| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: AKM Trojaner sicher entfernen, bitte um HilfeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.09.2012, 15:14
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  AKM Trojaner sicher entfernen, bitte um Hilfe Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
28.09.2012, 06:10
| #17 |
 | AKM Trojaner sicher entfernen, bitte um Hilfe here we go again...
__________________Code:
ATTFilter 07:08:23.0410 0856 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
07:08:23.0410 0856 ============================================================
07:08:23.0410 0856 Current date / time: 2012/09/28 07:08:23.0410
07:08:23.0410 0856 SystemInfo:
07:08:23.0410 0856
07:08:23.0410 0856 OS Version: 6.1.7601 ServicePack: 1.0
07:08:23.0410 0856 Product type: Workstation
07:08:23.0410 0856 ComputerName: SEITERM-VAIO
07:08:23.0410 0856 UserName: SeiterM
07:08:23.0410 0856 Windows directory: C:\Windows
07:08:23.0410 0856 System windows directory: C:\Windows
07:08:23.0410 0856 Running under WOW64
07:08:23.0410 0856 Processor architecture: Intel x64
07:08:23.0410 0856 Number of processors: 4
07:08:23.0410 0856 Page size: 0x1000
07:08:23.0410 0856 Boot type: Normal boot
07:08:23.0410 0856 ============================================================
07:08:23.0769 0856 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:08:23.0785 0856 ============================================================
07:08:23.0785 0856 \Device\Harddisk0\DR0:
07:08:23.0785 0856 MBR partitions:
07:08:23.0785 0856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C06000, BlocksNum 0x32000
07:08:23.0785 0856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C38000, BlocksNum 0x5590D800
07:08:23.0785 0856 ============================================================
07:08:23.0800 0856 C: <-> \Device\Harddisk0\DR0\Partition2
07:08:23.0800 0856 ============================================================
07:08:23.0800 0856 Initialize success
07:08:23.0800 0856 ============================================================
07:08:38.0433 1212 ============================================================
07:08:38.0433 1212 Scan started
07:08:38.0433 1212 Mode: Manual; SigCheck; TDLFS;
07:08:38.0433 1212 ============================================================
07:08:39.0572 1212 ================ Scan system memory ========================
07:08:39.0572 1212 System memory - ok
07:08:39.0572 1212 ================ Scan services =============================
07:08:40.0024 1212 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
07:08:40.0196 1212 1394ohci - ok
07:08:40.0305 1212 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
07:08:40.0352 1212 ACDaemon - ok
07:08:40.0414 1212 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
07:08:40.0430 1212 ACPI - ok
07:08:40.0477 1212 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
07:08:40.0570 1212 AcpiPmi - ok
07:08:40.0695 1212 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:08:40.0711 1212 AdobeARMservice - ok
07:08:40.0898 1212 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:08:40.0929 1212 AdobeFlashPlayerUpdateSvc - ok
07:08:40.0992 1212 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
07:08:41.0023 1212 adp94xx - ok
07:08:41.0054 1212 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
07:08:41.0085 1212 adpahci - ok
07:08:41.0085 1212 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
07:08:41.0101 1212 adpu320 - ok
07:08:41.0132 1212 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:08:41.0366 1212 AeLookupSvc - ok
07:08:41.0460 1212 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
07:08:41.0553 1212 AFD - ok
07:08:41.0584 1212 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
07:08:41.0616 1212 agp440 - ok
07:08:41.0662 1212 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
07:08:41.0772 1212 ALG - ok
07:08:41.0818 1212 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
07:08:41.0834 1212 aliide - ok
07:08:41.0865 1212 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
07:08:41.0865 1212 amdide - ok
07:08:41.0881 1212 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
07:08:41.0928 1212 AmdK8 - ok
07:08:41.0928 1212 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
07:08:41.0959 1212 AmdPPM - ok
07:08:42.0006 1212 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:08:42.0037 1212 amdsata - ok
07:08:42.0052 1212 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
07:08:42.0068 1212 amdsbs - ok
07:08:42.0084 1212 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:08:42.0099 1212 amdxata - ok
07:08:42.0208 1212 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
07:08:42.0240 1212 AntiVirSchedulerService - ok
07:08:42.0286 1212 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
07:08:42.0302 1212 AntiVirService - ok
07:08:42.0349 1212 [ D80CB25D90474C731C0D1312A6DE3B13 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
07:08:42.0380 1212 ApfiltrService - ok
07:08:42.0411 1212 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
07:08:42.0567 1212 AppID - ok
07:08:42.0598 1212 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:08:42.0676 1212 AppIDSvc - ok
07:08:42.0723 1212 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
07:08:42.0848 1212 Appinfo - ok
07:08:42.0864 1212 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
07:08:42.0879 1212 arc - ok
07:08:42.0895 1212 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
07:08:42.0910 1212 arcsas - ok
07:08:42.0942 1212 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
07:08:42.0957 1212 ArcSoftKsUFilter - ok
07:08:43.0051 1212 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:08:43.0098 1212 aspnet_state - ok
07:08:43.0129 1212 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:08:43.0207 1212 AsyncMac - ok
07:08:43.0254 1212 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
07:08:43.0269 1212 atapi - ok
07:08:43.0300 1212 [ 50F257E19554421B6891E3F998EDCA90 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
07:08:43.0316 1212 AthBTPort - ok
07:08:43.0378 1212 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
07:08:43.0394 1212 Atheros Bt&Wlan Coex Agent - ok
07:08:43.0410 1212 [ EBC3119394C9074A9CD87578A435050D ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
07:08:43.0425 1212 AtherosSvc - ok
07:08:43.0503 1212 [ C8679A07267F030704168E45E27C3D43 ] athr C:\Windows\system32\DRIVERS\athrx.sys
07:08:43.0597 1212 athr - ok
07:08:43.0644 1212 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
07:08:43.0675 1212 atksgt - ok
07:08:43.0722 1212 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:08:43.0831 1212 AudioEndpointBuilder - ok
07:08:43.0831 1212 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:08:43.0862 1212 AudioSrv - ok
07:08:43.0909 1212 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
07:08:43.0909 1212 avgntflt - ok
07:08:43.0956 1212 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
07:08:43.0971 1212 avipbb - ok
07:08:43.0987 1212 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
07:08:44.0018 1212 avkmgr - ok
07:08:44.0065 1212 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:08:44.0205 1212 AxInstSV - ok
07:08:44.0252 1212 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
07:08:44.0299 1212 b06bdrv - ok
07:08:44.0361 1212 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:08:44.0408 1212 b57nd60a - ok
07:08:44.0470 1212 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
07:08:44.0517 1212 BDESVC - ok
07:08:44.0548 1212 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
07:08:44.0626 1212 Beep - ok
07:08:44.0704 1212 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
07:08:44.0782 1212 BFE - ok
07:08:44.0829 1212 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
07:08:44.0907 1212 BITS - ok
07:08:44.0954 1212 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
07:08:44.0985 1212 blbdrive - ok
07:08:45.0032 1212 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:08:45.0094 1212 bowser - ok
07:08:45.0172 1212 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
07:08:45.0219 1212 BrFiltLo - ok
07:08:45.0250 1212 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
07:08:45.0266 1212 BrFiltUp - ok
07:08:45.0313 1212 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
07:08:45.0344 1212 Browser - ok
07:08:45.0375 1212 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:08:45.0422 1212 Brserid - ok
07:08:45.0438 1212 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:08:45.0469 1212 BrSerWdm - ok
07:08:45.0500 1212 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:08:45.0547 1212 BrUsbMdm - ok
07:08:45.0547 1212 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:08:45.0578 1212 BrUsbSer - ok
07:08:45.0625 1212 [ B3BCD755FA9A359D10208CC9F09847CC ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
07:08:45.0656 1212 BTATH_A2DP - ok
07:08:45.0672 1212 [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
07:08:45.0703 1212 btath_avdt - ok
07:08:45.0734 1212 [ D838DD1BCB328EFCFAD7A52DE9E3CAFD ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
07:08:45.0750 1212 BTATH_BUS - ok
07:08:45.0781 1212 [ A441B800E04CF8443FAF519207563ABB ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
07:08:45.0796 1212 BTATH_HCRP - ok
07:08:45.0828 1212 [ B16F8429A35BBA2A8EF9DB2E08675B97 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
07:08:45.0828 1212 BTATH_LWFLT - ok
07:08:45.0843 1212 [ C24231C6BDFE21735930084A22089AAB ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
07:08:45.0859 1212 BTATH_RCP - ok
07:08:45.0921 1212 [ 3632FA4C6B3CE9EC827690DEAC266D8C ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
07:08:45.0952 1212 BtFilter - ok
07:08:45.0999 1212 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
07:08:46.0077 1212 BthEnum - ok
07:08:46.0108 1212 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
07:08:46.0155 1212 BTHMODEM - ok
07:08:46.0186 1212 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
07:08:46.0218 1212 BthPan - ok
07:08:46.0296 1212 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
07:08:46.0374 1212 BTHPORT - ok
07:08:46.0405 1212 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
07:08:46.0467 1212 bthserv - ok
07:08:46.0498 1212 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
07:08:46.0545 1212 BTHUSB - ok
07:08:46.0576 1212 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:08:46.0654 1212 cdfs - ok
07:08:46.0686 1212 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
07:08:46.0717 1212 cdrom - ok
07:08:46.0748 1212 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
07:08:46.0810 1212 CertPropSvc - ok
07:08:46.0857 1212 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
07:08:46.0904 1212 circlass - ok
07:08:46.0951 1212 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
07:08:46.0966 1212 CLFS - ok
07:08:47.0044 1212 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:08:47.0060 1212 clr_optimization_v2.0.50727_32 - ok
07:08:47.0107 1212 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:08:47.0122 1212 clr_optimization_v2.0.50727_64 - ok
07:08:47.0185 1212 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:08:47.0278 1212 clr_optimization_v4.0.30319_32 - ok
07:08:47.0325 1212 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:08:47.0372 1212 clr_optimization_v4.0.30319_64 - ok
07:08:47.0403 1212 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
07:08:47.0450 1212 CmBatt - ok
07:08:47.0481 1212 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:08:47.0481 1212 cmdide - ok
07:08:47.0544 1212 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
07:08:47.0606 1212 CNG - ok
07:08:47.0653 1212 [ 1F394DF3714ED4280047810790E6DF69 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
07:08:47.0700 1212 CnxtHdAudService - ok
07:08:47.0731 1212 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
07:08:47.0746 1212 Compbatt - ok
07:08:47.0778 1212 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
07:08:47.0840 1212 CompositeBus - ok
07:08:47.0856 1212 COMSysApp - ok
07:08:47.0871 1212 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
07:08:47.0887 1212 crcdisk - ok
07:08:47.0934 1212 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:08:47.0996 1212 CryptSvc - ok
07:08:48.0043 1212 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:08:48.0121 1212 DcomLaunch - ok
07:08:48.0168 1212 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
07:08:48.0230 1212 defragsvc - ok
07:08:48.0277 1212 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:08:48.0370 1212 DfsC - ok
07:08:48.0433 1212 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
07:08:48.0495 1212 Dhcp - ok
07:08:48.0511 1212 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
07:08:48.0589 1212 discache - ok
07:08:48.0651 1212 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
07:08:48.0682 1212 Disk - ok
07:08:48.0714 1212 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:08:48.0776 1212 Dnscache - ok
07:08:48.0807 1212 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
07:08:48.0901 1212 dot3svc - ok
07:08:48.0916 1212 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
07:08:48.0979 1212 DPS - ok
07:08:49.0010 1212 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:08:49.0072 1212 drmkaud - ok
07:08:49.0104 1212 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:08:49.0135 1212 DXGKrnl - ok
07:08:49.0166 1212 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
07:08:49.0197 1212 e1yexpress - ok
07:08:49.0260 1212 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
07:08:49.0338 1212 EapHost - ok
07:08:49.0431 1212 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
07:08:49.0525 1212 ebdrv - ok
07:08:49.0572 1212 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
07:08:49.0650 1212 EFS - ok
07:08:49.0712 1212 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:08:49.0774 1212 ehRecvr - ok
07:08:49.0806 1212 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
07:08:49.0852 1212 ehSched - ok
07:08:49.0962 1212 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
07:08:49.0993 1212 elxstor - ok
07:08:50.0008 1212 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
07:08:50.0024 1212 ErrDev - ok
07:08:50.0102 1212 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
07:08:50.0180 1212 EventSystem - ok
07:08:50.0227 1212 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
07:08:50.0258 1212 exfat - ok
07:08:50.0274 1212 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:08:50.0352 1212 fastfat - ok
07:08:50.0414 1212 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
07:08:50.0476 1212 Fax - ok
07:08:50.0523 1212 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
07:08:50.0570 1212 fdc - ok
07:08:50.0601 1212 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
07:08:50.0695 1212 fdPHost - ok
07:08:50.0710 1212 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
07:08:50.0773 1212 FDResPub - ok
07:08:50.0804 1212 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:08:50.0804 1212 FileInfo - ok
07:08:50.0820 1212 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:08:50.0898 1212 Filetrace - ok
07:08:50.0929 1212 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
07:08:50.0960 1212 flpydisk - ok
07:08:50.0976 1212 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:08:51.0007 1212 FltMgr - ok
07:08:51.0038 1212 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
07:08:51.0116 1212 FontCache - ok
07:08:51.0147 1212 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:08:51.0178 1212 FontCache3.0.0.0 - ok
07:08:51.0210 1212 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:08:51.0225 1212 FsDepends - ok
07:08:51.0256 1212 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:08:51.0272 1212 Fs_Rec - ok
07:08:51.0303 1212 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:08:51.0319 1212 fvevol - ok
07:08:51.0366 1212 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
07:08:51.0366 1212 gagp30kx - ok
07:08:51.0412 1212 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
07:08:51.0475 1212 gpsvc - ok
07:08:51.0490 1212 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:08:51.0506 1212 hcw85cir - ok
07:08:51.0553 1212 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:08:51.0584 1212 HdAudAddService - ok
07:08:51.0631 1212 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
07:08:51.0693 1212 HDAudBus - ok
07:08:51.0724 1212 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
07:08:51.0771 1212 HidBatt - ok
07:08:51.0771 1212 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
07:08:51.0818 1212 HidBth - ok
07:08:51.0834 1212 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
07:08:51.0865 1212 HidIr - ok
07:08:51.0880 1212 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
07:08:51.0927 1212 hidserv - ok
07:08:51.0958 1212 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
07:08:51.0958 1212 HidUsb - ok
07:08:51.0990 1212 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:08:52.0052 1212 hkmsvc - ok
07:08:52.0068 1212 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:08:52.0099 1212 HomeGroupListener - ok
07:08:52.0146 1212 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:08:52.0192 1212 HomeGroupProvider - ok
07:08:52.0224 1212 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:08:52.0239 1212 HpSAMD - ok
07:08:52.0286 1212 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:08:52.0364 1212 HTTP - ok
07:08:52.0380 1212 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:08:52.0395 1212 hwpolicy - ok
07:08:52.0426 1212 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
07:08:52.0442 1212 i8042prt - ok
07:08:52.0473 1212 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\drivers\iaStor.sys
07:08:52.0489 1212 iaStor - ok
07:08:52.0551 1212 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
07:08:52.0567 1212 IAStorDataMgrSvc - ok
07:08:52.0614 1212 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:08:52.0645 1212 iaStorV - ok
07:08:52.0754 1212 [ 6F3909A3D40CC9F4B28E03B027F918D8 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
07:08:52.0816 1212 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
07:08:52.0816 1212 IconMan_R - detected UnsignedFile.Multi.Generic (1)
07:08:52.0879 1212 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:08:52.0910 1212 idsvc - ok
07:08:52.0941 1212 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
07:08:52.0941 1212 iirsp - ok
07:08:52.0972 1212 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
07:08:53.0019 1212 IKEEXT - ok
07:08:53.0035 1212 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
07:08:53.0035 1212 intelide - ok
07:08:53.0066 1212 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:08:53.0113 1212 intelppm - ok
07:08:53.0160 1212 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:08:53.0238 1212 IPBusEnum - ok
07:08:53.0269 1212 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:08:53.0284 1212 IpFilterDriver - ok
07:08:53.0331 1212 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:08:53.0409 1212 iphlpsvc - ok
07:08:53.0440 1212 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:08:53.0487 1212 IPMIDRV - ok
07:08:53.0503 1212 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:08:53.0550 1212 IPNAT - ok
07:08:53.0581 1212 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:08:53.0612 1212 IRENUM - ok
07:08:53.0628 1212 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:08:53.0628 1212 isapnp - ok
07:08:53.0659 1212 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:08:53.0674 1212 iScsiPrt - ok
07:08:53.0706 1212 [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
07:08:53.0737 1212 IviRegMgr - ok
07:08:53.0752 1212 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
07:08:53.0768 1212 kbdclass - ok
07:08:53.0784 1212 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
07:08:53.0830 1212 kbdhid - ok
07:08:53.0862 1212 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
07:08:53.0877 1212 KeyIso - ok
07:08:53.0940 1212 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:08:53.0955 1212 KSecDD - ok
07:08:53.0986 1212 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:08:54.0002 1212 KSecPkg - ok
07:08:54.0018 1212 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:08:54.0080 1212 ksthunk - ok
07:08:54.0127 1212 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
07:08:54.0142 1212 KtmRm - ok
07:08:54.0189 1212 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:08:54.0283 1212 LanmanServer - ok
07:08:54.0330 1212 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:08:54.0423 1212 LanmanWorkstation - ok
07:08:54.0470 1212 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
07:08:54.0501 1212 lirsgt - ok
07:08:54.0532 1212 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:08:54.0595 1212 lltdio - ok
07:08:54.0626 1212 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:08:54.0688 1212 lltdsvc - ok
07:08:54.0735 1212 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:08:54.0813 1212 lmhosts - ok
07:08:54.0891 1212 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
07:08:54.0922 1212 LMS - ok
07:08:54.0954 1212 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
07:08:54.0954 1212 LSI_FC - ok
07:08:54.0954 1212 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
07:08:54.0969 1212 LSI_SAS - ok
07:08:54.0969 1212 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
07:08:54.0985 1212 LSI_SAS2 - ok
07:08:54.0985 1212 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
07:08:55.0000 1212 LSI_SCSI - ok
07:08:55.0016 1212 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
07:08:55.0110 1212 luafv - ok
07:08:55.0125 1212 lxcf_device - ok
07:08:55.0188 1212 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
07:08:55.0203 1212 MBAMProtector - ok
07:08:55.0281 1212 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
07:08:55.0312 1212 MBAMScheduler - ok
07:08:55.0328 1212 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
07:08:55.0344 1212 MBAMService - ok
07:08:55.0390 1212 [ 5470CD3BEE5B953A5AFD127FAE80C5A0 ] MC13MP C:\Windows\system32\Drivers\MC13MP64.sys
07:08:55.0437 1212 MC13MP - ok
07:08:55.0453 1212 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:08:55.0500 1212 Mcx2Svc - ok
07:08:55.0531 1212 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
07:08:55.0546 1212 megasas - ok
07:08:55.0578 1212 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
07:08:55.0593 1212 MegaSR - ok
07:08:55.0640 1212 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
07:08:55.0656 1212 MEIx64 - ok
07:08:55.0765 1212 Microsoft SharePoint Workspace Audit Service - ok
07:08:55.0796 1212 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
07:08:55.0858 1212 MMCSS - ok
07:08:55.0858 1212 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
07:08:55.0905 1212 Modem - ok
07:08:55.0936 1212 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:08:55.0983 1212 monitor - ok
07:08:56.0030 1212 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:08:56.0046 1212 mouclass - ok
07:08:56.0092 1212 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:08:56.0124 1212 mouhid - ok
07:08:56.0170 1212 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:08:56.0202 1212 mountmgr - ok
07:08:56.0217 1212 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
07:08:56.0233 1212 mpio - ok
07:08:56.0248 1212 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:08:56.0295 1212 mpsdrv - ok
07:08:56.0326 1212 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:08:56.0389 1212 MpsSvc - ok
07:08:56.0404 1212 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:08:56.0436 1212 MRxDAV - ok
07:08:56.0482 1212 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:08:56.0560 1212 mrxsmb - ok
07:08:56.0592 1212 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:08:56.0607 1212 mrxsmb10 - ok
07:08:56.0623 1212 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:08:56.0638 1212 mrxsmb20 - ok
07:08:56.0654 1212 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
07:08:56.0670 1212 msahci - ok
07:08:56.0685 1212 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:08:56.0685 1212 msdsm - ok
07:08:56.0701 1212 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
07:08:56.0748 1212 MSDTC - ok
07:08:56.0779 1212 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:08:56.0857 1212 Msfs - ok
07:08:56.0904 1212 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:08:56.0966 1212 mshidkmdf - ok
07:08:56.0982 1212 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:08:56.0997 1212 msisadrv - ok
07:08:57.0013 1212 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:08:57.0091 1212 MSiSCSI - ok
07:08:57.0091 1212 msiserver - ok
07:08:57.0122 1212 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:08:57.0184 1212 MSKSSRV - ok
07:08:57.0216 1212 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:08:57.0294 1212 MSPCLOCK - ok
07:08:57.0294 1212 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:08:57.0340 1212 MSPQM - ok
07:08:57.0356 1212 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:08:57.0372 1212 MsRPC - ok
07:08:57.0387 1212 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
07:08:57.0403 1212 mssmbios - ok
07:08:57.0418 1212 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:08:57.0512 1212 MSTEE - ok
07:08:57.0512 1212 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
07:08:57.0528 1212 MTConfig - ok
07:08:57.0559 1212 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
07:08:57.0559 1212 Mup - ok
07:08:57.0590 1212 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
07:08:57.0668 1212 napagent - ok
07:08:57.0699 1212 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:08:57.0777 1212 NativeWifiP - ok
07:08:57.0824 1212 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
07:08:57.0855 1212 NDIS - ok
07:08:57.0871 1212 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:08:57.0918 1212 NdisCap - ok
07:08:57.0949 1212 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:08:57.0980 1212 NdisTapi - ok
07:08:58.0011 1212 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:08:58.0042 1212 Ndisuio - ok
07:08:58.0074 1212 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:08:58.0136 1212 NdisWan - ok
07:08:58.0167 1212 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:08:58.0245 1212 NDProxy - ok
07:08:58.0276 1212 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:08:58.0354 1212 NetBIOS - ok
07:08:58.0370 1212 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:08:58.0401 1212 NetBT - ok
07:08:58.0432 1212 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
07:08:58.0432 1212 Netlogon - ok
07:08:58.0464 1212 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
07:08:58.0557 1212 Netman - ok
07:08:58.0588 1212 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:08:58.0604 1212 NetMsmqActivator - ok
07:08:58.0604 1212 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:08:58.0620 1212 NetPipeActivator - ok
07:08:58.0620 1212 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
07:08:58.0666 1212 netprofm - ok
07:08:58.0666 1212 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:08:58.0682 1212 NetTcpActivator - ok
07:08:58.0682 1212 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:08:58.0682 1212 NetTcpPortSharing - ok
07:08:58.0729 1212 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
07:08:58.0744 1212 nfrd960 - ok
07:08:58.0760 1212 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:08:58.0807 1212 NlaSvc - ok
07:08:58.0838 1212 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:08:58.0854 1212 Npfs - ok
07:08:58.0885 1212 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
07:08:58.0916 1212 nsi - ok
07:08:58.0932 1212 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:08:58.0978 1212 nsiproxy - ok
07:08:59.0056 1212 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:08:59.0103 1212 Ntfs - ok
07:08:59.0134 1212 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
07:08:59.0197 1212 Null - ok
07:08:59.0244 1212 [ F12E3EA0386EBC284C893611107C6A96 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
07:08:59.0275 1212 NVHDA - ok
07:08:59.0540 1212 [ D5DEA2C1865CAB9EE6AA29CF9E79A2CE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:08:59.0696 1212 nvlddmkm - ok
07:08:59.0727 1212 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:08:59.0743 1212 nvraid - ok
07:08:59.0774 1212 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:08:59.0774 1212 nvstor - ok
07:08:59.0868 1212 [ 5A4AF8EA634B4FEEAF6F16BB1845715A ] NVSvc C:\Windows\system32\nvvsvc.exe
07:08:59.0914 1212 NVSvc - ok
07:08:59.0946 1212 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:08:59.0977 1212 nv_agp - ok
07:09:00.0008 1212 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:09:00.0039 1212 ohci1394 - ok
07:09:00.0117 1212 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:09:00.0148 1212 ose64 - ok
07:09:00.0304 1212 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:09:00.0460 1212 osppsvc - ok
07:09:00.0492 1212 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:09:00.0507 1212 p2pimsvc - ok
07:09:00.0554 1212 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
07:09:00.0570 1212 p2psvc - ok
07:09:00.0585 1212 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
07:09:00.0632 1212 Parport - ok
07:09:00.0663 1212 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:09:00.0679 1212 partmgr - ok
07:09:00.0710 1212 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
07:09:00.0757 1212 PcaSvc - ok
07:09:00.0788 1212 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
07:09:00.0788 1212 pci - ok
07:09:00.0819 1212 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
07:09:00.0819 1212 pciide - ok
07:09:00.0819 1212 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
07:09:00.0835 1212 pcmcia - ok
07:09:00.0850 1212 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
07:09:00.0866 1212 pcw - ok
07:09:00.0882 1212 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:09:00.0944 1212 PEAUTH - ok
07:09:01.0022 1212 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:09:01.0069 1212 PerfHost - ok
07:09:01.0147 1212 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
07:09:01.0225 1212 pla - ok
07:09:01.0272 1212 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:09:01.0350 1212 PlugPlay - ok
07:09:01.0443 1212 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
07:09:01.0474 1212 PMBDeviceInfoProvider - ok
07:09:01.0490 1212 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:09:01.0521 1212 PNRPAutoReg - ok
07:09:01.0552 1212 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:09:01.0584 1212 PNRPsvc - ok
07:09:01.0599 1212 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:09:01.0662 1212 PolicyAgent - ok
07:09:01.0724 1212 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
07:09:01.0802 1212 Power - ok
07:09:01.0849 1212 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:09:01.0927 1212 PptpMiniport - ok
07:09:01.0958 1212 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
07:09:01.0989 1212 Processor - ok
07:09:02.0036 1212 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
07:09:02.0114 1212 ProfSvc - ok
07:09:02.0130 1212 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:09:02.0145 1212 ProtectedStorage - ok
07:09:02.0176 1212 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:09:02.0223 1212 Psched - ok
07:09:02.0270 1212 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
07:09:02.0286 1212 PSI_SVC_2 - ok
07:09:02.0364 1212 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
07:09:02.0395 1212 ql2300 - ok
07:09:02.0395 1212 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
07:09:02.0410 1212 ql40xx - ok
07:09:02.0442 1212 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
07:09:02.0457 1212 QWAVE - ok
07:09:02.0457 1212 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:09:02.0520 1212 QWAVEdrv - ok
07:09:02.0535 1212 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:09:02.0598 1212 RasAcd - ok
07:09:02.0644 1212 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:09:02.0691 1212 RasAgileVpn - ok
07:09:02.0722 1212 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
07:09:02.0832 1212 RasAuto - ok
07:09:02.0847 1212 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:09:02.0878 1212 Rasl2tp - ok
07:09:02.0910 1212 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
07:09:02.0941 1212 RasMan - ok
07:09:02.0941 1212 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:09:02.0988 1212 RasPppoe - ok
07:09:03.0019 1212 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:09:03.0128 1212 RasSstp - ok
07:09:03.0159 1212 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:09:03.0206 1212 rdbss - ok
07:09:03.0237 1212 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
07:09:03.0268 1212 rdpbus - ok
07:09:03.0300 1212 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:09:03.0346 1212 RDPCDD - ok
07:09:03.0362 1212 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:09:03.0424 1212 RDPENCDD - ok
07:09:03.0440 1212 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:09:03.0471 1212 RDPREFMP - ok
07:09:03.0518 1212 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:09:03.0596 1212 RDPWD - ok
07:09:03.0627 1212 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:09:03.0658 1212 rdyboost - ok
07:09:03.0674 1212 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\Windows\system32\drivers\regi.sys
07:09:03.0690 1212 regi - ok
07:09:03.0721 1212 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:09:03.0783 1212 RemoteAccess - ok
07:09:03.0830 1212 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:09:03.0892 1212 RemoteRegistry - ok
07:09:03.0955 1212 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
07:09:04.0017 1212 RFCOMM - ok
07:09:04.0033 1212 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
07:09:04.0080 1212 RMCAST - ok
07:09:04.0095 1212 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:09:04.0142 1212 RpcEptMapper - ok
07:09:04.0173 1212 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
07:09:04.0220 1212 RpcLocator - ok
07:09:04.0251 1212 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
07:09:04.0298 1212 RpcSs - ok
07:09:04.0329 1212 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
07:09:04.0345 1212 RSPCIESTOR - ok
07:09:04.0360 1212 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:09:04.0392 1212 rspndr - ok
07:09:04.0423 1212 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
07:09:04.0438 1212 RTL8167 - ok
07:09:04.0454 1212 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
07:09:04.0470 1212 SamSs - ok
07:09:04.0485 1212 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:09:04.0501 1212 sbp2port - ok
07:09:04.0532 1212 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:09:04.0594 1212 SCardSvr - ok
07:09:04.0594 1212 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:09:04.0641 1212 scfilter - ok
07:09:04.0688 1212 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
07:09:04.0750 1212 Schedule - ok
07:09:04.0782 1212 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
07:09:04.0797 1212 SCPolicySvc - ok
07:09:04.0828 1212 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
07:09:04.0875 1212 sdbus - ok
07:09:04.0922 1212 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:09:04.0969 1212 SDRSVC - ok
07:09:05.0000 1212 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:09:05.0094 1212 secdrv - ok
07:09:05.0125 1212 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
07:09:05.0156 1212 seclogon - ok
07:09:05.0187 1212 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
07:09:05.0265 1212 SENS - ok
07:09:05.0281 1212 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:09:05.0312 1212 SensrSvc - ok
07:09:05.0343 1212 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
07:09:05.0390 1212 Serenum - ok
07:09:05.0421 1212 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
07:09:05.0484 1212 Serial - ok
07:09:05.0499 1212 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
07:09:05.0546 1212 sermouse - ok
07:09:05.0593 1212 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
07:09:05.0686 1212 SessionEnv - ok
07:09:05.0718 1212 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
07:09:05.0780 1212 SFEP - ok
07:09:05.0811 1212 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:09:05.0842 1212 sffdisk - ok
07:09:05.0858 1212 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:09:05.0874 1212 sffp_mmc - ok
07:09:05.0889 1212 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:09:05.0905 1212 sffp_sd - ok
07:09:05.0905 1212 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
07:09:05.0920 1212 sfloppy - ok
07:09:05.0967 1212 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:09:06.0061 1212 SharedAccess - ok
07:09:06.0108 1212 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:09:06.0170 1212 ShellHWDetection - ok
07:09:06.0217 1212 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
07:09:06.0232 1212 SiSRaid2 - ok
07:09:06.0232 1212 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
07:09:06.0248 1212 SiSRaid4 - ok
07:09:06.0264 1212 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:09:06.0310 1212 Smb - ok
07:09:06.0357 1212 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:09:06.0404 1212 SNMPTRAP - ok
07:09:06.0482 1212 [ DDF2EC98AF6FC70608A4F9CE4DB52758 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
07:09:06.0498 1212 SOHCImp - ok
07:09:06.0544 1212 [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
07:09:06.0544 1212 SOHDs - ok
07:09:06.0607 1212 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
07:09:06.0638 1212 SpfService - ok
07:09:06.0669 1212 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
07:09:06.0685 1212 spldr - ok
07:09:06.0732 1212 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
07:09:06.0763 1212 Spooler - ok
07:09:06.0856 1212 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
07:09:06.0950 1212 sppsvc - ok
07:09:06.0966 1212 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:09:06.0997 1212 sppuinotify - ok
07:09:07.0059 1212 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
07:09:07.0059 1212 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
07:09:07.0075 1212 sptd ( LockedFile.Multi.Generic ) - warning
07:09:07.0075 1212 sptd - detected LockedFile.Multi.Generic (1)
07:09:07.0106 1212 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
07:09:07.0184 1212 srv - ok
07:09:07.0215 1212 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:09:07.0246 1212 srv2 - ok
07:09:07.0293 1212 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:09:07.0324 1212 srvnet - ok
07:09:07.0356 1212 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:09:07.0402 1212 SSDPSRV - ok
07:09:07.0465 1212 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
07:09:07.0480 1212 SSPORT - ok
07:09:07.0512 1212 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:09:07.0558 1212 SstpSvc - ok
07:09:07.0590 1212 [ 79969ACAEEBEDA7DC3673656AB9918FD ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
07:09:07.0605 1212 Stereo Service - ok
07:09:07.0636 1212 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
07:09:07.0636 1212 stexstor - ok
07:09:07.0668 1212 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
07:09:07.0699 1212 stisvc - ok
07:09:07.0730 1212 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
07:09:07.0746 1212 swenum - ok
07:09:07.0886 1212 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
07:09:07.0933 1212 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
07:09:07.0933 1212 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
07:09:07.0980 1212 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
07:09:08.0073 1212 swprv - ok
07:09:08.0136 1212 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
07:09:08.0214 1212 SysMain - ok
07:09:08.0245 1212 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:09:08.0276 1212 TabletInputService - ok
07:09:08.0307 1212 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
07:09:08.0354 1212 TapiSrv - ok
07:09:08.0370 1212 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
07:09:08.0448 1212 TBS - ok
07:09:08.0541 1212 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:09:08.0619 1212 Tcpip - ok
07:09:08.0650 1212 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:09:08.0666 1212 TCPIP6 - ok
07:09:08.0697 1212 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:09:08.0791 1212 tcpipreg - ok
07:09:08.0822 1212 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:09:08.0869 1212 TDPIPE - ok
07:09:08.0900 1212 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:09:08.0916 1212 TDTCP - ok
07:09:08.0931 1212 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:09:08.0994 1212 tdx - ok
07:09:09.0040 1212 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
07:09:09.0056 1212 TermDD - ok
07:09:09.0087 1212 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
07:09:09.0150 1212 TermService - ok
07:09:09.0181 1212 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
07:09:09.0181 1212 Themes - ok
07:09:09.0212 1212 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
07:09:09.0228 1212 THREADORDER - ok
07:09:09.0243 1212 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
07:09:09.0321 1212 TrkWks - ok
07:09:09.0384 1212 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:09:09.0462 1212 TrustedInstaller - ok
07:09:09.0477 1212 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:09:09.0571 1212 tssecsrv - ok
07:09:09.0602 1212 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:09:09.0649 1212 TsUsbFlt - ok
07:09:09.0680 1212 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
07:09:09.0711 1212 TsUsbGD - ok
07:09:09.0742 1212 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:09:09.0805 1212 tunnel - ok
07:09:09.0836 1212 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
07:09:09.0836 1212 uagp35 - ok
07:09:09.0883 1212 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
07:09:09.0898 1212 uCamMonitor - ok
07:09:09.0930 1212 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:09:09.0976 1212 udfs - ok
07:09:10.0008 1212 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:09:10.0054 1212 UI0Detect - ok
07:09:10.0101 1212 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:09:10.0132 1212 uliagpkx - ok
07:09:10.0148 1212 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:09:10.0179 1212 umbus - ok
07:09:10.0179 1212 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
07:09:10.0210 1212 UmPass - ok
07:09:10.0366 1212 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
07:09:10.0429 1212 UNS - ok
07:09:10.0444 1212 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
07:09:10.0522 1212 upnphost - ok
07:09:10.0585 1212 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:09:10.0647 1212 usbccgp - ok
07:09:10.0694 1212 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:09:10.0725 1212 usbcir - ok
07:09:10.0756 1212 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
07:09:10.0788 1212 usbehci - ok
07:09:10.0834 1212 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:09:10.0881 1212 usbhub - ok
07:09:10.0897 1212 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:09:10.0928 1212 usbohci - ok
07:09:10.0975 1212 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
07:09:11.0037 1212 usbprint - ok
07:09:11.0068 1212 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:09:11.0131 1212 USBSTOR - ok
07:09:11.0146 1212 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:09:11.0193 1212 usbuhci - ok
07:09:11.0240 1212 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
07:09:11.0287 1212 usbvideo - ok
07:09:11.0318 1212 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
07:09:11.0396 1212 UxSms - ok
07:09:11.0458 1212 [ DCB1F83AD167D16D263CE57C94E9EEDF ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
07:09:11.0474 1212 VAIO Event Service - ok
07:09:11.0490 1212 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
07:09:11.0505 1212 VaultSvc - ok
07:09:11.0568 1212 [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
07:09:11.0614 1212 VCFw - ok
07:09:11.0708 1212 [ F19275655B42086C884ABCDAE2C659AE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
07:09:11.0755 1212 VcmIAlzMgr - ok
07:09:11.0786 1212 [ 2F06D134554BA84FE253DBC481DCFE6D ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
07:09:11.0848 1212 VcmINSMgr - ok
07:09:11.0864 1212 [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
07:09:11.0880 1212 VcmXmlIfHelper - ok
07:09:11.0942 1212 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
07:09:11.0958 1212 VCService - ok
07:09:12.0004 1212 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:09:12.0020 1212 vdrvroot - ok
07:09:12.0036 1212 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
07:09:12.0114 1212 vds - ok
07:09:12.0129 1212 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:09:12.0129 1212 vga - ok
07:09:12.0145 1212 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
07:09:12.0207 1212 VgaSave - ok
07:09:12.0223 1212 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:09:12.0223 1212 vhdmp - ok
07:09:12.0238 1212 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
07:09:12.0254 1212 viaide - ok
07:09:12.0285 1212 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:09:12.0285 1212 volmgr - ok
07:09:12.0301 1212 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:09:12.0316 1212 volmgrx - ok
07:09:12.0332 1212 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:09:12.0348 1212 volsnap - ok
07:09:12.0363 1212 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
07:09:12.0379 1212 vsmraid - ok
07:09:12.0472 1212 [ 0ED394BFBA3EB4740F063E0BA5EC7104 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
07:09:12.0504 1212 VSNService - ok
07:09:12.0550 1212 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
07:09:12.0613 1212 VSS - ok
07:09:12.0706 1212 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
07:09:12.0738 1212 VUAgent - ok
07:09:12.0753 1212 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
07:09:12.0769 1212 vwifibus - ok
07:09:12.0816 1212 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
07:09:12.0878 1212 vwififlt - ok
07:09:12.0909 1212 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
07:09:12.0956 1212 vwifimp - ok
07:09:13.0003 1212 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
07:09:13.0050 1212 W32Time - ok
07:09:13.0065 1212 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
07:09:13.0096 1212 WacomPen - ok
07:09:13.0143 1212 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:09:13.0252 1212 WANARP - ok
07:09:13.0252 1212 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:09:13.0284 1212 Wanarpv6 - ok
07:09:13.0393 1212 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:09:13.0440 1212 WatAdminSvc - ok
07:09:13.0471 1212 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
07:09:13.0518 1212 wbengine - ok
07:09:13.0549 1212 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:09:13.0564 1212 WbioSrvc - ok
07:09:13.0580 1212 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:09:13.0627 1212 wcncsvc - ok
07:09:13.0642 1212 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:09:13.0689 1212 WcsPlugInService - ok
07:09:13.0720 1212 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
07:09:13.0736 1212 Wd - ok
07:09:13.0752 1212 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:09:13.0783 1212 Wdf01000 - ok
07:09:13.0798 1212 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:09:13.0892 1212 WdiServiceHost - ok
07:09:13.0908 1212 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:09:13.0923 1212 WdiSystemHost - ok
07:09:13.0954 1212 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
07:09:14.0001 1212 WebClient - ok
07:09:14.0017 1212 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:09:14.0064 1212 Wecsvc - ok
07:09:14.0095 1212 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:09:14.0110 1212 wercplsupport - ok
07:09:14.0157 1212 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
07:09:14.0204 1212 WerSvc - ok
07:09:14.0235 1212 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:09:14.0266 1212 WfpLwf - ok
07:09:14.0282 1212 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:09:14.0282 1212 WIMMount - ok
07:09:14.0298 1212 WinDefend - ok
07:09:14.0313 1212 WinHttpAutoProxySvc - ok
07:09:14.0360 1212 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:09:14.0407 1212 Winmgmt - ok
07:09:14.0485 1212 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
07:09:14.0563 1212 WinRM - ok
07:09:14.0610 1212 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
07:09:14.0656 1212 WinUsb - ok
07:09:14.0719 1212 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
07:09:14.0766 1212 Wlansvc - ok
07:09:14.0828 1212 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:09:14.0844 1212 wlcrasvc - ok
07:09:14.0937 1212 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:09:14.0984 1212 wlidsvc - ok
07:09:15.0000 1212 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:09:15.0046 1212 WmiAcpi - ok
07:09:15.0078 1212 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:09:15.0124 1212 wmiApSrv - ok
07:09:15.0171 1212 WMPNetworkSvc - ok
07:09:15.0202 1212 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:09:15.0218 1212 WPCSvc - ok
07:09:15.0249 1212 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:09:15.0249 1212 WPDBusEnum - ok
07:09:15.0280 1212 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:09:15.0312 1212 ws2ifsl - ok
07:09:15.0327 1212 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
07:09:15.0390 1212 wscsvc - ok
07:09:15.0390 1212 WSearch - ok
07:09:15.0483 1212 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
07:09:15.0514 1212 wuauserv - ok
07:09:15.0546 1212 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:09:15.0561 1212 WudfPf - ok
07:09:15.0577 1212 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:09:15.0624 1212 WUDFRd - ok
07:09:15.0655 1212 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:09:15.0670 1212 wudfsvc - ok
07:09:15.0702 1212 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
07:09:15.0733 1212 WwanSvc - ok
07:09:15.0764 1212 ================ Scan global ===============================
07:09:15.0780 1212 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
07:09:15.0811 1212 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
07:09:15.0826 1212 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
07:09:15.0858 1212 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
07:09:15.0904 1212 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
07:09:15.0904 1212 [Global] - ok
07:09:15.0904 1212 ================ Scan MBR ==================================
07:09:15.0920 1212 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:09:16.0965 1212 \Device\Harddisk0\DR0 - ok
07:09:16.0965 1212 ================ Scan VBR ==================================
07:09:16.0996 1212 [ 74A4453AA59A915AFEB51B3B38547E26 ] \Device\Harddisk0\DR0\Partition1
07:09:17.0012 1212 \Device\Harddisk0\DR0\Partition1 - ok
07:09:17.0028 1212 [ AC93F8EEAB310667BAB244693C724F8A ] \Device\Harddisk0\DR0\Partition2
07:09:17.0028 1212 \Device\Harddisk0\DR0\Partition2 - ok
07:09:17.0028 1212 ============================================================
07:09:17.0028 1212 Scan finished
07:09:17.0028 1212 ============================================================
07:09:17.0059 4476 Detected object count: 3
07:09:17.0059 4476 Actual detected object count: 3
07:09:34.0219 4476 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
07:09:34.0219 4476 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:09:34.0219 4476 sptd ( LockedFile.Multi.Generic ) - skipped by user
07:09:34.0219 4476 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
07:09:34.0219 4476 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
07:09:34.0219 4476 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
28.09.2012, 13:00
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | AKM Trojaner sicher entfernen, bitte um Hilfe Dann bitte jetzt CF ausführen:
__________________ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ |
|
28.09.2012, 13:55
| #19 |
| | AKM Trojaner sicher entfernen, bitte um Hilfe ComboFix log Code:
ATTFilter ComboFix 12-09-27.03 - SeiterM 28.09.2012 14:47:27.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.6126.3877 [GMT 2:00]
ausgeführt von:: c:\users\SeiterM\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\prsgrc.dll
c:\windows\SysWow64\ssprs.dll
c:\windows\SysWow64\xrkqyep.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-28 bis 2012-09-28 ))))))))))))))))))))))))))))))
.
.
2012-09-28 12:53 . 2012-09-28 12:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-27 05:45 . 2012-09-27 05:45 -------- d-----w- c:\program files (x86)\Xaldon
2012-09-26 17:28 . 2012-09-26 17:28 -------- d-----w- C:\_OTL
2012-09-26 16:29 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-24 15:59 . 2012-09-24 15:59 -------- d-----w- c:\program files (x86)\ESET
2012-09-23 10:16 . 2012-09-23 10:16 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-09-23 10:16 . 2012-09-23 10:16 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-23 10:16 . 2012-09-23 10:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-23 08:44 . 2012-09-23 09:17 -------- d-----w- c:\program files (x86)\Porn Cleanser Removal Tool
2012-09-23 06:39 . 2012-09-23 10:18 -------- d-----w- c:\program files (x86)\Emsisoft Anti-Malware
2012-09-22 14:16 . 2012-09-22 14:16 -------- d-----w- c:\users\SeiterM\AppData\Roaming\Malwarebytes
2012-09-22 14:16 . 2012-09-22 14:16 -------- d-----w- c:\programdata\Malwarebytes
2012-09-22 14:16 . 2012-09-24 16:06 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-22 14:16 . 2012-09-07 15:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-14 14:09 . 2012-09-14 14:09 -------- d-----w- c:\users\SeiterM\.imagej
2012-09-14 14:08 . 2012-09-14 14:08 -------- d-----w- c:\program files (x86)\ImageJ
2012-09-14 13:29 . 2012-09-14 14:06 -------- d-----w- c:\program files\MikroCamLab7
2012-09-14 13:29 . 2012-09-14 13:29 -------- d-----w- c:\program files (x86)\Xvid
2012-09-14 13:29 . 2007-06-28 16:55 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2012-09-14 13:29 . 2007-06-28 16:54 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2012-09-14 13:29 . 2007-06-28 16:52 765952 ----a-w- c:\windows\SysWow64\xvidcore.dll
2012-09-14 13:28 . 2000-08-23 15:00 33280 ----a-w- c:\windows\SysWow64\HUFFYUV.DLL
2012-09-14 12:22 . 2007-08-12 03:02 61168 ----a-w- c:\windows\SysWow64\msacm.dll
2012-09-14 12:22 . 2000-08-23 15:00 33280 ----a-w- c:\windows\huffyuv.dll
2012-09-14 12:22 . 2012-09-14 12:22 -------- d-----w- c:\program files (x86)\MikroCamLab
2012-09-14 12:22 . 1998-06-16 22:00 962612 ----a-w- c:\windows\SysWow64\MFC42D.DLL
2012-09-14 12:09 . 2012-09-14 14:02 -------- d-----w- c:\program files\MikroCam1.3
2012-09-14 12:09 . 2010-09-28 10:21 241600 ----a-w- c:\windows\system32\MC13MP.ax
2012-09-14 12:09 . 2010-09-28 10:21 33856 ----a-w- c:\windows\system32\drivers\MC13MP64.sys
2012-09-14 11:24 . 2012-09-14 11:24 -------- d-----w- c:\program files\Common Files\Common Desktop Agent
2012-09-14 11:24 . 2012-09-14 11:24 -------- d-----w- c:\program files (x86)\Common Files\Common Desktop Agent
2012-09-14 10:23 . 2012-09-14 11:25 -------- d-----w- c:\users\SeiterM\AppData\Roaming\Samsung
2012-09-14 10:21 . 2012-09-14 11:24 -------- d-----w- c:\program files (x86)\Samsung
2012-09-14 10:15 . 2012-09-14 11:25 -------- d-----w- c:\programdata\Samsung
2012-09-14 10:15 . 2011-04-25 11:24 36864 ----a-w- c:\windows\system32\Spool\prtprocs\x64\ssj1mpc.dll
2012-09-12 15:00 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 15:00 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 15:00 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 15:00 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 15:00 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 15:00 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 15:00 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-29 15:12 . 2012-08-29 15:12 -------- d-----w- c:\users\SeiterM\AppData\Roaming\Withings
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-23 10:16 . 2012-04-03 04:58 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-21 08:15 . 2012-07-20 09:05 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-21 08:15 . 2012-07-20 09:05 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-12 18:32 . 2012-06-13 12:53 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-07-18 18:15 . 2012-08-15 03:50 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 20:07 . 2012-08-15 13:40 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-07-06 13:51 . 2012-07-06 13:51 640720 ----a-w- c:\windows\SysWow64\ipworks6.dll
2012-07-04 22:16 . 2012-08-15 03:50 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-07-04 22:13 . 2012-08-15 03:50 59392 ----a-w- c:\windows\system32\browcli.dll
2012-07-04 22:13 . 2012-08-15 03:50 136704 ----a-w- c:\windows\system32\browser.dll
2012-07-04 21:14 . 2012-08-15 03:50 41984 ----a-w- c:\windows\SysWow64\browcli.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 908160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-04-29 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-04-29 259232]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-04-29 109216]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-04-29 166048]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-04-29 59040]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-04-29 283296]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-04-29 288416]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
R3 MC13MP;Bresser MikroCam 1.3 (MC13MP) 64bit;c:\windows\system32\Drivers\MC13MP64.sys [2010-09-28 33856]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-03 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-06-02 834544]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-05-02 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-01 86224]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2011-03-14 11576]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-18 378472]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-04-29 29344]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-03-29 173160]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-03-29 335464]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-03-29 425064]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 03700470
*Deregistered* - 03700470
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-20 08:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1580368]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 438784]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-09-28 14:55:01
ComboFix-quarantined-files.txt 2012-09-28 12:55
.
Vor Suchlauf: 14 Verzeichnis(se), 493.397.590.016 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 493.403.619.328 Bytes frei
.
- - End Of File - - F674266B5ECEB4E9FA1ED3DE342952D9
|
|
28.09.2012, 15:22
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | AKM Trojaner sicher entfernen, bitte um Hilfe Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
haha, das is mir schon klar.
Linear-Darstellung
