Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! (https://www.trojaner-board.de/117504-windows-verschluesselungs-trojaner-entfernt-dateien-verschluesselt.html)

cosinus 29.07.2012 20:06
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

nicole123 30.07.2012 15:58
Code:
16:56:02.0503 5372        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:56:02.0659 5372        ============================================================
16:56:02.0659 5372        Current date / time: 2012/07/30 16:56:02.0658
16:56:02.0659 5372        SystemInfo:
16:56:02.0659 5372       
16:56:02.0659 5372        OS Version: 6.1.7601 ServicePack: 1.0
16:56:02.0659 5372        Product type: Workstation
16:56:02.0659 5372        ComputerName: ICH-VAIO
16:56:02.0660 5372        UserName: ich
16:56:02.0660 5372        Windows directory: C:\Windows
16:56:02.0660 5372        System windows directory: C:\Windows
16:56:02.0660 5372        Running under WOW64
16:56:02.0660 5372        Processor architecture: Intel x64
16:56:02.0660 5372        Number of processors: 2
16:56:02.0660 5372        Page size: 0x1000
16:56:02.0660 5372        Boot type: Normal boot
16:56:02.0660 5372        ============================================================
16:56:03.0841 5372        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:56:03.0845 5372        ============================================================
16:56:03.0845 5372        \Device\Harddisk0\DR0:
16:56:03.0846 5372        MBR partitions:
16:56:03.0846 5372        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1BC4000, BlocksNum 0x32000
16:56:03.0846 5372        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BF6000, BlocksNum 0x38790030
16:56:03.0846 5372        ============================================================
16:56:03.0886 5372        C: <-> \Device\Harddisk0\DR0\Partition1
16:56:03.0886 5372        ============================================================
16:56:03.0886 5372        Initialize success
16:56:03.0886 5372        ============================================================
16:56:11.0532 3732        ============================================================
16:56:11.0532 3732        Scan started
16:56:11.0532 3732        Mode: Manual;
16:56:11.0532 3732        ============================================================
16:56:11.0904 3732        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:56:11.0917 3732        1394ohci - ok
16:56:12.0021 3732        ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:56:12.0028 3732        ACDaemon - ok
16:56:12.0078 3732        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:56:12.0098 3732        ACPI - ok
16:56:12.0119 3732        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:56:12.0122 3732        AcpiPmi - ok
16:56:12.0219 3732        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:56:12.0221 3732        AdobeARMservice - ok
16:56:12.0262 3732        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:56:12.0288 3732        adp94xx - ok
16:56:12.0341 3732        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:56:12.0363 3732        adpahci - ok
16:56:12.0408 3732        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:56:12.0422 3732        adpu320 - ok
16:56:12.0453 3732        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:56:12.0457 3732        AeLookupSvc - ok
16:56:12.0512 3732        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:56:12.0537 3732        AFD - ok
16:56:12.0569 3732        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:56:12.0573 3732        agp440 - ok
16:56:12.0599 3732        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:56:12.0603 3732        ALG - ok
16:56:12.0637 3732        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:56:12.0640 3732        aliide - ok
16:56:12.0658 3732        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:56:12.0661 3732        amdide - ok
16:56:12.0695 3732        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:56:12.0698 3732        AmdK8 - ok
16:56:12.0720 3732        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:56:12.0724 3732        AmdPPM - ok
16:56:12.0755 3732        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:56:12.0759 3732        amdsata - ok
16:56:12.0796 3732        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:56:12.0809 3732        amdsbs - ok
16:56:12.0823 3732        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:56:12.0824 3732        amdxata - ok
16:56:12.0862 3732        ApfiltrService  (12bfa9ec4b03cc16bb7d19baa308aef2) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:56:12.0865 3732        ApfiltrService - ok
16:56:12.0889 3732        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:56:12.0892 3732        AppID - ok
16:56:12.0916 3732        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:56:12.0919 3732        AppIDSvc - ok
16:56:12.0944 3732        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:56:12.0947 3732        Appinfo - ok
16:56:13.0052 3732        Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:56:13.0053 3732        Apple Mobile Device - ok
16:56:13.0087 3732        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:56:13.0091 3732        arc - ok
16:56:13.0121 3732        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:56:13.0125 3732        arcsas - ok
16:56:13.0153 3732        ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:56:13.0154 3732        ArcSoftKsUFilter - ok
16:56:13.0270 3732        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:56:13.0273 3732        aspnet_state - ok
16:56:13.0311 3732        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:56:13.0314 3732        AsyncMac - ok
16:56:13.0335 3732        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:56:13.0338 3732        atapi - ok
16:56:13.0359 3732        AthBTPort      (50f257e19554421b6891e3f998edca90) C:\Windows\system32\DRIVERS\btath_flt.sys
16:56:13.0360 3732        AthBTPort - ok
16:56:13.0381 3732        ATHDFU          (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys
16:56:13.0385 3732        ATHDFU - ok
16:56:13.0445 3732        Atheros Bt&Wlan Coex Agent (650f111d5cda64c10ae4b9d1ba9d4fff) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
16:56:13.0447 3732        Atheros Bt&Wlan Coex Agent - ok
16:56:13.0476 3732        AtherosSvc      (ebc3119394c9074a9cd87578a435050d) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
16:56:13.0479 3732        AtherosSvc - ok
16:56:13.0760 3732        athr            (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
16:56:13.0834 3732        athr - ok
16:56:13.0965 3732        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:14.0013 3732        AudioEndpointBuilder - ok
16:56:14.0029 3732        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:14.0039 3732        AudioSrv - ok
16:56:14.0067 3732        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:56:14.0070 3732        AxInstSV - ok
16:56:14.0138 3732        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:56:14.0165 3732        b06bdrv - ok
16:56:14.0216 3732        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:56:14.0236 3732        b57nd60a - ok
16:56:14.0352 3732        BBSvc          (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:56:14.0368 3732        BBSvc - ok
16:56:14.0448 3732        BBUpdate        (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:56:14.0464 3732        BBUpdate - ok
16:56:14.0492 3732        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:56:14.0497 3732        BDESVC - ok
16:56:14.0522 3732        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:56:14.0524 3732        Beep - ok
16:56:14.0580 3732        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:56:14.0626 3732        BFE - ok
16:56:14.0728 3732        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:56:14.0760 3732        BITS - ok
16:56:14.0823 3732        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:56:14.0826 3732        blbdrive - ok
16:56:14.0911 3732        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:56:14.0931 3732        Bonjour Service - ok
16:56:14.0958 3732        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:56:14.0961 3732        bowser - ok
16:56:14.0994 3732        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:56:14.0998 3732        BrFiltLo - ok
16:56:15.0019 3732        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:56:15.0022 3732        BrFiltUp - ok
16:56:15.0058 3732        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:56:15.0062 3732        Browser - ok
16:56:15.0103 3732        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:56:15.0122 3732        Brserid - ok
16:56:15.0150 3732        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:56:15.0153 3732        BrSerWdm - ok
16:56:15.0167 3732        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:56:15.0170 3732        BrUsbMdm - ok
16:56:15.0189 3732        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:56:15.0192 3732        BrUsbSer - ok
16:56:15.0237 3732        BTATH_A2DP      (b3bcd755fa9a359d10208cc9f09847cc) C:\Windows\system32\drivers\btath_a2dp.sys
16:56:15.0240 3732        BTATH_A2DP - ok
16:56:15.0265 3732        btath_avdt      (9bbba9d6dbdefc8a6542bc7a6ebaf710) C:\Windows\system32\drivers\btath_avdt.sys
16:56:15.0267 3732        btath_avdt - ok
16:56:15.0294 3732        BTATH_BUS      (d838dd1bcb328efcfad7a52de9e3cafd) C:\Windows\system32\drivers\btath_bus.sys
16:56:15.0295 3732        BTATH_BUS - ok
16:56:15.0341 3732        BTATH_HCRP      (a441b800e04cf8443faf519207563abb) C:\Windows\system32\drivers\btath_hcrp.sys
16:56:15.0345 3732        BTATH_HCRP - ok
16:56:15.0385 3732        BTATH_LWFLT    (b16f8429a35bba2a8ef9db2e08675b97) C:\Windows\system32\DRIVERS\btath_lwflt.sys
16:56:15.0386 3732        BTATH_LWFLT - ok
16:56:15.0429 3732        BTATH_RCP      (c24231c6bdfe21735930084a22089aab) C:\Windows\system32\drivers\btath_rcp.sys
16:56:15.0432 3732        BTATH_RCP - ok
16:56:15.0468 3732        BtFilter        (3632fa4c6b3ce9ec827690deac266d8c) C:\Windows\system32\DRIVERS\btfilter.sys
16:56:15.0471 3732        BtFilter - ok
16:56:15.0489 3732        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:56:15.0491 3732        BthEnum - ok
16:56:15.0516 3732        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:56:15.0519 3732        BTHMODEM - ok
16:56:15.0545 3732        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:56:15.0549 3732        BthPan - ok
16:56:15.0587 3732        BTHPORT        (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
16:56:15.0610 3732        BTHPORT - ok
16:56:15.0645 3732        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:56:15.0649 3732        bthserv - ok
16:56:15.0667 3732        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
16:56:15.0670 3732        BTHUSB - ok
16:56:15.0702 3732        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:56:15.0705 3732        cdfs - ok
16:56:15.0739 3732        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:56:15.0744 3732        cdrom - ok
16:56:15.0769 3732        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:15.0772 3732        CertPropSvc - ok
16:56:15.0796 3732        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:56:15.0798 3732        circlass - ok
16:56:15.0831 3732        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:56:15.0850 3732        CLFS - ok
16:56:15.0929 3732        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:15.0933 3732        clr_optimization_v2.0.50727_32 - ok
16:56:16.0004 3732        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:16.0009 3732        clr_optimization_v2.0.50727_64 - ok
16:56:16.0070 3732        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:16.0075 3732        clr_optimization_v4.0.30319_32 - ok
16:56:16.0128 3732        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:16.0162 3732        clr_optimization_v4.0.30319_64 - ok
16:56:16.0192 3732        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:56:16.0195 3732        CmBatt - ok
16:56:16.0231 3732        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:56:16.0235 3732        cmdide - ok
16:56:16.0301 3732        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:56:16.0326 3732        CNG - ok
16:56:16.0440 3732        CnxtHdAudService (1f394df3714ed4280047810790e6df69) C:\Windows\system32\drivers\CHDRT64.sys
16:56:16.0453 3732        CnxtHdAudService - ok
16:56:16.0558 3732        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:56:16.0560 3732        Compbatt - ok
16:56:16.0587 3732        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:56:16.0590 3732        CompositeBus - ok
16:56:16.0599 3732        COMSysApp - ok
16:56:16.0661 3732        cpuz135 - ok
16:56:16.0697 3732        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:56:16.0700 3732        crcdisk - ok
16:56:16.0763 3732        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:56:16.0777 3732        CryptSvc - ok
16:56:16.0940 3732        cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:56:16.0950 3732        cvhsvc - ok
16:56:17.0077 3732        DCDhcpService  (75e3c4bb1ed032310edcf5691a452b4b) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
16:56:17.0081 3732        DCDhcpService - ok
16:56:17.0145 3732        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:17.0172 3732        DcomLaunch - ok
16:56:17.0220 3732        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:56:17.0241 3732        defragsvc - ok
16:56:17.0311 3732        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:56:17.0315 3732        DfsC - ok
16:56:17.0349 3732        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:56:17.0371 3732        Dhcp - ok
16:56:17.0395 3732        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:56:17.0396 3732        discache - ok
16:56:17.0420 3732        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:56:17.0422 3732        Disk - ok
16:56:17.0454 3732        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:56:17.0468 3732        Dnscache - ok
16:56:17.0510 3732        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:56:17.0531 3732        dot3svc - ok
16:56:17.0569 3732        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:56:17.0574 3732        DPS - ok
16:56:17.0592 3732        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:56:17.0594 3732        drmkaud - ok
16:56:17.0667 3732        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:56:17.0678 3732        DXGKrnl - ok
16:56:17.0710 3732        e1yexpress      (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
16:56:17.0722 3732        e1yexpress - ok
16:56:17.0754 3732        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:56:17.0757 3732        EapHost - ok
16:56:17.0942 3732        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:56:18.0036 3732        ebdrv - ok
16:56:18.0137 3732        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:56:18.0140 3732        EFS - ok
16:56:18.0221 3732        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:56:18.0263 3732        ehRecvr - ok
16:56:18.0294 3732        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:56:18.0300 3732        ehSched - ok
16:56:18.0383 3732        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:56:18.0411 3732        elxstor - ok
16:56:18.0433 3732        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:56:18.0436 3732        ErrDev - ok
16:56:18.0502 3732        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:56:18.0522 3732        EventSystem - ok
16:56:18.0567 3732        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:56:18.0581 3732        exfat - ok
16:56:18.0611 3732        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:56:18.0623 3732        fastfat - ok
16:56:18.0678 3732        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:56:18.0713 3732        Fax - ok
16:56:18.0742 3732        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:56:18.0745 3732        fdc - ok
16:56:18.0767 3732        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:56:18.0770 3732        fdPHost - ok
16:56:18.0788 3732        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:56:18.0791 3732        FDResPub - ok
16:56:18.0822 3732        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:56:18.0826 3732        FileInfo - ok
16:56:18.0848 3732        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:56:18.0852 3732        Filetrace - ok
16:56:18.0881 3732        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:56:18.0884 3732        flpydisk - ok
16:56:18.0924 3732        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:56:18.0937 3732        FltMgr - ok
16:56:19.0034 3732        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:56:19.0078 3732        FontCache - ok
16:56:19.0151 3732        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:19.0155 3732        FontCache3.0.0.0 - ok
16:56:19.0220 3732        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:56:19.0224 3732        FsDepends - ok
16:56:19.0268 3732        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:56:19.0272 3732        Fs_Rec - ok
16:56:19.0304 3732        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:56:19.0316 3732        fvevol - ok
16:56:19.0344 3732        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:56:19.0347 3732        gagp30kx - ok
16:56:19.0387 3732        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:56:19.0389 3732        GEARAspiWDM - ok
16:56:19.0464 3732        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:56:19.0507 3732        gpsvc - ok
16:56:19.0542 3732        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:56:19.0545 3732        hcw85cir - ok
16:56:19.0581 3732        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:56:19.0603 3732        HdAudAddService - ok
16:56:19.0630 3732        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:56:19.0634 3732        HDAudBus - ok
16:56:19.0656 3732        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:56:19.0660 3732        HidBatt - ok
16:56:19.0696 3732        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:56:19.0700 3732        HidBth - ok
16:56:19.0720 3732        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:56:19.0722 3732        HidIr - ok
16:56:19.0754 3732        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:56:19.0757 3732        hidserv - ok
16:56:19.0777 3732        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:56:19.0780 3732        HidUsb - ok
16:56:19.0803 3732        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:56:19.0807 3732        hkmsvc - ok
16:56:19.0845 3732        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:56:19.0865 3732        HomeGroupListener - ok
16:56:19.0906 3732        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:56:19.0912 3732        HomeGroupProvider - ok
16:56:19.0936 3732        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:56:19.0940 3732        HpSAMD - ok
16:56:19.0998 3732        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:56:20.0041 3732        HTTP - ok
16:56:20.0065 3732        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:56:20.0066 3732        hwpolicy - ok
16:56:20.0107 3732        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:56:20.0111 3732        i8042prt - ok
16:56:20.0158 3732        iaStor          (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
16:56:20.0164 3732        iaStor - ok
16:56:20.0255 3732        IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:56:20.0257 3732        IAStorDataMgrSvc - ok
16:56:20.0317 3732        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:56:20.0336 3732        iaStorV - ok
16:56:20.0507 3732        IconMan_R      (6f3909a3d40cc9f4b28e03b027f918d8) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:56:20.0599 3732        IconMan_R - ok
16:56:20.0729 3732        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:20.0760 3732        idsvc - ok
16:56:21.0475 3732        igfx            (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:56:21.0738 3732        igfx - ok
16:56:21.0847 3732        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:56:21.0850 3732        iirsp - ok
16:56:21.0938 3732        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:56:21.0989 3732        IKEEXT - ok
16:56:22.0056 3732        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:56:22.0079 3732        IntcDAud - ok
16:56:22.0104 3732        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:56:22.0106 3732        intelide - ok
16:56:22.0138 3732        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
16:56:22.0139 3732        intelppm - ok
16:56:22.0179 3732        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:56:22.0185 3732        IPBusEnum - ok
16:56:22.0229 3732        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:56:22.0233 3732        IpFilterDriver - ok
16:56:22.0309 3732        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:56:22.0336 3732        iphlpsvc - ok
16:56:22.0366 3732        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:56:22.0370 3732        IPMIDRV - ok
16:56:22.0395 3732        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:56:22.0400 3732        IPNAT - ok
16:56:22.0527 3732        iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
16:56:22.0566 3732        iPod Service - ok
16:56:22.0587 3732        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:56:22.0590 3732        IRENUM - ok
16:56:22.0613 3732        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:56:22.0615 3732        isapnp - ok
16:56:22.0663 3732        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:56:22.0683 3732        iScsiPrt - ok
16:56:22.0709 3732        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:56:22.0710 3732        kbdclass - ok
16:56:22.0733 3732        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:56:22.0736 3732        kbdhid - ok
16:56:22.0758 3732        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:22.0760 3732        KeyIso - ok
16:56:22.0794 3732        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:56:22.0797 3732        KSecDD - ok
16:56:22.0832 3732        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:56:22.0836 3732        KSecPkg - ok
16:56:22.0860 3732        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:56:22.0862 3732        ksthunk - ok
16:56:22.0905 3732        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:56:22.0921 3732        KtmRm - ok
16:56:22.0979 3732        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:56:23.0001 3732        LanmanServer - ok
16:56:23.0027 3732        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:56:23.0034 3732        LanmanWorkstation - ok
16:56:23.0057 3732        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:56:23.0060 3732        lltdio - ok
16:56:23.0112 3732        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:56:23.0135 3732        lltdsvc - ok
16:56:23.0167 3732        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:56:23.0171 3732        lmhosts - ok
16:56:23.0267 3732        LMS            (98b16e756243bea9410e32025b19c06f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:56:23.0278 3732        LMS - ok
16:56:23.0330 3732        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:56:23.0335 3732        LSI_FC - ok
16:56:23.0365 3732        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:56:23.0369 3732        LSI_SAS - ok
16:56:23.0388 3732        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:56:23.0391 3732        LSI_SAS2 - ok
16:56:23.0418 3732        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:56:23.0422 3732        LSI_SCSI - ok
16:56:23.0450 3732        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:56:23.0453 3732        luafv - ok
16:56:23.0531 3732        McAfee SiteAdvisor Service (b891e3920f24ff1a3bead6cd2b42ed99) c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
16:56:23.0536 3732        McAfee SiteAdvisor Service - ok
16:56:23.0586 3732        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:56:23.0592 3732        Mcx2Svc - ok
16:56:23.0625 3732        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:56:23.0628 3732        megasas - ok
16:56:23.0666 3732        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:56:23.0685 3732        MegaSR - ok
16:56:23.0722 3732        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
16:56:23.0723 3732        MEIx64 - ok
16:56:23.0769 3732        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:56:23.0773 3732        MMCSS - ok
16:56:23.0801 3732        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:56:23.0804 3732        Modem - ok
16:56:23.0832 3732        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:56:23.0833 3732        monitor - ok
16:56:23.0862 3732        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:56:23.0863 3732        mouclass - ok
16:56:23.0888 3732        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:56:23.0891 3732        mouhid - ok
16:56:23.0920 3732        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:56:23.0922 3732        mountmgr - ok
16:56:23.0994 3732        MpFilter        (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:56:24.0007 3732        MpFilter - ok
16:56:24.0056 3732        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:56:24.0072 3732        mpio - ok
16:56:24.0104 3732        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:56:24.0109 3732        mpsdrv - ok
16:56:24.0197 3732        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:56:24.0252 3732        MpsSvc - ok
16:56:24.0283 3732        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:56:24.0288 3732        MRxDAV - ok
16:56:24.0325 3732        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:56:24.0329 3732        mrxsmb - ok
16:56:24.0368 3732        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:56:24.0387 3732        mrxsmb10 - ok
16:56:24.0424 3732        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:56:24.0428 3732        mrxsmb20 - ok
16:56:24.0464 3732        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:56:24.0468 3732        msahci - ok
16:56:24.0509 3732        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:56:24.0516 3732        msdsm - ok
16:56:24.0563 3732        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:56:24.0579 3732        MSDTC - ok
16:56:24.0627 3732        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:56:24.0628 3732        Msfs - ok
16:56:24.0646 3732        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:56:24.0649 3732        mshidkmdf - ok
16:56:24.0669 3732        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:56:24.0670 3732        msisadrv - ok
16:56:24.0708 3732        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:56:24.0713 3732        MSiSCSI - ok
16:56:24.0720 3732        msiserver - ok
16:56:24.0738 3732        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:56:24.0740 3732        MSKSSRV - ok
16:56:24.0803 3732        MsMpSvc        (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:56:24.0804 3732        MsMpSvc - ok
16:56:24.0825 3732        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:56:24.0828 3732        MSPCLOCK - ok
16:56:24.0848 3732        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:56:24.0850 3732        MSPQM - ok
16:56:24.0897 3732        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:56:24.0912 3732        MsRPC - ok
16:56:24.0947 3732        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:56:24.0948 3732        mssmbios - ok
16:56:24.0969 3732        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:56:24.0971 3732        MSTEE - ok
16:56:24.0991 3732        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:56:24.0993 3732        MTConfig - ok
16:56:25.0013 3732        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:56:25.0014 3732        Mup - ok
16:56:25.0078 3732        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:56:25.0103 3732        napagent - ok
16:56:25.0138 3732        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:56:25.0158 3732        NativeWifiP - ok
16:56:25.0292 3732        NAUpdate        (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
16:56:25.0329 3732        NAUpdate - ok
16:56:25.0423 3732        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:56:25.0475 3732        NDIS - ok
16:56:25.0503 3732        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:56:25.0506 3732        NdisCap - ok
16:56:25.0529 3732        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:56:25.0531 3732        NdisTapi - ok
16:56:25.0549 3732        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:56:25.0552 3732        Ndisuio - ok
16:56:25.0579 3732        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:56:25.0592 3732        NdisWan - ok
16:56:25.0616 3732        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:56:25.0619 3732        NDProxy - ok
16:56:25.0642 3732        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:56:25.0643 3732        NetBIOS - ok
16:56:25.0678 3732        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:56:25.0691 3732        NetBT - ok
16:56:25.0719 3732        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:25.0720 3732        Netlogon - ok
16:56:25.0772 3732        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:56:25.0794 3732        Netman - ok
16:56:25.0886 3732        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:25.0892 3732        NetMsmqActivator - ok
16:56:25.0911 3732        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:25.0913 3732        NetPipeActivator - ok
16:56:25.0981 3732        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:56:26.0004 3732        netprofm - ok
16:56:26.0020 3732        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:26.0023 3732        NetTcpActivator - ok
16:56:26.0039 3732        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:26.0041 3732        NetTcpPortSharing - ok
16:56:26.0126 3732        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:56:26.0130 3732        nfrd960 - ok
16:56:26.0188 3732        NisDrv          (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:56:26.0192 3732        NisDrv - ok
16:56:26.0272 3732        NisSrv          (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:56:26.0293 3732        NisSrv - ok
16:56:26.0347 3732        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:56:26.0370 3732        NlaSvc - ok
16:56:26.0414 3732        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:56:26.0415 3732        Npfs - ok
16:56:26.0444 3732        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:56:26.0448 3732        nsi - ok
16:56:26.0468 3732        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:56:26.0471 3732        nsiproxy - ok
16:56:26.0600 3732        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:56:26.0666 3732        Ntfs - ok
16:56:26.0777 3732        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:56:26.0780 3732        Null - ok
16:56:27.0431 3732        nvlddmkm        (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:56:27.0717 3732        nvlddmkm - ok
16:56:27.0864 3732        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:56:27.0869 3732        nvraid - ok
16:56:27.0917 3732        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:56:27.0932 3732        nvstor - ok
16:56:27.0982 3732        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:56:27.0986 3732        nv_agp - ok
16:56:28.0014 3732        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:56:28.0017 3732        ohci1394 - ok
16:56:28.0113 3732        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:56:28.0119 3732        ose - ok
16:56:28.0420 3732        osppsvc        (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:56:28.0547 3732        osppsvc - ok
16:56:28.0674 3732        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:56:28.0696 3732        p2pimsvc - ok
16:56:28.0751 3732        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:56:28.0778 3732        p2psvc - ok
16:56:28.0840 3732        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:56:28.0844 3732        Parport - ok
16:56:28.0891 3732        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:56:28.0893 3732        partmgr - ok
16:56:28.0945 3732        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:56:28.0959 3732        PcaSvc - ok
16:56:28.0966 3732        Scan interrupted by user!
16:56:28.0966 3732        Scan interrupted by user!
16:56:28.0966 3732        Scan interrupted by user!
16:56:28.0966 3732        ============================================================
16:56:28.0966 3732        Scan finished
16:56:28.0966 3732        ============================================================
16:56:28.0976 4524        Detected object count: 0
16:56:28.0976 4524        Actual detected object count: 0
16:56:47.0251 1240        ============================================================
16:56:47.0251 1240        Scan started
16:56:47.0251 1240        Mode: Manual; SigCheck; TDLFS;
16:56:47.0251 1240        ============================================================
16:56:47.0455 1240        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:56:47.0537 1240        1394ohci - ok
16:56:47.0651 1240        ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:56:47.0677 1240        ACDaemon - ok
16:56:47.0727 1240        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:56:47.0751 1240        ACPI - ok
16:56:47.0770 1240        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:56:47.0801 1240        AcpiPmi - ok
16:56:47.0882 1240        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:56:47.0903 1240        AdobeARMservice - ok
16:56:47.0946 1240        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:56:47.0972 1240        adp94xx - ok
16:56:48.0039 1240        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:56:48.0066 1240        adpahci - ok
16:56:48.0114 1240        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:56:48.0130 1240        adpu320 - ok
16:56:48.0161 1240        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:56:48.0228 1240        AeLookupSvc - ok
16:56:48.0282 1240        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:56:48.0320 1240        AFD - ok
16:56:48.0352 1240        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:56:48.0364 1240        agp440 - ok
16:56:48.0394 1240        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:56:48.0427 1240        ALG - ok
16:56:48.0454 1240        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:56:48.0468 1240        aliide - ok
16:56:48.0486 1240        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:56:48.0501 1240        amdide - ok
16:56:48.0534 1240        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:56:48.0567 1240        AmdK8 - ok
16:56:48.0581 1240        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:56:48.0605 1240        AmdPPM - ok
16:56:48.0635 1240        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:56:48.0648 1240        amdsata - ok
16:56:48.0691 1240        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:56:48.0720 1240        amdsbs - ok
16:56:48.0739 1240        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:56:48.0751 1240        amdxata - ok
16:56:48.0789 1240        ApfiltrService  (12bfa9ec4b03cc16bb7d19baa308aef2) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:56:48.0806 1240        ApfiltrService - ok
16:56:48.0827 1240        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:56:48.0882 1240        AppID - ok
16:56:48.0909 1240        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:56:48.0982 1240        AppIDSvc - ok
16:56:49.0002 1240        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:56:49.0062 1240        Appinfo - ok
16:56:49.0155 1240        Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:56:49.0174 1240        Apple Mobile Device - ok
16:56:49.0213 1240        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:56:49.0229 1240        arc - ok
16:56:49.0246 1240        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:56:49.0257 1240        arcsas - ok
16:56:49.0278 1240        ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:56:49.0287 1240        ArcSoftKsUFilter - ok
16:56:49.0361 1240        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:56:49.0386 1240        aspnet_state - ok
16:56:49.0426 1240        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:56:49.0506 1240        AsyncMac - ok
16:56:49.0527 1240        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:56:49.0536 1240        atapi - ok
16:56:49.0561 1240        AthBTPort      (50f257e19554421b6891e3f998edca90) C:\Windows\system32\DRIVERS\btath_flt.sys
16:56:49.0568 1240        AthBTPort - ok
16:56:49.0602 1240        ATHDFU          (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys
16:56:49.0608 1240        ATHDFU - ok
16:56:49.0659 1240        Atheros Bt&Wlan Coex Agent (650f111d5cda64c10ae4b9d1ba9d4fff) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
16:56:49.0678 1240        Atheros Bt&Wlan Coex Agent - ok
16:56:49.0700 1240        AtherosSvc      (ebc3119394c9074a9cd87578a435050d) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
16:56:49.0709 1240        AtherosSvc - ok
16:56:49.0916 1240        athr            (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
16:56:49.0972 1240        athr - ok
16:56:50.0115 1240        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:50.0192 1240        AudioEndpointBuilder - ok
16:56:50.0199 1240        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:50.0240 1240        AudioSrv - ok
16:56:50.0259 1240        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:56:50.0301 1240        AxInstSV - ok
16:56:50.0386 1240        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:56:50.0420 1240        b06bdrv - ok
16:56:50.0463 1240        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:56:50.0504 1240        b57nd60a - ok
16:56:50.0599 1240        BBSvc          (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:56:50.0633 1240        BBSvc - ok
16:56:50.0686 1240        BBUpdate        (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:56:50.0710 1240        BBUpdate - ok
16:56:50.0739 1240        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:56:50.0761 1240        BDESVC - ok
16:56:50.0781 1240        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:56:50.0841 1240        Beep - ok
16:56:50.0893 1240        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:56:50.0960 1240        BFE - ok
16:56:51.0027 1240        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:56:51.0104 1240        BITS - ok
16:56:51.0158 1240        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:56:51.0199 1240        blbdrive - ok
16:56:51.0291 1240        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:56:51.0324 1240        Bonjour Service - ok
16:56:51.0348 1240        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:56:51.0376 1240        bowser - ok
16:56:51.0406 1240        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:56:51.0451 1240        BrFiltLo - ok
16:56:51.0476 1240        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:56:51.0498 1240        BrFiltUp - ok
16:56:51.0537 1240        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:56:51.0616 1240        Browser - ok
16:56:51.0659 1240        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:56:51.0696 1240        Brserid - ok
16:56:51.0726 1240        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:56:51.0752 1240        BrSerWdm - ok
16:56:51.0766 1240        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:56:51.0797 1240        BrUsbMdm - ok
16:56:51.0821 1240        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:56:51.0857 1240        BrUsbSer - ok
16:56:51.0905 1240        BTATH_A2DP      (b3bcd755fa9a359d10208cc9f09847cc) C:\Windows\system32\drivers\btath_a2dp.sys
16:56:51.0929 1240        BTATH_A2DP - ok
16:56:51.0952 1240        btath_avdt      (9bbba9d6dbdefc8a6542bc7a6ebaf710) C:\Windows\system32\drivers\btath_avdt.sys
16:56:51.0963 1240        btath_avdt - ok
16:56:51.0991 1240        BTATH_BUS      (d838dd1bcb328efcfad7a52de9e3cafd) C:\Windows\system32\drivers\btath_bus.sys
16:56:52.0000 1240        BTATH_BUS - ok
16:56:52.0038 1240        BTATH_HCRP      (a441b800e04cf8443faf519207563abb) C:\Windows\system32\drivers\btath_hcrp.sys
16:56:52.0051 1240        BTATH_HCRP - ok
16:56:52.0071 1240        BTATH_LWFLT    (b16f8429a35bba2a8ef9db2e08675b97) C:\Windows\system32\DRIVERS\btath_lwflt.sys
16:56:52.0082 1240        BTATH_LWFLT - ok
16:56:52.0135 1240        BTATH_RCP      (c24231c6bdfe21735930084a22089aab) C:\Windows\system32\drivers\btath_rcp.sys
16:56:52.0152 1240        BTATH_RCP - ok
16:56:52.0189 1240        BtFilter        (3632fa4c6b3ce9ec827690deac266d8c) C:\Windows\system32\DRIVERS\btfilter.sys
16:56:52.0200 1240        BtFilter - ok
16:56:52.0230 1240        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:56:52.0252 1240        BthEnum - ok
16:56:52.0291 1240        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:56:52.0334 1240        BTHMODEM - ok
16:56:52.0366 1240        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:56:52.0397 1240        BthPan - ok
16:56:52.0449 1240        BTHPORT        (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
16:56:52.0491 1240        BTHPORT - ok
16:56:52.0530 1240        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:56:52.0577 1240        bthserv - ok
16:56:52.0595 1240        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
16:56:52.0617 1240        BTHUSB - ok
16:56:52.0652 1240        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:56:52.0699 1240        cdfs - ok
16:56:52.0722 1240        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:56:52.0735 1240        cdrom - ok
16:56:52.0762 1240        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:52.0822 1240        CertPropSvc - ok
16:56:52.0843 1240        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:56:52.0875 1240        circlass - ok
16:56:52.0914 1240        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:56:52.0932 1240        CLFS - ok
16:56:53.0010 1240        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:53.0025 1240        clr_optimization_v2.0.50727_32 - ok
16:56:53.0086 1240        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:53.0108 1240        clr_optimization_v2.0.50727_64 - ok
16:56:53.0164 1240        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:53.0186 1240        clr_optimization_v4.0.30319_32 - ok
16:56:53.0232 1240        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:53.0254 1240        clr_optimization_v4.0.30319_64 - ok
16:56:53.0306 1240        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:56:53.0347 1240        CmBatt - ok
16:56:53.0379 1240        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:56:53.0402 1240        cmdide - ok
16:56:53.0445 1240        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:56:53.0482 1240        CNG - ok
16:56:53.0586 1240        CnxtHdAudService (1f394df3714ed4280047810790e6df69) C:\Windows\system32\drivers\CHDRT64.sys
16:56:53.0635 1240        CnxtHdAudService - ok
16:56:53.0761 1240        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:56:53.0786 1240        Compbatt - ok
16:56:53.0811 1240        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:56:53.0838 1240        CompositeBus - ok
16:56:53.0844 1240        COMSysApp - ok
16:56:53.0908 1240        cpuz135 - ok
16:56:53.0944 1240        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:56:53.0969 1240        crcdisk - ok
16:56:54.0020 1240        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:56:54.0044 1240        CryptSvc - ok
16:56:54.0185 1240        cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:56:54.0228 1240        cvhsvc - ok
16:56:54.0324 1240        DCDhcpService  (75e3c4bb1ed032310edcf5691a452b4b) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
16:56:54.0341 1240        DCDhcpService - ok
16:56:54.0423 1240        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:54.0516 1240        DcomLaunch - ok
16:56:54.0553 1240        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:56:54.0609 1240        defragsvc - ok
16:56:54.0679 1240        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:56:54.0747 1240        DfsC - ok
16:56:54.0792 1240        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:56:54.0854 1240        Dhcp - ok
16:56:54.0872 1240        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:56:54.0917 1240        discache - ok
16:56:54.0953 1240        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:56:54.0965 1240        Disk - ok
16:56:54.0986 1240        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:56:55.0008 1240        Dnscache - ok
16:56:55.0043 1240        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:56:55.0100 1240        dot3svc - ok
16:56:55.0125 1240        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:56:55.0181 1240        DPS - ok
16:56:55.0213 1240        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:56:55.0239 1240        drmkaud - ok
16:56:55.0306 1240        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:56:55.0332 1240        DXGKrnl - ok
16:56:55.0366 1240        e1yexpress      (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
16:56:55.0391 1240        e1yexpress - ok
16:56:55.0430 1240        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:56:55.0483 1240        EapHost - ok
16:56:55.0681 1240        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:56:55.0733 1240        ebdrv - ok
16:56:55.0834 1240        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:56:55.0884 1240        EFS - ok
16:56:55.0965 1240        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:56:56.0005 1240        ehRecvr - ok
16:56:56.0025 1240        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:56:56.0052 1240        ehSched - ok
16:56:56.0148 1240        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:56:56.0173 1240        elxstor - ok
16:56:56.0202 1240        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:56:56.0236 1240        ErrDev - ok
16:56:56.0298 1240        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:56:56.0364 1240        EventSystem - ok
16:56:56.0398 1240        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:56:56.0445 1240        exfat - ok
16:56:56.0471 1240        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:56:56.0530 1240        fastfat - ok
16:56:56.0596 1240        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:56:56.0630 1240        Fax - ok
16:56:56.0660 1240        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:56:56.0687 1240        fdc - ok
16:56:56.0708 1240        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:56:56.0749 1240        fdPHost - ok
16:56:56.0772 1240        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:56:56.0820 1240        FDResPub - ok
16:56:56.0849 1240        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:56:56.0861 1240        FileInfo - ok
16:56:56.0876 1240        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:56:56.0923 1240        Filetrace - ok
16:56:56.0952 1240        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:56:56.0963 1240        flpydisk - ok
16:56:56.0997 1240        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:56:57.0021 1240        FltMgr - ok
16:56:57.0105 1240        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:56:57.0153 1240        FontCache - ok
16:56:57.0223 1240        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:57.0243 1240        FontCache3.0.0.0 - ok
16:56:57.0314 1240        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:56:57.0338 1240        FsDepends - ok
16:56:57.0373 1240        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:56:57.0392 1240        Fs_Rec - ok
16:56:57.0419 1240        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:56:57.0443 1240        fvevol - ok
16:56:57.0471 1240        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:56:57.0482 1240        gagp30kx - ok
16:56:57.0515 1240        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:56:57.0523 1240        GEARAspiWDM - ok
16:56:57.0588 1240        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:56:57.0637 1240        gpsvc - ok
16:56:57.0670 1240        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:56:57.0703 1240        hcw85cir - ok
16:56:57.0759 1240        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:56:57.0799 1240        HdAudAddService - ok
16:56:57.0845 1240        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:56:57.0894 1240        HDAudBus - ok
16:56:57.0926 1240        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:56:57.0958 1240        HidBatt - ok
16:56:57.0977 1240        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:56:58.0007 1240        HidBth - ok
16:56:58.0022 1240        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:56:58.0037 1240        HidIr - ok
16:56:58.0069 1240        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:56:58.0121 1240        hidserv - ok
16:56:58.0146 1240        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:56:58.0157 1240        HidUsb - ok
16:56:58.0181 1240        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:56:58.0240 1240        hkmsvc - ok
16:56:58.0269 1240        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:56:58.0298 1240        HomeGroupListener - ok
16:56:58.0329 1240        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:56:58.0354 1240        HomeGroupProvider - ok
16:56:58.0382 1240        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:56:58.0394 1240        HpSAMD - ok
16:56:58.0454 1240        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:56:58.0544 1240        HTTP - ok
16:56:58.0567 1240        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:56:58.0577 1240        hwpolicy - ok
16:56:58.0597 1240        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:56:58.0612 1240        i8042prt - ok
16:56:58.0654 1240        iaStor          (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
16:56:58.0675 1240        iaStor - ok
16:56:58.0758 1240        IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:56:58.0775 1240        IAStorDataMgrSvc - ok
16:56:58.0827 1240        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:56:58.0851 1240        iaStorV - ok
16:56:59.0021 1240        IconMan_R      (6f3909a3d40cc9f4b28e03b027f918d8) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:56:59.0092 1240        IconMan_R ( UnsignedFile.Multi.Generic ) - warning
16:56:59.0092 1240        IconMan_R - detected UnsignedFile.Multi.Generic (1)
16:56:59.0220 1240        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:59.0261 1240        idsvc - ok
16:57:00.0021 1240        igfx            (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:57:00.0181 1240        igfx - ok
16:57:00.0304 1240        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:57:00.0329 1240        iirsp - ok
16:57:00.0405 1240        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:57:00.0468 1240        IKEEXT - ok
16:57:00.0513 1240        IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:57:00.0527 1240        IntcDAud - ok
16:57:00.0550 1240        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:57:00.0560 1240        intelide - ok
16:57:00.0584 1240        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
16:57:00.0613 1240        intelppm - ok
16:57:00.0648 1240        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:57:00.0694 1240        IPBusEnum - ok
16:57:00.0730 1240        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:57:00.0764 1240        IpFilterDriver - ok
16:57:00.0808 1240        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:57:00.0882 1240        iphlpsvc - ok
16:57:00.0911 1240        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:57:00.0932 1240        IPMIDRV - ok
16:57:00.0949 1240        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:57:00.0993 1240        IPNAT - ok
16:57:01.0095 1240        iPod Service    (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
16:57:01.0131 1240        iPod Service - ok
16:57:01.0154 1240        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:57:01.0200 1240        IRENUM - ok
16:57:01.0225 1240        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:57:01.0238 1240        isapnp - ok
16:57:01.0284 1240        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:57:01.0298 1240        iScsiPrt - ok
16:57:01.0320 1240        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:57:01.0330 1240        kbdclass - ok
16:57:01.0356 1240        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:57:01.0379 1240        kbdhid - ok
16:57:01.0403 1240        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:01.0414 1240        KeyIso - ok
16:57:01.0449 1240        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:57:01.0459 1240        KSecDD - ok
16:57:01.0499 1240        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:57:01.0516 1240        KSecPkg - ok
16:57:01.0548 1240        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:57:01.0595 1240        ksthunk - ok
16:57:01.0654 1240        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:57:01.0702 1240        KtmRm - ok
16:57:01.0756 1240        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:57:01.0807 1240        LanmanServer - ok
16:57:01.0844 1240        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:57:01.0896 1240        LanmanWorkstation - ok
16:57:01.0930 1240        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:57:01.0979 1240        lltdio - ok
16:57:02.0043 1240        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:57:02.0101 1240        lltdsvc - ok
16:57:02.0118 1240        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:57:02.0167 1240        lmhosts - ok
16:57:02.0265 1240        LMS            (98b16e756243bea9410e32025b19c06f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:57:02.0287 1240        LMS - ok
16:57:02.0325 1240        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:57:02.0336 1240        LSI_FC - ok
16:57:02.0370 1240        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:57:02.0381 1240        LSI_SAS - ok
16:57:02.0405 1240        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:57:02.0416 1240        LSI_SAS2 - ok
16:57:02.0434 1240        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:57:02.0445 1240        LSI_SCSI - ok
16:57:02.0467 1240        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:57:02.0521 1240        luafv - ok
16:57:02.0593 1240        McAfee SiteAdvisor Service (b891e3920f24ff1a3bead6cd2b42ed99) c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
16:57:02.0615 1240        McAfee SiteAdvisor Service - ok
16:57:02.0657 1240        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:57:02.0691 1240        Mcx2Svc - ok
16:57:02.0719 1240        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:57:02.0731 1240        megasas - ok
16:57:02.0782 1240        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:57:02.0801 1240        MegaSR - ok
16:57:02.0850 1240        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
16:57:02.0870 1240        MEIx64 - ok
16:57:02.0930 1240        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:57:03.0013 1240        MMCSS - ok
16:57:03.0043 1240        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:57:03.0109 1240        Modem - ok
16:57:03.0133 1240        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:57:03.0171 1240        monitor - ok
16:57:03.0198 1240        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:57:03.0208 1240        mouclass - ok
16:57:03.0224 1240        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:57:03.0248 1240        mouhid - ok
16:57:03.0279 1240        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:57:03.0290 1240        mountmgr - ok
16:57:03.0330 1240        MpFilter        (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:57:03.0347 1240        MpFilter - ok
16:57:03.0382 1240        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:57:03.0396 1240        mpio - ok
16:57:03.0418 1240        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:57:03.0459 1240        mpsdrv - ok
16:57:03.0530 1240        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:57:03.0578 1240        MpsSvc - ok
16:57:03.0608 1240        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:57:03.0636 1240        MRxDAV - ok
16:57:03.0685 1240        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:57:03.0711 1240        mrxsmb - ok
16:57:03.0746 1240        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:57:03.0764 1240        mrxsmb10 - ok
16:57:03.0792 1240        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:57:03.0804 1240        mrxsmb20 - ok
16:57:03.0833 1240        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:57:03.0843 1240        msahci - ok
16:57:03.0878 1240        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:57:03.0890 1240        msdsm - ok
16:57:03.0921 1240        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:57:03.0942 1240        MSDTC - ok
16:57:03.0975 1240        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:57:04.0027 1240        Msfs - ok
16:57:04.0049 1240        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:57:04.0100 1240        mshidkmdf - ok
16:57:04.0127 1240        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:57:04.0136 1240        msisadrv - ok
16:57:04.0175 1240        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:57:04.0224 1240        MSiSCSI - ok
16:57:04.0231 1240        msiserver - ok
16:57:04.0262 1240        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:57:04.0303 1240        MSKSSRV - ok
16:57:04.0360 1240        MsMpSvc        (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:57:04.0382 1240        MsMpSvc - ok
16:57:04.0404 1240        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:57:04.0451 1240        MSPCLOCK - ok
16:57:04.0471 1240        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:57:04.0525 1240        MSPQM - ok
16:57:04.0571 1240        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:57:04.0586 1240        MsRPC - ok
16:57:04.0613 1240        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:57:04.0623 1240        mssmbios - ok
16:57:04.0647 1240        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:57:04.0695 1240        MSTEE - ok
16:57:04.0724 1240        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:57:04.0735 1240        MTConfig - ok
16:57:04.0756 1240        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:57:04.0766 1240        Mup - ok
16:57:04.0822 1240        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:57:04.0890 1240        napagent - ok
16:57:04.0923 1240        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:57:04.0951 1240        NativeWifiP - ok
16:57:05.0071 1240        NAUpdate        (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
16:57:05.0105 1240        NAUpdate - ok
16:57:05.0193 1240        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:57:05.0234 1240        NDIS - ok
16:57:05.0257 1240        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:57:05.0305 1240        NdisCap - ok
16:57:05.0333 1240        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:57:05.0370 1240        NdisTapi - ok
16:57:05.0392 1240        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:57:05.0426 1240        Ndisuio - ok
16:57:05.0454 1240        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:57:05.0500 1240        NdisWan - ok
16:57:05.0537 1240        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:57:05.0585 1240        NDProxy - ok
16:57:05.0605 1240        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:57:05.0658 1240        NetBIOS - ok
16:57:05.0701 1240        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:57:05.0755 1240        NetBT - ok
16:57:05.0782 1240        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:05.0793 1240        Netlogon - ok
16:57:05.0845 1240        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:57:05.0900 1240        Netman - ok
16:57:05.0971 1240        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:05.0993 1240        NetMsmqActivator - ok
16:57:06.0002 1240        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:06.0015 1240        NetPipeActivator - ok
16:57:06.0068 1240        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:57:06.0125 1240        netprofm - ok
16:57:06.0131 1240        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:06.0141 1240        NetTcpActivator - ok
16:57:06.0149 1240        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:06.0159 1240        NetTcpPortSharing - ok
16:57:06.0222 1240        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:57:06.0244 1240        nfrd960 - ok
16:57:06.0296 1240        NisDrv          (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:57:06.0310 1240        NisDrv - ok
16:57:06.0390 1240        NisSrv          (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:57:06.0421 1240        NisSrv - ok
16:57:06.0464 1240        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:57:06.0519 1240        NlaSvc - ok
16:57:06.0542 1240        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:57:06.0576 1240        Npfs - ok
16:57:06.0594 1240        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:57:06.0638 1240        nsi - ok
16:57:06.0663 1240        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:57:06.0698 1240        nsiproxy - ok
16:57:06.0815 1240        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:57:06.0858 1240        Ntfs - ok
16:57:06.0961 1240        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:57:07.0035 1240        Null - ok
16:57:07.0580 1240        nvlddmkm        (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:57:07.0767 1240        nvlddmkm - ok
16:57:07.0913 1240        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:57:07.0943 1240        nvraid - ok
16:57:08.0005 1240        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:57:08.0021 1240        nvstor - ok
16:57:08.0068 1240        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:57:08.0081 1240        nv_agp - ok
16:57:08.0111 1240        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:57:08.0135 1240        ohci1394 - ok
16:57:08.0221 1240        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:57:08.0237 1240        ose - ok
16:57:08.0529 1240        osppsvc        (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:57:08.0615 1240        osppsvc - ok
16:57:08.0739 1240        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:57:08.0778 1240        p2pimsvc - ok
16:57:08.0827 1240        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:57:08.0852 1240        p2psvc - ok
16:57:08.0904 1240        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:57:08.0933 1240        Parport - ok
16:57:08.0977 1240        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:57:08.0993 1240        partmgr - ok
16:57:09.0043 1240        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:57:09.0076 1240        PcaSvc - ok
16:57:09.0126 1240        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:57:09.0143 1240        pci - ok
16:57:09.0172 1240        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:57:09.0184 1240        pciide - ok
16:57:09.0220 1240        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:57:09.0244 1240        pcmcia - ok
16:57:09.0273 1240        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:57:09.0284 1240        pcw - ok
16:57:09.0331 1240        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:57:09.0428 1240        PEAUTH - ok
16:57:09.0514 1240        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:57:09.0566 1240        PerfHost - ok
16:57:09.0705 1240        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:57:09.0816 1240        pla - ok
16:57:09.0869 1240        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:57:09.0925 1240        PlugPlay - ok
16:57:10.0054 1240        PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
16:57:10.0101 1240        PMBDeviceInfoProvider - ok
16:57:10.0143 1240        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:57:10.0184 1240        PNRPAutoReg - ok
16:57:10.0229 1240        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:57:10.0246 1240        PNRPsvc - ok
16:57:10.0296 1240        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:57:10.0380 1240        PolicyAgent - ok
16:57:10.0424 1240        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:57:10.0476 1240        Power - ok
16:57:10.0552 1240        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:57:10.0622 1240        PptpMiniport - ok
16:57:10.0641 1240        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:57:10.0662 1240        Processor - ok
16:57:10.0717 1240        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:57:10.0773 1240        ProfSvc - ok
16:57:10.0801 1240        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:10.0818 1240        ProtectedStorage - ok
16:57:10.0861 1240        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:57:10.0938 1240        Psched - ok
16:57:11.0039 1240        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:57:11.0129 1240        ql2300 - ok
16:57:11.0259 1240        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:57:11.0291 1240        ql40xx - ok
16:57:11.0342 1240        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:57:11.0391 1240        QWAVE - ok
16:57:11.0416 1240        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:57:11.0449 1240        QWAVEdrv - ok
16:57:11.0471 1240        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:57:11.0507 1240        RasAcd - ok
16:57:11.0534 1240        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:57:11.0570 1240        RasAgileVpn - ok
16:57:11.0595 1240        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:57:11.0649 1240        RasAuto - ok
16:57:11.0673 1240        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:57:11.0719 1240        Rasl2tp - ok
16:57:11.0752 1240        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:57:11.0820 1240        RasMan - ok
16:57:11.0852 1240        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:57:11.0900 1240        RasPppoe - ok
16:57:11.0932 1240        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:57:11.0979 1240        RasSstp - ok
16:57:12.0019 1240        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:57:12.0102 1240        rdbss - ok
16:57:12.0119 1240        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:57:12.0141 1240        rdpbus - ok
16:57:12.0167 1240        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:57:12.0201 1240        RDPCDD - ok
16:57:12.0215 1240        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:57:12.0272 1240        RDPENCDD - ok
16:57:12.0286 1240        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:57:12.0321 1240        RDPREFMP - ok
16:57:12.0366 1240        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:57:12.0429 1240        RDPWD - ok
16:57:12.0480 1240        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:57:12.0517 1240        rdyboost - ok
16:57:12.0575 1240        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:57:12.0630 1240        RemoteAccess - ok
16:57:12.0674 1240        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:57:12.0760 1240        RemoteRegistry - ok
16:57:12.0807 1240        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:57:12.0847 1240        RFCOMM - ok
16:57:12.0882 1240        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:57:12.0940 1240        RpcEptMapper - ok
16:57:12.0973 1240        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:57:13.0010 1240        RpcLocator - ok
16:57:13.0061 1240        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:57:13.0103 1240        RpcSs - ok
16:57:13.0155 1240        RSPCIESTOR      (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
16:57:13.0180 1240        RSPCIESTOR - ok
16:57:13.0216 1240        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:57:13.0254 1240        rspndr - ok
16:57:13.0313 1240        RTL8167        (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:57:13.0330 1240        RTL8167 - ok
16:57:13.0375 1240        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:13.0388 1240        SamSs - ok
16:57:13.0422 1240        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:57:13.0436 1240        sbp2port - ok
16:57:13.0471 1240        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:57:13.0516 1240        SCardSvr - ok
16:57:13.0552 1240        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:57:13.0623 1240        scfilter - ok
16:57:13.0706 1240        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:57:13.0809 1240        Schedule - ok
16:57:13.0856 1240        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:57:13.0895 1240        SCPolicySvc - ok
16:57:13.0922 1240        sdbus          (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
16:57:13.0955 1240        sdbus - ok
16:57:13.0989 1240        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:57:14.0025 1240        SDRSVC - ok
16:57:14.0047 1240        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:57:14.0101 1240        secdrv - ok
16:57:14.0122 1240        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:57:14.0159 1240        seclogon - ok
16:57:14.0190 1240        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:57:14.0233 1240        SENS - ok
16:57:14.0257 1240        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:57:14.0279 1240        SensrSvc - ok
16:57:14.0296 1240        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:57:14.0322 1240        Serenum - ok
16:57:14.0350 1240        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:57:14.0375 1240        Serial - ok
16:57:14.0398 1240        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:57:14.0420 1240        sermouse - ok
16:57:14.0505 1240        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:57:14.0587 1240        SessionEnv - ok
16:57:14.0615 1240        SFEP            (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
16:57:14.0640 1240        SFEP - ok
16:57:14.0664 1240        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:57:14.0697 1240        sffdisk - ok
16:57:14.0730 1240        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:57:14.0755 1240        sffp_mmc - ok
16:57:14.0782 1240        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:57:14.0811 1240        sffp_sd - ok
16:57:14.0840 1240        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:57:14.0865 1240        sfloppy - ok
16:57:14.0956 1240        Sftfs          (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:57:14.0987 1240        Sftfs - ok
16:57:15.0088 1240        sftlist        (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:57:15.0131 1240        sftlist - ok
16:57:15.0183 1240        Sftplay        (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:57:15.0211 1240        Sftplay - ok
16:57:15.0239 1240        Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:57:15.0248 1240        Sftredir - ok
16:57:15.0276 1240        Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:57:15.0284 1240        Sftvol - ok
16:57:15.0319 1240        sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:57:15.0357 1240        sftvsa - ok
16:57:15.0424 1240        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:57:15.0511 1240        SharedAccess - ok
16:57:15.0566 1240        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:57:15.0640 1240        ShellHWDetection - ok
16:57:15.0671 1240        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:57:15.0682 1240        SiSRaid2 - ok
16:57:15.0711 1240        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:57:15.0725 1240        SiSRaid4 - ok
16:57:15.0760 1240        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:57:15.0817 1240        Smb - ok
16:57:15.0867 1240        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:57:15.0899 1240        SNMPTRAP - ok
16:57:16.0017 1240        SOHCImp        (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:57:16.0093 1240        SOHCImp - ok
16:57:16.0117 1240        SOHDs          (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:57:16.0173 1240        SOHDs - ok
16:57:16.0260 1240        SpfService      (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
16:57:16.0326 1240        SpfService - ok
16:57:16.0344 1240        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:57:16.0354 1240        spldr - ok
16:57:16.0422 1240        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:57:16.0475 1240        Spooler - ok
16:57:16.0659 1240        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:57:16.0753 1240        sppsvc - ok
16:57:16.0896 1240        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:57:16.0954 1240        sppuinotify - ok
16:57:17.0030 1240        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:57:17.0097 1240        srv - ok
16:57:17.0144 1240        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:57:17.0191 1240        srv2 - ok
16:57:17.0222 1240        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:57:17.0238 1240        srvnet - ok
16:57:17.0299 1240        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:57:17.0355 1240        SSDPSRV - ok
16:57:17.0370 1240        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:57:17.0408 1240        SstpSvc - ok
16:57:17.0445 1240        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:57:17.0458 1240        stexstor - ok
16:57:17.0513 1240        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:57:17.0579 1240        stisvc - ok
16:57:17.0615 1240        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:57:17.0628 1240        swenum - ok
16:57:17.0806 1240        SwitchBoard    (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:57:17.0940 1240        SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
16:57:17.0941 1240        SwitchBoard - detected UnsignedFile.Multi.Generic (1)
16:57:18.0004 1240        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:57:18.0102 1240        swprv - ok
16:57:18.0230 1240        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:57:18.0334 1240        SysMain - ok
16:57:18.0444 1240        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:57:18.0485 1240        TabletInputService - ok
16:57:18.0544 1240        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:57:18.0624 1240        TapiSrv - ok
16:57:18.0654 1240        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:57:18.0705 1240        TBS - ok
16:57:18.0883 1240        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:57:18.0980 1240        Tcpip - ok
16:57:19.0156 1240        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:57:19.0204 1240        TCPIP6 - ok
16:57:19.0292 1240        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:57:19.0362 1240        tcpipreg - ok
16:57:19.0386 1240        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:57:19.0407 1240        TDPIPE - ok
16:57:19.0453 1240        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:57:19.0466 1240        TDTCP - ok
16:57:19.0501 1240        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:57:19.0544 1240        tdx - ok
16:57:19.0587 1240        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:57:19.0599 1240        TermDD - ok
16:57:19.0662 1240        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:57:19.0770 1240        TermService - ok
16:57:19.0785 1240        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:57:19.0802 1240        Themes - ok
16:57:19.0842 1240        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:57:19.0878 1240        THREADORDER - ok
16:57:19.0909 1240        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:57:19.0964 1240        TrkWks - ok
16:57:20.0024 1240        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:57:20.0111 1240        TrustedInstaller - ok
16:57:20.0154 1240        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:57:20.0209 1240        tssecsrv - ok
16:57:20.0231 1240        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:57:20.0255 1240        TsUsbFlt - ok
16:57:20.0288 1240        TsUsbGD        (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:57:20.0302 1240        TsUsbGD - ok
16:57:20.0329 1240        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:57:20.0388 1240        tunnel - ok
16:57:20.0425 1240        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:57:20.0439 1240        uagp35 - ok
16:57:20.0530 1240        uCamMonitor    (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
16:57:20.0552 1240        uCamMonitor - ok
16:57:20.0608 1240        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:57:20.0687 1240        udfs - ok
16:57:20.0733 1240        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:57:20.0763 1240        UI0Detect - ok
16:57:20.0798 1240        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:57:20.0811 1240        uliagpkx - ok
16:57:20.0849 1240        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:57:20.0885 1240        umbus - ok
16:57:20.0921 1240        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:57:20.0954 1240        UmPass - ok
16:57:21.0155 1240        UNS            (7a78ed1088890114dfde2c4ab038d6b6) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:57:21.0252 1240        UNS - ok
16:57:21.0386 1240        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:57:21.0483 1240        upnphost - ok
16:57:21.0542 1240        USBAAPL64      (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:57:21.0564 1240        USBAAPL64 - ok
16:57:21.0601 1240        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:57:21.0633 1240        usbccgp - ok
16:57:21.0661 1240        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:57:21.0678 1240        usbcir - ok
16:57:21.0703 1240        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:57:21.0733 1240        usbehci - ok
16:57:21.0777 1240        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
16:57:21.0826 1240        usbhub - ok
16:57:21.0849 1240        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:57:21.0872 1240        usbohci - ok
16:57:21.0918 1240        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:57:21.0943 1240        usbprint - ok
16:57:21.0987 1240        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:57:22.0006 1240        usbscan - ok
16:57:22.0046 1240        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:57:22.0073 1240        USBSTOR - ok
16:57:22.0101 1240        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:57:22.0128 1240        usbuhci - ok
16:57:22.0167 1240        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:57:22.0203 1240        usbvideo - ok
16:57:22.0244 1240        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:57:22.0303 1240        UxSms - ok
16:57:22.0403 1240        VAIO Event Service (dcb1f83ad167d16d263ce57c94e9eedf) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
16:57:22.0426 1240        VAIO Event Service - ok
16:57:22.0463 1240        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:22.0475 1240        VaultSvc - ok
16:57:22.0631 1240        VCFw            (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:57:22.0810 1240        VCFw - ok
16:57:22.0939 1240        VcmIAlzMgr      (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:57:23.0011 1240        VcmIAlzMgr - ok
16:57:23.0059 1240        VcmINSMgr      (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:57:23.0182 1240        VcmINSMgr - ok
16:57:23.0254 1240        VcmXmlIfHelper  (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
16:57:23.0315 1240        VcmXmlIfHelper - ok
16:57:23.0401 1240        VCService      (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
16:57:23.0421 1240        VCService - ok
16:57:23.0550 1240        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:57:23.0577 1240        vdrvroot - ok
16:57:23.0634 1240        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:57:23.0723 1240        vds - ok
16:57:23.0762 1240        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:57:23.0779 1240        vga - ok
16:57:23.0802 1240        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:57:23.0872 1240        VgaSave - ok
16:57:23.0921 1240        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:57:23.0959 1240        vhdmp - ok
16:57:24.0003 1240        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:57:24.0014 1240        viaide - ok
16:57:24.0052 1240        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:57:24.0064 1240        volmgr - ok
16:57:24.0106 1240        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:57:24.0144 1240        volmgrx - ok
16:57:24.0188 1240        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:57:24.0217 1240        volsnap - ok
16:57:24.0256 1240        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:57:24.0271 1240        vsmraid - ok
16:57:24.0424 1240        VSNService      (03f6f618367cb16a2176b8db4215d1f9) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
16:57:24.0496 1240        VSNService - ok
16:57:24.0618 1240        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:57:24.0719 1240        VSS - ok
16:57:24.0895 1240        VUAgent        (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
16:57:24.0959 1240        VUAgent - ok
16:57:25.0093 1240        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:57:25.0139 1240        vwifibus - ok
16:57:25.0171 1240        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:57:25.0205 1240        vwififlt - ok
16:57:25.0230 1240        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:57:25.0263 1240        vwifimp - ok
16:57:25.0316 1240        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:57:25.0380 1240        W32Time - ok
16:57:25.0413 1240        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:57:25.0434 1240        WacomPen - ok
16:57:25.0471 1240        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:25.0519 1240        WANARP - ok
16:57:25.0529 1240        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:25.0563 1240        Wanarpv6 - ok
16:57:25.0670 1240        WatAdminSvc    (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:57:25.0745 1240        WatAdminSvc - ok
16:57:25.0859 1240        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:57:25.0927 1240        wbengine - ok
16:57:26.0043 1240        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:57:26.0104 1240        WbioSrvc - ok
16:57:26.0146 1240        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:57:26.0211 1240        wcncsvc - ok
16:57:26.0241 1240        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:57:26.0266 1240        WcsPlugInService - ok
16:57:26.0331 1240        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:57:26.0349 1240        Wd - ok
16:57:26.0420 1240        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:57:26.0467 1240        Wdf01000 - ok
16:57:26.0507 1240        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:26.0546 1240        WdiServiceHost - ok
16:57:26.0556 1240        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:26.0575 1240        WdiSystemHost - ok
16:57:26.0609 1240        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:57:26.0657 1240        WebClient - ok
16:57:26.0690 1240        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:57:26.0761 1240        Wecsvc - ok
16:57:26.0792 1240        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:57:26.0831 1240        wercplsupport - ok
16:57:26.0860 1240        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:57:26.0898 1240        WerSvc - ok
16:57:26.0969 1240        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:57:27.0022 1240        WfpLwf - ok
16:57:27.0110 1240        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:57:27.0137 1240        WIMMount - ok
16:57:27.0185 1240        WinDefend - ok
16:57:27.0234 1240        WinHttpAutoProxySvc - ok
16:57:27.0311 1240        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:57:27.0380 1240        Winmgmt - ok
16:57:27.0517 1240        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:57:27.0632 1240        WinRM - ok
16:57:27.0805 1240        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:57:27.0858 1240        WinUsb - ok
16:57:27.0976 1240        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:57:28.0078 1240        Wlansvc - ok
16:57:28.0154 1240        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:57:28.0178 1240        wlcrasvc - ok
16:57:28.0350 1240        wlidsvc        (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:57:28.0473 1240        wlidsvc - ok
16:57:28.0605 1240        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:57:28.0650 1240        WmiAcpi - ok
16:57:28.0734 1240        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:57:28.0791 1240        wmiApSrv - ok
16:57:28.0866 1240        WMPNetworkSvc - ok
16:57:28.0915 1240        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:57:28.0936 1240        WPCSvc - ok
16:57:28.0965 1240        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:57:28.0981 1240        WPDBusEnum - ok
16:57:29.0019 1240        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:57:29.0057 1240        ws2ifsl - ok
16:57:29.0085 1240        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:57:29.0118 1240        wscsvc - ok
16:57:29.0129 1240        WSearch - ok
16:57:29.0307 1240        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:57:29.0416 1240        wuauserv - ok
16:57:29.0556 1240        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:57:29.0611 1240        WudfPf - ok
16:57:29.0638 1240        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:57:29.0690 1240        WUDFRd - ok
16:57:29.0734 1240        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:57:29.0798 1240        wudfsvc - ok
16:57:29.0832 1240        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:57:29.0874 1240        WwanSvc - ok
16:57:29.0940 1240        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:57:30.0338 1240        \Device\Harddisk0\DR0 - ok
16:57:30.0344 1240        Boot (0x1200)  (93f8375423b9f53198e83afbbc0c0f80) \Device\Harddisk0\DR0\Partition0
16:57:30.0348 1240        \Device\Harddisk0\DR0\Partition0 - ok
16:57:30.0383 1240        Boot (0x1200)  (a2625536f76af51c902835acd891eca1) \Device\Harddisk0\DR0\Partition1
16:57:30.0386 1240        \Device\Harddisk0\DR0\Partition1 - ok
16:57:30.0387 1240        ============================================================
16:57:30.0387 1240        Scan finished
16:57:30.0387 1240        ============================================================
16:57:30.0402 4032        Detected object count: 2
16:57:30.0402 4032        Actual detected object count: 2
16:57:41.0525 4032        IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:41.0525 4032        IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:57:41.0527 4032        SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:41.0527 4032        SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
gesagt, getan ;)
LG Nicole

cosinus 30.07.2012 20:06
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

nicole123 04.08.2012 16:10
Combofix Logfile:
Code:
ComboFix 12-08-04.02 - ich 04.08.2012  12:48:03.1.2 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4044.2490 [GMT 2:00]
ausgeführt von:: c:\users\ich\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ich\4.0
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-07-04 bis 2012-08-04  ))))))))))))))))))))))))))))))
.
.
2012-08-04 10:52 . 2012-08-04 10:52        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-08-04 10:47 . 2012-07-16 00:40        9133488        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{56FBC82D-F4E6-4DCE-A5FB-2A4902111DA4}\mpengine.dll
2012-07-19 09:57 . 2012-07-19 09:57        --------        d-----w-        C:\_OTL
2012-07-18 08:13 . 2012-06-12 03:08        3148800        ----a-w-        c:\windows\system32\win32k.sys
2012-07-18 08:11 . 2010-02-23 08:16        294912        ----a-w-        c:\windows\system32\browserchoice.exe
2012-07-16 18:08 . 2012-07-16 18:08        --------        d-----w-        c:\programdata\WinZip
2012-07-16 18:08 . 2012-07-16 18:08        --------        d-----w-        c:\program files\WinZip
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-18 08:08 . 2012-02-19 21:21        59701280        ----a-w-        c:\windows\system32\MRT.exe
2012-07-03 11:46 . 2012-06-17 15:09        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-06-27 16:16 . 2012-06-27 16:16        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-27 16:16 . 2012-03-01 18:46        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-25 14:04 . 2012-06-25 14:04        1394248        ----a-w-        c:\windows\SysWow64\msxml4.dll
2012-06-02 22:19 . 2012-06-24 11:58        38424        ----a-w-        c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-24 11:58        2428952        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-24 11:58        57880        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-24 11:58        44056        ----a-w-        c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-24 11:58        701976        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-24 11:58        2622464        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-24 11:58        99840        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-24 11:57        186752        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-24 11:57        36864        ----a-w-        c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2010-11-21 03:27        279656        ------w-        c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-04-29 36000]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2011-04-29 51872]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-04-29 259232]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-04-29 109216]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-04-29 166048]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-04-29 59040]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-04-29 283296]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-04-29 288416]
R3 cpuz135;cpuz135;c:\users\ich\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2011-07-19 104096]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-06-15 103472]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-08-12 971704]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-04-29 29344]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-03-29 317440]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-03-29 335464]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-29 425064]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 93264501
*Deregistered* - 93264501
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2519252957-1520245971-2312452232-1000Core.job
- c:\users\ich\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-16 16:20]
.
2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2519252957-1520245971-2312452232-1000UA.job
- c:\users\ich\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-16 16:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418328]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page =
uInternet Settings,ProxyOverride = <local>;*.local
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-08-04  12:54:25
ComboFix-quarantined-files.txt  2012-08-04 10:54
.
Vor Suchlauf: 16 Verzeichnis(se), 414.051.180.544 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 413.907.496.960 Bytes frei
.
- - End Of File - - 8454796EB669DEA06EB5C622EEA8D8E0
--- --- ---


die fehlermeldung ist nicht aufgetaucht ;)

Liebe Grüße

cosinus 04.08.2012 18:47
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

nicole123 05.08.2012 14:46
ich kann das osam.exe nicht ausführen... da kommt immer eine fehlermeldung: programm kann nicht gestartet werden, da osam_gui.dll auf dem computer fehlt.
habe es mehrfach versucht, aber es kommt immer die selbe fehlermeldung :(

cosinus 05.08.2012 16:35
Das liegt daran, dass du meine Hinweise nicht liest!
OSAM musst du vorher mit 7zip oder WinRAR in ein separates Verzeichnis entpacken und dann kannst du erst daraus die EXE starten!

nicole123 06.08.2012 18:09
Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-06 18:45:43
-----------------------------
18:45:43.450    OS Version: Windows x64 6.1.7601 Service Pack 1
18:45:43.450    Number of processors: 2 586 0x2A07
18:45:43.450    ComputerName: ICH-VAIO  UserName: ich
18:45:44.682    Initialize success
18:46:44.264    AVAST engine defs: 12080600
18:47:51.249    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:47:51.264    Disk 0 Vendor: ST950032 0006 Size: 476940MB BusType: 3
18:47:51.280    Disk 0 MBR read successfully
18:47:51.280    Disk 0 MBR scan
18:47:51.295    Disk 0 Windows 7 default MBR code
18:47:51.295    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        14214 MB offset 2048
18:47:51.327    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 29114368
18:47:51.342    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      462624 MB offset 29319168
18:47:51.389    Disk 0 scanning C:\Windows\system32\drivers
18:48:04.946    Service scanning
18:48:36.437    Modules scanning
18:48:36.437    Disk 0 trace - called modules:
18:48:36.578    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:48:37.108    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004866310]
18:48:37.108    3 CLASSPNP.SYS[fffff88001b6843f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046fb050]
18:48:39.094    AVAST engine scan C:\Windows
18:48:42.109    AVAST engine scan C:\Windows\system32
18:51:49.469    AVAST engine scan C:\Windows\system32\drivers
18:52:05.845    AVAST engine scan C:\Users\ich
18:58:37.856    AVAST engine scan C:\ProgramData
19:00:49.368    Scan finished successfully
19:08:45.879    Disk 0 MBR has been saved successfully to "C:\Users\ich\Desktop\pc rettung\MBR.dat"
19:08:45.882    The log file has been saved successfully to "C:\Users\ich\Desktop\pc rettung\aswMBR.txt"
Vielen Dank
Gruß Nicole

cosinus 07.08.2012 12:18
Was ist mit den anderen Logs?
OSAM und GMER fehlt!

nicole123 08.08.2012 17:30
OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 18:11:35 on 06.08.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit
Default Browser: Google Inc. Google Chrome 21.0.1180.60

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskUserS-1-5-21-2519252957-1520245971-2312452232-1000Core.job" - "Google Inc." - C:\Users\ich\AppData\Local\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskUserS-1-5-21-2519252957-1520245971-2312452232-1000UA.job" - "Google Inc." - C:\Users\ich\AppData\Local\Google\Update\GoogleUpdate.exe

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"cpuz135" (cpuz135) - ? - C:\Users\ich\AppData\Local\Temp\cpuz135\cpuz135_x64.sys  (File not found)
"Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys
"Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys
"Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys
"Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{5513F07E-936B-4E52-9B00-067394E91CC5} "dssrequest" - ? -  (File not found | COM-object registry key not found)
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{5513F07E-936B-4E52-9B00-067394E91CC5} "sacore" - ? -  (File not found | COM-object registry key not found)
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? -  (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
ITBar7Height64 "ITBar7Height64" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout64" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "ClsidExtension" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "CIESpeechBHO Class" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"ISBMgr.exe" - ? - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"PMBVolumeWatcher" - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"SwitchBoard" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll  (File not found)
"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe"  (File not found)
"@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200" (NAUpdate) - "Nero AG" - C:\Program Files (x86)\Nero\Update\NASvc.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
"Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"Atheros Bt&Wlan Coex Agent" (Atheros Bt&Wlan Coex Agent) - "Atheros" - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
"AtherosSvc" (AtherosSvc) - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
"BBUpdate" (BBUpdate) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
"Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
"CamMonitor" (uCamMonitor) - "ArcSoft, Inc." - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
"Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
"DCDhcpService" (DCDhcpService) - "Atheros Communication Inc." - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"IconMan_R" (IconMan_R) - "Realsil Microelectronics Inc." - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
"Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
"Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
"Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
"iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe
"McAfee SiteAdvisor Service" (McAfee SiteAdvisor Service) - "McAfee, Inc." - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Office  Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
"PMBDeviceInfoProvider" (PMBDeviceInfoProvider) - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
"SwitchBoard" (SwitchBoard) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"VAIO Care Performance Service" (SampleCollector) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
"VAIO Content Folder Watcher" (VCFw) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
"VAIO Content Importer" (SOHCImp) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
"VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
"VAIO Content Metadata Intelligent Network Service Manager" (VcmINSMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
"VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
"VAIO Device Searcher" (SOHDs) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
"VAIO Entertainment Common Service" (SpfService) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
"VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
"VCService" (VCService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCService.exe
"VSNService" (VSNService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
"VUAgent" (VUAgent) - "Sony Corporation" - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code]
GMER Logfile:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-06 18:47:42
Windows 6.1.7601 Service Pack 1
Running: zlzfbmwt.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78c9d48c                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78d71562                     
Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78d71562@3cd0f8473cdc        0x24 0x2D 0xD5 0x01 ...
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78c9d48c (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78d71562 (not active ControlSet) 
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78d71562@3cd0f8473cdc            0x24 0x2D 0xD5 0x01 ...

---- EOF - GMER 1.0.15 ----
--- --- ---

cosinus 09.08.2012 13:26
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:56 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131