-18 16:49 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-11-08 11:49 - 2013-07-18 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-11-07 22:02 - 2013-09-06 00:30 - 00287232 ___SH () C:\Users\Timur\Desktop\Thumbs.db 2014-11-07 21:49 - 2013-09-05 10:05 - 00000000 ____D () C:\Users\Timur\AppData\Roaming\Skype 2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-29 11:19 - 2012-11-21 10:39 - 00000000 ____D () C:\Program Files (x86)\BlueGriffon 2014-10-29 09:48 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-10-25 10:04 - 2014-09-10 09:59 - 00000000 ____D () C:\Users\Timur\Desktop\Alte Firefox-Daten 2014-10-24 20:00 - 2014-01-11 20:38 - 421380719 _____ () C:\Windows\MEMORY.DMP 2014-10-24 20:00 - 2011-12-05 01:05 - 00000000 ____D () C:\Windows\Minidump Some content of TEMP: ==================== C:\Users\Timur\AppData\Local\Temp\avgnt.exe C:\Users\Timur\AppData\Local\Temp\Quarantine.exe C:\Users\Timur\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-14 13:40 ==================== End Of Log ============================ --- --- --- |
|
23.11.2014, 15:00
| #13 |
| /// the machine /// TB-Ausbilder | Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme Java updaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Tastatur plötzlicher Wechsel Groß/Kleinschreibung und weitere Probleme |
| anklicken, desktop, firefox, firefox neue fenster statt fenster, gehäuft, icon, klicke, klicken, lieber, markieren problem, mitglieder, neues, ordner, plötzlicher, problem, probleme, retten, schwer, tastatur, tastatur spinnt, troja, trojaner-board, verhalten, wechsel, wechselt, öffnet |
Hybrid-Darstellung
