| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.07.2012, 20:06
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C  nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.07.2012, 15:58
| #17 |
 | Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt!Code:
ATTFilter 16:56:02.0503 5372 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
16:56:02.0659 5372 ============================================================
16:56:02.0659 5372 Current date / time: 2012/07/30 16:56:02.0658
16:56:02.0659 5372 SystemInfo:
16:56:02.0659 5372
16:56:02.0659 5372 OS Version: 6.1.7601 ServicePack: 1.0
16:56:02.0659 5372 Product type: Workstation
16:56:02.0659 5372 ComputerName: ICH-VAIO
16:56:02.0660 5372 UserName: ich
16:56:02.0660 5372 Windows directory: C:\Windows
16:56:02.0660 5372 System windows directory: C:\Windows
16:56:02.0660 5372 Running under WOW64
16:56:02.0660 5372 Processor architecture: Intel x64
16:56:02.0660 5372 Number of processors: 2
16:56:02.0660 5372 Page size: 0x1000
16:56:02.0660 5372 Boot type: Normal boot
16:56:02.0660 5372 ============================================================
16:56:03.0841 5372 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:56:03.0845 5372 ============================================================
16:56:03.0845 5372 \Device\Harddisk0\DR0:
16:56:03.0846 5372 MBR partitions:
16:56:03.0846 5372 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1BC4000, BlocksNum 0x32000
16:56:03.0846 5372 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1BF6000, BlocksNum 0x38790030
16:56:03.0846 5372 ============================================================
16:56:03.0886 5372 C: <-> \Device\Harddisk0\DR0\Partition1
16:56:03.0886 5372 ============================================================
16:56:03.0886 5372 Initialize success
16:56:03.0886 5372 ============================================================
16:56:11.0532 3732 ============================================================
16:56:11.0532 3732 Scan started
16:56:11.0532 3732 Mode: Manual;
16:56:11.0532 3732 ============================================================
16:56:11.0904 3732 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:56:11.0917 3732 1394ohci - ok
16:56:12.0021 3732 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:56:12.0028 3732 ACDaemon - ok
16:56:12.0078 3732 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:56:12.0098 3732 ACPI - ok
16:56:12.0119 3732 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:56:12.0122 3732 AcpiPmi - ok
16:56:12.0219 3732 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:56:12.0221 3732 AdobeARMservice - ok
16:56:12.0262 3732 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:56:12.0288 3732 adp94xx - ok
16:56:12.0341 3732 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:56:12.0363 3732 adpahci - ok
16:56:12.0408 3732 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:56:12.0422 3732 adpu320 - ok
16:56:12.0453 3732 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:56:12.0457 3732 AeLookupSvc - ok
16:56:12.0512 3732 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:56:12.0537 3732 AFD - ok
16:56:12.0569 3732 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:56:12.0573 3732 agp440 - ok
16:56:12.0599 3732 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:56:12.0603 3732 ALG - ok
16:56:12.0637 3732 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:56:12.0640 3732 aliide - ok
16:56:12.0658 3732 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:56:12.0661 3732 amdide - ok
16:56:12.0695 3732 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:56:12.0698 3732 AmdK8 - ok
16:56:12.0720 3732 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:56:12.0724 3732 AmdPPM - ok
16:56:12.0755 3732 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:56:12.0759 3732 amdsata - ok
16:56:12.0796 3732 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:56:12.0809 3732 amdsbs - ok
16:56:12.0823 3732 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:56:12.0824 3732 amdxata - ok
16:56:12.0862 3732 ApfiltrService (12bfa9ec4b03cc16bb7d19baa308aef2) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:56:12.0865 3732 ApfiltrService - ok
16:56:12.0889 3732 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:56:12.0892 3732 AppID - ok
16:56:12.0916 3732 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:56:12.0919 3732 AppIDSvc - ok
16:56:12.0944 3732 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:56:12.0947 3732 Appinfo - ok
16:56:13.0052 3732 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:56:13.0053 3732 Apple Mobile Device - ok
16:56:13.0087 3732 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:56:13.0091 3732 arc - ok
16:56:13.0121 3732 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:56:13.0125 3732 arcsas - ok
16:56:13.0153 3732 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:56:13.0154 3732 ArcSoftKsUFilter - ok
16:56:13.0270 3732 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:56:13.0273 3732 aspnet_state - ok
16:56:13.0311 3732 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:56:13.0314 3732 AsyncMac - ok
16:56:13.0335 3732 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:56:13.0338 3732 atapi - ok
16:56:13.0359 3732 AthBTPort (50f257e19554421b6891e3f998edca90) C:\Windows\system32\DRIVERS\btath_flt.sys
16:56:13.0360 3732 AthBTPort - ok
16:56:13.0381 3732 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys
16:56:13.0385 3732 ATHDFU - ok
16:56:13.0445 3732 Atheros Bt&Wlan Coex Agent (650f111d5cda64c10ae4b9d1ba9d4fff) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
16:56:13.0447 3732 Atheros Bt&Wlan Coex Agent - ok
16:56:13.0476 3732 AtherosSvc (ebc3119394c9074a9cd87578a435050d) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
16:56:13.0479 3732 AtherosSvc - ok
16:56:13.0760 3732 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
16:56:13.0834 3732 athr - ok
16:56:13.0965 3732 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:14.0013 3732 AudioEndpointBuilder - ok
16:56:14.0029 3732 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:14.0039 3732 AudioSrv - ok
16:56:14.0067 3732 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:56:14.0070 3732 AxInstSV - ok
16:56:14.0138 3732 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:56:14.0165 3732 b06bdrv - ok
16:56:14.0216 3732 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:56:14.0236 3732 b57nd60a - ok
16:56:14.0352 3732 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:56:14.0368 3732 BBSvc - ok
16:56:14.0448 3732 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:56:14.0464 3732 BBUpdate - ok
16:56:14.0492 3732 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:56:14.0497 3732 BDESVC - ok
16:56:14.0522 3732 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:56:14.0524 3732 Beep - ok
16:56:14.0580 3732 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:56:14.0626 3732 BFE - ok
16:56:14.0728 3732 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:56:14.0760 3732 BITS - ok
16:56:14.0823 3732 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:56:14.0826 3732 blbdrive - ok
16:56:14.0911 3732 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:56:14.0931 3732 Bonjour Service - ok
16:56:14.0958 3732 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:56:14.0961 3732 bowser - ok
16:56:14.0994 3732 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:56:14.0998 3732 BrFiltLo - ok
16:56:15.0019 3732 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:56:15.0022 3732 BrFiltUp - ok
16:56:15.0058 3732 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:56:15.0062 3732 Browser - ok
16:56:15.0103 3732 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:56:15.0122 3732 Brserid - ok
16:56:15.0150 3732 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:56:15.0153 3732 BrSerWdm - ok
16:56:15.0167 3732 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:56:15.0170 3732 BrUsbMdm - ok
16:56:15.0189 3732 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:56:15.0192 3732 BrUsbSer - ok
16:56:15.0237 3732 BTATH_A2DP (b3bcd755fa9a359d10208cc9f09847cc) C:\Windows\system32\drivers\btath_a2dp.sys
16:56:15.0240 3732 BTATH_A2DP - ok
16:56:15.0265 3732 btath_avdt (9bbba9d6dbdefc8a6542bc7a6ebaf710) C:\Windows\system32\drivers\btath_avdt.sys
16:56:15.0267 3732 btath_avdt - ok
16:56:15.0294 3732 BTATH_BUS (d838dd1bcb328efcfad7a52de9e3cafd) C:\Windows\system32\drivers\btath_bus.sys
16:56:15.0295 3732 BTATH_BUS - ok
16:56:15.0341 3732 BTATH_HCRP (a441b800e04cf8443faf519207563abb) C:\Windows\system32\drivers\btath_hcrp.sys
16:56:15.0345 3732 BTATH_HCRP - ok
16:56:15.0385 3732 BTATH_LWFLT (b16f8429a35bba2a8ef9db2e08675b97) C:\Windows\system32\DRIVERS\btath_lwflt.sys
16:56:15.0386 3732 BTATH_LWFLT - ok
16:56:15.0429 3732 BTATH_RCP (c24231c6bdfe21735930084a22089aab) C:\Windows\system32\drivers\btath_rcp.sys
16:56:15.0432 3732 BTATH_RCP - ok
16:56:15.0468 3732 BtFilter (3632fa4c6b3ce9ec827690deac266d8c) C:\Windows\system32\DRIVERS\btfilter.sys
16:56:15.0471 3732 BtFilter - ok
16:56:15.0489 3732 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:56:15.0491 3732 BthEnum - ok
16:56:15.0516 3732 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:56:15.0519 3732 BTHMODEM - ok
16:56:15.0545 3732 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:56:15.0549 3732 BthPan - ok
16:56:15.0587 3732 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
16:56:15.0610 3732 BTHPORT - ok
16:56:15.0645 3732 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:56:15.0649 3732 bthserv - ok
16:56:15.0667 3732 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
16:56:15.0670 3732 BTHUSB - ok
16:56:15.0702 3732 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:56:15.0705 3732 cdfs - ok
16:56:15.0739 3732 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:56:15.0744 3732 cdrom - ok
16:56:15.0769 3732 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:15.0772 3732 CertPropSvc - ok
16:56:15.0796 3732 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:56:15.0798 3732 circlass - ok
16:56:15.0831 3732 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:56:15.0850 3732 CLFS - ok
16:56:15.0929 3732 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:15.0933 3732 clr_optimization_v2.0.50727_32 - ok
16:56:16.0004 3732 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:16.0009 3732 clr_optimization_v2.0.50727_64 - ok
16:56:16.0070 3732 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:16.0075 3732 clr_optimization_v4.0.30319_32 - ok
16:56:16.0128 3732 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:16.0162 3732 clr_optimization_v4.0.30319_64 - ok
16:56:16.0192 3732 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:56:16.0195 3732 CmBatt - ok
16:56:16.0231 3732 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:56:16.0235 3732 cmdide - ok
16:56:16.0301 3732 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:56:16.0326 3732 CNG - ok
16:56:16.0440 3732 CnxtHdAudService (1f394df3714ed4280047810790e6df69) C:\Windows\system32\drivers\CHDRT64.sys
16:56:16.0453 3732 CnxtHdAudService - ok
16:56:16.0558 3732 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:56:16.0560 3732 Compbatt - ok
16:56:16.0587 3732 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:56:16.0590 3732 CompositeBus - ok
16:56:16.0599 3732 COMSysApp - ok
16:56:16.0661 3732 cpuz135 - ok
16:56:16.0697 3732 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:56:16.0700 3732 crcdisk - ok
16:56:16.0763 3732 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:56:16.0777 3732 CryptSvc - ok
16:56:16.0940 3732 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:56:16.0950 3732 cvhsvc - ok
16:56:17.0077 3732 DCDhcpService (75e3c4bb1ed032310edcf5691a452b4b) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
16:56:17.0081 3732 DCDhcpService - ok
16:56:17.0145 3732 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:17.0172 3732 DcomLaunch - ok
16:56:17.0220 3732 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:56:17.0241 3732 defragsvc - ok
16:56:17.0311 3732 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:56:17.0315 3732 DfsC - ok
16:56:17.0349 3732 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:56:17.0371 3732 Dhcp - ok
16:56:17.0395 3732 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:56:17.0396 3732 discache - ok
16:56:17.0420 3732 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:56:17.0422 3732 Disk - ok
16:56:17.0454 3732 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:56:17.0468 3732 Dnscache - ok
16:56:17.0510 3732 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:56:17.0531 3732 dot3svc - ok
16:56:17.0569 3732 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:56:17.0574 3732 DPS - ok
16:56:17.0592 3732 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:56:17.0594 3732 drmkaud - ok
16:56:17.0667 3732 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:56:17.0678 3732 DXGKrnl - ok
16:56:17.0710 3732 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
16:56:17.0722 3732 e1yexpress - ok
16:56:17.0754 3732 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:56:17.0757 3732 EapHost - ok
16:56:17.0942 3732 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:56:18.0036 3732 ebdrv - ok
16:56:18.0137 3732 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:56:18.0140 3732 EFS - ok
16:56:18.0221 3732 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:56:18.0263 3732 ehRecvr - ok
16:56:18.0294 3732 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:56:18.0300 3732 ehSched - ok
16:56:18.0383 3732 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:56:18.0411 3732 elxstor - ok
16:56:18.0433 3732 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:56:18.0436 3732 ErrDev - ok
16:56:18.0502 3732 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:56:18.0522 3732 EventSystem - ok
16:56:18.0567 3732 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:56:18.0581 3732 exfat - ok
16:56:18.0611 3732 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:56:18.0623 3732 fastfat - ok
16:56:18.0678 3732 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:56:18.0713 3732 Fax - ok
16:56:18.0742 3732 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:56:18.0745 3732 fdc - ok
16:56:18.0767 3732 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:56:18.0770 3732 fdPHost - ok
16:56:18.0788 3732 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:56:18.0791 3732 FDResPub - ok
16:56:18.0822 3732 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:56:18.0826 3732 FileInfo - ok
16:56:18.0848 3732 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:56:18.0852 3732 Filetrace - ok
16:56:18.0881 3732 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:56:18.0884 3732 flpydisk - ok
16:56:18.0924 3732 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:56:18.0937 3732 FltMgr - ok
16:56:19.0034 3732 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:56:19.0078 3732 FontCache - ok
16:56:19.0151 3732 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:19.0155 3732 FontCache3.0.0.0 - ok
16:56:19.0220 3732 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:56:19.0224 3732 FsDepends - ok
16:56:19.0268 3732 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:56:19.0272 3732 Fs_Rec - ok
16:56:19.0304 3732 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:56:19.0316 3732 fvevol - ok
16:56:19.0344 3732 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:56:19.0347 3732 gagp30kx - ok
16:56:19.0387 3732 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:56:19.0389 3732 GEARAspiWDM - ok
16:56:19.0464 3732 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:56:19.0507 3732 gpsvc - ok
16:56:19.0542 3732 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:56:19.0545 3732 hcw85cir - ok
16:56:19.0581 3732 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:56:19.0603 3732 HdAudAddService - ok
16:56:19.0630 3732 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:56:19.0634 3732 HDAudBus - ok
16:56:19.0656 3732 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:56:19.0660 3732 HidBatt - ok
16:56:19.0696 3732 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:56:19.0700 3732 HidBth - ok
16:56:19.0720 3732 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:56:19.0722 3732 HidIr - ok
16:56:19.0754 3732 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:56:19.0757 3732 hidserv - ok
16:56:19.0777 3732 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:56:19.0780 3732 HidUsb - ok
16:56:19.0803 3732 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:56:19.0807 3732 hkmsvc - ok
16:56:19.0845 3732 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:56:19.0865 3732 HomeGroupListener - ok
16:56:19.0906 3732 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:56:19.0912 3732 HomeGroupProvider - ok
16:56:19.0936 3732 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:56:19.0940 3732 HpSAMD - ok
16:56:19.0998 3732 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:56:20.0041 3732 HTTP - ok
16:56:20.0065 3732 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:56:20.0066 3732 hwpolicy - ok
16:56:20.0107 3732 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:56:20.0111 3732 i8042prt - ok
16:56:20.0158 3732 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
16:56:20.0164 3732 iaStor - ok
16:56:20.0255 3732 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:56:20.0257 3732 IAStorDataMgrSvc - ok
16:56:20.0317 3732 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:56:20.0336 3732 iaStorV - ok
16:56:20.0507 3732 IconMan_R (6f3909a3d40cc9f4b28e03b027f918d8) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:56:20.0599 3732 IconMan_R - ok
16:56:20.0729 3732 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:20.0760 3732 idsvc - ok
16:56:21.0475 3732 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:56:21.0738 3732 igfx - ok
16:56:21.0847 3732 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:56:21.0850 3732 iirsp - ok
16:56:21.0938 3732 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:56:21.0989 3732 IKEEXT - ok
16:56:22.0056 3732 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:56:22.0079 3732 IntcDAud - ok
16:56:22.0104 3732 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:56:22.0106 3732 intelide - ok
16:56:22.0138 3732 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
16:56:22.0139 3732 intelppm - ok
16:56:22.0179 3732 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:56:22.0185 3732 IPBusEnum - ok
16:56:22.0229 3732 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:56:22.0233 3732 IpFilterDriver - ok
16:56:22.0309 3732 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:56:22.0336 3732 iphlpsvc - ok
16:56:22.0366 3732 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:56:22.0370 3732 IPMIDRV - ok
16:56:22.0395 3732 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:56:22.0400 3732 IPNAT - ok
16:56:22.0527 3732 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
16:56:22.0566 3732 iPod Service - ok
16:56:22.0587 3732 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:56:22.0590 3732 IRENUM - ok
16:56:22.0613 3732 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:56:22.0615 3732 isapnp - ok
16:56:22.0663 3732 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:56:22.0683 3732 iScsiPrt - ok
16:56:22.0709 3732 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:56:22.0710 3732 kbdclass - ok
16:56:22.0733 3732 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:56:22.0736 3732 kbdhid - ok
16:56:22.0758 3732 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:22.0760 3732 KeyIso - ok
16:56:22.0794 3732 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:56:22.0797 3732 KSecDD - ok
16:56:22.0832 3732 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:56:22.0836 3732 KSecPkg - ok
16:56:22.0860 3732 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:56:22.0862 3732 ksthunk - ok
16:56:22.0905 3732 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:56:22.0921 3732 KtmRm - ok
16:56:22.0979 3732 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:56:23.0001 3732 LanmanServer - ok
16:56:23.0027 3732 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:56:23.0034 3732 LanmanWorkstation - ok
16:56:23.0057 3732 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:56:23.0060 3732 lltdio - ok
16:56:23.0112 3732 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:56:23.0135 3732 lltdsvc - ok
16:56:23.0167 3732 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:56:23.0171 3732 lmhosts - ok
16:56:23.0267 3732 LMS (98b16e756243bea9410e32025b19c06f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:56:23.0278 3732 LMS - ok
16:56:23.0330 3732 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:56:23.0335 3732 LSI_FC - ok
16:56:23.0365 3732 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:56:23.0369 3732 LSI_SAS - ok
16:56:23.0388 3732 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:56:23.0391 3732 LSI_SAS2 - ok
16:56:23.0418 3732 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:56:23.0422 3732 LSI_SCSI - ok
16:56:23.0450 3732 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:56:23.0453 3732 luafv - ok
16:56:23.0531 3732 McAfee SiteAdvisor Service (b891e3920f24ff1a3bead6cd2b42ed99) c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
16:56:23.0536 3732 McAfee SiteAdvisor Service - ok
16:56:23.0586 3732 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:56:23.0592 3732 Mcx2Svc - ok
16:56:23.0625 3732 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:56:23.0628 3732 megasas - ok
16:56:23.0666 3732 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:56:23.0685 3732 MegaSR - ok
16:56:23.0722 3732 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
16:56:23.0723 3732 MEIx64 - ok
16:56:23.0769 3732 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:56:23.0773 3732 MMCSS - ok
16:56:23.0801 3732 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:56:23.0804 3732 Modem - ok
16:56:23.0832 3732 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:56:23.0833 3732 monitor - ok
16:56:23.0862 3732 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:56:23.0863 3732 mouclass - ok
16:56:23.0888 3732 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:56:23.0891 3732 mouhid - ok
16:56:23.0920 3732 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:56:23.0922 3732 mountmgr - ok
16:56:23.0994 3732 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:56:24.0007 3732 MpFilter - ok
16:56:24.0056 3732 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:56:24.0072 3732 mpio - ok
16:56:24.0104 3732 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:56:24.0109 3732 mpsdrv - ok
16:56:24.0197 3732 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:56:24.0252 3732 MpsSvc - ok
16:56:24.0283 3732 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:56:24.0288 3732 MRxDAV - ok
16:56:24.0325 3732 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:56:24.0329 3732 mrxsmb - ok
16:56:24.0368 3732 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:56:24.0387 3732 mrxsmb10 - ok
16:56:24.0424 3732 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:56:24.0428 3732 mrxsmb20 - ok
16:56:24.0464 3732 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:56:24.0468 3732 msahci - ok
16:56:24.0509 3732 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:56:24.0516 3732 msdsm - ok
16:56:24.0563 3732 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:56:24.0579 3732 MSDTC - ok
16:56:24.0627 3732 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:56:24.0628 3732 Msfs - ok
16:56:24.0646 3732 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:56:24.0649 3732 mshidkmdf - ok
16:56:24.0669 3732 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:56:24.0670 3732 msisadrv - ok
16:56:24.0708 3732 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:56:24.0713 3732 MSiSCSI - ok
16:56:24.0720 3732 msiserver - ok
16:56:24.0738 3732 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:56:24.0740 3732 MSKSSRV - ok
16:56:24.0803 3732 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:56:24.0804 3732 MsMpSvc - ok
16:56:24.0825 3732 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:56:24.0828 3732 MSPCLOCK - ok
16:56:24.0848 3732 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:56:24.0850 3732 MSPQM - ok
16:56:24.0897 3732 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:56:24.0912 3732 MsRPC - ok
16:56:24.0947 3732 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:56:24.0948 3732 mssmbios - ok
16:56:24.0969 3732 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:56:24.0971 3732 MSTEE - ok
16:56:24.0991 3732 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:56:24.0993 3732 MTConfig - ok
16:56:25.0013 3732 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:56:25.0014 3732 Mup - ok
16:56:25.0078 3732 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:56:25.0103 3732 napagent - ok
16:56:25.0138 3732 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:56:25.0158 3732 NativeWifiP - ok
16:56:25.0292 3732 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
16:56:25.0329 3732 NAUpdate - ok
16:56:25.0423 3732 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:56:25.0475 3732 NDIS - ok
16:56:25.0503 3732 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:56:25.0506 3732 NdisCap - ok
16:56:25.0529 3732 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:56:25.0531 3732 NdisTapi - ok
16:56:25.0549 3732 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:56:25.0552 3732 Ndisuio - ok
16:56:25.0579 3732 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:56:25.0592 3732 NdisWan - ok
16:56:25.0616 3732 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:56:25.0619 3732 NDProxy - ok
16:56:25.0642 3732 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:56:25.0643 3732 NetBIOS - ok
16:56:25.0678 3732 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:56:25.0691 3732 NetBT - ok
16:56:25.0719 3732 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:56:25.0720 3732 Netlogon - ok
16:56:25.0772 3732 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:56:25.0794 3732 Netman - ok
16:56:25.0886 3732 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:25.0892 3732 NetMsmqActivator - ok
16:56:25.0911 3732 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:25.0913 3732 NetPipeActivator - ok
16:56:25.0981 3732 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:56:26.0004 3732 netprofm - ok
16:56:26.0020 3732 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:26.0023 3732 NetTcpActivator - ok
16:56:26.0039 3732 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:56:26.0041 3732 NetTcpPortSharing - ok
16:56:26.0126 3732 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:56:26.0130 3732 nfrd960 - ok
16:56:26.0188 3732 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:56:26.0192 3732 NisDrv - ok
16:56:26.0272 3732 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:56:26.0293 3732 NisSrv - ok
16:56:26.0347 3732 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:56:26.0370 3732 NlaSvc - ok
16:56:26.0414 3732 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:56:26.0415 3732 Npfs - ok
16:56:26.0444 3732 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:56:26.0448 3732 nsi - ok
16:56:26.0468 3732 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:56:26.0471 3732 nsiproxy - ok
16:56:26.0600 3732 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:56:26.0666 3732 Ntfs - ok
16:56:26.0777 3732 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:56:26.0780 3732 Null - ok
16:56:27.0431 3732 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:56:27.0717 3732 nvlddmkm - ok
16:56:27.0864 3732 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:56:27.0869 3732 nvraid - ok
16:56:27.0917 3732 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:56:27.0932 3732 nvstor - ok
16:56:27.0982 3732 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:56:27.0986 3732 nv_agp - ok
16:56:28.0014 3732 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:56:28.0017 3732 ohci1394 - ok
16:56:28.0113 3732 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:56:28.0119 3732 ose - ok
16:56:28.0420 3732 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:56:28.0547 3732 osppsvc - ok
16:56:28.0674 3732 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:56:28.0696 3732 p2pimsvc - ok
16:56:28.0751 3732 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:56:28.0778 3732 p2psvc - ok
16:56:28.0840 3732 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:56:28.0844 3732 Parport - ok
16:56:28.0891 3732 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:56:28.0893 3732 partmgr - ok
16:56:28.0945 3732 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:56:28.0959 3732 PcaSvc - ok
16:56:28.0966 3732 Scan interrupted by user!
16:56:28.0966 3732 Scan interrupted by user!
16:56:28.0966 3732 Scan interrupted by user!
16:56:28.0966 3732 ============================================================
16:56:28.0966 3732 Scan finished
16:56:28.0966 3732 ============================================================
16:56:28.0976 4524 Detected object count: 0
16:56:28.0976 4524 Actual detected object count: 0
16:56:47.0251 1240 ============================================================
16:56:47.0251 1240 Scan started
16:56:47.0251 1240 Mode: Manual; SigCheck; TDLFS;
16:56:47.0251 1240 ============================================================
16:56:47.0455 1240 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:56:47.0537 1240 1394ohci - ok
16:56:47.0651 1240 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:56:47.0677 1240 ACDaemon - ok
16:56:47.0727 1240 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:56:47.0751 1240 ACPI - ok
16:56:47.0770 1240 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:56:47.0801 1240 AcpiPmi - ok
16:56:47.0882 1240 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:56:47.0903 1240 AdobeARMservice - ok
16:56:47.0946 1240 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:56:47.0972 1240 adp94xx - ok
16:56:48.0039 1240 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:56:48.0066 1240 adpahci - ok
16:56:48.0114 1240 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:56:48.0130 1240 adpu320 - ok
16:56:48.0161 1240 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:56:48.0228 1240 AeLookupSvc - ok
16:56:48.0282 1240 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:56:48.0320 1240 AFD - ok
16:56:48.0352 1240 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:56:48.0364 1240 agp440 - ok
16:56:48.0394 1240 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:56:48.0427 1240 ALG - ok
16:56:48.0454 1240 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:56:48.0468 1240 aliide - ok
16:56:48.0486 1240 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:56:48.0501 1240 amdide - ok
16:56:48.0534 1240 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:56:48.0567 1240 AmdK8 - ok
16:56:48.0581 1240 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:56:48.0605 1240 AmdPPM - ok
16:56:48.0635 1240 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:56:48.0648 1240 amdsata - ok
16:56:48.0691 1240 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:56:48.0720 1240 amdsbs - ok
16:56:48.0739 1240 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:56:48.0751 1240 amdxata - ok
16:56:48.0789 1240 ApfiltrService (12bfa9ec4b03cc16bb7d19baa308aef2) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:56:48.0806 1240 ApfiltrService - ok
16:56:48.0827 1240 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:56:48.0882 1240 AppID - ok
16:56:48.0909 1240 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:56:48.0982 1240 AppIDSvc - ok
16:56:49.0002 1240 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:56:49.0062 1240 Appinfo - ok
16:56:49.0155 1240 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:56:49.0174 1240 Apple Mobile Device - ok
16:56:49.0213 1240 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:56:49.0229 1240 arc - ok
16:56:49.0246 1240 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:56:49.0257 1240 arcsas - ok
16:56:49.0278 1240 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:56:49.0287 1240 ArcSoftKsUFilter - ok
16:56:49.0361 1240 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:56:49.0386 1240 aspnet_state - ok
16:56:49.0426 1240 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:56:49.0506 1240 AsyncMac - ok
16:56:49.0527 1240 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:56:49.0536 1240 atapi - ok
16:56:49.0561 1240 AthBTPort (50f257e19554421b6891e3f998edca90) C:\Windows\system32\DRIVERS\btath_flt.sys
16:56:49.0568 1240 AthBTPort - ok
16:56:49.0602 1240 ATHDFU (4119870b90e1b5e7797d6433d21f9216) C:\Windows\System32\Drivers\AthDfu.sys
16:56:49.0608 1240 ATHDFU - ok
16:56:49.0659 1240 Atheros Bt&Wlan Coex Agent (650f111d5cda64c10ae4b9d1ba9d4fff) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
16:56:49.0678 1240 Atheros Bt&Wlan Coex Agent - ok
16:56:49.0700 1240 AtherosSvc (ebc3119394c9074a9cd87578a435050d) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
16:56:49.0709 1240 AtherosSvc - ok
16:56:49.0916 1240 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
16:56:49.0972 1240 athr - ok
16:56:50.0115 1240 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:50.0192 1240 AudioEndpointBuilder - ok
16:56:50.0199 1240 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:56:50.0240 1240 AudioSrv - ok
16:56:50.0259 1240 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:56:50.0301 1240 AxInstSV - ok
16:56:50.0386 1240 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:56:50.0420 1240 b06bdrv - ok
16:56:50.0463 1240 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:56:50.0504 1240 b57nd60a - ok
16:56:50.0599 1240 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:56:50.0633 1240 BBSvc - ok
16:56:50.0686 1240 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:56:50.0710 1240 BBUpdate - ok
16:56:50.0739 1240 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:56:50.0761 1240 BDESVC - ok
16:56:50.0781 1240 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:56:50.0841 1240 Beep - ok
16:56:50.0893 1240 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:56:50.0960 1240 BFE - ok
16:56:51.0027 1240 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:56:51.0104 1240 BITS - ok
16:56:51.0158 1240 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:56:51.0199 1240 blbdrive - ok
16:56:51.0291 1240 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:56:51.0324 1240 Bonjour Service - ok
16:56:51.0348 1240 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:56:51.0376 1240 bowser - ok
16:56:51.0406 1240 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:56:51.0451 1240 BrFiltLo - ok
16:56:51.0476 1240 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:56:51.0498 1240 BrFiltUp - ok
16:56:51.0537 1240 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:56:51.0616 1240 Browser - ok
16:56:51.0659 1240 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:56:51.0696 1240 Brserid - ok
16:56:51.0726 1240 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:56:51.0752 1240 BrSerWdm - ok
16:56:51.0766 1240 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:56:51.0797 1240 BrUsbMdm - ok
16:56:51.0821 1240 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:56:51.0857 1240 BrUsbSer - ok
16:56:51.0905 1240 BTATH_A2DP (b3bcd755fa9a359d10208cc9f09847cc) C:\Windows\system32\drivers\btath_a2dp.sys
16:56:51.0929 1240 BTATH_A2DP - ok
16:56:51.0952 1240 btath_avdt (9bbba9d6dbdefc8a6542bc7a6ebaf710) C:\Windows\system32\drivers\btath_avdt.sys
16:56:51.0963 1240 btath_avdt - ok
16:56:51.0991 1240 BTATH_BUS (d838dd1bcb328efcfad7a52de9e3cafd) C:\Windows\system32\drivers\btath_bus.sys
16:56:52.0000 1240 BTATH_BUS - ok
16:56:52.0038 1240 BTATH_HCRP (a441b800e04cf8443faf519207563abb) C:\Windows\system32\drivers\btath_hcrp.sys
16:56:52.0051 1240 BTATH_HCRP - ok
16:56:52.0071 1240 BTATH_LWFLT (b16f8429a35bba2a8ef9db2e08675b97) C:\Windows\system32\DRIVERS\btath_lwflt.sys
16:56:52.0082 1240 BTATH_LWFLT - ok
16:56:52.0135 1240 BTATH_RCP (c24231c6bdfe21735930084a22089aab) C:\Windows\system32\drivers\btath_rcp.sys
16:56:52.0152 1240 BTATH_RCP - ok
16:56:52.0189 1240 BtFilter (3632fa4c6b3ce9ec827690deac266d8c) C:\Windows\system32\DRIVERS\btfilter.sys
16:56:52.0200 1240 BtFilter - ok
16:56:52.0230 1240 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:56:52.0252 1240 BthEnum - ok
16:56:52.0291 1240 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:56:52.0334 1240 BTHMODEM - ok
16:56:52.0366 1240 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:56:52.0397 1240 BthPan - ok
16:56:52.0449 1240 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
16:56:52.0491 1240 BTHPORT - ok
16:56:52.0530 1240 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:56:52.0577 1240 bthserv - ok
16:56:52.0595 1240 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
16:56:52.0617 1240 BTHUSB - ok
16:56:52.0652 1240 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:56:52.0699 1240 cdfs - ok
16:56:52.0722 1240 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:56:52.0735 1240 cdrom - ok
16:56:52.0762 1240 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:56:52.0822 1240 CertPropSvc - ok
16:56:52.0843 1240 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:56:52.0875 1240 circlass - ok
16:56:52.0914 1240 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:56:52.0932 1240 CLFS - ok
16:56:53.0010 1240 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:56:53.0025 1240 clr_optimization_v2.0.50727_32 - ok
16:56:53.0086 1240 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:56:53.0108 1240 clr_optimization_v2.0.50727_64 - ok
16:56:53.0164 1240 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:56:53.0186 1240 clr_optimization_v4.0.30319_32 - ok
16:56:53.0232 1240 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:56:53.0254 1240 clr_optimization_v4.0.30319_64 - ok
16:56:53.0306 1240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:56:53.0347 1240 CmBatt - ok
16:56:53.0379 1240 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:56:53.0402 1240 cmdide - ok
16:56:53.0445 1240 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:56:53.0482 1240 CNG - ok
16:56:53.0586 1240 CnxtHdAudService (1f394df3714ed4280047810790e6df69) C:\Windows\system32\drivers\CHDRT64.sys
16:56:53.0635 1240 CnxtHdAudService - ok
16:56:53.0761 1240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:56:53.0786 1240 Compbatt - ok
16:56:53.0811 1240 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:56:53.0838 1240 CompositeBus - ok
16:56:53.0844 1240 COMSysApp - ok
16:56:53.0908 1240 cpuz135 - ok
16:56:53.0944 1240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:56:53.0969 1240 crcdisk - ok
16:56:54.0020 1240 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:56:54.0044 1240 CryptSvc - ok
16:56:54.0185 1240 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:56:54.0228 1240 cvhsvc - ok
16:56:54.0324 1240 DCDhcpService (75e3c4bb1ed032310edcf5691a452b4b) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
16:56:54.0341 1240 DCDhcpService - ok
16:56:54.0423 1240 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:56:54.0516 1240 DcomLaunch - ok
16:56:54.0553 1240 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:56:54.0609 1240 defragsvc - ok
16:56:54.0679 1240 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:56:54.0747 1240 DfsC - ok
16:56:54.0792 1240 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:56:54.0854 1240 Dhcp - ok
16:56:54.0872 1240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:56:54.0917 1240 discache - ok
16:56:54.0953 1240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:56:54.0965 1240 Disk - ok
16:56:54.0986 1240 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:56:55.0008 1240 Dnscache - ok
16:56:55.0043 1240 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:56:55.0100 1240 dot3svc - ok
16:56:55.0125 1240 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:56:55.0181 1240 DPS - ok
16:56:55.0213 1240 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:56:55.0239 1240 drmkaud - ok
16:56:55.0306 1240 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:56:55.0332 1240 DXGKrnl - ok
16:56:55.0366 1240 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
16:56:55.0391 1240 e1yexpress - ok
16:56:55.0430 1240 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:56:55.0483 1240 EapHost - ok
16:56:55.0681 1240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:56:55.0733 1240 ebdrv - ok
16:56:55.0834 1240 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:56:55.0884 1240 EFS - ok
16:56:55.0965 1240 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:56:56.0005 1240 ehRecvr - ok
16:56:56.0025 1240 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:56:56.0052 1240 ehSched - ok
16:56:56.0148 1240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:56:56.0173 1240 elxstor - ok
16:56:56.0202 1240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:56:56.0236 1240 ErrDev - ok
16:56:56.0298 1240 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:56:56.0364 1240 EventSystem - ok
16:56:56.0398 1240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:56:56.0445 1240 exfat - ok
16:56:56.0471 1240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:56:56.0530 1240 fastfat - ok
16:56:56.0596 1240 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:56:56.0630 1240 Fax - ok
16:56:56.0660 1240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:56:56.0687 1240 fdc - ok
16:56:56.0708 1240 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:56:56.0749 1240 fdPHost - ok
16:56:56.0772 1240 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:56:56.0820 1240 FDResPub - ok
16:56:56.0849 1240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:56:56.0861 1240 FileInfo - ok
16:56:56.0876 1240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:56:56.0923 1240 Filetrace - ok
16:56:56.0952 1240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:56:56.0963 1240 flpydisk - ok
16:56:56.0997 1240 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:56:57.0021 1240 FltMgr - ok
16:56:57.0105 1240 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:56:57.0153 1240 FontCache - ok
16:56:57.0223 1240 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:56:57.0243 1240 FontCache3.0.0.0 - ok
16:56:57.0314 1240 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:56:57.0338 1240 FsDepends - ok
16:56:57.0373 1240 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:56:57.0392 1240 Fs_Rec - ok
16:56:57.0419 1240 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:56:57.0443 1240 fvevol - ok
16:56:57.0471 1240 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:56:57.0482 1240 gagp30kx - ok
16:56:57.0515 1240 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:56:57.0523 1240 GEARAspiWDM - ok
16:56:57.0588 1240 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:56:57.0637 1240 gpsvc - ok
16:56:57.0670 1240 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:56:57.0703 1240 hcw85cir - ok
16:56:57.0759 1240 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:56:57.0799 1240 HdAudAddService - ok
16:56:57.0845 1240 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:56:57.0894 1240 HDAudBus - ok
16:56:57.0926 1240 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:56:57.0958 1240 HidBatt - ok
16:56:57.0977 1240 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:56:58.0007 1240 HidBth - ok
16:56:58.0022 1240 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:56:58.0037 1240 HidIr - ok
16:56:58.0069 1240 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:56:58.0121 1240 hidserv - ok
16:56:58.0146 1240 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:56:58.0157 1240 HidUsb - ok
16:56:58.0181 1240 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:56:58.0240 1240 hkmsvc - ok
16:56:58.0269 1240 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:56:58.0298 1240 HomeGroupListener - ok
16:56:58.0329 1240 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:56:58.0354 1240 HomeGroupProvider - ok
16:56:58.0382 1240 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:56:58.0394 1240 HpSAMD - ok
16:56:58.0454 1240 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:56:58.0544 1240 HTTP - ok
16:56:58.0567 1240 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:56:58.0577 1240 hwpolicy - ok
16:56:58.0597 1240 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:56:58.0612 1240 i8042prt - ok
16:56:58.0654 1240 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
16:56:58.0675 1240 iaStor - ok
16:56:58.0758 1240 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:56:58.0775 1240 IAStorDataMgrSvc - ok
16:56:58.0827 1240 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:56:58.0851 1240 iaStorV - ok
16:56:59.0021 1240 IconMan_R (6f3909a3d40cc9f4b28e03b027f918d8) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
16:56:59.0092 1240 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
16:56:59.0092 1240 IconMan_R - detected UnsignedFile.Multi.Generic (1)
16:56:59.0220 1240 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:56:59.0261 1240 idsvc - ok
16:57:00.0021 1240 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:57:00.0181 1240 igfx - ok
16:57:00.0304 1240 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:57:00.0329 1240 iirsp - ok
16:57:00.0405 1240 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:57:00.0468 1240 IKEEXT - ok
16:57:00.0513 1240 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:57:00.0527 1240 IntcDAud - ok
16:57:00.0550 1240 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:57:00.0560 1240 intelide - ok
16:57:00.0584 1240 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
16:57:00.0613 1240 intelppm - ok
16:57:00.0648 1240 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:57:00.0694 1240 IPBusEnum - ok
16:57:00.0730 1240 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:57:00.0764 1240 IpFilterDriver - ok
16:57:00.0808 1240 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:57:00.0882 1240 iphlpsvc - ok
16:57:00.0911 1240 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:57:00.0932 1240 IPMIDRV - ok
16:57:00.0949 1240 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:57:00.0993 1240 IPNAT - ok
16:57:01.0095 1240 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
16:57:01.0131 1240 iPod Service - ok
16:57:01.0154 1240 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:57:01.0200 1240 IRENUM - ok
16:57:01.0225 1240 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:57:01.0238 1240 isapnp - ok
16:57:01.0284 1240 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:57:01.0298 1240 iScsiPrt - ok
16:57:01.0320 1240 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:57:01.0330 1240 kbdclass - ok
16:57:01.0356 1240 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:57:01.0379 1240 kbdhid - ok
16:57:01.0403 1240 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:01.0414 1240 KeyIso - ok
16:57:01.0449 1240 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:57:01.0459 1240 KSecDD - ok
16:57:01.0499 1240 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:57:01.0516 1240 KSecPkg - ok
16:57:01.0548 1240 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:57:01.0595 1240 ksthunk - ok
16:57:01.0654 1240 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:57:01.0702 1240 KtmRm - ok
16:57:01.0756 1240 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:57:01.0807 1240 LanmanServer - ok
16:57:01.0844 1240 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:57:01.0896 1240 LanmanWorkstation - ok
16:57:01.0930 1240 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:57:01.0979 1240 lltdio - ok
16:57:02.0043 1240 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:57:02.0101 1240 lltdsvc - ok
16:57:02.0118 1240 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:57:02.0167 1240 lmhosts - ok
16:57:02.0265 1240 LMS (98b16e756243bea9410e32025b19c06f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:57:02.0287 1240 LMS - ok
16:57:02.0325 1240 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:57:02.0336 1240 LSI_FC - ok
16:57:02.0370 1240 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:57:02.0381 1240 LSI_SAS - ok
16:57:02.0405 1240 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:57:02.0416 1240 LSI_SAS2 - ok
16:57:02.0434 1240 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:57:02.0445 1240 LSI_SCSI - ok
16:57:02.0467 1240 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:57:02.0521 1240 luafv - ok
16:57:02.0593 1240 McAfee SiteAdvisor Service (b891e3920f24ff1a3bead6cd2b42ed99) c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
16:57:02.0615 1240 McAfee SiteAdvisor Service - ok
16:57:02.0657 1240 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:57:02.0691 1240 Mcx2Svc - ok
16:57:02.0719 1240 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:57:02.0731 1240 megasas - ok
16:57:02.0782 1240 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:57:02.0801 1240 MegaSR - ok
16:57:02.0850 1240 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
16:57:02.0870 1240 MEIx64 - ok
16:57:02.0930 1240 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:57:03.0013 1240 MMCSS - ok
16:57:03.0043 1240 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:57:03.0109 1240 Modem - ok
16:57:03.0133 1240 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:57:03.0171 1240 monitor - ok
16:57:03.0198 1240 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:57:03.0208 1240 mouclass - ok
16:57:03.0224 1240 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:57:03.0248 1240 mouhid - ok
16:57:03.0279 1240 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:57:03.0290 1240 mountmgr - ok
16:57:03.0330 1240 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:57:03.0347 1240 MpFilter - ok
16:57:03.0382 1240 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:57:03.0396 1240 mpio - ok
16:57:03.0418 1240 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:57:03.0459 1240 mpsdrv - ok
16:57:03.0530 1240 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:57:03.0578 1240 MpsSvc - ok
16:57:03.0608 1240 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:57:03.0636 1240 MRxDAV - ok
16:57:03.0685 1240 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:57:03.0711 1240 mrxsmb - ok
16:57:03.0746 1240 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:57:03.0764 1240 mrxsmb10 - ok
16:57:03.0792 1240 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:57:03.0804 1240 mrxsmb20 - ok
16:57:03.0833 1240 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:57:03.0843 1240 msahci - ok
16:57:03.0878 1240 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:57:03.0890 1240 msdsm - ok
16:57:03.0921 1240 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:57:03.0942 1240 MSDTC - ok
16:57:03.0975 1240 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:57:04.0027 1240 Msfs - ok
16:57:04.0049 1240 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:57:04.0100 1240 mshidkmdf - ok
16:57:04.0127 1240 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:57:04.0136 1240 msisadrv - ok
16:57:04.0175 1240 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:57:04.0224 1240 MSiSCSI - ok
16:57:04.0231 1240 msiserver - ok
16:57:04.0262 1240 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:57:04.0303 1240 MSKSSRV - ok
16:57:04.0360 1240 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:57:04.0382 1240 MsMpSvc - ok
16:57:04.0404 1240 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:57:04.0451 1240 MSPCLOCK - ok
16:57:04.0471 1240 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:57:04.0525 1240 MSPQM - ok
16:57:04.0571 1240 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:57:04.0586 1240 MsRPC - ok
16:57:04.0613 1240 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:57:04.0623 1240 mssmbios - ok
16:57:04.0647 1240 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:57:04.0695 1240 MSTEE - ok
16:57:04.0724 1240 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:57:04.0735 1240 MTConfig - ok
16:57:04.0756 1240 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:57:04.0766 1240 Mup - ok
16:57:04.0822 1240 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:57:04.0890 1240 napagent - ok
16:57:04.0923 1240 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:57:04.0951 1240 NativeWifiP - ok
16:57:05.0071 1240 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files (x86)\Nero\Update\NASvc.exe
16:57:05.0105 1240 NAUpdate - ok
16:57:05.0193 1240 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:57:05.0234 1240 NDIS - ok
16:57:05.0257 1240 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:57:05.0305 1240 NdisCap - ok
16:57:05.0333 1240 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:57:05.0370 1240 NdisTapi - ok
16:57:05.0392 1240 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:57:05.0426 1240 Ndisuio - ok
16:57:05.0454 1240 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:57:05.0500 1240 NdisWan - ok
16:57:05.0537 1240 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:57:05.0585 1240 NDProxy - ok
16:57:05.0605 1240 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:57:05.0658 1240 NetBIOS - ok
16:57:05.0701 1240 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:57:05.0755 1240 NetBT - ok
16:57:05.0782 1240 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:05.0793 1240 Netlogon - ok
16:57:05.0845 1240 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:57:05.0900 1240 Netman - ok
16:57:05.0971 1240 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:05.0993 1240 NetMsmqActivator - ok
16:57:06.0002 1240 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:06.0015 1240 NetPipeActivator - ok
16:57:06.0068 1240 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:57:06.0125 1240 netprofm - ok
16:57:06.0131 1240 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:06.0141 1240 NetTcpActivator - ok
16:57:06.0149 1240 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:57:06.0159 1240 NetTcpPortSharing - ok
16:57:06.0222 1240 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:57:06.0244 1240 nfrd960 - ok
16:57:06.0296 1240 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:57:06.0310 1240 NisDrv - ok
16:57:06.0390 1240 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:57:06.0421 1240 NisSrv - ok
16:57:06.0464 1240 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:57:06.0519 1240 NlaSvc - ok
16:57:06.0542 1240 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:57:06.0576 1240 Npfs - ok
16:57:06.0594 1240 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:57:06.0638 1240 nsi - ok
16:57:06.0663 1240 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:57:06.0698 1240 nsiproxy - ok
16:57:06.0815 1240 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:57:06.0858 1240 Ntfs - ok
16:57:06.0961 1240 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:57:07.0035 1240 Null - ok
16:57:07.0580 1240 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:57:07.0767 1240 nvlddmkm - ok
16:57:07.0913 1240 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:57:07.0943 1240 nvraid - ok
16:57:08.0005 1240 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:57:08.0021 1240 nvstor - ok
16:57:08.0068 1240 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:57:08.0081 1240 nv_agp - ok
16:57:08.0111 1240 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:57:08.0135 1240 ohci1394 - ok
16:57:08.0221 1240 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:57:08.0237 1240 ose - ok
16:57:08.0529 1240 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:57:08.0615 1240 osppsvc - ok
16:57:08.0739 1240 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:57:08.0778 1240 p2pimsvc - ok
16:57:08.0827 1240 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:57:08.0852 1240 p2psvc - ok
16:57:08.0904 1240 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:57:08.0933 1240 Parport - ok
16:57:08.0977 1240 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:57:08.0993 1240 partmgr - ok
16:57:09.0043 1240 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:57:09.0076 1240 PcaSvc - ok
16:57:09.0126 1240 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:57:09.0143 1240 pci - ok
16:57:09.0172 1240 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:57:09.0184 1240 pciide - ok
16:57:09.0220 1240 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:57:09.0244 1240 pcmcia - ok
16:57:09.0273 1240 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:57:09.0284 1240 pcw - ok
16:57:09.0331 1240 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:57:09.0428 1240 PEAUTH - ok
16:57:09.0514 1240 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:57:09.0566 1240 PerfHost - ok
16:57:09.0705 1240 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:57:09.0816 1240 pla - ok
16:57:09.0869 1240 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:57:09.0925 1240 PlugPlay - ok
16:57:10.0054 1240 PMBDeviceInfoProvider (63694c307273062a2167ae4ce80730ef) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
16:57:10.0101 1240 PMBDeviceInfoProvider - ok
16:57:10.0143 1240 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:57:10.0184 1240 PNRPAutoReg - ok
16:57:10.0229 1240 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:57:10.0246 1240 PNRPsvc - ok
16:57:10.0296 1240 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:57:10.0380 1240 PolicyAgent - ok
16:57:10.0424 1240 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:57:10.0476 1240 Power - ok
16:57:10.0552 1240 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:57:10.0622 1240 PptpMiniport - ok
16:57:10.0641 1240 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:57:10.0662 1240 Processor - ok
16:57:10.0717 1240 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:57:10.0773 1240 ProfSvc - ok
16:57:10.0801 1240 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:10.0818 1240 ProtectedStorage - ok
16:57:10.0861 1240 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:57:10.0938 1240 Psched - ok
16:57:11.0039 1240 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:57:11.0129 1240 ql2300 - ok
16:57:11.0259 1240 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:57:11.0291 1240 ql40xx - ok
16:57:11.0342 1240 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:57:11.0391 1240 QWAVE - ok
16:57:11.0416 1240 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:57:11.0449 1240 QWAVEdrv - ok
16:57:11.0471 1240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:57:11.0507 1240 RasAcd - ok
16:57:11.0534 1240 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:57:11.0570 1240 RasAgileVpn - ok
16:57:11.0595 1240 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:57:11.0649 1240 RasAuto - ok
16:57:11.0673 1240 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:57:11.0719 1240 Rasl2tp - ok
16:57:11.0752 1240 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:57:11.0820 1240 RasMan - ok
16:57:11.0852 1240 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:57:11.0900 1240 RasPppoe - ok
16:57:11.0932 1240 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:57:11.0979 1240 RasSstp - ok
16:57:12.0019 1240 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:57:12.0102 1240 rdbss - ok
16:57:12.0119 1240 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:57:12.0141 1240 rdpbus - ok
16:57:12.0167 1240 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:57:12.0201 1240 RDPCDD - ok
16:57:12.0215 1240 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:57:12.0272 1240 RDPENCDD - ok
16:57:12.0286 1240 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:57:12.0321 1240 RDPREFMP - ok
16:57:12.0366 1240 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:57:12.0429 1240 RDPWD - ok
16:57:12.0480 1240 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:57:12.0517 1240 rdyboost - ok
16:57:12.0575 1240 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:57:12.0630 1240 RemoteAccess - ok
16:57:12.0674 1240 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:57:12.0760 1240 RemoteRegistry - ok
16:57:12.0807 1240 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:57:12.0847 1240 RFCOMM - ok
16:57:12.0882 1240 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:57:12.0940 1240 RpcEptMapper - ok
16:57:12.0973 1240 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:57:13.0010 1240 RpcLocator - ok
16:57:13.0061 1240 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:57:13.0103 1240 RpcSs - ok
16:57:13.0155 1240 RSPCIESTOR (546d7f426776090b90ef5f195b6ae662) C:\Windows\system32\DRIVERS\RtsPStor.sys
16:57:13.0180 1240 RSPCIESTOR - ok
16:57:13.0216 1240 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:57:13.0254 1240 rspndr - ok
16:57:13.0313 1240 RTL8167 (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:57:13.0330 1240 RTL8167 - ok
16:57:13.0375 1240 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:13.0388 1240 SamSs - ok
16:57:13.0422 1240 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:57:13.0436 1240 sbp2port - ok
16:57:13.0471 1240 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:57:13.0516 1240 SCardSvr - ok
16:57:13.0552 1240 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:57:13.0623 1240 scfilter - ok
16:57:13.0706 1240 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:57:13.0809 1240 Schedule - ok
16:57:13.0856 1240 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:57:13.0895 1240 SCPolicySvc - ok
16:57:13.0922 1240 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
16:57:13.0955 1240 sdbus - ok
16:57:13.0989 1240 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:57:14.0025 1240 SDRSVC - ok
16:57:14.0047 1240 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:57:14.0101 1240 secdrv - ok
16:57:14.0122 1240 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:57:14.0159 1240 seclogon - ok
16:57:14.0190 1240 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:57:14.0233 1240 SENS - ok
16:57:14.0257 1240 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:57:14.0279 1240 SensrSvc - ok
16:57:14.0296 1240 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:57:14.0322 1240 Serenum - ok
16:57:14.0350 1240 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:57:14.0375 1240 Serial - ok
16:57:14.0398 1240 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:57:14.0420 1240 sermouse - ok
16:57:14.0505 1240 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:57:14.0587 1240 SessionEnv - ok
16:57:14.0615 1240 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
16:57:14.0640 1240 SFEP - ok
16:57:14.0664 1240 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:57:14.0697 1240 sffdisk - ok
16:57:14.0730 1240 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:57:14.0755 1240 sffp_mmc - ok
16:57:14.0782 1240 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:57:14.0811 1240 sffp_sd - ok
16:57:14.0840 1240 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:57:14.0865 1240 sfloppy - ok
16:57:14.0956 1240 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:57:14.0987 1240 Sftfs - ok
16:57:15.0088 1240 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:57:15.0131 1240 sftlist - ok
16:57:15.0183 1240 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:57:15.0211 1240 Sftplay - ok
16:57:15.0239 1240 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:57:15.0248 1240 Sftredir - ok
16:57:15.0276 1240 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:57:15.0284 1240 Sftvol - ok
16:57:15.0319 1240 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:57:15.0357 1240 sftvsa - ok
16:57:15.0424 1240 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:57:15.0511 1240 SharedAccess - ok
16:57:15.0566 1240 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:57:15.0640 1240 ShellHWDetection - ok
16:57:15.0671 1240 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:57:15.0682 1240 SiSRaid2 - ok
16:57:15.0711 1240 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:57:15.0725 1240 SiSRaid4 - ok
16:57:15.0760 1240 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:57:15.0817 1240 Smb - ok
16:57:15.0867 1240 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:57:15.0899 1240 SNMPTRAP - ok
16:57:16.0017 1240 SOHCImp (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:57:16.0093 1240 SOHCImp - ok
16:57:16.0117 1240 SOHDs (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:57:16.0173 1240 SOHDs - ok
16:57:16.0260 1240 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
16:57:16.0326 1240 SpfService - ok
16:57:16.0344 1240 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:57:16.0354 1240 spldr - ok
16:57:16.0422 1240 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:57:16.0475 1240 Spooler - ok
16:57:16.0659 1240 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:57:16.0753 1240 sppsvc - ok
16:57:16.0896 1240 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:57:16.0954 1240 sppuinotify - ok
16:57:17.0030 1240 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:57:17.0097 1240 srv - ok
16:57:17.0144 1240 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:57:17.0191 1240 srv2 - ok
16:57:17.0222 1240 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:57:17.0238 1240 srvnet - ok
16:57:17.0299 1240 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:57:17.0355 1240 SSDPSRV - ok
16:57:17.0370 1240 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:57:17.0408 1240 SstpSvc - ok
16:57:17.0445 1240 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:57:17.0458 1240 stexstor - ok
16:57:17.0513 1240 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:57:17.0579 1240 stisvc - ok
16:57:17.0615 1240 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:57:17.0628 1240 swenum - ok
16:57:17.0806 1240 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:57:17.0940 1240 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
16:57:17.0941 1240 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
16:57:18.0004 1240 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:57:18.0102 1240 swprv - ok
16:57:18.0230 1240 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:57:18.0334 1240 SysMain - ok
16:57:18.0444 1240 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:57:18.0485 1240 TabletInputService - ok
16:57:18.0544 1240 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:57:18.0624 1240 TapiSrv - ok
16:57:18.0654 1240 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:57:18.0705 1240 TBS - ok
16:57:18.0883 1240 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:57:18.0980 1240 Tcpip - ok
16:57:19.0156 1240 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:57:19.0204 1240 TCPIP6 - ok
16:57:19.0292 1240 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:57:19.0362 1240 tcpipreg - ok
16:57:19.0386 1240 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:57:19.0407 1240 TDPIPE - ok
16:57:19.0453 1240 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:57:19.0466 1240 TDTCP - ok
16:57:19.0501 1240 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:57:19.0544 1240 tdx - ok
16:57:19.0587 1240 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:57:19.0599 1240 TermDD - ok
16:57:19.0662 1240 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:57:19.0770 1240 TermService - ok
16:57:19.0785 1240 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:57:19.0802 1240 Themes - ok
16:57:19.0842 1240 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:57:19.0878 1240 THREADORDER - ok
16:57:19.0909 1240 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:57:19.0964 1240 TrkWks - ok
16:57:20.0024 1240 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:57:20.0111 1240 TrustedInstaller - ok
16:57:20.0154 1240 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:57:20.0209 1240 tssecsrv - ok
16:57:20.0231 1240 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:57:20.0255 1240 TsUsbFlt - ok
16:57:20.0288 1240 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:57:20.0302 1240 TsUsbGD - ok
16:57:20.0329 1240 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:57:20.0388 1240 tunnel - ok
16:57:20.0425 1240 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:57:20.0439 1240 uagp35 - ok
16:57:20.0530 1240 uCamMonitor (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
16:57:20.0552 1240 uCamMonitor - ok
16:57:20.0608 1240 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:57:20.0687 1240 udfs - ok
16:57:20.0733 1240 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:57:20.0763 1240 UI0Detect - ok
16:57:20.0798 1240 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:57:20.0811 1240 uliagpkx - ok
16:57:20.0849 1240 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:57:20.0885 1240 umbus - ok
16:57:20.0921 1240 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:57:20.0954 1240 UmPass - ok
16:57:21.0155 1240 UNS (7a78ed1088890114dfde2c4ab038d6b6) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:57:21.0252 1240 UNS - ok
16:57:21.0386 1240 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:57:21.0483 1240 upnphost - ok
16:57:21.0542 1240 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:57:21.0564 1240 USBAAPL64 - ok
16:57:21.0601 1240 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:57:21.0633 1240 usbccgp - ok
16:57:21.0661 1240 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:57:21.0678 1240 usbcir - ok
16:57:21.0703 1240 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:57:21.0733 1240 usbehci - ok
16:57:21.0777 1240 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
16:57:21.0826 1240 usbhub - ok
16:57:21.0849 1240 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:57:21.0872 1240 usbohci - ok
16:57:21.0918 1240 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:57:21.0943 1240 usbprint - ok
16:57:21.0987 1240 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:57:22.0006 1240 usbscan - ok
16:57:22.0046 1240 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:57:22.0073 1240 USBSTOR - ok
16:57:22.0101 1240 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:57:22.0128 1240 usbuhci - ok
16:57:22.0167 1240 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:57:22.0203 1240 usbvideo - ok
16:57:22.0244 1240 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:57:22.0303 1240 UxSms - ok
16:57:22.0403 1240 VAIO Event Service (dcb1f83ad167d16d263ce57c94e9eedf) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
16:57:22.0426 1240 VAIO Event Service - ok
16:57:22.0463 1240 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:57:22.0475 1240 VaultSvc - ok
16:57:22.0631 1240 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:57:22.0810 1240 VCFw - ok
16:57:22.0939 1240 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:57:23.0011 1240 VcmIAlzMgr - ok
16:57:23.0059 1240 VcmINSMgr (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:57:23.0182 1240 VcmINSMgr - ok
16:57:23.0254 1240 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
16:57:23.0315 1240 VcmXmlIfHelper - ok
16:57:23.0401 1240 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
16:57:23.0421 1240 VCService - ok
16:57:23.0550 1240 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:57:23.0577 1240 vdrvroot - ok
16:57:23.0634 1240 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:57:23.0723 1240 vds - ok
16:57:23.0762 1240 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:57:23.0779 1240 vga - ok
16:57:23.0802 1240 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:57:23.0872 1240 VgaSave - ok
16:57:23.0921 1240 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:57:23.0959 1240 vhdmp - ok
16:57:24.0003 1240 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:57:24.0014 1240 viaide - ok
16:57:24.0052 1240 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:57:24.0064 1240 volmgr - ok
16:57:24.0106 1240 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:57:24.0144 1240 volmgrx - ok
16:57:24.0188 1240 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:57:24.0217 1240 volsnap - ok
16:57:24.0256 1240 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:57:24.0271 1240 vsmraid - ok
16:57:24.0424 1240 VSNService (03f6f618367cb16a2176b8db4215d1f9) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
16:57:24.0496 1240 VSNService - ok
16:57:24.0618 1240 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:57:24.0719 1240 VSS - ok
16:57:24.0895 1240 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
16:57:24.0959 1240 VUAgent - ok
16:57:25.0093 1240 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:57:25.0139 1240 vwifibus - ok
16:57:25.0171 1240 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:57:25.0205 1240 vwififlt - ok
16:57:25.0230 1240 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:57:25.0263 1240 vwifimp - ok
16:57:25.0316 1240 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:57:25.0380 1240 W32Time - ok
16:57:25.0413 1240 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:57:25.0434 1240 WacomPen - ok
16:57:25.0471 1240 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:25.0519 1240 WANARP - ok
16:57:25.0529 1240 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:57:25.0563 1240 Wanarpv6 - ok
16:57:25.0670 1240 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:57:25.0745 1240 WatAdminSvc - ok
16:57:25.0859 1240 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:57:25.0927 1240 wbengine - ok
16:57:26.0043 1240 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:57:26.0104 1240 WbioSrvc - ok
16:57:26.0146 1240 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:57:26.0211 1240 wcncsvc - ok
16:57:26.0241 1240 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:57:26.0266 1240 WcsPlugInService - ok
16:57:26.0331 1240 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:57:26.0349 1240 Wd - ok
16:57:26.0420 1240 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:57:26.0467 1240 Wdf01000 - ok
16:57:26.0507 1240 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:26.0546 1240 WdiServiceHost - ok
16:57:26.0556 1240 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:57:26.0575 1240 WdiSystemHost - ok
16:57:26.0609 1240 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:57:26.0657 1240 WebClient - ok
16:57:26.0690 1240 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:57:26.0761 1240 Wecsvc - ok
16:57:26.0792 1240 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:57:26.0831 1240 wercplsupport - ok
16:57:26.0860 1240 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:57:26.0898 1240 WerSvc - ok
16:57:26.0969 1240 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:57:27.0022 1240 WfpLwf - ok
16:57:27.0110 1240 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:57:27.0137 1240 WIMMount - ok
16:57:27.0185 1240 WinDefend - ok
16:57:27.0234 1240 WinHttpAutoProxySvc - ok
16:57:27.0311 1240 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:57:27.0380 1240 Winmgmt - ok
16:57:27.0517 1240 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:57:27.0632 1240 WinRM - ok
16:57:27.0805 1240 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:57:27.0858 1240 WinUsb - ok
16:57:27.0976 1240 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:57:28.0078 1240 Wlansvc - ok
16:57:28.0154 1240 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:57:28.0178 1240 wlcrasvc - ok
16:57:28.0350 1240 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:57:28.0473 1240 wlidsvc - ok
16:57:28.0605 1240 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:57:28.0650 1240 WmiAcpi - ok
16:57:28.0734 1240 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:57:28.0791 1240 wmiApSrv - ok
16:57:28.0866 1240 WMPNetworkSvc - ok
16:57:28.0915 1240 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:57:28.0936 1240 WPCSvc - ok
16:57:28.0965 1240 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:57:28.0981 1240 WPDBusEnum - ok
16:57:29.0019 1240 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:57:29.0057 1240 ws2ifsl - ok
16:57:29.0085 1240 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:57:29.0118 1240 wscsvc - ok
16:57:29.0129 1240 WSearch - ok
16:57:29.0307 1240 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:57:29.0416 1240 wuauserv - ok
16:57:29.0556 1240 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:57:29.0611 1240 WudfPf - ok
16:57:29.0638 1240 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:57:29.0690 1240 WUDFRd - ok
16:57:29.0734 1240 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:57:29.0798 1240 wudfsvc - ok
16:57:29.0832 1240 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:57:29.0874 1240 WwanSvc - ok
16:57:29.0940 1240 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:57:30.0338 1240 \Device\Harddisk0\DR0 - ok
16:57:30.0344 1240 Boot (0x1200) (93f8375423b9f53198e83afbbc0c0f80) \Device\Harddisk0\DR0\Partition0
16:57:30.0348 1240 \Device\Harddisk0\DR0\Partition0 - ok
16:57:30.0383 1240 Boot (0x1200) (a2625536f76af51c902835acd891eca1) \Device\Harddisk0\DR0\Partition1
16:57:30.0386 1240 \Device\Harddisk0\DR0\Partition1 - ok
16:57:30.0387 1240 ============================================================
16:57:30.0387 1240 Scan finished
16:57:30.0387 1240 ============================================================
16:57:30.0402 4032 Detected object count: 2
16:57:30.0402 4032 Actual detected object count: 2
16:57:41.0525 4032 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:41.0525 4032 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:57:41.0527 4032 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:41.0527 4032 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
 LG Nicole |
|
30.07.2012, 20:06
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
04.08.2012, 16:10
| #19 |
| | Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! Combofix Logfile: Code:
ATTFilter ComboFix 12-08-04.02 - ich 04.08.2012 12:48:03.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4044.2490 [GMT 2:00]
ausgeführt von:: c:\users\ich\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ich\4.0
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-07-04 bis 2012-08-04 ))))))))))))))))))))))))))))))
.
.
2012-08-04 10:52 . 2012-08-04 10:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-04 10:47 . 2012-07-16 00:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{56FBC82D-F4E6-4DCE-A5FB-2A4902111DA4}\mpengine.dll
2012-07-19 09:57 . 2012-07-19 09:57 -------- d-----w- C:\_OTL
2012-07-18 08:13 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-18 08:11 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-16 18:08 . 2012-07-16 18:08 -------- d-----w- c:\programdata\WinZip
2012-07-16 18:08 . 2012-07-16 18:08 -------- d-----w- c:\program files\WinZip
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-18 08:08 . 2012-02-19 21:21 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 11:46 . 2012-06-17 15:09 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-27 16:16 . 2012-06-27 16:16 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-27 16:16 . 2012-03-01 18:46 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-02 22:19 . 2012-06-24 11:58 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-24 11:58 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-24 11:58 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-24 11:58 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-24 11:58 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-24 11:58 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-24 11:58 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-24 11:57 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-24 11:57 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-04-29 36000]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2011-04-29 51872]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-04-29 259232]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-04-29 109216]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2011-04-29 166048]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-04-29 59040]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2011-04-29 283296]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-04-29 288416]
R3 cpuz135;cpuz135;c:\users\ich\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2011-07-19 104096]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-10 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-06-15 103472]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-08-12 971704]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2011-04-29 29344]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-03-29 317440]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-03-29 335464]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-29 425064]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 93264501
*Deregistered* - 93264501
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2519252957-1520245971-2312452232-1000Core.job
- c:\users\ich\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-16 16:20]
.
2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2519252957-1520245971-2312452232-1000UA.job
- c:\users\ich\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-16 16:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418328]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page =
uInternet Settings,ProxyOverride = <local>;*.local
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-08-04 12:54:25
ComboFix-quarantined-files.txt 2012-08-04 10:54
.
Vor Suchlauf: 16 Verzeichnis(se), 414.051.180.544 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 413.907.496.960 Bytes frei
.
- - End Of File - - 8454796EB669DEA06EB5C622EEA8D8E0
die fehlermeldung ist nicht aufgetaucht Liebe Grüße |
|
04.08.2012, 18:47
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.08.2012, 14:46
| #21 |
| | Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! ich kann das osam.exe nicht ausführen... da kommt immer eine fehlermeldung: programm kann nicht gestartet werden, da osam_gui.dll auf dem computer fehlt. habe es mehrfach versucht, aber es kommt immer die selbe fehlermeldung  |
|
05.08.2012, 16:35
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! Das liegt daran, dass du meine Hinweise nicht liest! OSAM musst du vorher mit 7zip oder WinRAR in ein separates Verzeichnis entpacken und dann kannst du erst daraus die EXE starten!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.08.2012, 18:09
| #23 |
| | Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt!Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-06 18:45:43
-----------------------------
18:45:43.450 OS Version: Windows x64 6.1.7601 Service Pack 1
18:45:43.450 Number of processors: 2 586 0x2A07
18:45:43.450 ComputerName: ICH-VAIO UserName: ich
18:45:44.682 Initialize success
18:46:44.264 AVAST engine defs: 12080600
18:47:51.249 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:47:51.264 Disk 0 Vendor: ST950032 0006 Size: 476940MB BusType: 3
18:47:51.280 Disk 0 MBR read successfully
18:47:51.280 Disk 0 MBR scan
18:47:51.295 Disk 0 Windows 7 default MBR code
18:47:51.295 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14214 MB offset 2048
18:47:51.327 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29114368
18:47:51.342 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462624 MB offset 29319168
18:47:51.389 Disk 0 scanning C:\Windows\system32\drivers
18:48:04.946 Service scanning
18:48:36.437 Modules scanning
18:48:36.437 Disk 0 trace - called modules:
18:48:36.578 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:48:37.108 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004866310]
18:48:37.108 3 CLASSPNP.SYS[fffff88001b6843f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046fb050]
18:48:39.094 AVAST engine scan C:\Windows
18:48:42.109 AVAST engine scan C:\Windows\system32
18:51:49.469 AVAST engine scan C:\Windows\system32\drivers
18:52:05.845 AVAST engine scan C:\Users\ich
18:58:37.856 AVAST engine scan C:\ProgramData
19:00:49.368 Scan finished successfully
19:08:45.879 Disk 0 MBR has been saved successfully to "C:\Users\ich\Desktop\pc rettung\MBR.dat"
19:08:45.882 The log file has been saved successfully to "C:\Users\ich\Desktop\pc rettung\aswMBR.txt"
Gruß Nicole |
|
08.08.2012, 17:30
| #25 |
| | Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! OSAM Logfile: Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 18:11:35 on 06.08.2012 OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 64-bit Default Browser: Google Inc. Google Chrome 21.0.1180.60 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "GoogleUpdateTaskUserS-1-5-21-2519252957-1520245971-2312452232-1000Core.job" - "Google Inc." - C:\Users\ich\AppData\Local\Google\Update\GoogleUpdate.exe "GoogleUpdateTaskUserS-1-5-21-2519252957-1520245971-2312452232-1000UA.job" - "Google Inc." - C:\Users\ich\AppData\Local\Google\Update\GoogleUpdate.exe [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "cpuz135" (cpuz135) - ? - C:\Users\ich\AppData\Local\Temp\cpuz135\cpuz135_x64.sys (File not found) "Sftfs" (Sftfs) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftfslh.sys "Sftplay" (Sftplay) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftplaylh.sys "Sftredir" (Sftredir) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftredirlh.sys "Sftvol" (Sftvol) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\Sftvollh.sys [Explorer] -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Handler )----- {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {5513F07E-936B-4E52-9B00-067394E91CC5} "dssrequest" - ? - (File not found | COM-object registry key not found) {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll {5513F07E-936B-4E52-9B00-067394E91CC5} "sacore" - ? - (File not found | COM-object registry key not found) {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? - (File not found | COM-object registry key not found) {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) ITBar7Height64 "ITBar7Height64" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout64" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_31" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_31.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "ClsidExtension" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )----- {8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} "CIESpeechBHO Class" - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [LSA Providers] -----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )----- "Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe "ISBMgr.exe" - ? - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "iTunesHelper" - "Apple Inc." - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "PMBVolumeWatcher" - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "SwitchBoard" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200" (NAUpdate) - "Nero AG" - C:\Program Files (x86)\Nero\Update\NASvc.exe "Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe "Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe "Application Virtualization Client" (sftlist) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe "Application Virtualization Service Agent" (sftvsa) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe "ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe "ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe "Atheros Bt&Wlan Coex Agent" (Atheros Bt&Wlan Coex Agent) - "Atheros" - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe "AtherosSvc" (AtherosSvc) - "Atheros Commnucations" - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe "BBUpdate" (BBUpdate) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE "Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE "CamMonitor" (uCamMonitor) - "ArcSoft, Inc." - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe "Client Virtualization Handler" (cvhsvc) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE "DCDhcpService" (DCDhcpService) - "Atheros Communication Inc." - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe "Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe "IconMan_R" (IconMan_R) - "Realsil Microelectronics Inc." - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Management and Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe "iPod-Dienst" (iPod Service) - "Apple Inc." - C:\Program Files\iPod\bin\iPodService.exe "McAfee SiteAdvisor Service" (McAfee SiteAdvisor Service) - "McAfee, Inc." - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "PMBDeviceInfoProvider" (PMBDeviceInfoProvider) - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe "SwitchBoard" (SwitchBoard) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe "VAIO Care Performance Service" (SampleCollector) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCPerfService.exe "VAIO Content Folder Watcher" (VCFw) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe "VAIO Content Importer" (SOHCImp) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe "VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe "VAIO Content Metadata Intelligent Network Service Manager" (VcmINSMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe "VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe "VAIO Device Searcher" (SOHDs) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe "VAIO Entertainment Common Service" (SpfService) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe "VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe "VCService" (VCService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCService.exe "VSNService" (VSNService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe "VUAgent" (VUAgent) - "Sony Corporation" - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe "Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [Winsock Providers] -----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )----- "mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll "WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL "WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru [/code] GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-08-06 18:47:42
Windows 6.1.7601 Service Pack 1
Running: zlzfbmwt.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78c9d48c
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78d71562
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ccaf78d71562@3cd0f8473cdc 0x24 0x2D 0xD5 0x01 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78c9d48c (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78d71562 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ccaf78d71562@3cd0f8473cdc 0x24 0x2D 0xD5 0x01 ...
---- EOF - GMER 1.0.15 ----
|
|
09.08.2012, 13:26
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Windows Verschlüsselungs Trojaner entfernt aber die Dateien sind verschlüsselt! |
| dateien, dateien verschlüsselt, entfern, entferne, entfernen, entfernt, malewarebytes, schonmal, troja, trojaner, trojaner entfernt, verschlüsselt, verschlüsselungs, verschlüsselungs trojaner, windows, windows verschlüsselungs trojaner |
Linear-Darstellung
