Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden (https://www.trojaner-board.de/126222-esed-meldet-tbhcn-exe-problem-malewarebytes-hat-pup-blabbers-gefunden.html)

nessie 28.10.2012 09:57
Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden
 
Hallo,

mein Esed meldet seid ein paar Tagen das nicht zu behebende Problem zur tbhcn.exe. Über google bin ich auf dieses bereits bekannte Problem gestoßen. Habe jetzt dann auch gleich Malewarebytes installiert und den kompletten Scan durchgeführt. Hierbei ist die Anwendung PUP. Blabbers betroffen, so Malewarebytes. Da ich kein Spezi in dieser Sache bin, habe ich bis auf den Scan noch nichts weiter unternommen und hoffe sehr auf Eure Hilfe:confused:.
Log anbei.

Lieben Dank schon einmal.

VG nessie

cosinus 28.10.2012 12:51
1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

nessie 29.10.2012 07:01
Hallo Cosinus,

zunächst einmal ganz lieben Dank für Deine schnelle Hilfe!
Anbei die entsprechenden Log Dateien.

LG
nessie

nessie 29.10.2012 07:08
Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-29 06:08:56
-----------------------------
06:08:56.734    OS Version: Windows x64 6.1.7600
06:08:56.734    Number of processors: 2 586 0x2505
06:08:56.734    ComputerName: NESSIE-VAIO  UserName: nessie
06:08:57.764    Initialize success
06:12:30.237    AVAST engine defs: 12102801
06:13:20.719    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
06:13:20.735    Disk 0 Vendor: ST932032 0006 Size: 305245MB BusType: 3
06:13:20.735    Disk 1  \Device\Harddisk1\DR1 -> \Device\00000068
06:13:20.735    Disk 1 Vendor: RICOH 02 Size: 1934MB BusType: 0
06:13:20.766    Disk 0 MBR read successfully
06:13:20.766    Disk 0 MBR scan
06:13:20.782    Disk 0 Windows 7 default MBR code
06:13:20.797    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        13719 MB offset 2048
06:13:20.828    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 28098560
06:13:20.844    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      291424 MB offset 28303360
06:13:20.891    Disk 0 scanning C:\Windows\system32\drivers
06:13:36.101    Service scanning
06:14:10.592    Modules scanning
06:14:11.123    Disk 0 trace - called modules:
06:14:11.138    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
06:14:11.154    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80044ea060]
06:14:11.170    3 CLASSPNP.SYS[fffff88001a8543f] -> nt!IofCallDriver -> [0xfffffa800356c750]
06:14:11.170    5 ACPI.sys[fffff88000ef8781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004376050]
06:14:12.308    AVAST engine scan C:\Windows
06:14:15.756    AVAST engine scan C:\Windows\system32
06:19:30.892    AVAST engine scan C:\Windows\system32\drivers
06:19:58.067    AVAST engine scan C:\Users\nessie
06:21:37.190    Disk 0 MBR has been saved successfully to "C:\Users\nessie\Desktop\MBR.dat"
06:21:37.206    The log file has been saved successfully to "C:\Users\nessie\Desktop\aswMBR.txt"
06:38:05.699    AVAST engine scan C:\ProgramData
06:45:59.099    Scan finished successfully
06:48:29.077    Disk 0 MBR has been saved successfully to "C:\Users\nessie\Desktop\MBR.dat"
06:48:29.093    The log file has been saved successfully to "C:\Users\nessie\Desktop\aswMBR.txt"
hm, wie bekomme ich das LOG den geladen?
:headbang:
TDSSKiller.2.8.13.0_29.10.2012_06.53.16_log.txt:
Die Datei, die Sie anhängen möchten, ist zu groß. Die maximale Dateigröße für diesen Dateityp beträgt 97,7 KB. Ihre Datei ist 139,3 KB groß.

ah - mit komplett posten meinst Du einfügen!
Code:
06:53:16.0649 8016  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
06:53:17.0099 8016  ============================================================
06:53:17.0099 8016  Current date / time: 2012/10/29 06:53:17.0099
06:53:17.0099 8016  SystemInfo:
06:53:17.0099 8016 
06:53:17.0099 8016  OS Version: 6.1.7600 ServicePack: 0.0
06:53:17.0099 8016  Product type: Workstation
06:53:17.0099 8016  ComputerName: NESSIE-VAIO
06:53:17.0099 8016  UserName: nessie
06:53:17.0099 8016  Windows directory: C:\Windows
06:53:17.0099 8016  System windows directory: C:\Windows
06:53:17.0099 8016  Running under WOW64
06:53:17.0099 8016  Processor architecture: Intel x64
06:53:17.0099 8016  Number of processors: 2
06:53:17.0099 8016  Page size: 0x1000
06:53:17.0099 8016  Boot type: Normal boot
06:53:17.0099 8016  ============================================================
06:53:17.0939 8016  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:53:18.0049 8016  Drive \Device\Harddisk1\DR1 - Size: 0x78EE0A00 (1.89 Gb), SectorSize: 0x200, Cylinders: 0xF6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
06:53:18.0119 8016  ============================================================
06:53:18.0119 8016  \Device\Harddisk0\DR0:
06:53:18.0119 8016  MBR partitions:
06:53:18.0119 8016  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1ACC000, BlocksNum 0x32000
06:53:18.0119 8016  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1AFE000, BlocksNum 0x23930000
06:53:18.0119 8016  \Device\Harddisk1\DR1:
06:53:18.0119 8016  MBR partitions:
06:53:18.0119 8016  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xFB, BlocksNum 0x3C7705
06:53:18.0119 8016  ============================================================
06:53:18.0149 8016  C: <-> \Device\Harddisk0\DR0\Partition2
06:53:18.0149 8016  ============================================================
06:53:18.0149 8016  Initialize success
06:53:18.0149 8016  ============================================================
06:54:16.0632 0776  ============================================================
06:54:16.0632 0776  Scan started
06:54:16.0632 0776  Mode: Manual; SigCheck; TDLFS;
06:54:16.0632 0776  ============================================================
06:54:17.0115 0776  ================ Scan system memory ========================
06:54:17.0115 0776  System memory - ok
06:54:17.0131 0776  ================ Scan services =============================
06:54:17.0318 0776  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
06:54:17.0490 0776  1394ohci - ok
06:54:17.0552 0776  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
06:54:17.0614 0776  ACDaemon - ok
06:54:17.0677 0776  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
06:54:17.0708 0776  ACPI - ok
06:54:17.0739 0776  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
06:54:17.0880 0776  AcpiPmi - ok
06:54:17.0942 0776  [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
06:54:17.0958 0776  AdobeActiveFileMonitor8.0 - ok
06:54:18.0067 0776  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:54:18.0098 0776  AdobeARMservice - ok
06:54:18.0145 0776  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
06:54:18.0192 0776  adp94xx - ok
06:54:18.0238 0776  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
06:54:18.0270 0776  adpahci - ok
06:54:18.0316 0776  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
06:54:18.0348 0776  adpu320 - ok
06:54:18.0363 0776  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
06:54:18.0566 0776  AeLookupSvc - ok
06:54:18.0628 0776  [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD            C:\Windows\system32\drivers\afd.sys
06:54:18.0722 0776  AFD - ok
06:54:18.0769 0776  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
06:54:18.0784 0776  agp440 - ok
06:54:18.0831 0776  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
06:54:18.0925 0776  ALG - ok
06:54:18.0956 0776  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
06:54:18.0987 0776  aliide - ok
06:54:19.0034 0776  [ 27429A457FCA8F50923863A965FE0C6C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:54:19.0128 0776  AMD External Events Utility - ok
06:54:19.0143 0776  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
06:54:19.0174 0776  amdide - ok
06:54:19.0221 0776  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
06:54:19.0252 0776  AmdK8 - ok
06:54:19.0284 0776  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
06:54:19.0315 0776  AmdPPM - ok
06:54:19.0377 0776  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
06:54:19.0408 0776  amdsata - ok
06:54:19.0424 0776  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
06:54:19.0455 0776  amdsbs - ok
06:54:19.0486 0776  [ DB27766102C7BF7E95140A2AA81D042E ] amdxata        C:\Windows\system32\drivers\amdxata.sys
06:54:19.0518 0776  amdxata - ok
06:54:19.0564 0776  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
06:54:19.0627 0776  androidusb - ok
06:54:19.0658 0776  [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
06:54:19.0705 0776  ApfiltrService - ok
06:54:19.0752 0776  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID          C:\Windows\system32\drivers\appid.sys
06:54:19.0876 0776  AppID - ok
06:54:19.0908 0776  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
06:54:20.0017 0776  AppIDSvc - ok
06:54:20.0079 0776  [ D065BE66822847B7F127D1F90158376E ] Appinfo        C:\Windows\System32\appinfo.dll
06:54:20.0142 0776  Appinfo - ok
06:54:20.0173 0776  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\drivers\arc.sys
06:54:20.0204 0776  arc - ok
06:54:20.0235 0776  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
06:54:20.0251 0776  arcsas - ok
06:54:20.0298 0776  [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
06:54:20.0313 0776  ArcSoftKsUFilter - ok
06:54:20.0344 0776  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
06:54:20.0454 0776  AsyncMac - ok
06:54:20.0485 0776  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
06:54:20.0516 0776  atapi - ok
06:54:20.0594 0776  [ CCA705CDF038D5BC243203CE4416B345 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
06:54:20.0718 0776  athr - ok
06:54:20.0948 0776  [ EAEA2CE49DE0CCA80BEB9134107E5DD7 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
06:54:21.0248 0776  atikmdag - ok
06:54:21.0318 0776  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:54:21.0458 0776  AudioEndpointBuilder - ok
06:54:21.0488 0776  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
06:54:21.0598 0776  AudioSrv - ok
06:54:21.0648 0776  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
06:54:21.0758 0776  AxInstSV - ok
06:54:21.0868 0776  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
06:54:21.0948 0776  b06bdrv - ok
06:54:21.0978 0776  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
06:54:22.0028 0776  b57nd60a - ok
06:54:22.0068 0776  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
06:54:22.0118 0776  BDESVC - ok
06:54:22.0138 0776  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
06:54:22.0248 0776  Beep - ok
06:54:22.0308 0776  [ 4992C609A6315671463E30F6512BC022 ] BFE            C:\Windows\System32\bfe.dll
06:54:22.0448 0776  BFE - ok
06:54:22.0488 0776  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
06:54:22.0648 0776  BITS - ok
06:54:22.0678 0776  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
06:54:22.0718 0776  blbdrive - ok
06:54:22.0788 0776  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
06:54:22.0848 0776  bowser - ok
06:54:22.0888 0776  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
06:54:22.0938 0776  BrFiltLo - ok
06:54:22.0968 0776  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
06:54:23.0018 0776  BrFiltUp - ok
06:54:23.0078 0776  [ 6B054C67AAA87843504E8E3C09102009 ] Browser        C:\Windows\System32\browser.dll
06:54:23.0138 0776  Browser - ok
06:54:23.0168 0776  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
06:54:23.0248 0776  Brserid - ok
06:54:23.0268 0776  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
06:54:23.0318 0776  BrSerWdm - ok
06:54:23.0348 0776  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
06:54:23.0398 0776  BrUsbMdm - ok
06:54:23.0438 0776  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
06:54:23.0478 0776  BrUsbSer - ok
06:54:23.0538 0776  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum        C:\Windows\system32\drivers\BthEnum.sys
06:54:23.0618 0776  BthEnum - ok
06:54:23.0638 0776  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
06:54:23.0688 0776  BTHMODEM - ok
06:54:23.0718 0776  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
06:54:23.0758 0776  BthPan - ok
06:54:23.0818 0776  [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT        C:\Windows\System32\Drivers\BTHport.sys
06:54:23.0888 0776  BTHPORT - ok
06:54:23.0918 0776  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
06:54:24.0028 0776  bthserv - ok
06:54:24.0068 0776  [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
06:54:24.0118 0776  BTHUSB - ok
06:54:24.0168 0776  [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
06:54:24.0198 0776  btwampfl - ok
06:54:24.0218 0776  [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
06:54:24.0238 0776  btwaudio - ok
06:54:24.0298 0776  [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt        C:\Windows\system32\drivers\btwavdt.sys
06:54:24.0318 0776  btwavdt - ok
06:54:24.0418 0776  [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins        C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
06:54:24.0488 0776  btwdins - ok
06:54:24.0518 0776  [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
06:54:24.0538 0776  btwl2cap - ok
06:54:24.0568 0776  [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
06:54:24.0578 0776  btwrchid - ok
06:54:24.0598 0776  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
06:54:24.0708 0776  cdfs - ok
06:54:24.0753 0776  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
06:54:24.0800 0776  cdrom - ok
06:54:24.0831 0776  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc    C:\Windows\System32\certprop.dll
06:54:24.0940 0776  CertPropSvc - ok
06:54:24.0972 0776  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
06:54:25.0034 0776  circlass - ok
06:54:25.0065 0776  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
06:54:25.0096 0776  CLFS - ok
06:54:25.0174 0776  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:54:25.0206 0776  clr_optimization_v2.0.50727_32 - ok
06:54:25.0237 0776  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:54:25.0268 0776  clr_optimization_v2.0.50727_64 - ok
06:54:25.0362 0776  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:54:25.0408 0776  clr_optimization_v4.0.30319_32 - ok
06:54:25.0471 0776  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:54:25.0502 0776  clr_optimization_v4.0.30319_64 - ok
06:54:25.0533 0776  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
06:54:25.0596 0776  CmBatt - ok
06:54:25.0611 0776  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
06:54:25.0642 0776  cmdide - ok
06:54:25.0705 0776  [ CA7720B73446FDDEC5C69519C1174C98 ] CNG            C:\Windows\system32\Drivers\cng.sys
06:54:25.0783 0776  CNG - ok
06:54:25.0845 0776  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
06:54:25.0861 0776  Compbatt - ok
06:54:25.0876 0776  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
06:54:25.0923 0776  CompositeBus - ok
06:54:25.0949 0776  COMSysApp - ok
06:54:25.0959 0776  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
06:54:25.0989 0776  crcdisk - ok
06:54:26.0059 0776  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
06:54:26.0119 0776  CryptSvc - ok
06:54:26.0149 0776  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
06:54:26.0289 0776  DcomLaunch - ok
06:54:26.0329 0776  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
06:54:26.0449 0776  defragsvc - ok
06:54:26.0509 0776  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
06:54:26.0569 0776  DfsC - ok
06:54:26.0619 0776  [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
06:54:26.0649 0776  dg_ssudbus - ok
06:54:26.0689 0776  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
06:54:26.0829 0776  Dhcp - ok
06:54:26.0869 0776  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
06:54:26.0969 0776  discache - ok
06:54:27.0009 0776  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
06:54:27.0039 0776  Disk - ok
06:54:27.0079 0776  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
06:54:27.0139 0776  Dnscache - ok
06:54:27.0169 0776  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc        C:\Windows\System32\dot3svc.dll
06:54:27.0279 0776  dot3svc - ok
06:54:27.0309 0776  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS            C:\Windows\system32\dps.dll
06:54:27.0409 0776  DPS - ok
06:54:27.0449 0776  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
06:54:27.0509 0776  drmkaud - ok
06:54:27.0579 0776  [ 24CE1ECF9D0AE0301775B07F5FEA175B ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
06:54:27.0659 0776  DXGKrnl - ok
06:54:27.0749 0776  [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
06:54:27.0779 0776  eamonm - ok
06:54:27.0809 0776  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
06:54:27.0909 0776  EapHost - ok
06:54:28.0019 0776  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\drivers\evbda.sys
06:54:28.0199 0776  ebdrv - ok
06:54:28.0239 0776  [ 156F6159457D0AA7E59B62681B56EB90 ] EFS            C:\Windows\System32\lsass.exe
06:54:28.0299 0776  EFS - ok
06:54:28.0359 0776  [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv          C:\Windows\system32\DRIVERS\ehdrv.sys
06:54:28.0379 0776  ehdrv - ok
06:54:28.0469 0776  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
06:54:28.0579 0776  ehRecvr - ok
06:54:28.0599 0776  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
06:54:28.0669 0776  ehSched - ok
06:54:28.0779 0776  [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
06:54:28.0859 0776  ekrn - ok
06:54:28.0909 0776  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
06:54:28.0969 0776  elxstor - ok
06:54:29.0039 0776  [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr        C:\Windows\system32\DRIVERS\epfwwfpr.sys
06:54:29.0069 0776  epfwwfpr - ok
06:54:29.0079 0776  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
06:54:29.0129 0776  ErrDev - ok
06:54:29.0199 0776  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
06:54:29.0319 0776  EventSystem - ok
06:54:29.0419 0776  [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
06:54:29.0519 0776  EvtEng - ok
06:54:29.0569 0776  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
06:54:29.0669 0776  exfat - ok
06:54:29.0699 0776  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
06:54:29.0809 0776  fastfat - ok
06:54:29.0899 0776  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax            C:\Windows\system32\fxssvc.exe
06:54:29.0979 0776  Fax - ok
06:54:30.0019 0776  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\drivers\fdc.sys
06:54:30.0059 0776  fdc - ok
06:54:30.0099 0776  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
06:54:30.0199 0776  fdPHost - ok
06:54:30.0229 0776  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
06:54:30.0319 0776  FDResPub - ok
06:54:30.0329 0776  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
06:54:30.0359 0776  FileInfo - ok
06:54:30.0369 0776  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
06:54:30.0479 0776  Filetrace - ok
06:54:30.0539 0776  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
06:54:30.0609 0776  FLEXnet Licensing Service - ok
06:54:30.0649 0776  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
06:54:30.0679 0776  flpydisk - ok
06:54:30.0739 0776  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
06:54:30.0779 0776  FltMgr - ok
06:54:30.0849 0776  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache      C:\Windows\system32\FntCache.dll
06:54:30.0969 0776  FontCache - ok
06:54:31.0019 0776  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:54:31.0039 0776  FontCache3.0.0.0 - ok
06:54:31.0069 0776  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
06:54:31.0099 0776  FsDepends - ok
06:54:31.0149 0776  [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
06:54:31.0169 0776  Fs_Rec - ok
06:54:31.0229 0776  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
06:54:31.0269 0776  fvevol - ok
06:54:31.0299 0776  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
06:54:31.0329 0776  gagp30kx - ok
06:54:31.0379 0776  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc          C:\Windows\System32\gpsvc.dll
06:54:31.0479 0776  gpsvc - ok
06:54:31.0549 0776  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:54:31.0569 0776  gupdate - ok
06:54:31.0599 0776  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:54:31.0619 0776  gupdatem - ok
06:54:31.0639 0776  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
06:54:31.0669 0776  gusvc - ok
06:54:31.0709 0776  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
06:54:31.0769 0776  hcw85cir - ok
06:54:31.0799 0776  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:54:31.0859 0776  HdAudAddService - ok
06:54:31.0879 0776  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
06:54:31.0939 0776  HDAudBus - ok
06:54:31.0969 0776  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64        C:\Windows\system32\DRIVERS\HECIx64.sys
06:54:31.0999 0776  HECIx64 - ok
06:54:32.0029 0776  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
06:54:32.0069 0776  HidBatt - ok
06:54:32.0109 0776  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
06:54:32.0159 0776  HidBth - ok
06:54:32.0179 0776  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\drivers\hidir.sys
06:54:32.0219 0776  HidIr - ok
06:54:32.0259 0776  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
06:54:32.0369 0776  hidserv - ok
06:54:32.0429 0776  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
06:54:32.0469 0776  HidUsb - ok
06:54:32.0509 0776  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
06:54:32.0619 0776  hkmsvc - ok
06:54:32.0649 0776  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:54:32.0729 0776  HomeGroupListener - ok
06:54:32.0769 0776  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:54:32.0819 0776  HomeGroupProvider - ok
06:54:32.0859 0776  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
06:54:32.0879 0776  HpSAMD - ok
06:54:32.0919 0776  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
06:54:33.0049 0776  HTTP - ok
06:54:33.0069 0776  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
06:54:33.0089 0776  hwpolicy - ok
06:54:33.0119 0776  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
06:54:33.0149 0776  i8042prt - ok
06:54:33.0189 0776  [ ABBF174CB394F5C437410A788B7E404A ] iaStor          C:\Windows\system32\drivers\iaStor.sys
06:54:33.0229 0776  iaStor - ok
06:54:33.0299 0776  [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
06:54:33.0319 0776  IAStorDataMgrSvc - ok
06:54:33.0379 0776  [ B75E45C564E944A2657167D197AB29DA ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
06:54:33.0419 0776  iaStorV - ok
06:54:33.0529 0776  [ 7B926335E444AC02C362987BA5A0028F ] IBUpdaterService C:\ProgramData\IBUpdaterService\ibsvc.exe
06:54:33.0569 0776  IBUpdaterService - ok
06:54:33.0619 0776  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:54:33.0689 0776  idsvc - ok
06:54:34.0019 0776  [ 2A22AB054F4630D2EF4BAB2853F6D5F6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
06:54:34.0479 0776  igfx ( UnsignedFile.Multi.Generic ) - warning
06:54:34.0479 0776  igfx - detected UnsignedFile.Multi.Generic (1)
06:54:34.0519 0776  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
06:54:34.0549 0776  iirsp - ok
06:54:34.0599 0776  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
06:54:34.0749 0776  IKEEXT - ok
06:54:34.0809 0776  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd          C:\Windows\system32\DRIVERS\Impcd.sys
06:54:34.0859 0776  Impcd - ok
06:54:34.0949 0776  [ 526E482AFB586CB1CDD687869DECF686 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:54:35.0099 0776  IntcAzAudAddService - ok
06:54:35.0149 0776  [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
06:54:35.0169 0776  IntcDAud ( UnsignedFile.Multi.Generic ) - warning
06:54:35.0169 0776  IntcDAud - detected UnsignedFile.Multi.Generic (1)
06:54:35.0199 0776  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
06:54:35.0219 0776  intelide - ok
06:54:35.0249 0776  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
06:54:35.0289 0776  intelppm - ok
06:54:35.0319 0776  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
06:54:35.0429 0776  IPBusEnum - ok
06:54:35.0449 0776  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:54:35.0549 0776  IpFilterDriver - ok
06:54:35.0589 0776  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
06:54:35.0719 0776  iphlpsvc - ok
06:54:35.0739 0776  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
06:54:35.0789 0776  IPMIDRV - ok
06:54:35.0819 0776  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
06:54:35.0919 0776  IPNAT - ok
06:54:35.0959 0776  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
06:54:35.0989 0776  IRENUM - ok
06:54:36.0019 0776  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
06:54:36.0039 0776  isapnp - ok
06:54:36.0069 0776  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
06:54:36.0099 0776  iScsiPrt - ok
06:54:36.0139 0776  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
06:54:36.0159 0776  kbdclass - ok
06:54:36.0189 0776  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
06:54:36.0239 0776  kbdhid - ok
06:54:36.0259 0776  [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso          C:\Windows\system32\lsass.exe
06:54:36.0289 0776  KeyIso - ok
06:54:36.0339 0776  [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
06:54:36.0359 0776  KSecDD - ok
06:54:36.0379 0776  [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
06:54:36.0409 0776  KSecPkg - ok
06:54:36.0449 0776  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
06:54:36.0559 0776  ksthunk - ok
06:54:36.0599 0776  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
06:54:36.0719 0776  KtmRm - ok
06:54:36.0799 0776  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
06:54:36.0869 0776  LanmanServer - ok
06:54:36.0899 0776  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:54:37.0009 0776  LanmanWorkstation - ok
06:54:37.0049 0776  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
06:54:37.0149 0776  lltdio - ok
06:54:37.0189 0776  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
06:54:37.0309 0776  lltdsvc - ok
06:54:37.0329 0776  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
06:54:37.0429 0776  lmhosts - ok
06:54:37.0499 0776  [ 3D23191672D83E90D1CF63927EE98136 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
06:54:37.0529 0776  LMS - ok
06:54:37.0569 0776  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
06:54:37.0609 0776  LSI_FC - ok
06:54:37.0629 0776  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
06:54:37.0659 0776  LSI_SAS - ok
06:54:37.0669 0776  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
06:54:37.0699 0776  LSI_SAS2 - ok
06:54:37.0719 0776  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
06:54:37.0749 0776  LSI_SCSI - ok
06:54:37.0769 0776  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
06:54:37.0859 0776  luafv - ok
06:54:37.0929 0776  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
06:54:37.0949 0776  MBAMProtector - ok
06:54:38.0089 0776  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
06:54:38.0119 0776  MBAMScheduler - ok
06:54:38.0199 0776  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
06:54:38.0239 0776  MBAMService - ok
06:54:38.0299 0776  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
06:54:38.0339 0776  Mcx2Svc - ok
06:54:38.0379 0776  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\drivers\megasas.sys
06:54:38.0409 0776  megasas - ok
06:54:38.0449 0776  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
06:54:38.0489 0776  MegaSR - ok
06:54:38.0539 0776  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
06:54:38.0649 0776  MMCSS - ok
06:54:38.0669 0776  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
06:54:38.0789 0776  Modem - ok
06:54:38.0819 0776  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
06:54:38.0869 0776  monitor - ok
06:54:38.0889 0776  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
06:54:38.0919 0776  mouclass - ok
06:54:38.0939 0776  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
06:54:38.0969 0776  mouhid - ok
06:54:38.0999 0776  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
06:54:39.0029 0776  mountmgr - ok
06:54:39.0099 0776  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:54:39.0129 0776  MozillaMaintenance - ok
06:54:39.0149 0776  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\drivers\mpio.sys
06:54:39.0189 0776  mpio - ok
06:54:39.0219 0776  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
06:54:39.0309 0776  mpsdrv - ok
06:54:39.0359 0776  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
06:54:39.0509 0776  MpsSvc - ok
06:54:39.0529 0776  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
06:54:39.0579 0776  MRxDAV - ok
06:54:39.0619 0776  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
06:54:39.0659 0776  mrxsmb - ok
06:54:39.0699 0776  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:54:39.0749 0776  mrxsmb10 - ok
06:54:39.0769 0776  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:54:39.0819 0776  mrxsmb20 - ok
06:54:39.0859 0776  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\drivers\msahci.sys
06:54:39.0889 0776  msahci - ok
06:54:39.0899 0776  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
06:54:39.0939 0776  msdsm - ok
06:54:39.0949 0776  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
06:54:40.0009 0776  MSDTC - ok
06:54:40.0039 0776  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
06:54:40.0129 0776  Msfs - ok
06:54:40.0169 0776  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
06:54:40.0279 0776  mshidkmdf - ok
06:54:40.0299 0776  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
06:54:40.0319 0776  msisadrv - ok
06:54:40.0359 0776  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
06:54:40.0469 0776  MSiSCSI - ok
06:54:40.0469 0776  msiserver - ok
06:54:40.0519 0776  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
06:54:40.0609 0776  MSKSSRV - ok
06:54:40.0629 0776  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
06:54:40.0779 0776  MSPCLOCK - ok
06:54:40.0799 0776  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
06:54:40.0909 0776  MSPQM - ok
06:54:40.0949 0776  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
06:54:40.0989 0776  MsRPC - ok
06:54:40.0999 0776  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
06:54:41.0029 0776  mssmbios - ok
06:54:41.0049 0776  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
06:54:41.0159 0776  MSTEE - ok
06:54:41.0189 0776  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
06:54:41.0229 0776  MTConfig - ok
06:54:41.0249 0776  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
06:54:41.0279 0776  Mup - ok
06:54:41.0319 0776  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
06:54:41.0449 0776  napagent - ok
06:54:41.0499 0776  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
06:54:41.0569 0776  NativeWifiP - ok
06:54:41.0629 0776  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
06:54:41.0709 0776  NDIS - ok
06:54:41.0729 0776  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
06:54:41.0819 0776  NdisCap - ok
06:54:41.0839 0776  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
06:54:41.0949 0776  NdisTapi - ok
06:54:41.0999 0776  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
06:54:42.0109 0776  Ndisuio - ok
06:54:42.0139 0776  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
06:54:42.0229 0776  NdisWan - ok
06:54:42.0249 0776  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
06:54:42.0339 0776  NDProxy - ok
06:54:42.0369 0776  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
06:54:42.0459 0776  NetBIOS - ok
06:54:42.0479 0776  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
06:54:42.0599 0776  NetBT - ok
06:54:42.0629 0776  [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon        C:\Windows\system32\lsass.exe
06:54:42.0659 0776  Netlogon - ok
06:54:42.0689 0776  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
06:54:42.0819 0776  Netman - ok
06:54:42.0829 0776  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
06:54:42.0949 0776  netprofm - ok
06:54:42.0979 0776  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:54:43.0009 0776  NetTcpPortSharing - ok
06:54:43.0229 0776  [ 18555F48844C2861D9DCE8F2B7223AE5 ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
06:54:43.0579 0776  NETw5s64 - ok
06:54:43.0619 0776  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
06:54:43.0639 0776  nfrd960 - ok
06:54:43.0689 0776  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
06:54:43.0809 0776  NlaSvc - ok
06:54:43.0829 0776  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
06:54:43.0949 0776  Npfs - ok
06:54:43.0979 0776  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
06:54:44.0089 0776  nsi - ok
06:54:44.0109 0776  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
06:54:44.0189 0776  nsiproxy - ok
06:54:44.0269 0776  [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
06:54:44.0379 0776  Ntfs - ok
06:54:44.0399 0776  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
06:54:44.0489 0776  Null - ok
06:54:44.0539 0776  [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
06:54:44.0569 0776  nvraid - ok
06:54:44.0609 0776  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
06:54:44.0649 0776  nvstor - ok
06:54:44.0679 0776  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
06:54:44.0709 0776  nv_agp - ok
06:54:44.0829 0776  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
06:54:44.0869 0776  odserv - ok
06:54:44.0909 0776  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
06:54:44.0949 0776  ohci1394 - ok
06:54:45.0029 0776  [ 5A432A042DAE460ABE7199B758E8606C ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:54:45.0059 0776  ose - ok
06:54:45.0109 0776  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
06:54:45.0179 0776  p2pimsvc - ok
06:54:45.0209 0776  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
06:54:45.0259 0776  p2psvc - ok
06:54:45.0289 0776  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\drivers\parport.sys
06:54:45.0319 0776  Parport - ok
06:54:45.0369 0776  [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
06:54:45.0399 0776  partmgr - ok
06:54:45.0419 0776  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
06:54:45.0479 0776  PcaSvc - ok
06:54:45.0509 0776  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci            C:\Windows\system32\drivers\pci.sys
06:54:45.0539 0776  pci - ok
06:54:45.0559 0776  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
06:54:45.0579 0776  pciide - ok
06:54:45.0599 0776  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
06:54:45.0639 0776  pcmcia - ok
06:54:45.0659 0776  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
06:54:45.0679 0776  pcw - ok
06:54:45.0709 0776  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
06:54:45.0849 0776  PEAUTH - ok
06:54:45.0929 0776  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
06:54:45.0979 0776  PerfHost - ok
06:54:46.0049 0776  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla            C:\Windows\system32\pla.dll
06:54:46.0219 0776  pla - ok
06:54:46.0269 0776  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
06:54:46.0339 0776  PlugPlay - ok
06:54:46.0459 0776  [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
06:54:46.0509 0776  PMBDeviceInfoProvider - ok
06:54:46.0539 0776  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
06:54:46.0579 0776  PNRPAutoReg - ok
06:54:46.0599 0776  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
06:54:46.0639 0776  PNRPsvc - ok
06:54:46.0669 0776  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
06:54:46.0799 0776  PolicyAgent - ok
06:54:46.0839 0776  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power          C:\Windows\system32\umpo.dll
06:54:46.0959 0776  Power - ok
06:54:46.0999 0776  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
06:54:47.0109 0776  PptpMiniport - ok
06:54:47.0139 0776  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\drivers\processr.sys
06:54:47.0179 0776  Processor - ok
06:54:47.0219 0776  [ 97293447431311C06703368AD0F6C4BE ] ProfSvc        C:\Windows\system32\profsvc.dll
06:54:47.0259 0776  ProfSvc - ok
06:54:47.0269 0776  [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:54:47.0289 0776  ProtectedStorage - ok
06:54:47.0309 0776  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
06:54:47.0399 0776  Psched - ok
06:54:47.0429 0776  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
06:54:47.0449 0776  PxHlpa64 - ok
06:54:47.0519 0776  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
06:54:47.0629 0776  ql2300 - ok
06:54:47.0649 0776  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
06:54:47.0679 0776  ql40xx - ok
06:54:47.0719 0776  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
06:54:47.0759 0776  QWAVE - ok
06:54:47.0779 0776  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
06:54:47.0839 0776  QWAVEdrv - ok
06:54:47.0869 0776  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
06:54:47.0979 0776  RasAcd - ok
06:54:48.0009 0776  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
06:54:48.0109 0776  RasAgileVpn - ok
06:54:48.0139 0776  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
06:54:48.0249 0776  RasAuto - ok
06:54:48.0269 0776  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
06:54:48.0389 0776  Rasl2tp - ok
06:54:48.0409 0776  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
06:54:48.0539 0776  RasMan - ok
06:54:48.0579 0776  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
06:54:48.0689 0776  RasPppoe - ok
06:54:48.0719 0776  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
06:54:48.0829 0776  RasSstp - ok
06:54:48.0869 0776  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
06:54:48.0979 0776  rdbss - ok
06:54:49.0009 0776  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
06:54:49.0049 0776  rdpbus - ok
06:54:49.0079 0776  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
06:54:49.0169 0776  RDPCDD - ok
06:54:49.0199 0776  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
06:54:49.0299 0776  RDPENCDD - ok
06:54:49.0319 0776  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
06:54:49.0409 0776  RDPREFMP - ok
06:54:49.0449 0776  [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
06:54:49.0519 0776  RDPWD - ok
06:54:49.0559 0776  [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
06:54:49.0589 0776  rdyboost - ok
06:54:49.0689 0776  [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc        C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
06:54:49.0759 0776  RegSrvc - ok
06:54:49.0789 0776  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
06:54:49.0889 0776  RemoteAccess - ok
06:54:49.0919 0776  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
06:54:50.0029 0776  RemoteRegistry - ok
06:54:50.0069 0776  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
06:54:50.0129 0776  RFCOMM - ok
06:54:50.0199 0776  [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci        C:\Windows\system32\drivers\rimssne64.sys
06:54:50.0239 0776  rimspci - ok
06:54:50.0259 0776  [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe        C:\Windows\system32\drivers\risdsne64.sys
06:54:50.0299 0776  risdsnpe - ok
06:54:50.0319 0776  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
06:54:50.0429 0776  RpcEptMapper - ok
06:54:50.0469 0776  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
06:54:50.0499 0776  RpcLocator - ok
06:54:50.0529 0776  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs          C:\Windows\system32\rpcss.dll
06:54:50.0639 0776  RpcSs - ok
06:54:50.0679 0776  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
06:54:50.0829 0776  rspndr - ok
06:54:50.0889 0776  [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
06:54:50.0919 0776  RTHDMIAzAudService - ok
06:54:50.0979 0776  [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs          C:\Windows\system32\lsass.exe
06:54:50.0999 0776  SamSs - ok
06:54:51.0029 0776  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
06:54:51.0059 0776  sbp2port - ok
06:54:51.0099 0776  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
06:54:51.0209 0776  SCardSvr - ok
06:54:51.0239 0776  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
06:54:51.0349 0776  scfilter - ok
06:54:51.0419 0776  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
06:54:51.0529 0776  Schedule - ok
06:54:51.0549 0776  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc    C:\Windows\System32\certprop.dll
06:54:51.0639 0776  SCPolicySvc - ok
06:54:51.0689 0776  [ 2C8D162EFAF73ABD36D8BCBB6340CAE7 ] sdbus          C:\Windows\system32\DRIVERS\sdbus.sys
06:54:51.0749 0776  sdbus - ok
06:54:51.0779 0776  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
06:54:51.0839 0776  SDRSVC - ok
06:54:51.0869 0776  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
06:54:51.0979 0776  secdrv - ok
06:54:51.0999 0776  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
06:54:52.0109 0776  seclogon - ok
06:54:52.0129 0776  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
06:54:52.0229 0776  SENS - ok
06:54:52.0259 0776  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
06:54:52.0319 0776  SensrSvc - ok
06:54:52.0339 0776  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\drivers\serenum.sys
06:54:52.0369 0776  Serenum - ok
06:54:52.0389 0776  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
06:54:52.0429 0776  Serial - ok
06:54:52.0469 0776  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
06:54:52.0489 0776  sermouse - ok
06:54:52.0539 0776  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
06:54:52.0639 0776  SessionEnv - ok
06:54:52.0679 0776  [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
06:54:52.0709 0776  SFEP - ok
06:54:52.0729 0776  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
06:54:52.0759 0776  sffdisk - ok
06:54:52.0789 0776  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
06:54:52.0839 0776  sffp_mmc - ok
06:54:52.0859 0776  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
06:54:52.0909 0776  sffp_sd - ok
06:54:52.0939 0776  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
06:54:52.0959 0776  sfloppy - ok
06:54:52.0999 0776  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
06:54:53.0119 0776  SharedAccess - ok
06:54:53.0159 0776  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:54:53.0229 0776  ShellHWDetection - ok
06:54:53.0259 0776  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
06:54:53.0289 0776  SiSRaid2 - ok
06:54:53.0319 0776  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
06:54:53.0339 0776  SiSRaid4 - ok
06:54:53.0409 0776  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
06:54:53.0439 0776  SkypeUpdate - ok
06:54:53.0459 0776  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
06:54:53.0569 0776  Smb - ok
06:54:53.0609 0776  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
06:54:53.0649 0776  SNMPTRAP - ok
06:54:53.0729 0776  [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp        C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
06:54:53.0749 0776  SOHCImp - ok
06:54:53.0779 0776  [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
06:54:53.0819 0776  SOHDms - ok
06:54:53.0829 0776  [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs          C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
06:54:53.0849 0776  SOHDs - ok
06:54:53.0919 0776  [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
06:54:53.0949 0776  SpfService - ok
06:54:53.0989 0776  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
06:54:54.0019 0776  spldr - ok
06:54:54.0079 0776  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler        C:\Windows\System32\spoolsv.exe
06:54:54.0139 0776  Spooler - ok
06:54:54.0259 0776  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
06:54:54.0449 0776  sppsvc - ok
06:54:54.0469 0776  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
06:54:54.0559 0776  sppuinotify - ok
06:54:54.0609 0776  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv            C:\Windows\system32\DRIVERS\srv.sys
06:54:54.0689 0776  srv - ok
06:54:54.0709 0776  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
06:54:54.0749 0776  srv2 - ok
06:54:54.0769 0776  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
06:54:54.0809 0776  srvnet - ok
06:54:54.0899 0776  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus        C:\Windows\system32\DRIVERS\ssadbus.sys
06:54:54.0959 0776  ssadbus - ok
06:54:55.0019 0776  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
06:54:55.0079 0776  ssadmdfl - ok
06:54:55.0129 0776  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm        C:\Windows\system32\DRIVERS\ssadmdm.sys
06:54:55.0169 0776  ssadmdm - ok
06:54:55.0219 0776  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
06:54:55.0339 0776  SSDPSRV - ok
06:54:55.0359 0776  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
06:54:55.0459 0776  SstpSvc - ok
06:54:55.0519 0776  [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm        C:\Windows\system32\DRIVERS\ssudmdm.sys
06:54:55.0549 0776  ssudmdm - ok
06:54:55.0569 0776  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
06:54:55.0589 0776  stexstor - ok
06:54:55.0639 0776  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
06:54:55.0729 0776  stisvc - ok
06:54:55.0759 0776  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
06:54:55.0779 0776  swenum - ok
06:54:55.0829 0776  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
06:54:55.0949 0776  swprv - ok
06:54:56.0009 0776  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain        C:\Windows\system32\sysmain.dll
06:54:56.0149 0776  SysMain - ok
06:54:56.0179 0776  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:54:56.0239 0776  TabletInputService - ok
06:54:56.0269 0776  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv        C:\Windows\System32\tapisrv.dll
06:54:56.0389 0776  TapiSrv - ok
06:54:56.0409 0776  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
06:54:56.0519 0776  TBS - ok
06:54:56.0609 0776  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
06:54:56.0739 0776  Tcpip - ok
06:54:56.0799 0776  [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
06:54:56.0899 0776  TCPIP6 - ok
06:54:56.0929 0776  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
06:54:57.0019 0776  tcpipreg - ok
06:54:57.0039 0776  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
06:54:57.0079 0776  TDPIPE - ok
06:54:57.0119 0776  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
06:54:57.0169 0776  TDTCP - ok
06:54:57.0179 0776  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
06:54:57.0299 0776  tdx - ok
06:54:57.0309 0776  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\drivers\termdd.sys
06:54:57.0339 0776  TermDD - ok
06:54:57.0389 0776  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService    C:\Windows\System32\termsrv.dll
06:54:57.0539 0776  TermService - ok
06:54:57.0559 0776  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
06:54:57.0599 0776  Themes - ok
06:54:57.0639 0776  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
06:54:57.0729 0776  THREADORDER - ok
06:54:57.0739 0776  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
06:54:57.0849 0776  TrkWks - ok
06:54:57.0899 0776  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:54:57.0959 0776  TrustedInstaller - ok
06:54:57.0979 0776  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
06:54:58.0061 0776  tssecsrv - ok
06:54:58.0093 0776  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
06:54:58.0202 0776  tunnel - ok
06:54:58.0233 0776  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
06:54:58.0249 0776  uagp35 - ok
06:54:58.0280 0776  [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor    C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
06:54:58.0311 0776  uCamMonitor - ok
06:54:58.0327 0776  [ 0E5E962B5649D544BE54E8C90761EA2B ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
06:54:58.0389 0776  udfs - ok
06:54:58.0436 0776  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
06:54:58.0467 0776  UI0Detect - ok
06:54:58.0498 0776  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
06:54:58.0529 0776  uliagpkx - ok
06:54:58.0561 0776  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
06:54:58.0592 0776  umbus - ok
06:54:58.0639 0776  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
06:54:58.0654 0776  UmPass - ok
06:54:58.0795 0776  [ 11A559E0F10CC5E788984023DF400A6F ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
06:54:58.0935 0776  UNS - ok
06:54:58.0966 0776  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
06:54:59.0091 0776  upnphost - ok
06:54:59.0122 0776  [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
06:54:59.0185 0776  usbccgp - ok
06:54:59.0231 0776  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
06:54:59.0278 0776  usbcir - ok
06:54:59.0325 0776  [ 92969BA5AC44E229C55A332864F79677 ] usbehci        C:\Windows\system32\drivers\usbehci.sys
06:54:59.0341 0776  usbehci - ok
06:54:59.0403 0776  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
06:54:59.0434 0776  usbhub - ok
06:54:59.0465 0776  [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci        C:\Windows\system32\drivers\usbohci.sys
06:54:59.0497 0776  usbohci - ok
06:54:59.0512 0776  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
06:54:59.0543 0776  usbprint - ok
06:54:59.0590 0776  [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:54:59.0637 0776  USBSTOR - ok
06:54:59.0684 0776  [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
06:54:59.0731 0776  usbuhci - ok
06:54:59.0762 0776  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
06:54:59.0809 0776  usbvideo - ok
06:54:59.0871 0776  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
06:54:59.0902 0776  usb_rndisx - ok
06:54:59.0949 0776  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
06:55:00.0043 0776  UxSms - ok
06:55:00.0089 0776  [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
06:55:00.0115 0776  VAIO Event Service - ok
06:55:00.0175 0776  [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
06:55:00.0225 0776  VAIO Power Management - ok
06:55:00.0245 0776  [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc        C:\Windows\system32\lsass.exe
06:55:00.0265 0776  VaultSvc - ok
06:55:00.0355 0776  [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
06:55:00.0425 0776  VCFw - ok
06:55:00.0485 0776  [ F19275655B42086C884ABCDAE2C659AE ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
06:55:00.0535 0776  VcmIAlzMgr - ok
06:55:00.0575 0776  [ E005B04DFCA99F5880C5111933194CA9 ] VcmINSMgr      C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
06:55:00.0615 0776  VcmINSMgr - ok
06:55:00.0665 0776  [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
06:55:00.0685 0776  VcmXmlIfHelper - ok
06:55:00.0825 0776  [ D347D3ABE070AA09C22FC37121555D52 ] VCService      C:\Program Files\Sony\VAIO Care\VCService.exe
06:55:00.0845 0776  VCService - ok
06:55:00.0875 0776  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
06:55:00.0905 0776  vdrvroot - ok
06:55:00.0935 0776  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds            C:\Windows\System32\vds.exe
06:55:00.0995 0776  vds - ok
06:55:01.0005 0776  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
06:55:01.0035 0776  vga - ok
06:55:01.0055 0776  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
06:55:01.0155 0776  VgaSave - ok
06:55:01.0185 0776  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
06:55:01.0215 0776  vhdmp - ok
06:55:01.0235 0776  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
06:55:01.0255 0776  viaide - ok
06:55:01.0275 0776  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
06:55:01.0305 0776  volmgr - ok
06:55:01.0335 0776  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
06:55:01.0375 0776  volmgrx - ok
06:55:01.0395 0776  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap        C:\Windows\system32\drivers\volsnap.sys
06:55:01.0435 0776  volsnap - ok
06:55:01.0455 0776  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
06:55:01.0485 0776  vsmraid - ok
06:55:01.0565 0776  [ A7EB62C664A03901165290A714BD48D0 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
06:55:01.0635 0776  VSNService ( UnsignedFile.Multi.Generic ) - warning
06:55:01.0635 0776  VSNService - detected UnsignedFile.Multi.Generic (1)
06:55:01.0715 0776  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS            C:\Windows\system32\vssvc.exe
06:55:01.0825 0776  VSS - ok
06:55:01.0945 0776  [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent        C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
06:55:02.0035 0776  VUAgent - ok
06:55:02.0055 0776  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
06:55:02.0095 0776  vwifibus - ok
06:55:02.0125 0776  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
06:55:02.0175 0776  vwififlt - ok
06:55:02.0195 0776  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
06:55:02.0235 0776  vwifimp - ok
06:55:02.0275 0776  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
06:55:02.0395 0776  W32Time - ok
06:55:02.0435 0776  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
06:55:02.0485 0776  WacomPen - ok
06:55:02.0515 0776  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
06:55:02.0615 0776  WANARP - ok
06:55:02.0645 0776  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
06:55:02.0735 0776  Wanarpv6 - ok
06:55:02.0825 0776  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
06:55:02.0915 0776  WatAdminSvc - ok
06:55:02.0985 0776  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
06:55:03.0095 0776  wbengine - ok
06:55:03.0115 0776  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
06:55:03.0155 0776  WbioSrvc - ok
06:55:03.0215 0776  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
06:55:03.0275 0776  wcncsvc - ok
06:55:03.0285 0776  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:55:03.0325 0776  WcsPlugInService - ok
06:55:03.0345 0776  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
06:55:03.0375 0776  Wd - ok
06:55:03.0405 0776  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
06:55:03.0475 0776  Wdf01000 - ok
06:55:03.0485 0776  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
06:55:03.0555 0776  WdiServiceHost - ok
06:55:03.0555 0776  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
06:55:03.0605 0776  WdiSystemHost - ok
06:55:03.0645 0776  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient      C:\Windows\System32\webclnt.dll
06:55:03.0685 0776  WebClient - ok
06:55:03.0735 0776  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
06:55:03.0835 0776  Wecsvc - ok
06:55:03.0855 0776  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
06:55:03.0955 0776  wercplsupport - ok
06:55:03.0985 0776  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
06:55:04.0095 0776  WerSvc - ok
06:55:04.0125 0776  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
06:55:04.0215 0776  WfpLwf - ok
06:55:04.0235 0776  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
06:55:04.0265 0776  WIMMount - ok
06:55:04.0285 0776  WinDefend - ok
06:55:04.0295 0776  WinHttpAutoProxySvc - ok
06:55:04.0365 0776  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
06:55:04.0475 0776  Winmgmt - ok
06:55:04.0565 0776  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM          C:\Windows\system32\WsmSvc.dll
06:55:04.0755 0776  WinRM - ok
06:55:04.0825 0776  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
06:55:04.0865 0776  WinUsb - ok
06:55:04.0915 0776  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
06:55:04.0995 0776  Wlansvc - ok
06:55:05.0035 0776  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
06:55:05.0055 0776  WmiAcpi - ok
06:55:05.0105 0776  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
06:55:05.0155 0776  wmiApSrv - ok
06:55:05.0185 0776  WMPNetworkSvc - ok
06:55:05.0225 0776  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
06:55:05.0265 0776  WPCSvc - ok
06:55:05.0275 0776  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
06:55:05.0345 0776  WPDBusEnum - ok
06:55:05.0375 0776  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
06:55:05.0465 0776  ws2ifsl - ok
06:55:05.0515 0776  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll
06:55:05.0545 0776  wscsvc - ok
06:55:05.0555 0776  WSearch - ok
06:55:05.0665 0776  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
06:55:05.0815 0776  wuauserv - ok
06:55:05.0835 0776  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
06:55:05.0955 0776  WudfPf - ok
06:55:05.0985 0776  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
06:55:06.0105 0776  WUDFRd - ok
06:55:06.0135 0776  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
06:55:06.0235 0776  wudfsvc - ok
06:55:06.0265 0776  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
06:55:06.0315 0776  WwanSvc - ok
06:55:06.0365 0776  [ 5250193EF8E173AA7491250F00EB367F ] yukonw7        C:\Windows\system32\DRIVERS\yk62x64.sys
06:55:06.0405 0776  yukonw7 - ok
06:55:06.0435 0776  ================ Scan global ===============================
06:55:06.0465 0776  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
06:55:06.0515 0776  [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
06:55:06.0535 0776  [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
06:55:06.0555 0776  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
06:55:06.0585 0776  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
06:55:06.0595 0776  [Global] - ok
06:55:06.0595 0776  ================ Scan MBR ==================================
06:55:06.0615 0776  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
06:55:07.0235 0776  \Device\Harddisk0\DR0 - ok
06:55:07.0245 0776  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
06:55:07.0395 0776  \Device\Harddisk1\DR1 - ok
06:55:07.0395 0776  ================ Scan VBR ==================================
06:55:07.0395 0776  [ D13BA666E79E6DD15C6A5CDBD6756BFF ] \Device\Harddisk0\DR0\Partition1
06:55:07.0405 0776  \Device\Harddisk0\DR0\Partition1 - ok
06:55:07.0435 0776  [ 6ACE03AB53B1B73A0AAE986A2AAA26A8 ] \Device\Harddisk0\DR0\Partition2
06:55:07.0435 0776  \Device\Harddisk0\DR0\Partition2 - ok
06:55:07.0445 0776  [ CDC534A490EA309F5C08A5EB011A8CE6 ] \Device\Harddisk1\DR1\Partition1
06:55:07.0445 0776  \Device\Harddisk1\DR1\Partition1 - ok
06:55:07.0445 0776  ============================================================
06:55:07.0445 0776  Scan finished
06:55:07.0445 0776  ============================================================
06:55:07.0465 7120  Detected object count: 3
06:55:07.0465 7120  Actual detected object count: 3
07:00:56.0759 7120  igfx ( UnsignedFile.Multi.Generic ) - skipped by user
07:00:56.0759 7120  igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:00:56.0759 7120  IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
07:00:56.0759 7120  IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:00:56.0759 7120  VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
07:00:56.0759 7120  VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:01:17.0962 7436  Deinitialize success

cosinus 29.10.2012 13:01
Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

nessie 29.10.2012 20:09
Code:
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-01-02 08:12        721288        ----a-w-        c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C36B-6118-11DC-9C72-001320C79847}]
2010-12-12 16:01        314168        ----a-r-        c:\program files (x86)\SweetIM\Social\mgFB.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        94208        ----a-w-        c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-07-10 3524536]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-10 21432]
"CAHeadless"="c:\program files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe" [2009-10-09 615808]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-27 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-07-10 975800]
"114FC0B0D9B2D06F85709F2B12B157519C2B074C._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2012-10-10 1239064]
"Alle meine Passworte"="c:\progra~2\AMP\AMP.EXE" [2012-08-06 3816328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-09 98304]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Babylon Client"="c:\program files (x86)\Babylon\Babylon-Pro\Babylon.exe" [2011-08-25 3346544]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-12-16 220744]
.
c:\users\nessie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\nessie\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
tbhcn.lnk - c:\users\nessie\AppData\Roaming\BrowserCompanion\tbhcn.exe [2012-7-2 695448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 136176]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe [2012-06-02 373120]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 05:49]
.
2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 05:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-01-02 08:12        1057160        ----a-w-        c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12        97792        ----a-w-        c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.searchplusnetwork.com/?sp=vit4
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube to MP3 Converter - c:\users\nessie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\nessie\AppData\Roaming\Mozilla\Firefox\Profiles\har5cqfe.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2866295&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search the web
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: browser.search.selectedEngine - Search the web
FF - user.js: browser.search.order.1 - Search the web
FF - user.js: browser.search.defaultenginename - Search the web
FF - user.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Easy Driver Pro - c:\program files (x86)\Probit Software\Easy Driver Pro\DPLauncher.exe
Toolbar-10 - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
AddRemove-toolplugin - c:\users\nessie\AppData\Local\Temp\WZSE0.TMP\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1267291588-3835666318-4105151594-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*<%Ô*ë*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1267291588-3835666318-4105151594-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*<%Ô*ë*\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-29  20:06:38 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-10-29 19:06
.
Vor Suchlauf: 20 Verzeichnis(se), 207.328.071.680 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 207.027.298.304 Bytes frei
.
- - End Of File - - 8A1CFE92985A17320F5C00EDECB00DC6

cosinus 31.10.2012 16:13
Log ist unvollständig!

nessie 31.10.2012 20:06
Hallo cosinus,

was und welchen log meinst du mit unvollständig?
VG nessie

cosinus 31.10.2012 20:07
Überleg doch mal was du zuletzt posten solltest

nessie 31.10.2012 20:09
hm, ich habe aber nur dieses log!

liegt es vielleicht daran, das ich combolfix 2 mal aufrufen musste? beim ersten mal ist er bis zum Neustart gekommen, hat jedoch kein logfile erstellt bzw. ist auch nach 30 Min wartezeit stehen geblieben. Hatte dann gedacht, das ich mit einem Neuaufruf von combofix auf die logdatei stoße.
Das Programm lief dann erneut durch und der gepostete log wurde erstellt!
War das falsch und wenn, wo kann ich evtl. den ersten log finden?

unter c:combofix.txt steht der hier gepostete log

cosinus 31.10.2012 20:46
Zitat:
unter c:combofix.txt steht der hier gepostete log
Und das ist wie bereits erwähnt unvollständig

nessie 01.11.2012 06:26
Zitat:
Zitat von cosinus (Beitrag 948735)
Und das ist wie bereits erwähnt unvollständig
Ja, das habe ich verstanden. Wie schon beschrieben, habe ich kein log vom ersten Durchlauf erhalten :-(
Kann man hier denn jetzt noch weiter helfen, das ich den Trojaner los werde?

Lieben Dank schon einmal für deine Hilfe!

cosinus 01.11.2012 14:33
Es geht nicht um den ersten Durchlauf, sondern darum, dass das Log insgesamt unvollständig ist! Als wenn nur die Hälfte gepostet wurde und die erste Hälfte fehlt!
Schau bitte endlich nach ob du wirklich alles aus dem Log gepostet hast und du nicht versehentlich einfach nur nicht alles markiert hast

nessie 01.11.2012 18:31
Im Log steht das, was ich gepostet habe, nichts mehr oder weniger.

Ich habe daher das mit dem ersten log gefragt, weil dort evtl. das von dir vermisste drin stehen könnte - aber gut, ich hab es nicht und du möchtest nicht drauf eingehen.

Meine zweite Frage war und ist; ist eine Behebung des Problems dennoch möglich?
Da ich nicht der Spezi bin, würde ich mich um etwas mehr Verständnis freuen > ich versuche ja auch alles!

Nach wie vor bin ich um jede Hilfe sehr dankbar.

cosinus 03.11.2012 00:20
Die Erfahrung bei nicht vollständigen Logs hat micht gelehrt, dass der TO wahrscheinlich das Log nicht komplett kopiert hat, es ist seltener, dass ein Log an sich vom entsprechenden Tool unvollständig erstellt wurde

Führe CF bitte nochmal aus. Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es nochmal mit diesem Tool.


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:54 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131