![]() |
|
Log-Analyse und Auswertung: Open Candy Virus, CPU-Auslastung 100 %Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
|
![]() | #1 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Open Candy Virus, CPU-Auslastung 100 % TDSS-Killer Downloade dir bitte ![]()
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte ![]()
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #2 |
![]() ![]() | ![]() Open Candy Virus, CPU-Auslastung 100 %Code:
ATTFilter 09:44:12.0276 4900 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 09:44:14.0975 4900 ============================================================ 09:44:14.0975 4900 Current date / time: 2014/02/05 09:44:14.0975 09:44:14.0975 4900 SystemInfo: 09:44:14.0975 4900 09:44:14.0975 4900 OS Version: 6.0.6002 ServicePack: 2.0 09:44:14.0975 4900 Product type: Workstation 09:44:14.0975 4900 ComputerName: LEO-PC 09:44:14.0975 4900 UserName: Leo 09:44:14.0975 4900 Windows directory: C:\Windows 09:44:14.0975 4900 System windows directory: C:\Windows 09:44:14.0975 4900 Processor architecture: Intel x86 09:44:14.0975 4900 Number of processors: 2 09:44:14.0975 4900 Page size: 0x1000 09:44:14.0975 4900 Boot type: Normal boot 09:44:14.0975 4900 ============================================================ 09:44:15.0599 4900 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 09:44:15.0614 4900 ============================================================ 09:44:15.0614 4900 \Device\Harddisk0\DR0: 09:44:15.0614 4900 MBR partitions: 09:44:15.0614 4900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1411800, BlocksNum 0x2D5270B0 09:44:15.0614 4900 ============================================================ 09:44:15.0739 4900 C: <-> \Device\Harddisk0\DR0\Partition1 09:44:15.0739 4900 ============================================================ 09:44:15.0739 4900 Initialize success 09:44:15.0739 4900 ============================================================ 09:44:32.0307 0280 ============================================================ 09:44:32.0307 0280 Scan started 09:44:32.0307 0280 Mode: Manual; SigCheck; TDLFS; 09:44:32.0307 0280 ============================================================ 09:44:32.0947 0280 ================ Scan system memory ======================== 09:44:32.0947 0280 System memory - ok 09:44:32.0947 0280 ================ Scan services ============================= 09:44:33.0384 0280 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 09:44:34.0429 0280 ACDaemon - ok 09:44:34.0601 0280 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 09:44:34.0632 0280 ACPI - ok 09:44:34.0725 0280 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 09:44:34.0757 0280 AdobeFlashPlayerUpdateSvc - ok 09:44:34.0819 0280 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 09:44:34.0866 0280 adp94xx - ok 09:44:34.0897 0280 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 09:44:34.0928 0280 adpahci - ok 09:44:34.0959 0280 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 09:44:34.0991 0280 adpu160m - ok 09:44:35.0037 0280 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 09:44:35.0069 0280 adpu320 - ok 09:44:35.0131 0280 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 09:44:35.0178 0280 AeLookupSvc - ok 09:44:35.0256 0280 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys 09:44:35.0318 0280 AFD - ok 09:44:35.0381 0280 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 09:44:35.0396 0280 agp440 - ok 09:44:35.0427 0280 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 09:44:35.0459 0280 aic78xx - ok 09:44:35.0771 0280 [ BBE9054FDADC8D49D29C5DA4FB84A803 ] Akamai c:\program files\common files\akamai/netsession_win_8fa3539.dll 09:44:35.0771 0280 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803 09:44:35.0786 0280 Akamai ( HiddenFile.Multi.Generic ) - warning 09:44:35.0786 0280 Akamai - detected HiddenFile.Multi.Generic (1) 09:44:35.0817 0280 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 09:44:35.0880 0280 ALG - ok 09:44:35.0911 0280 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 09:44:35.0942 0280 aliide - ok 09:44:35.0958 0280 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 09:44:35.0973 0280 amdagp - ok 09:44:35.0989 0280 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 09:44:36.0020 0280 amdide - ok 09:44:36.0036 0280 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 09:44:36.0098 0280 AmdK7 - ok 09:44:36.0145 0280 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 09:44:36.0207 0280 AmdK8 - ok 09:44:36.0239 0280 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 09:44:36.0270 0280 Appinfo - ok 09:44:36.0379 0280 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 09:44:36.0395 0280 Apple Mobile Device - ok 09:44:36.0473 0280 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 09:44:36.0488 0280 arc - ok 09:44:36.0519 0280 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 09:44:36.0551 0280 arcsas - ok 09:44:36.0597 0280 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 09:44:36.0613 0280 ArcSoftKsUFilter - ok 09:44:36.0785 0280 [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 09:44:36.0816 0280 aspnet_state - ok 09:44:36.0847 0280 [ 6F1505608202BBD179095A6A150D103F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 09:44:36.0878 0280 aswMonFlt - ok 09:44:36.0941 0280 [ B269C41DF93EFF71DF0986BD982D1C46 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys 09:44:36.0956 0280 aswRdr - ok 09:44:37.0019 0280 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 09:44:37.0050 0280 aswRvrt - ok 09:44:37.0128 0280 [ 0F639D0526820BA7872C963813E0EB8D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 09:44:37.0190 0280 aswSnx - ok 09:44:37.0253 0280 [ 7BA7543EA7936A7ADA615F6DE7C95494 ] aswSP C:\Windows\system32\drivers\aswSP.sys 09:44:37.0331 0280 aswSP - ok 09:44:37.0377 0280 [ 875D2B1054F2ECD8F575D6CBE78DD7BA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 09:44:37.0409 0280 aswTdi - ok 09:44:37.0580 0280 [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 09:44:37.0611 0280 aswVmm - ok 09:44:37.0658 0280 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 09:44:37.0689 0280 AsyncMac - ok 09:44:37.0814 0280 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys 09:44:37.0830 0280 atapi - ok 09:44:38.0033 0280 [ 1EA05449220E3D755477CE517A83846B ] athr C:\Windows\system32\DRIVERS\athr.sys 09:44:38.0221 0280 athr - ok 09:44:38.0829 0280 [ 6455100A6CDB1DEDC551E12FD41BC519 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 09:44:38.0923 0280 Ati External Event Utility - ok 09:44:39.0640 0280 [ 9F66D1BA97911731133E46212539A08D ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 09:44:40.0202 0280 atikmdag - ok 09:44:40.0264 0280 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 09:44:40.0311 0280 AudioEndpointBuilder - ok 09:44:40.0327 0280 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 09:44:40.0389 0280 Audiosrv - ok 09:44:40.0483 0280 [ D74884939D53612FD84AC82C59CCFE27 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 09:44:40.0498 0280 avast! Antivirus - ok 09:44:40.0576 0280 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 09:44:40.0608 0280 Beep - ok 09:44:40.0717 0280 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 09:44:40.0795 0280 BFE - ok 09:44:40.0904 0280 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll 09:44:40.0966 0280 BITS - ok 09:44:41.0013 0280 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 09:44:41.0091 0280 blbdrive - ok 09:44:41.0216 0280 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 09:44:41.0247 0280 Bonjour Service - ok 09:44:41.0294 0280 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys 09:44:41.0325 0280 bowser - ok 09:44:41.0419 0280 [ 46B72A8C5F545AFAFF30F4A468844FBA ] BoxSyncUpdateService C:\Program Files\Box\Box Sync\SyncUpdaterService.exe 09:44:41.0419 0280 BoxSyncUpdateService ( UnsignedFile.Multi.Generic ) - warning 09:44:41.0419 0280 BoxSyncUpdateService - detected UnsignedFile.Multi.Generic (1) 09:44:41.0466 0280 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 09:44:41.0528 0280 BrFiltLo - ok 09:44:41.0606 0280 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 09:44:41.0637 0280 BrFiltUp - ok 09:44:41.0684 0280 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 09:44:41.0731 0280 Browser - ok 09:44:41.0793 0280 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 09:44:41.0902 0280 Brserid - ok 09:44:41.0934 0280 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 09:44:42.0012 0280 BrSerWdm - ok 09:44:42.0043 0280 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 09:44:42.0168 0280 BrUsbMdm - ok 09:44:42.0214 0280 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 09:44:42.0308 0280 BrUsbSer - ok 09:44:42.0386 0280 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 09:44:42.0495 0280 BTHMODEM - ok 09:44:42.0573 0280 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\Windows\system32\drivers\BVRPMPR5.SYS 09:44:42.0604 0280 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning 09:44:42.0604 0280 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1) 09:44:42.0838 0280 catchme - ok 09:44:42.0870 0280 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 09:44:42.0948 0280 cdfs - ok 09:44:43.0088 0280 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 09:44:43.0150 0280 cdrom - ok 09:44:43.0197 0280 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 09:44:43.0291 0280 CertPropSvc - ok 09:44:43.0650 0280 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 09:44:43.0712 0280 circlass - ok 09:44:43.0899 0280 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 09:44:43.0946 0280 CLFS - ok 09:44:44.0040 0280 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:44:44.0071 0280 clr_optimization_v2.0.50727_32 - ok 09:44:44.0133 0280 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:44:44.0164 0280 clr_optimization_v4.0.30319_32 - ok 09:44:44.0211 0280 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 09:44:44.0289 0280 CmBatt - ok 09:44:44.0383 0280 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 09:44:44.0398 0280 cmdide - ok 09:44:44.0445 0280 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 09:44:44.0461 0280 Compbatt - ok 09:44:44.0461 0280 COMSysApp - ok 09:44:44.0508 0280 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 09:44:44.0523 0280 crcdisk - ok 09:44:44.0554 0280 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 09:44:44.0664 0280 Crusoe - ok 09:44:44.0788 0280 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll 09:44:44.0820 0280 CryptSvc - ok 09:44:44.0929 0280 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 09:44:44.0991 0280 DcomLaunch - ok 09:44:45.0069 0280 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys 09:44:45.0147 0280 DfsC - ok 09:44:45.0397 0280 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 09:44:45.0600 0280 DFSR - ok 09:44:45.0756 0280 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 09:44:45.0834 0280 Dhcp - ok 09:44:45.0896 0280 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 09:44:45.0912 0280 disk - ok 09:44:45.0958 0280 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys 09:44:45.0974 0280 DMICall - ok 09:44:46.0021 0280 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll 09:44:46.0068 0280 Dnscache - ok 09:44:46.0146 0280 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 09:44:46.0208 0280 dot3svc - ok 09:44:46.0239 0280 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 09:44:46.0333 0280 DPS - ok 09:44:46.0380 0280 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 09:44:46.0442 0280 drmkaud - ok 09:44:46.0489 0280 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 09:44:46.0551 0280 DXGKrnl - ok 09:44:46.0598 0280 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 09:44:46.0707 0280 E1G60 - ok 09:44:46.0785 0280 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 09:44:46.0848 0280 EapHost - ok 09:44:46.0926 0280 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 09:44:46.0941 0280 Ecache - ok 09:44:47.0175 0280 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 09:44:47.0206 0280 ehRecvr - ok 09:44:47.0284 0280 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 09:44:47.0378 0280 ehSched - ok 09:44:47.0409 0280 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 09:44:47.0456 0280 ehstart - ok 09:44:47.0550 0280 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 09:44:47.0596 0280 elxstor - ok 09:44:47.0659 0280 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 09:44:47.0737 0280 EMDMgmt - ok 09:44:47.0768 0280 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 09:44:47.0815 0280 ErrDev - ok 09:44:47.0877 0280 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 09:44:47.0924 0280 EventSystem - ok 09:44:48.0002 0280 [ BA6063E3375F9BC11A9C8450A7F61E70 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 09:44:48.0064 0280 EvtEng ( UnsignedFile.Multi.Generic ) - warning 09:44:48.0064 0280 EvtEng - detected UnsignedFile.Multi.Generic (1) 09:44:48.0127 0280 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 09:44:48.0174 0280 exfat - ok 09:44:48.0423 0280 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 09:44:48.0595 0280 fastfat - ok 09:44:48.0673 0280 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 09:44:48.0751 0280 fdc - ok 09:44:48.0938 0280 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 09:44:49.0063 0280 fdPHost - ok 09:44:49.0484 0280 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 09:44:49.0936 0280 FDResPub - ok 09:44:50.0186 0280 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 09:44:50.0202 0280 FileInfo - ok 09:44:50.0233 0280 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 09:44:50.0295 0280 Filetrace - ok 09:44:50.0498 0280 [ 1A18EBD87AA9FBF6EFE8CFADA08D0275 ] FirebirdGuardianDefaultInstance C:\Program Files\firebird\firebird_2_5\bin\fbguard.exe 09:44:50.0545 0280 FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - warning 09:44:50.0545 0280 FirebirdGuardianDefaultInstance - detected UnsignedFile.Multi.Generic (1) 09:44:50.0935 0280 [ 53C740150C082AAF3C7D21C1D6A9FF98 ] FirebirdServerDefaultInstance C:\Program Files\firebird\firebird_2_5\bin\fbserver.exe 09:44:52.0074 0280 FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - warning 09:44:52.0074 0280 FirebirdServerDefaultInstance - detected UnsignedFile.Multi.Generic (1) 09:44:52.0261 0280 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 09:44:52.0339 0280 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning 09:44:52.0339 0280 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1) 09:44:52.0417 0280 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 09:44:52.0495 0280 flpydisk - ok 09:44:52.0557 0280 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 09:44:52.0588 0280 FltMgr - ok 09:44:52.0698 0280 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll 09:44:52.0854 0280 FontCache - ok 09:44:52.0963 0280 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 09:44:52.0978 0280 FontCache3.0.0.0 - ok 09:44:53.0025 0280 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 09:44:53.0072 0280 Fs_Rec - ok 09:44:53.0119 0280 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 09:44:53.0150 0280 gagp30kx - ok 09:44:53.0197 0280 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 09:44:53.0212 0280 GEARAspiWDM - ok 09:44:53.0259 0280 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 09:44:53.0353 0280 gpsvc - ok 09:44:53.0400 0280 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 09:44:53.0509 0280 HdAudAddService - ok 09:44:53.0571 0280 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 09:44:53.0649 0280 HDAudBus - ok 09:44:53.0712 0280 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 09:44:53.0790 0280 HidBth - ok 09:44:53.0805 0280 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 09:44:53.0883 0280 HidIr - ok 09:44:53.0930 0280 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll 09:44:53.0977 0280 hidserv - ok 09:44:54.0008 0280 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 09:44:54.0070 0280 HidUsb - ok 09:44:54.0133 0280 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 09:44:54.0180 0280 hkmsvc - ok 09:44:54.0211 0280 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 09:44:54.0242 0280 HpCISSs - ok 09:44:54.0258 0280 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS 09:44:54.0304 0280 HSFHWAZL - ok 09:44:54.0601 0280 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS 09:44:54.0726 0280 HSF_DPV - ok 09:44:54.0772 0280 HSXHWAZL - ok 09:44:54.0835 0280 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys 09:44:54.0913 0280 HTTP - ok 09:44:54.0960 0280 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 09:44:54.0991 0280 i2omp - ok 09:44:55.0022 0280 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 09:44:55.0069 0280 i8042prt - ok 09:44:55.0116 0280 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 09:44:55.0131 0280 iaStor - ok 09:44:55.0256 0280 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 09:44:55.0272 0280 iaStorV - ok 09:44:55.0412 0280 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 09:44:55.0490 0280 idsvc - ok 09:44:55.0552 0280 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 09:44:55.0568 0280 iirsp - ok 09:44:55.0724 0280 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 09:44:55.0802 0280 IKEEXT - ok 09:44:56.0192 0280 [ 3AA1F82EFA2B0454AF163124C9920D16 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 09:44:56.0488 0280 IntcAzAudAddService - ok 09:44:56.0956 0280 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 09:44:56.0988 0280 intelide - ok 09:44:57.0050 0280 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 09:44:57.0128 0280 intelppm - ok 09:44:57.0175 0280 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 09:44:57.0253 0280 IPBusEnum - ok 09:44:57.0409 0280 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:44:57.0487 0280 IpFilterDriver - ok 09:44:57.0799 0280 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 09:44:57.0861 0280 iphlpsvc - ok 09:44:57.0877 0280 IpInIp - ok 09:44:57.0955 0280 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 09:44:58.0017 0280 IPMIDRV - ok 09:44:58.0048 0280 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 09:44:58.0126 0280 IPNAT - ok 09:44:58.0251 0280 [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 09:44:58.0329 0280 iPod Service - ok 09:44:58.0407 0280 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 09:44:58.0454 0280 IRENUM - ok 09:44:58.0548 0280 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 09:44:58.0563 0280 isapnp - ok 09:44:58.0626 0280 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 09:44:58.0657 0280 iScsiPrt - ok 09:44:58.0672 0280 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 09:44:58.0704 0280 iteatapi - ok 09:44:58.0828 0280 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 09:44:58.0844 0280 iteraid - ok 09:44:58.0953 0280 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe 09:44:58.0969 0280 IviRegMgr - ok 09:44:59.0000 0280 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 09:44:59.0031 0280 kbdclass - ok 09:44:59.0094 0280 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 09:44:59.0156 0280 kbdhid - ok 09:44:59.0218 0280 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe 09:44:59.0250 0280 KeyIso - ok 09:44:59.0328 0280 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 09:44:59.0359 0280 KSecDD - ok 09:44:59.0421 0280 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 09:44:59.0546 0280 KtmRm - ok 09:44:59.0593 0280 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll 09:44:59.0655 0280 LanmanServer - ok 09:44:59.0702 0280 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 09:44:59.0764 0280 LanmanWorkstation - ok 09:44:59.0796 0280 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 09:44:59.0874 0280 lltdio - ok 09:44:59.0905 0280 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 09:44:59.0967 0280 lltdsvc - ok 09:44:59.0983 0280 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 09:45:00.0092 0280 lmhosts - ok 09:45:00.0123 0280 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 09:45:00.0154 0280 LSI_FC - ok 09:45:00.0186 0280 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 09:45:00.0217 0280 LSI_SAS - ok 09:45:00.0232 0280 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 09:45:00.0264 0280 LSI_SCSI - ok 09:45:00.0295 0280 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 09:45:00.0357 0280 luafv - ok 09:45:00.0420 0280 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 09:45:00.0435 0280 MBAMProtector - ok 09:45:00.0622 0280 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 09:45:00.0669 0280 MBAMScheduler - ok 09:45:00.0747 0280 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 09:45:00.0778 0280 MBAMService - ok 09:45:00.0841 0280 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 09:45:00.0872 0280 Mcx2Svc - ok 09:45:00.0888 0280 mdmxsdk - ok 09:45:00.0919 0280 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 09:45:00.0950 0280 megasas - ok 09:45:00.0981 0280 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 09:45:01.0044 0280 MegaSR - ok 09:45:01.0168 0280 Microsoft SharePoint Workspace Audit Service - ok 09:45:01.0309 0280 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 09:45:01.0356 0280 MMCSS - ok 09:45:01.0387 0280 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 09:45:01.0465 0280 Modem - ok 09:45:01.0527 0280 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 09:45:01.0590 0280 monitor - ok 09:45:01.0621 0280 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 09:45:01.0652 0280 mouclass - ok 09:45:01.0683 0280 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 09:45:01.0746 0280 mouhid - ok 09:45:01.0792 0280 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 09:45:01.0824 0280 MountMgr - ok 09:45:01.0902 0280 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 09:45:01.0917 0280 MozillaMaintenance - ok 09:45:01.0964 0280 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 09:45:01.0995 0280 mpio - ok 09:45:02.0011 0280 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 09:45:02.0073 0280 mpsdrv - ok 09:45:02.0151 0280 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll 09:45:02.0214 0280 MpsSvc - ok 09:45:02.0276 0280 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 09:45:02.0292 0280 Mraid35x - ok 09:45:02.0323 0280 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 09:45:02.0401 0280 MRxDAV - ok 09:45:02.0448 0280 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 09:45:02.0479 0280 mrxsmb - ok 09:45:02.0526 0280 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:45:02.0572 0280 mrxsmb10 - ok 09:45:02.0604 0280 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:45:02.0650 0280 mrxsmb20 - ok 09:45:02.0697 0280 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys 09:45:02.0713 0280 msahci - ok 09:45:02.0744 0280 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 09:45:02.0775 0280 msdsm - ok 09:45:02.0822 0280 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 09:45:02.0869 0280 MSDTC - ok 09:45:02.0900 0280 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 09:45:02.0962 0280 Msfs - ok 09:45:03.0025 0280 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 09:45:03.0040 0280 msisadrv - ok 09:45:03.0072 0280 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 09:45:03.0134 0280 MSiSCSI - ok 09:45:03.0134 0280 msiserver - ok 09:45:03.0165 0280 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 09:45:03.0243 0280 MSKSSRV - ok 09:45:03.0274 0280 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 09:45:03.0321 0280 MSPCLOCK - ok 09:45:03.0337 0280 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 09:45:03.0384 0280 MSPQM - ok 09:45:03.0555 0280 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 09:45:03.0586 0280 MsRPC - ok 09:45:03.0664 0280 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 09:45:03.0680 0280 mssmbios - ok 09:45:03.0711 0280 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 09:45:03.0774 0280 MSTEE - ok 09:45:03.0883 0280 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys 09:45:03.0898 0280 Mup - ok 09:45:03.0961 0280 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll 09:45:04.0070 0280 napagent - ok 09:45:04.0132 0280 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 09:45:04.0226 0280 NativeWifiP - ok 09:45:04.0382 0280 [ 1BBBF640BC0E0B750537BAECE8D66C18 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe 09:45:04.0429 0280 NAUpdate - ok 09:45:04.0476 0280 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys 09:45:04.0507 0280 NDIS - ok 09:45:04.0554 0280 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 09:45:04.0600 0280 NdisTapi - ok 09:45:04.0632 0280 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 09:45:04.0694 0280 Ndisuio - ok 09:45:04.0725 0280 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 09:45:04.0772 0280 NdisWan - ok 09:45:04.0850 0280 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 09:45:04.0897 0280 NDProxy - ok 09:45:04.0959 0280 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 09:45:04.0959 0280 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 09:45:04.0959 0280 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 09:45:05.0006 0280 [ 1352E1648213551923A0A822E441553C ] Netaapl C:\Windows\system32\DRIVERS\netaapl.sys 09:45:05.0037 0280 Netaapl - ok 09:45:05.0084 0280 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 09:45:05.0146 0280 NetBIOS - ok 09:45:05.0240 0280 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 09:45:05.0318 0280 netbt - ok 09:45:05.0349 0280 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe 09:45:05.0380 0280 Netlogon - ok 09:45:05.0427 0280 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 09:45:05.0490 0280 Netman - ok 09:45:05.0521 0280 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:45:05.0568 0280 NetMsmqActivator - ok 09:45:05.0568 0280 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:45:05.0599 0280 NetPipeActivator - ok 09:45:05.0630 0280 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 09:45:05.0677 0280 netprofm - ok 09:45:05.0692 0280 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:45:05.0724 0280 NetTcpActivator - ok 09:45:05.0724 0280 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:45:05.0755 0280 NetTcpPortSharing - ok 09:45:05.0911 0280 [ BA420E8EBFCAD35581FE8E4C64F71469 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys 09:45:06.0160 0280 NETw5v32 - ok 09:45:06.0238 0280 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 09:45:06.0270 0280 nfrd960 - ok 09:45:06.0316 0280 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 09:45:06.0363 0280 NlaSvc - ok 09:45:06.0426 0280 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys 09:45:06.0472 0280 Npfs - ok 09:45:06.0582 0280 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 09:45:06.0675 0280 nsi - ok 09:45:06.0738 0280 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 09:45:06.0784 0280 nsiproxy - ok 09:45:07.0081 0280 [ 276BFF84AD77DD23E1085E191F5A591F ] NSUService C:\Program Files\sony\Network Utility\NSUService.exe 09:45:07.0128 0280 NSUService ( UnsignedFile.Multi.Generic ) - warning 09:45:07.0128 0280 NSUService - detected UnsignedFile.Multi.Generic (1) 09:45:07.0346 0280 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 09:45:07.0455 0280 Ntfs - ok 09:45:07.0486 0280 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 09:45:07.0564 0280 ntrigdigi - ok 09:45:07.0596 0280 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 09:45:07.0642 0280 Null - ok 09:45:07.0705 0280 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 09:45:07.0720 0280 nvraid - ok 09:45:07.0861 0280 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 09:45:07.0876 0280 nvstor - ok 09:45:07.0970 0280 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 09:45:08.0001 0280 nv_agp - ok 09:45:08.0017 0280 NwlnkFlt - ok 09:45:08.0017 0280 NwlnkFwd - ok 09:45:08.0048 0280 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 09:45:08.0126 0280 ohci1394 - ok 09:45:08.0407 0280 [ A2FF28F46E52911D4B7A32EBA5AE64BB ] OpenVPNService C:\Program Files\FH-Aachen OpenVPN\bin\openvpnserv.exe 09:45:08.0422 0280 OpenVPNService ( UnsignedFile.Multi.Generic ) - warning 09:45:08.0422 0280 OpenVPNService - detected UnsignedFile.Multi.Generic (1) 09:45:08.0594 0280 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:45:08.0641 0280 ose - ok 09:45:09.0187 0280 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 09:45:09.0592 0280 osppsvc - ok 09:45:09.0639 0280 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll 09:45:09.0733 0280 p2pimsvc - ok 09:45:09.0748 0280 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll 09:45:09.0795 0280 p2psvc - ok 09:45:09.0873 0280 [ B8040C5C1FC1FBBBE5C78CB9EDA343EC ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe 09:45:09.0889 0280 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning 09:45:09.0889 0280 PACSPTISVR - detected UnsignedFile.Multi.Generic (1) 09:45:09.0936 0280 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 09:45:10.0014 0280 Parport - ok 09:45:10.0060 0280 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys 09:45:10.0092 0280 partmgr - ok 09:45:10.0123 0280 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 09:45:10.0232 0280 Parvdm - ok 09:45:10.0263 0280 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 09:45:10.0294 0280 PcaSvc - ok 09:45:10.0326 0280 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys 09:45:10.0357 0280 pci - ok 09:45:10.0388 0280 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 09:45:10.0419 0280 pciide - ok 09:45:10.0435 0280 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 09:45:10.0466 0280 pcmcia - ok 09:45:10.0513 0280 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 09:45:10.0606 0280 PEAUTH - ok 09:45:10.0700 0280 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 09:45:10.0856 0280 pla - ok 09:45:10.0887 0280 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 09:45:10.0950 0280 PlugPlay - ok 09:45:10.0981 0280 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 09:45:10.0996 0280 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 09:45:10.0996 0280 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 09:45:11.0028 0280 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 09:45:11.0106 0280 PNRPAutoReg - ok 09:45:11.0121 0280 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll 09:45:11.0199 0280 PNRPsvc - ok 09:45:11.0262 0280 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 09:45:11.0308 0280 PolicyAgent - ok 09:45:11.0402 0280 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 09:45:11.0511 0280 PptpMiniport - ok 09:45:11.0527 0280 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 09:45:11.0605 0280 Processor - ok 09:45:11.0653 0280 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll 09:45:11.0699 0280 ProfSvc - ok 09:45:11.0731 0280 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe 09:45:11.0809 0280 ProtectedStorage - ok 09:45:11.0871 0280 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys 09:45:11.0918 0280 PSched - ok 09:45:11.0996 0280 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys 09:45:12.0011 0280 PxHelp20 - ok 09:45:12.0121 0280 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 09:45:12.0199 0280 ql2300 - ok 09:45:12.0245 0280 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 09:45:12.0277 0280 ql40xx - ok 09:45:12.0308 0280 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 09:45:12.0355 0280 QWAVE - ok 09:45:12.0386 0280 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 09:45:12.0417 0280 QWAVEdrv - ok 09:45:12.0448 0280 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 09:45:12.0526 0280 RasAcd - ok 09:45:12.0620 0280 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 09:45:12.0713 0280 RasAuto - ok 09:45:12.0745 0280 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 09:45:13.0384 0280 Rasl2tp - ok 09:45:13.0743 0280 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll 09:45:13.0837 0280 RasMan - ok 09:45:13.0915 0280 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 09:45:13.0993 0280 RasPppoe - ok 09:45:14.0024 0280 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 09:45:14.0071 0280 RasSstp - ok 09:45:14.0133 0280 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 09:45:14.0164 0280 rdbss - ok 09:45:14.0258 0280 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 09:45:14.0336 0280 RDPCDD - ok 09:45:14.0398 0280 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 09:45:14.0461 0280 rdpdr - ok 09:45:14.0476 0280 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 09:45:14.0523 0280 RDPENCDD - ok 09:45:14.0695 0280 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 09:45:14.0741 0280 RDPWD - ok 09:45:14.0773 0280 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys 09:45:14.0788 0280 regi - ok 09:45:14.0960 0280 [ 7EEEEC28A34516E66137F355DCC15BDB ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 09:45:15.0038 0280 RegSrvc ( UnsignedFile.Multi.Generic ) - warning 09:45:15.0038 0280 RegSrvc - detected UnsignedFile.Multi.Generic (1) 09:45:15.0147 0280 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 09:45:15.0194 0280 RemoteAccess - ok 09:45:15.0272 0280 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll 09:45:15.0303 0280 RemoteRegistry - ok 09:45:15.0365 0280 [ F7D9ECF41EBD3CF6C65944368150F66B ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys 09:45:15.0412 0280 rimsptsk - ok 09:45:15.0459 0280 [ 1BE6C42767A7C67BA31AE32B293B37A3 ] risdptsk C:\Windows\system32\DRIVERS\risdptsk.sys 09:45:15.0506 0280 risdptsk - ok 09:45:15.0553 0280 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 09:45:15.0599 0280 RpcLocator - ok 09:45:15.0646 0280 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll 09:45:15.0693 0280 RpcSs - ok 09:45:15.0740 0280 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 09:45:15.0849 0280 rspndr - ok 09:45:15.0865 0280 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe 09:45:15.0896 0280 SamSs - ok 09:45:15.0927 0280 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 09:45:15.0943 0280 sbp2port - ok 09:45:15.0989 0280 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll 09:45:16.0036 0280 SCardSvr - ok 09:45:16.0192 0280 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll 09:45:16.0348 0280 Schedule - ok 09:45:16.0426 0280 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll 09:45:16.0457 0280 SCPolicySvc - ok 09:45:16.0520 0280 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 09:45:16.0598 0280 sdbus - ok 09:45:16.0676 0280 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 09:45:16.0723 0280 SDRSVC - ok 09:45:16.0769 0280 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 09:45:16.0879 0280 secdrv - ok 09:45:16.0941 0280 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 09:45:16.0988 0280 seclogon - ok 09:45:17.0019 0280 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll 09:45:17.0081 0280 SENS - ok 09:45:17.0128 0280 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 09:45:17.0237 0280 Serenum - ok 09:45:17.0269 0280 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 09:45:17.0362 0280 Serial - ok 09:45:17.0393 0280 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 09:45:17.0440 0280 sermouse - ok 09:45:17.0518 0280 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 09:45:17.0565 0280 SessionEnv - ok 09:45:17.0643 0280 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys 09:45:17.0690 0280 SFEP - ok 09:45:17.0721 0280 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 09:45:17.0783 0280 sffdisk - ok 09:45:17.0799 0280 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 09:45:17.0846 0280 sffp_mmc - ok 09:45:17.0861 0280 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 09:45:17.0939 0280 sffp_sd - ok 09:45:17.0971 0280 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 09:45:18.0033 0280 sfloppy - ok 09:45:18.0142 0280 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 09:45:18.0236 0280 SharedAccess - ok 09:45:18.0329 0280 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 09:45:18.0361 0280 ShellHWDetection - ok 09:45:18.0407 0280 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 09:45:18.0439 0280 sisagp - ok 09:45:18.0470 0280 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 09:45:18.0485 0280 SiSRaid2 - ok 09:45:18.0532 0280 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 09:45:18.0548 0280 SiSRaid4 - ok 09:45:18.0797 0280 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe 09:45:19.0250 0280 slsvc - ok 09:45:19.0515 0280 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 09:45:19.0609 0280 SLUINotify - ok 09:45:19.0702 0280 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys 09:45:19.0733 0280 Smb - ok 09:45:19.0827 0280 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 09:45:19.0874 0280 SNMPTRAP - ok 09:45:20.0513 0280 [ 7B24EFA2A60BA7388FECDA63AB24560A ] SOHCImp C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe 09:45:20.0529 0280 SOHCImp - ok 09:45:20.0607 0280 [ 140FCF5FFAE4EFBA9740A9FD8B49E0BF ] SOHDBSvr C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe 09:45:20.0623 0280 SOHDBSvr - ok 09:45:20.0669 0280 [ D8C244121A06B581B097D9617D94CFF1 ] SOHDms C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe 09:45:20.0701 0280 SOHDms - ok 09:45:20.0732 0280 [ 2DB561887EA122B946BBE2821473EDD8 ] SOHDs C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe 09:45:20.0747 0280 SOHDs - ok 09:45:20.0810 0280 [ AB9EE246A1EB2C3C7C6CB16E0B9462F7 ] SOHPlMgr C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe 09:45:20.0825 0280 SOHPlMgr - ok 09:45:20.0872 0280 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 09:45:20.0888 0280 spldr - ok 09:45:21.0059 0280 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe 09:45:21.0091 0280 Spooler - ok 09:45:21.0231 0280 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\Windows\system32\Drivers\sptd.sys 09:45:21.0231 0280 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505 09:45:21.0247 0280 sptd ( LockedFile.Multi.Generic ) - warning 09:45:21.0247 0280 sptd - detected LockedFile.Multi.Generic (1) 09:45:21.0309 0280 [ 8831252BCF05FCFB5ABD116A22E552D8 ] sp_rsdrv2 C:\Windows\system32\drivers\sp_rsdrv2.sys 09:45:21.0356 0280 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning 09:45:21.0356 0280 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1) 09:45:21.0465 0280 [ 4A4A857713740E1564F0B7623493AF06 ] sp_rssrv C:\Program Files\Spyware Terminator\sp_rsser.exe 09:45:21.0543 0280 sp_rssrv ( UnsignedFile.Multi.Generic ) - warning 09:45:21.0543 0280 sp_rssrv - detected UnsignedFile.Multi.Generic (1) 09:45:21.0730 0280 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys 09:45:21.0808 0280 srv - ok 09:45:22.0120 0280 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 09:45:22.0229 0280 srv2 - ok 09:45:22.0245 0280 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 09:45:22.0276 0280 srvnet - ok 09:45:22.0401 0280 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 09:45:22.0463 0280 SSDPSRV - ok 09:45:22.0510 0280 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 09:45:22.0557 0280 SstpSvc - ok 09:45:22.0619 0280 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll 09:45:22.0682 0280 stisvc - ok 09:45:22.0744 0280 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 09:45:22.0775 0280 swenum - ok 09:45:22.0807 0280 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll 09:45:22.0885 0280 swprv - ok 09:45:22.0900 0280 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 09:45:22.0916 0280 Symc8xx - ok 09:45:22.0963 0280 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 09:45:22.0994 0280 Sym_hi - ok 09:45:23.0009 0280 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 09:45:23.0025 0280 Sym_u3 - ok 09:45:23.0072 0280 [ 99DA94793332AADBB17BBB521AE56E21 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 09:45:23.0103 0280 SynTP - ok 09:45:23.0165 0280 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll 09:45:23.0243 0280 SysMain - ok 09:45:23.0306 0280 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 09:45:23.0368 0280 TabletInputService - ok 09:45:23.0415 0280 [ 98A1E6BC9F766B0B0A5BF00AF847EF20 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 09:45:23.0446 0280 tap0901 - ok 09:45:23.0540 0280 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll 09:45:23.0571 0280 TapiSrv - ok 09:45:23.0633 0280 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 09:45:23.0680 0280 TBS - ok 09:45:23.0836 0280 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 09:45:23.0945 0280 Tcpip - ok 09:45:24.0023 0280 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 09:45:24.0070 0280 Tcpip6 - ok 09:45:24.0117 0280 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 09:45:24.0148 0280 tcpipreg - ok 09:45:24.0195 0280 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 09:45:24.0242 0280 TDPIPE - ok 09:45:24.0273 0280 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 09:45:24.0320 0280 TDTCP - ok 09:45:24.0367 0280 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 09:45:24.0413 0280 tdx - ok 09:45:24.0601 0280 [ 8A9828975A857E477EFEF5A61BA45AC0 ] TeamViewer6 C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe 09:45:24.0725 0280 TeamViewer6 - ok 09:45:24.0757 0280 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 09:45:24.0772 0280 TermDD - ok 09:45:24.0819 0280 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll 09:45:24.0913 0280 TermService - ok 09:45:24.0944 0280 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll 09:45:24.0975 0280 Themes - ok 09:45:25.0006 0280 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 09:45:25.0053 0280 THREADORDER - ok 09:45:25.0115 0280 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 09:45:25.0193 0280 TrkWks - ok 09:45:25.0271 0280 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 09:45:25.0334 0280 TrustedInstaller - ok 09:45:25.0412 0280 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 09:45:25.0459 0280 tssecsrv - ok 09:45:25.0615 0280 [ 60C6AC47323C81712896C5C8C7974DD1 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe 09:45:25.0724 0280 TuneUp.UtilitiesSvc - ok 09:45:25.0786 0280 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys 09:45:25.0849 0280 TuneUpUtilitiesDrv - ok 09:45:25.0895 0280 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 09:45:25.0989 0280 tunmp - ok 09:45:26.0083 0280 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 09:45:26.0129 0280 tunnel - ok 09:45:26.0270 0280 [ 3338B908F6383053D956229A1EB2F6A3 ] tvnserver C:\Program Files\TightVNC\tvnserver.exe 09:45:26.0332 0280 tvnserver - ok 09:45:26.0363 0280 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 09:45:26.0395 0280 uagp35 - ok 09:45:26.0441 0280 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 09:45:26.0457 0280 uCamMonitor - ok 09:45:26.0738 0280 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 09:45:26.0816 0280 udfs - ok 09:45:27.0346 0280 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 09:45:27.0549 0280 UI0Detect - ok 09:45:27.0565 0280 UIUSys - ok 09:45:27.0861 0280 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 09:45:27.0877 0280 uliagpkx - ok 09:45:28.0298 0280 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 09:45:28.0329 0280 uliahci - ok 09:45:28.0454 0280 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 09:45:28.0469 0280 UlSata - ok 09:45:28.0563 0280 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 09:45:28.0579 0280 ulsata2 - ok 09:45:28.0625 0280 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 09:45:28.0657 0280 umbus - ok 09:45:28.0875 0280 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 09:45:28.0937 0280 upnphost - ok 09:45:29.0000 0280 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 09:45:29.0047 0280 USBAAPL - ok 09:45:29.0109 0280 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 09:45:29.0187 0280 usbaudio - ok 09:45:29.0234 0280 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 09:45:29.0296 0280 usbccgp - ok 09:45:29.0515 0280 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 09:45:29.0671 0280 usbcir - ok 09:45:29.0780 0280 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 09:45:29.0811 0280 usbehci - ok 09:45:29.0936 0280 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 09:45:30.0014 0280 usbhub - ok 09:45:30.0029 0280 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 09:45:30.0107 0280 usbohci - ok 09:45:30.0185 0280 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 09:45:30.0248 0280 usbprint - ok 09:45:30.0341 0280 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 09:45:30.0388 0280 usbscan - ok 09:45:30.0451 0280 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:45:30.0482 0280 USBSTOR - ok 09:45:30.0513 0280 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 09:45:30.0575 0280 usbuhci - ok 09:45:30.0638 0280 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 09:45:30.0685 0280 usbvideo - ok 09:45:30.0716 0280 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll 09:45:30.0747 0280 UxSms - ok 09:45:30.0887 0280 [ 4E7135D6D0127067E4CFEE12259F895D ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe 09:45:30.0919 0280 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning 09:45:30.0919 0280 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1) 09:45:31.0137 0280 [ 73328C784ECFE7072BD102F370076B50 ] VAIO Event Service C:\Program Files\sony\VAIO Event Service\VESMgr.exe 09:45:31.0153 0280 VAIO Event Service - ok 09:45:31.0340 0280 [ 45A9AE4768840830D0239B52DFDC806A ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 09:45:31.0371 0280 VAIO Power Management - ok 09:45:31.0465 0280 [ 85BE2230CFEF3FB299358E45A33F29A9 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 09:45:31.0496 0280 VBoxNetAdp - ok 09:45:31.0527 0280 VBoxNetFlt - ok 09:45:31.0730 0280 [ 0ED1D51DCEC67F96CC313D02A1741CF3 ] VCFw C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 09:45:32.0557 0280 VCFw - ok 09:45:32.0650 0280 [ 7295A2B5795E7B8AA128E5DF5A29B656 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 09:45:32.0681 0280 VcmIAlzMgr - ok 09:45:32.0744 0280 [ 69C36D2A7B2169C336D9CE193C9B655E ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe 09:45:32.0759 0280 VcmXmlIfHelper - ok 09:45:32.0775 0280 Vcsw - ok 09:45:32.0822 0280 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe 09:45:32.0884 0280 vds - ok 09:45:32.0931 0280 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 09:45:32.0993 0280 vga - ok 09:45:33.0009 0280 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 09:45:33.0056 0280 VgaSave - ok 09:45:33.0227 0280 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 09:45:33.0259 0280 viaagp - ok 09:45:33.0617 0280 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 09:45:33.0680 0280 ViaC7 - ok 09:45:33.0727 0280 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 09:45:33.0758 0280 viaide - ok 09:45:33.0789 0280 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 09:45:33.0820 0280 volmgr - ok 09:45:34.0241 0280 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 09:45:34.0273 0280 volmgrx - ok 09:45:34.0335 0280 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys 09:45:34.0366 0280 volsnap - ok 09:45:34.0413 0280 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 09:45:34.0429 0280 vsmraid - ok 09:45:34.0585 0280 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe 09:45:34.0678 0280 VSS - ok 09:45:34.0819 0280 [ 79EB419F4A694B4514249E0D3DB16ECF ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe 09:45:34.0850 0280 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning 09:45:34.0850 0280 VzCdbSvc - detected UnsignedFile.Multi.Generic (1) 09:45:34.0990 0280 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll 09:45:35.0037 0280 W32Time - ok 09:45:35.0099 0280 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 09:45:35.0193 0280 WacomPen - ok 09:45:35.0240 0280 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 09:45:35.0302 0280 Wanarp - ok 09:45:35.0302 0280 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 09:45:35.0333 0280 Wanarpv6 - ok 09:45:35.0396 0280 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll 09:45:35.0489 0280 wcncsvc - ok 09:45:35.0567 0280 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 09:45:35.0614 0280 WcsPlugInService - ok 09:45:35.0661 0280 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 09:45:35.0692 0280 Wd - ok 09:45:35.0801 0280 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 09:45:35.0848 0280 Wdf01000 - ok 09:45:35.0864 0280 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 09:45:35.0957 0280 WdiServiceHost - ok 09:45:35.0957 0280 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 09:45:36.0020 0280 WdiSystemHost - ok 09:45:36.0067 0280 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll 09:45:36.0113 0280 WebClient - ok 09:45:36.0145 0280 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 09:45:36.0191 0280 Wecsvc - ok 09:45:36.0238 0280 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 09:45:36.0285 0280 wercplsupport - ok 09:45:36.0347 0280 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll 09:45:36.0394 0280 WerSvc - ok 09:45:36.0425 0280 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys 09:45:36.0441 0280 WimFltr - ok 09:45:36.0550 0280 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 09:45:36.0628 0280 winachsf - ok 09:45:36.0831 0280 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 09:45:36.0862 0280 WinDefend - ok 09:45:36.0878 0280 WinHttpAutoProxySvc - ok 09:45:36.0971 0280 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 09:45:37.0018 0280 Winmgmt - ok 09:45:37.0081 0280 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 09:45:37.0143 0280 WinRM - ok 09:45:37.0221 0280 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll 09:45:37.0315 0280 Wlansvc - ok 09:45:37.0689 0280 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 09:45:37.0939 0280 wlidsvc - ok 09:45:38.0001 0280 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 09:45:38.0079 0280 WmiAcpi - ok 09:45:38.0141 0280 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 09:45:38.0235 0280 wmiApSrv - ok 09:45:38.0313 0280 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 09:45:38.0375 0280 WMPNetworkSvc - ok 09:45:38.0438 0280 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll 09:45:38.0469 0280 WPCSvc - ok 09:45:38.0500 0280 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 09:45:38.0594 0280 WPDBusEnum - ok 09:45:38.0625 0280 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 09:45:38.0672 0280 WpdUsb - ok 09:45:38.0843 0280 [ 762CD41257671CE9DD1B57967537E0D9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 09:45:38.0906 0280 WPFFontCache_v0400 - ok 09:45:38.0937 0280 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 09:45:38.0984 0280 ws2ifsl - ok 09:45:39.0031 0280 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll 09:45:39.0062 0280 wscsvc - ok 09:45:39.0077 0280 WSearch - ok 09:45:39.0296 0280 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 09:45:39.0405 0280 wuauserv - ok 09:45:39.0467 0280 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 09:45:39.0530 0280 WUDFRd - ok 09:45:39.0561 0280 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 09:45:39.0623 0280 wudfsvc - ok 09:45:39.0655 0280 [ 7D4CCA3659FA0780603206E3D12A993F ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys 09:45:39.0686 0280 yukonwlh - ok 09:45:39.0717 0280 ================ Scan global =============================== 09:45:39.0795 0280 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 09:45:39.0857 0280 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 09:45:39.0873 0280 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll 09:45:39.0935 0280 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe 09:45:39.0935 0280 [Global] - ok 09:45:39.0935 0280 ================ Scan MBR ================================== 09:45:39.0951 0280 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 09:45:40.0840 0280 \Device\Harddisk0\DR0 - ok 09:45:40.0840 0280 ================ Scan VBR ================================== 09:45:40.0871 0280 [ 208F56093C77D878712EC462D2CB393A ] \Device\Harddisk0\DR0\Partition1 09:45:40.0887 0280 \Device\Harddisk0\DR0\Partition1 - ok 09:45:40.0887 0280 ============================================================ 09:45:40.0887 0280 Scan finished 09:45:40.0887 0280 ============================================================ 09:45:40.0887 4792 Detected object count: 18 09:45:40.0887 4792 Actual detected object count: 18 09:48:01.0524 4792 Akamai ( HiddenFile.Multi.Generic ) - skipped by user 09:48:01.0524 4792 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip 09:48:01.0524 4792 BoxSyncUpdateService ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0524 4792 BoxSyncUpdateService ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0524 4792 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0524 4792 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0524 4792 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0524 4792 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0524 4792 FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0524 4792 FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0524 4792 FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0524 4792 FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0540 4792 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0540 4792 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0540 4792 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0540 4792 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0540 4792 NSUService ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0540 4792 NSUService ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0540 4792 OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0540 4792 OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0540 4792 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0540 4792 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0555 4792 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0555 4792 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0555 4792 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0555 4792 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0555 4792 sptd ( LockedFile.Multi.Generic ) - skipped by user 09:48:01.0555 4792 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 09:48:01.0555 4792 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0555 4792 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0555 4792 sp_rssrv ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0555 4792 sp_rssrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0555 4792 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0555 4792 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 09:48:01.0571 4792 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user 09:48:01.0571 4792 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009 www.malwarebytes.org Database version: v2014.02.05.03 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 7.0.6002.18005 Leo :: LEO-PC [administrator] 05.02.2014 09:59:38 mbar-log-2014-02-05 (09-59-38).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged. Objects scanned: 236339 Time elapsed: 1 hour(s), 11 minute(s), 10 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Updater (Trojan.Agent) -> Data: C:\ProgramData\Updater\updater.exe -> Delete on reboot. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\ProgramData\Updater\updater.exe (Trojan.Agent) -> Delete on reboot. Physical Sectors Detected: 0 (No malicious items detected) (end) |
![]() |
Themen zu Open Candy Virus, CPU-Auslastung 100 % |
100%, anhang, anti-malware, auf einmal, cpu-auslastung, cpu-auslastung 100 %, interessante, log-datei, malwarebytes, malwarebytes anti-malware, nicht mehr, open candy, opencandy, pup.optional.dynconie.a, pup.optional.searchagent, pup.optional.searchdonkey.a, speichern, trojan.agent, vergessen, vollständige, wmiprvseexe, zusammen |