| |
| |||||||
Log-Analyse und Auswertung: Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.10.2012, 09:57
| #1 |
 |  Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden Hallo, mein Esed meldet seid ein paar Tagen das nicht zu behebende Problem zur tbhcn.exe. Über google bin ich auf dieses bereits bekannte Problem gestoßen. Habe jetzt dann auch gleich Malewarebytes installiert und den kompletten Scan durchgeführt. Hierbei ist die Anwendung PUP. Blabbers betroffen, so Malewarebytes. Da ich kein Spezi in dieser Sache bin, habe ich bis auf den Scan noch nichts weiter unternommen und hoffe sehr auf Eure Hilfe  . Log anbei. Lieben Dank schon einmal. VG nessie |
|
28.10.2012, 12:51
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden 1. aswMBR
__________________Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
29.10.2012, 07:01
| #3 |
| | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden Hallo Cosinus,
__________________zunächst einmal ganz lieben Dank für Deine schnelle Hilfe! Anbei die entsprechenden Log Dateien. LG nessie |
|
29.10.2012, 07:08
| #4 |
| | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefundenCode:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-29 06:08:56
-----------------------------
06:08:56.734 OS Version: Windows x64 6.1.7600
06:08:56.734 Number of processors: 2 586 0x2505
06:08:56.734 ComputerName: NESSIE-VAIO UserName: nessie
06:08:57.764 Initialize success
06:12:30.237 AVAST engine defs: 12102801
06:13:20.719 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
06:13:20.735 Disk 0 Vendor: ST932032 0006 Size: 305245MB BusType: 3
06:13:20.735 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000068
06:13:20.735 Disk 1 Vendor: RICOH 02 Size: 1934MB BusType: 0
06:13:20.766 Disk 0 MBR read successfully
06:13:20.766 Disk 0 MBR scan
06:13:20.782 Disk 0 Windows 7 default MBR code
06:13:20.797 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13719 MB offset 2048
06:13:20.828 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 28098560
06:13:20.844 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 291424 MB offset 28303360
06:13:20.891 Disk 0 scanning C:\Windows\system32\drivers
06:13:36.101 Service scanning
06:14:10.592 Modules scanning
06:14:11.123 Disk 0 trace - called modules:
06:14:11.138 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
06:14:11.154 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80044ea060]
06:14:11.170 3 CLASSPNP.SYS[fffff88001a8543f] -> nt!IofCallDriver -> [0xfffffa800356c750]
06:14:11.170 5 ACPI.sys[fffff88000ef8781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004376050]
06:14:12.308 AVAST engine scan C:\Windows
06:14:15.756 AVAST engine scan C:\Windows\system32
06:19:30.892 AVAST engine scan C:\Windows\system32\drivers
06:19:58.067 AVAST engine scan C:\Users\nessie
06:21:37.190 Disk 0 MBR has been saved successfully to "C:\Users\nessie\Desktop\MBR.dat"
06:21:37.206 The log file has been saved successfully to "C:\Users\nessie\Desktop\aswMBR.txt"
06:38:05.699 AVAST engine scan C:\ProgramData
06:45:59.099 Scan finished successfully
06:48:29.077 Disk 0 MBR has been saved successfully to "C:\Users\nessie\Desktop\MBR.dat"
06:48:29.093 The log file has been saved successfully to "C:\Users\nessie\Desktop\aswMBR.txt"
 TDSSKiller.2.8.13.0_29.10.2012_06.53.16_log.txt: Die Datei, die Sie anhängen möchten, ist zu groß. Die maximale Dateigröße für diesen Dateityp beträgt 97,7 KB. Ihre Datei ist 139,3 KB groß. ah - mit komplett posten meinst Du einfügen! Code:
ATTFilter 06:53:16.0649 8016 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
06:53:17.0099 8016 ============================================================
06:53:17.0099 8016 Current date / time: 2012/10/29 06:53:17.0099
06:53:17.0099 8016 SystemInfo:
06:53:17.0099 8016
06:53:17.0099 8016 OS Version: 6.1.7600 ServicePack: 0.0
06:53:17.0099 8016 Product type: Workstation
06:53:17.0099 8016 ComputerName: NESSIE-VAIO
06:53:17.0099 8016 UserName: nessie
06:53:17.0099 8016 Windows directory: C:\Windows
06:53:17.0099 8016 System windows directory: C:\Windows
06:53:17.0099 8016 Running under WOW64
06:53:17.0099 8016 Processor architecture: Intel x64
06:53:17.0099 8016 Number of processors: 2
06:53:17.0099 8016 Page size: 0x1000
06:53:17.0099 8016 Boot type: Normal boot
06:53:17.0099 8016 ============================================================
06:53:17.0939 8016 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:53:18.0049 8016 Drive \Device\Harddisk1\DR1 - Size: 0x78EE0A00 (1.89 Gb), SectorSize: 0x200, Cylinders: 0xF6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
06:53:18.0119 8016 ============================================================
06:53:18.0119 8016 \Device\Harddisk0\DR0:
06:53:18.0119 8016 MBR partitions:
06:53:18.0119 8016 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1ACC000, BlocksNum 0x32000
06:53:18.0119 8016 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1AFE000, BlocksNum 0x23930000
06:53:18.0119 8016 \Device\Harddisk1\DR1:
06:53:18.0119 8016 MBR partitions:
06:53:18.0119 8016 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xFB, BlocksNum 0x3C7705
06:53:18.0119 8016 ============================================================
06:53:18.0149 8016 C: <-> \Device\Harddisk0\DR0\Partition2
06:53:18.0149 8016 ============================================================
06:53:18.0149 8016 Initialize success
06:53:18.0149 8016 ============================================================
06:54:16.0632 0776 ============================================================
06:54:16.0632 0776 Scan started
06:54:16.0632 0776 Mode: Manual; SigCheck; TDLFS;
06:54:16.0632 0776 ============================================================
06:54:17.0115 0776 ================ Scan system memory ========================
06:54:17.0115 0776 System memory - ok
06:54:17.0131 0776 ================ Scan services =============================
06:54:17.0318 0776 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
06:54:17.0490 0776 1394ohci - ok
06:54:17.0552 0776 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
06:54:17.0614 0776 ACDaemon - ok
06:54:17.0677 0776 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
06:54:17.0708 0776 ACPI - ok
06:54:17.0739 0776 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
06:54:17.0880 0776 AcpiPmi - ok
06:54:17.0942 0776 [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
06:54:17.0958 0776 AdobeActiveFileMonitor8.0 - ok
06:54:18.0067 0776 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:54:18.0098 0776 AdobeARMservice - ok
06:54:18.0145 0776 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
06:54:18.0192 0776 adp94xx - ok
06:54:18.0238 0776 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
06:54:18.0270 0776 adpahci - ok
06:54:18.0316 0776 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
06:54:18.0348 0776 adpu320 - ok
06:54:18.0363 0776 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:54:18.0566 0776 AeLookupSvc - ok
06:54:18.0628 0776 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
06:54:18.0722 0776 AFD - ok
06:54:18.0769 0776 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
06:54:18.0784 0776 agp440 - ok
06:54:18.0831 0776 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
06:54:18.0925 0776 ALG - ok
06:54:18.0956 0776 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
06:54:18.0987 0776 aliide - ok
06:54:19.0034 0776 [ 27429A457FCA8F50923863A965FE0C6C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:54:19.0128 0776 AMD External Events Utility - ok
06:54:19.0143 0776 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
06:54:19.0174 0776 amdide - ok
06:54:19.0221 0776 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
06:54:19.0252 0776 AmdK8 - ok
06:54:19.0284 0776 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
06:54:19.0315 0776 AmdPPM - ok
06:54:19.0377 0776 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
06:54:19.0408 0776 amdsata - ok
06:54:19.0424 0776 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
06:54:19.0455 0776 amdsbs - ok
06:54:19.0486 0776 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
06:54:19.0518 0776 amdxata - ok
06:54:19.0564 0776 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
06:54:19.0627 0776 androidusb - ok
06:54:19.0658 0776 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
06:54:19.0705 0776 ApfiltrService - ok
06:54:19.0752 0776 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
06:54:19.0876 0776 AppID - ok
06:54:19.0908 0776 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
06:54:20.0017 0776 AppIDSvc - ok
06:54:20.0079 0776 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
06:54:20.0142 0776 Appinfo - ok
06:54:20.0173 0776 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
06:54:20.0204 0776 arc - ok
06:54:20.0235 0776 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
06:54:20.0251 0776 arcsas - ok
06:54:20.0298 0776 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
06:54:20.0313 0776 ArcSoftKsUFilter - ok
06:54:20.0344 0776 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:54:20.0454 0776 AsyncMac - ok
06:54:20.0485 0776 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
06:54:20.0516 0776 atapi - ok
06:54:20.0594 0776 [ CCA705CDF038D5BC243203CE4416B345 ] athr C:\Windows\system32\DRIVERS\athrx.sys
06:54:20.0718 0776 athr - ok
06:54:20.0948 0776 [ EAEA2CE49DE0CCA80BEB9134107E5DD7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
06:54:21.0248 0776 atikmdag - ok
06:54:21.0318 0776 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:54:21.0458 0776 AudioEndpointBuilder - ok
06:54:21.0488 0776 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
06:54:21.0598 0776 AudioSrv - ok
06:54:21.0648 0776 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
06:54:21.0758 0776 AxInstSV - ok
06:54:21.0868 0776 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
06:54:21.0948 0776 b06bdrv - ok
06:54:21.0978 0776 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
06:54:22.0028 0776 b57nd60a - ok
06:54:22.0068 0776 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
06:54:22.0118 0776 BDESVC - ok
06:54:22.0138 0776 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
06:54:22.0248 0776 Beep - ok
06:54:22.0308 0776 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
06:54:22.0448 0776 BFE - ok
06:54:22.0488 0776 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
06:54:22.0648 0776 BITS - ok
06:54:22.0678 0776 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
06:54:22.0718 0776 blbdrive - ok
06:54:22.0788 0776 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:54:22.0848 0776 bowser - ok
06:54:22.0888 0776 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
06:54:22.0938 0776 BrFiltLo - ok
06:54:22.0968 0776 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
06:54:23.0018 0776 BrFiltUp - ok
06:54:23.0078 0776 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
06:54:23.0138 0776 Browser - ok
06:54:23.0168 0776 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
06:54:23.0248 0776 Brserid - ok
06:54:23.0268 0776 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
06:54:23.0318 0776 BrSerWdm - ok
06:54:23.0348 0776 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
06:54:23.0398 0776 BrUsbMdm - ok
06:54:23.0438 0776 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
06:54:23.0478 0776 BrUsbSer - ok
06:54:23.0538 0776 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
06:54:23.0618 0776 BthEnum - ok
06:54:23.0638 0776 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
06:54:23.0688 0776 BTHMODEM - ok
06:54:23.0718 0776 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
06:54:23.0758 0776 BthPan - ok
06:54:23.0818 0776 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
06:54:23.0888 0776 BTHPORT - ok
06:54:23.0918 0776 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
06:54:24.0028 0776 bthserv - ok
06:54:24.0068 0776 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
06:54:24.0118 0776 BTHUSB - ok
06:54:24.0168 0776 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
06:54:24.0198 0776 btwampfl - ok
06:54:24.0218 0776 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
06:54:24.0238 0776 btwaudio - ok
06:54:24.0298 0776 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
06:54:24.0318 0776 btwavdt - ok
06:54:24.0418 0776 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
06:54:24.0488 0776 btwdins - ok
06:54:24.0518 0776 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
06:54:24.0538 0776 btwl2cap - ok
06:54:24.0568 0776 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
06:54:24.0578 0776 btwrchid - ok
06:54:24.0598 0776 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:54:24.0708 0776 cdfs - ok
06:54:24.0753 0776 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
06:54:24.0800 0776 cdrom - ok
06:54:24.0831 0776 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
06:54:24.0940 0776 CertPropSvc - ok
06:54:24.0972 0776 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
06:54:25.0034 0776 circlass - ok
06:54:25.0065 0776 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
06:54:25.0096 0776 CLFS - ok
06:54:25.0174 0776 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:54:25.0206 0776 clr_optimization_v2.0.50727_32 - ok
06:54:25.0237 0776 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:54:25.0268 0776 clr_optimization_v2.0.50727_64 - ok
06:54:25.0362 0776 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:54:25.0408 0776 clr_optimization_v4.0.30319_32 - ok
06:54:25.0471 0776 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:54:25.0502 0776 clr_optimization_v4.0.30319_64 - ok
06:54:25.0533 0776 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
06:54:25.0596 0776 CmBatt - ok
06:54:25.0611 0776 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:54:25.0642 0776 cmdide - ok
06:54:25.0705 0776 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
06:54:25.0783 0776 CNG - ok
06:54:25.0845 0776 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
06:54:25.0861 0776 Compbatt - ok
06:54:25.0876 0776 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
06:54:25.0923 0776 CompositeBus - ok
06:54:25.0949 0776 COMSysApp - ok
06:54:25.0959 0776 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
06:54:25.0989 0776 crcdisk - ok
06:54:26.0059 0776 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:54:26.0119 0776 CryptSvc - ok
06:54:26.0149 0776 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:54:26.0289 0776 DcomLaunch - ok
06:54:26.0329 0776 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
06:54:26.0449 0776 defragsvc - ok
06:54:26.0509 0776 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:54:26.0569 0776 DfsC - ok
06:54:26.0619 0776 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
06:54:26.0649 0776 dg_ssudbus - ok
06:54:26.0689 0776 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
06:54:26.0829 0776 Dhcp - ok
06:54:26.0869 0776 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
06:54:26.0969 0776 discache - ok
06:54:27.0009 0776 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
06:54:27.0039 0776 Disk - ok
06:54:27.0079 0776 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:54:27.0139 0776 Dnscache - ok
06:54:27.0169 0776 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
06:54:27.0279 0776 dot3svc - ok
06:54:27.0309 0776 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
06:54:27.0409 0776 DPS - ok
06:54:27.0449 0776 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:54:27.0509 0776 drmkaud - ok
06:54:27.0579 0776 [ 24CE1ECF9D0AE0301775B07F5FEA175B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:54:27.0659 0776 DXGKrnl - ok
06:54:27.0749 0776 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
06:54:27.0779 0776 eamonm - ok
06:54:27.0809 0776 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
06:54:27.0909 0776 EapHost - ok
06:54:28.0019 0776 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
06:54:28.0199 0776 ebdrv - ok
06:54:28.0239 0776 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
06:54:28.0299 0776 EFS - ok
06:54:28.0359 0776 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
06:54:28.0379 0776 ehdrv - ok
06:54:28.0469 0776 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:54:28.0579 0776 ehRecvr - ok
06:54:28.0599 0776 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
06:54:28.0669 0776 ehSched - ok
06:54:28.0779 0776 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
06:54:28.0859 0776 ekrn - ok
06:54:28.0909 0776 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
06:54:28.0969 0776 elxstor - ok
06:54:29.0039 0776 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
06:54:29.0069 0776 epfwwfpr - ok
06:54:29.0079 0776 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:54:29.0129 0776 ErrDev - ok
06:54:29.0199 0776 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
06:54:29.0319 0776 EventSystem - ok
06:54:29.0419 0776 [ B56D9602DB5FE1C116B1CA5EFD8E2E50 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
06:54:29.0519 0776 EvtEng - ok
06:54:29.0569 0776 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
06:54:29.0669 0776 exfat - ok
06:54:29.0699 0776 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:54:29.0809 0776 fastfat - ok
06:54:29.0899 0776 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
06:54:29.0979 0776 Fax - ok
06:54:30.0019 0776 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
06:54:30.0059 0776 fdc - ok
06:54:30.0099 0776 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
06:54:30.0199 0776 fdPHost - ok
06:54:30.0229 0776 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
06:54:30.0319 0776 FDResPub - ok
06:54:30.0329 0776 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:54:30.0359 0776 FileInfo - ok
06:54:30.0369 0776 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:54:30.0479 0776 Filetrace - ok
06:54:30.0539 0776 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
06:54:30.0609 0776 FLEXnet Licensing Service - ok
06:54:30.0649 0776 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
06:54:30.0679 0776 flpydisk - ok
06:54:30.0739 0776 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:54:30.0779 0776 FltMgr - ok
06:54:30.0849 0776 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
06:54:30.0969 0776 FontCache - ok
06:54:31.0019 0776 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:54:31.0039 0776 FontCache3.0.0.0 - ok
06:54:31.0069 0776 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
06:54:31.0099 0776 FsDepends - ok
06:54:31.0149 0776 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
06:54:31.0169 0776 Fs_Rec - ok
06:54:31.0229 0776 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
06:54:31.0269 0776 fvevol - ok
06:54:31.0299 0776 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
06:54:31.0329 0776 gagp30kx - ok
06:54:31.0379 0776 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
06:54:31.0479 0776 gpsvc - ok
06:54:31.0549 0776 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:54:31.0569 0776 gupdate - ok
06:54:31.0599 0776 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:54:31.0619 0776 gupdatem - ok
06:54:31.0639 0776 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
06:54:31.0669 0776 gusvc - ok
06:54:31.0709 0776 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
06:54:31.0769 0776 hcw85cir - ok
06:54:31.0799 0776 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:54:31.0859 0776 HdAudAddService - ok
06:54:31.0879 0776 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
06:54:31.0939 0776 HDAudBus - ok
06:54:31.0969 0776 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
06:54:31.0999 0776 HECIx64 - ok
06:54:32.0029 0776 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
06:54:32.0069 0776 HidBatt - ok
06:54:32.0109 0776 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
06:54:32.0159 0776 HidBth - ok
06:54:32.0179 0776 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
06:54:32.0219 0776 HidIr - ok
06:54:32.0259 0776 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
06:54:32.0369 0776 hidserv - ok
06:54:32.0429 0776 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
06:54:32.0469 0776 HidUsb - ok
06:54:32.0509 0776 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
06:54:32.0619 0776 hkmsvc - ok
06:54:32.0649 0776 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:54:32.0729 0776 HomeGroupListener - ok
06:54:32.0769 0776 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:54:32.0819 0776 HomeGroupProvider - ok
06:54:32.0859 0776 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
06:54:32.0879 0776 HpSAMD - ok
06:54:32.0919 0776 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
06:54:33.0049 0776 HTTP - ok
06:54:33.0069 0776 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
06:54:33.0089 0776 hwpolicy - ok
06:54:33.0119 0776 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
06:54:33.0149 0776 i8042prt - ok
06:54:33.0189 0776 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys
06:54:33.0229 0776 iaStor - ok
06:54:33.0299 0776 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
06:54:33.0319 0776 IAStorDataMgrSvc - ok
06:54:33.0379 0776 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
06:54:33.0419 0776 iaStorV - ok
06:54:33.0529 0776 [ 7B926335E444AC02C362987BA5A0028F ] IBUpdaterService C:\ProgramData\IBUpdaterService\ibsvc.exe
06:54:33.0569 0776 IBUpdaterService - ok
06:54:33.0619 0776 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:54:33.0689 0776 idsvc - ok
06:54:34.0019 0776 [ 2A22AB054F4630D2EF4BAB2853F6D5F6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
06:54:34.0479 0776 igfx ( UnsignedFile.Multi.Generic ) - warning
06:54:34.0479 0776 igfx - detected UnsignedFile.Multi.Generic (1)
06:54:34.0519 0776 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
06:54:34.0549 0776 iirsp - ok
06:54:34.0599 0776 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
06:54:34.0749 0776 IKEEXT - ok
06:54:34.0809 0776 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
06:54:34.0859 0776 Impcd - ok
06:54:34.0949 0776 [ 526E482AFB586CB1CDD687869DECF686 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:54:35.0099 0776 IntcAzAudAddService - ok
06:54:35.0149 0776 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
06:54:35.0169 0776 IntcDAud ( UnsignedFile.Multi.Generic ) - warning
06:54:35.0169 0776 IntcDAud - detected UnsignedFile.Multi.Generic (1)
06:54:35.0199 0776 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
06:54:35.0219 0776 intelide - ok
06:54:35.0249 0776 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
06:54:35.0289 0776 intelppm - ok
06:54:35.0319 0776 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
06:54:35.0429 0776 IPBusEnum - ok
06:54:35.0449 0776 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:54:35.0549 0776 IpFilterDriver - ok
06:54:35.0589 0776 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
06:54:35.0719 0776 iphlpsvc - ok
06:54:35.0739 0776 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
06:54:35.0789 0776 IPMIDRV - ok
06:54:35.0819 0776 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
06:54:35.0919 0776 IPNAT - ok
06:54:35.0959 0776 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
06:54:35.0989 0776 IRENUM - ok
06:54:36.0019 0776 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
06:54:36.0039 0776 isapnp - ok
06:54:36.0069 0776 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
06:54:36.0099 0776 iScsiPrt - ok
06:54:36.0139 0776 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
06:54:36.0159 0776 kbdclass - ok
06:54:36.0189 0776 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
06:54:36.0239 0776 kbdhid - ok
06:54:36.0259 0776 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
06:54:36.0289 0776 KeyIso - ok
06:54:36.0339 0776 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
06:54:36.0359 0776 KSecDD - ok
06:54:36.0379 0776 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
06:54:36.0409 0776 KSecPkg - ok
06:54:36.0449 0776 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
06:54:36.0559 0776 ksthunk - ok
06:54:36.0599 0776 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
06:54:36.0719 0776 KtmRm - ok
06:54:36.0799 0776 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
06:54:36.0869 0776 LanmanServer - ok
06:54:36.0899 0776 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:54:37.0009 0776 LanmanWorkstation - ok
06:54:37.0049 0776 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
06:54:37.0149 0776 lltdio - ok
06:54:37.0189 0776 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
06:54:37.0309 0776 lltdsvc - ok
06:54:37.0329 0776 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
06:54:37.0429 0776 lmhosts - ok
06:54:37.0499 0776 [ 3D23191672D83E90D1CF63927EE98136 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
06:54:37.0529 0776 LMS - ok
06:54:37.0569 0776 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
06:54:37.0609 0776 LSI_FC - ok
06:54:37.0629 0776 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
06:54:37.0659 0776 LSI_SAS - ok
06:54:37.0669 0776 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
06:54:37.0699 0776 LSI_SAS2 - ok
06:54:37.0719 0776 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
06:54:37.0749 0776 LSI_SCSI - ok
06:54:37.0769 0776 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
06:54:37.0859 0776 luafv - ok
06:54:37.0929 0776 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
06:54:37.0949 0776 MBAMProtector - ok
06:54:38.0089 0776 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
06:54:38.0119 0776 MBAMScheduler - ok
06:54:38.0199 0776 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
06:54:38.0239 0776 MBAMService - ok
06:54:38.0299 0776 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
06:54:38.0339 0776 Mcx2Svc - ok
06:54:38.0379 0776 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
06:54:38.0409 0776 megasas - ok
06:54:38.0449 0776 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
06:54:38.0489 0776 MegaSR - ok
06:54:38.0539 0776 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
06:54:38.0649 0776 MMCSS - ok
06:54:38.0669 0776 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
06:54:38.0789 0776 Modem - ok
06:54:38.0819 0776 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
06:54:38.0869 0776 monitor - ok
06:54:38.0889 0776 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
06:54:38.0919 0776 mouclass - ok
06:54:38.0939 0776 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
06:54:38.0969 0776 mouhid - ok
06:54:38.0999 0776 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
06:54:39.0029 0776 mountmgr - ok
06:54:39.0099 0776 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:54:39.0129 0776 MozillaMaintenance - ok
06:54:39.0149 0776 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\drivers\mpio.sys
06:54:39.0189 0776 mpio - ok
06:54:39.0219 0776 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
06:54:39.0309 0776 mpsdrv - ok
06:54:39.0359 0776 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
06:54:39.0509 0776 MpsSvc - ok
06:54:39.0529 0776 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
06:54:39.0579 0776 MRxDAV - ok
06:54:39.0619 0776 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
06:54:39.0659 0776 mrxsmb - ok
06:54:39.0699 0776 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:54:39.0749 0776 mrxsmb10 - ok
06:54:39.0769 0776 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:54:39.0819 0776 mrxsmb20 - ok
06:54:39.0859 0776 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\drivers\msahci.sys
06:54:39.0889 0776 msahci - ok
06:54:39.0899 0776 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\drivers\msdsm.sys
06:54:39.0939 0776 msdsm - ok
06:54:39.0949 0776 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
06:54:40.0009 0776 MSDTC - ok
06:54:40.0039 0776 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
06:54:40.0129 0776 Msfs - ok
06:54:40.0169 0776 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
06:54:40.0279 0776 mshidkmdf - ok
06:54:40.0299 0776 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
06:54:40.0319 0776 msisadrv - ok
06:54:40.0359 0776 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
06:54:40.0469 0776 MSiSCSI - ok
06:54:40.0469 0776 msiserver - ok
06:54:40.0519 0776 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
06:54:40.0609 0776 MSKSSRV - ok
06:54:40.0629 0776 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
06:54:40.0779 0776 MSPCLOCK - ok
06:54:40.0799 0776 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
06:54:40.0909 0776 MSPQM - ok
06:54:40.0949 0776 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
06:54:40.0989 0776 MsRPC - ok
06:54:40.0999 0776 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
06:54:41.0029 0776 mssmbios - ok
06:54:41.0049 0776 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
06:54:41.0159 0776 MSTEE - ok
06:54:41.0189 0776 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
06:54:41.0229 0776 MTConfig - ok
06:54:41.0249 0776 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
06:54:41.0279 0776 Mup - ok
06:54:41.0319 0776 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
06:54:41.0449 0776 napagent - ok
06:54:41.0499 0776 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
06:54:41.0569 0776 NativeWifiP - ok
06:54:41.0629 0776 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
06:54:41.0709 0776 NDIS - ok
06:54:41.0729 0776 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
06:54:41.0819 0776 NdisCap - ok
06:54:41.0839 0776 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
06:54:41.0949 0776 NdisTapi - ok
06:54:41.0999 0776 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
06:54:42.0109 0776 Ndisuio - ok
06:54:42.0139 0776 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
06:54:42.0229 0776 NdisWan - ok
06:54:42.0249 0776 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
06:54:42.0339 0776 NDProxy - ok
06:54:42.0369 0776 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
06:54:42.0459 0776 NetBIOS - ok
06:54:42.0479 0776 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
06:54:42.0599 0776 NetBT - ok
06:54:42.0629 0776 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
06:54:42.0659 0776 Netlogon - ok
06:54:42.0689 0776 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
06:54:42.0819 0776 Netman - ok
06:54:42.0829 0776 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
06:54:42.0949 0776 netprofm - ok
06:54:42.0979 0776 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:54:43.0009 0776 NetTcpPortSharing - ok
06:54:43.0229 0776 [ 18555F48844C2861D9DCE8F2B7223AE5 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
06:54:43.0579 0776 NETw5s64 - ok
06:54:43.0619 0776 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
06:54:43.0639 0776 nfrd960 - ok
06:54:43.0689 0776 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
06:54:43.0809 0776 NlaSvc - ok
06:54:43.0829 0776 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
06:54:43.0949 0776 Npfs - ok
06:54:43.0979 0776 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
06:54:44.0089 0776 nsi - ok
06:54:44.0109 0776 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
06:54:44.0189 0776 nsiproxy - ok
06:54:44.0269 0776 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
06:54:44.0379 0776 Ntfs - ok
06:54:44.0399 0776 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
06:54:44.0489 0776 Null - ok
06:54:44.0539 0776 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
06:54:44.0569 0776 nvraid - ok
06:54:44.0609 0776 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
06:54:44.0649 0776 nvstor - ok
06:54:44.0679 0776 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
06:54:44.0709 0776 nv_agp - ok
06:54:44.0829 0776 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
06:54:44.0869 0776 odserv - ok
06:54:44.0909 0776 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
06:54:44.0949 0776 ohci1394 - ok
06:54:45.0029 0776 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:54:45.0059 0776 ose - ok
06:54:45.0109 0776 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
06:54:45.0179 0776 p2pimsvc - ok
06:54:45.0209 0776 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
06:54:45.0259 0776 p2psvc - ok
06:54:45.0289 0776 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
06:54:45.0319 0776 Parport - ok
06:54:45.0369 0776 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
06:54:45.0399 0776 partmgr - ok
06:54:45.0419 0776 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
06:54:45.0479 0776 PcaSvc - ok
06:54:45.0509 0776 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\drivers\pci.sys
06:54:45.0539 0776 pci - ok
06:54:45.0559 0776 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
06:54:45.0579 0776 pciide - ok
06:54:45.0599 0776 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
06:54:45.0639 0776 pcmcia - ok
06:54:45.0659 0776 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
06:54:45.0679 0776 pcw - ok
06:54:45.0709 0776 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
06:54:45.0849 0776 PEAUTH - ok
06:54:45.0929 0776 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
06:54:45.0979 0776 PerfHost - ok
06:54:46.0049 0776 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
06:54:46.0219 0776 pla - ok
06:54:46.0269 0776 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
06:54:46.0339 0776 PlugPlay - ok
06:54:46.0459 0776 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
06:54:46.0509 0776 PMBDeviceInfoProvider - ok
06:54:46.0539 0776 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
06:54:46.0579 0776 PNRPAutoReg - ok
06:54:46.0599 0776 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
06:54:46.0639 0776 PNRPsvc - ok
06:54:46.0669 0776 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
06:54:46.0799 0776 PolicyAgent - ok
06:54:46.0839 0776 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
06:54:46.0959 0776 Power - ok
06:54:46.0999 0776 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
06:54:47.0109 0776 PptpMiniport - ok
06:54:47.0139 0776 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
06:54:47.0179 0776 Processor - ok
06:54:47.0219 0776 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
06:54:47.0259 0776 ProfSvc - ok
06:54:47.0269 0776 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:54:47.0289 0776 ProtectedStorage - ok
06:54:47.0309 0776 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
06:54:47.0399 0776 Psched - ok
06:54:47.0429 0776 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
06:54:47.0449 0776 PxHlpa64 - ok
06:54:47.0519 0776 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
06:54:47.0629 0776 ql2300 - ok
06:54:47.0649 0776 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
06:54:47.0679 0776 ql40xx - ok
06:54:47.0719 0776 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
06:54:47.0759 0776 QWAVE - ok
06:54:47.0779 0776 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
06:54:47.0839 0776 QWAVEdrv - ok
06:54:47.0869 0776 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
06:54:47.0979 0776 RasAcd - ok
06:54:48.0009 0776 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
06:54:48.0109 0776 RasAgileVpn - ok
06:54:48.0139 0776 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
06:54:48.0249 0776 RasAuto - ok
06:54:48.0269 0776 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
06:54:48.0389 0776 Rasl2tp - ok
06:54:48.0409 0776 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
06:54:48.0539 0776 RasMan - ok
06:54:48.0579 0776 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
06:54:48.0689 0776 RasPppoe - ok
06:54:48.0719 0776 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
06:54:48.0829 0776 RasSstp - ok
06:54:48.0869 0776 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
06:54:48.0979 0776 rdbss - ok
06:54:49.0009 0776 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
06:54:49.0049 0776 rdpbus - ok
06:54:49.0079 0776 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
06:54:49.0169 0776 RDPCDD - ok
06:54:49.0199 0776 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
06:54:49.0299 0776 RDPENCDD - ok
06:54:49.0319 0776 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
06:54:49.0409 0776 RDPREFMP - ok
06:54:49.0449 0776 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
06:54:49.0519 0776 RDPWD - ok
06:54:49.0559 0776 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
06:54:49.0589 0776 rdyboost - ok
06:54:49.0689 0776 [ 0AA473966357C4A41B5EB19649EB6E5E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
06:54:49.0759 0776 RegSrvc - ok
06:54:49.0789 0776 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
06:54:49.0889 0776 RemoteAccess - ok
06:54:49.0919 0776 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
06:54:50.0029 0776 RemoteRegistry - ok
06:54:50.0069 0776 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
06:54:50.0129 0776 RFCOMM - ok
06:54:50.0199 0776 [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci C:\Windows\system32\drivers\rimssne64.sys
06:54:50.0239 0776 rimspci - ok
06:54:50.0259 0776 [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys
06:54:50.0299 0776 risdsnpe - ok
06:54:50.0319 0776 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
06:54:50.0429 0776 RpcEptMapper - ok
06:54:50.0469 0776 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
06:54:50.0499 0776 RpcLocator - ok
06:54:50.0529 0776 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
06:54:50.0639 0776 RpcSs - ok
06:54:50.0679 0776 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
06:54:50.0829 0776 rspndr - ok
06:54:50.0889 0776 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
06:54:50.0919 0776 RTHDMIAzAudService - ok
06:54:50.0979 0776 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
06:54:50.0999 0776 SamSs - ok
06:54:51.0029 0776 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
06:54:51.0059 0776 sbp2port - ok
06:54:51.0099 0776 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
06:54:51.0209 0776 SCardSvr - ok
06:54:51.0239 0776 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
06:54:51.0349 0776 scfilter - ok
06:54:51.0419 0776 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
06:54:51.0529 0776 Schedule - ok
06:54:51.0549 0776 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
06:54:51.0639 0776 SCPolicySvc - ok
06:54:51.0689 0776 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
06:54:51.0749 0776 sdbus - ok
06:54:51.0779 0776 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
06:54:51.0839 0776 SDRSVC - ok
06:54:51.0869 0776 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
06:54:51.0979 0776 secdrv - ok
06:54:51.0999 0776 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
06:54:52.0109 0776 seclogon - ok
06:54:52.0129 0776 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
06:54:52.0229 0776 SENS - ok
06:54:52.0259 0776 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
06:54:52.0319 0776 SensrSvc - ok
06:54:52.0339 0776 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
06:54:52.0369 0776 Serenum - ok
06:54:52.0389 0776 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
06:54:52.0429 0776 Serial - ok
06:54:52.0469 0776 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
06:54:52.0489 0776 sermouse - ok
06:54:52.0539 0776 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
06:54:52.0639 0776 SessionEnv - ok
06:54:52.0679 0776 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
06:54:52.0709 0776 SFEP - ok
06:54:52.0729 0776 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
06:54:52.0759 0776 sffdisk - ok
06:54:52.0789 0776 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
06:54:52.0839 0776 sffp_mmc - ok
06:54:52.0859 0776 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
06:54:52.0909 0776 sffp_sd - ok
06:54:52.0939 0776 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
06:54:52.0959 0776 sfloppy - ok
06:54:52.0999 0776 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
06:54:53.0119 0776 SharedAccess - ok
06:54:53.0159 0776 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:54:53.0229 0776 ShellHWDetection - ok
06:54:53.0259 0776 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
06:54:53.0289 0776 SiSRaid2 - ok
06:54:53.0319 0776 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
06:54:53.0339 0776 SiSRaid4 - ok
06:54:53.0409 0776 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
06:54:53.0439 0776 SkypeUpdate - ok
06:54:53.0459 0776 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
06:54:53.0569 0776 Smb - ok
06:54:53.0609 0776 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
06:54:53.0649 0776 SNMPTRAP - ok
06:54:53.0729 0776 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
06:54:53.0749 0776 SOHCImp - ok
06:54:53.0779 0776 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
06:54:53.0819 0776 SOHDms - ok
06:54:53.0829 0776 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
06:54:53.0849 0776 SOHDs - ok
06:54:53.0919 0776 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
06:54:53.0949 0776 SpfService - ok
06:54:53.0989 0776 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
06:54:54.0019 0776 spldr - ok
06:54:54.0079 0776 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
06:54:54.0139 0776 Spooler - ok
06:54:54.0259 0776 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
06:54:54.0449 0776 sppsvc - ok
06:54:54.0469 0776 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
06:54:54.0559 0776 sppuinotify - ok
06:54:54.0609 0776 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
06:54:54.0689 0776 srv - ok
06:54:54.0709 0776 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
06:54:54.0749 0776 srv2 - ok
06:54:54.0769 0776 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
06:54:54.0809 0776 srvnet - ok
06:54:54.0899 0776 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
06:54:54.0959 0776 ssadbus - ok
06:54:55.0019 0776 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
06:54:55.0079 0776 ssadmdfl - ok
06:54:55.0129 0776 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
06:54:55.0169 0776 ssadmdm - ok
06:54:55.0219 0776 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
06:54:55.0339 0776 SSDPSRV - ok
06:54:55.0359 0776 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
06:54:55.0459 0776 SstpSvc - ok
06:54:55.0519 0776 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
06:54:55.0549 0776 ssudmdm - ok
06:54:55.0569 0776 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
06:54:55.0589 0776 stexstor - ok
06:54:55.0639 0776 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
06:54:55.0729 0776 stisvc - ok
06:54:55.0759 0776 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
06:54:55.0779 0776 swenum - ok
06:54:55.0829 0776 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
06:54:55.0949 0776 swprv - ok
06:54:56.0009 0776 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
06:54:56.0149 0776 SysMain - ok
06:54:56.0179 0776 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:54:56.0239 0776 TabletInputService - ok
06:54:56.0269 0776 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
06:54:56.0389 0776 TapiSrv - ok
06:54:56.0409 0776 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
06:54:56.0519 0776 TBS - ok
06:54:56.0609 0776 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
06:54:56.0739 0776 Tcpip - ok
06:54:56.0799 0776 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
06:54:56.0899 0776 TCPIP6 - ok
06:54:56.0929 0776 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
06:54:57.0019 0776 tcpipreg - ok
06:54:57.0039 0776 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
06:54:57.0079 0776 TDPIPE - ok
06:54:57.0119 0776 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
06:54:57.0169 0776 TDTCP - ok
06:54:57.0179 0776 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
06:54:57.0299 0776 tdx - ok
06:54:57.0309 0776 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\drivers\termdd.sys
06:54:57.0339 0776 TermDD - ok
06:54:57.0389 0776 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
06:54:57.0539 0776 TermService - ok
06:54:57.0559 0776 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
06:54:57.0599 0776 Themes - ok
06:54:57.0639 0776 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
06:54:57.0729 0776 THREADORDER - ok
06:54:57.0739 0776 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
06:54:57.0849 0776 TrkWks - ok
06:54:57.0899 0776 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:54:57.0959 0776 TrustedInstaller - ok
06:54:57.0979 0776 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
06:54:58.0061 0776 tssecsrv - ok
06:54:58.0093 0776 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
06:54:58.0202 0776 tunnel - ok
06:54:58.0233 0776 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
06:54:58.0249 0776 uagp35 - ok
06:54:58.0280 0776 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
06:54:58.0311 0776 uCamMonitor - ok
06:54:58.0327 0776 [ 0E5E962B5649D544BE54E8C90761EA2B ] udfs C:\Windows\system32\DRIVERS\udfs.sys
06:54:58.0389 0776 udfs - ok
06:54:58.0436 0776 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
06:54:58.0467 0776 UI0Detect - ok
06:54:58.0498 0776 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
06:54:58.0529 0776 uliagpkx - ok
06:54:58.0561 0776 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
06:54:58.0592 0776 umbus - ok
06:54:58.0639 0776 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
06:54:58.0654 0776 UmPass - ok
06:54:58.0795 0776 [ 11A559E0F10CC5E788984023DF400A6F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
06:54:58.0935 0776 UNS - ok
06:54:58.0966 0776 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
06:54:59.0091 0776 upnphost - ok
06:54:59.0122 0776 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
06:54:59.0185 0776 usbccgp - ok
06:54:59.0231 0776 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
06:54:59.0278 0776 usbcir - ok
06:54:59.0325 0776 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
06:54:59.0341 0776 usbehci - ok
06:54:59.0403 0776 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
06:54:59.0434 0776 usbhub - ok
06:54:59.0465 0776 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
06:54:59.0497 0776 usbohci - ok
06:54:59.0512 0776 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
06:54:59.0543 0776 usbprint - ok
06:54:59.0590 0776 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:54:59.0637 0776 USBSTOR - ok
06:54:59.0684 0776 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
06:54:59.0731 0776 usbuhci - ok
06:54:59.0762 0776 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
06:54:59.0809 0776 usbvideo - ok
06:54:59.0871 0776 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
06:54:59.0902 0776 usb_rndisx - ok
06:54:59.0949 0776 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
06:55:00.0043 0776 UxSms - ok
06:55:00.0089 0776 [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
06:55:00.0115 0776 VAIO Event Service - ok
06:55:00.0175 0776 [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
06:55:00.0225 0776 VAIO Power Management - ok
06:55:00.0245 0776 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
06:55:00.0265 0776 VaultSvc - ok
06:55:00.0355 0776 [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
06:55:00.0425 0776 VCFw - ok
06:55:00.0485 0776 [ F19275655B42086C884ABCDAE2C659AE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
06:55:00.0535 0776 VcmIAlzMgr - ok
06:55:00.0575 0776 [ E005B04DFCA99F5880C5111933194CA9 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
06:55:00.0615 0776 VcmINSMgr - ok
06:55:00.0665 0776 [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
06:55:00.0685 0776 VcmXmlIfHelper - ok
06:55:00.0825 0776 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
06:55:00.0845 0776 VCService - ok
06:55:00.0875 0776 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
06:55:00.0905 0776 vdrvroot - ok
06:55:00.0935 0776 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
06:55:00.0995 0776 vds - ok
06:55:01.0005 0776 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
06:55:01.0035 0776 vga - ok
06:55:01.0055 0776 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
06:55:01.0155 0776 VgaSave - ok
06:55:01.0185 0776 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
06:55:01.0215 0776 vhdmp - ok
06:55:01.0235 0776 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
06:55:01.0255 0776 viaide - ok
06:55:01.0275 0776 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
06:55:01.0305 0776 volmgr - ok
06:55:01.0335 0776 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
06:55:01.0375 0776 volmgrx - ok
06:55:01.0395 0776 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\drivers\volsnap.sys
06:55:01.0435 0776 volsnap - ok
06:55:01.0455 0776 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
06:55:01.0485 0776 vsmraid - ok
06:55:01.0565 0776 [ A7EB62C664A03901165290A714BD48D0 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
06:55:01.0635 0776 VSNService ( UnsignedFile.Multi.Generic ) - warning
06:55:01.0635 0776 VSNService - detected UnsignedFile.Multi.Generic (1)
06:55:01.0715 0776 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
06:55:01.0825 0776 VSS - ok
06:55:01.0945 0776 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
06:55:02.0035 0776 VUAgent - ok
06:55:02.0055 0776 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
06:55:02.0095 0776 vwifibus - ok
06:55:02.0125 0776 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
06:55:02.0175 0776 vwififlt - ok
06:55:02.0195 0776 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
06:55:02.0235 0776 vwifimp - ok
06:55:02.0275 0776 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
06:55:02.0395 0776 W32Time - ok
06:55:02.0435 0776 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
06:55:02.0485 0776 WacomPen - ok
06:55:02.0515 0776 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
06:55:02.0615 0776 WANARP - ok
06:55:02.0645 0776 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
06:55:02.0735 0776 Wanarpv6 - ok
06:55:02.0825 0776 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
06:55:02.0915 0776 WatAdminSvc - ok
06:55:02.0985 0776 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
06:55:03.0095 0776 wbengine - ok
06:55:03.0115 0776 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
06:55:03.0155 0776 WbioSrvc - ok
06:55:03.0215 0776 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
06:55:03.0275 0776 wcncsvc - ok
06:55:03.0285 0776 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:55:03.0325 0776 WcsPlugInService - ok
06:55:03.0345 0776 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
06:55:03.0375 0776 Wd - ok
06:55:03.0405 0776 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
06:55:03.0475 0776 Wdf01000 - ok
06:55:03.0485 0776 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
06:55:03.0555 0776 WdiServiceHost - ok
06:55:03.0555 0776 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
06:55:03.0605 0776 WdiSystemHost - ok
06:55:03.0645 0776 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
06:55:03.0685 0776 WebClient - ok
06:55:03.0735 0776 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
06:55:03.0835 0776 Wecsvc - ok
06:55:03.0855 0776 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
06:55:03.0955 0776 wercplsupport - ok
06:55:03.0985 0776 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
06:55:04.0095 0776 WerSvc - ok
06:55:04.0125 0776 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
06:55:04.0215 0776 WfpLwf - ok
06:55:04.0235 0776 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
06:55:04.0265 0776 WIMMount - ok
06:55:04.0285 0776 WinDefend - ok
06:55:04.0295 0776 WinHttpAutoProxySvc - ok
06:55:04.0365 0776 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
06:55:04.0475 0776 Winmgmt - ok
06:55:04.0565 0776 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
06:55:04.0755 0776 WinRM - ok
06:55:04.0825 0776 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
06:55:04.0865 0776 WinUsb - ok
06:55:04.0915 0776 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
06:55:04.0995 0776 Wlansvc - ok
06:55:05.0035 0776 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
06:55:05.0055 0776 WmiAcpi - ok
06:55:05.0105 0776 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
06:55:05.0155 0776 wmiApSrv - ok
06:55:05.0185 0776 WMPNetworkSvc - ok
06:55:05.0225 0776 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
06:55:05.0265 0776 WPCSvc - ok
06:55:05.0275 0776 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
06:55:05.0345 0776 WPDBusEnum - ok
06:55:05.0375 0776 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
06:55:05.0465 0776 ws2ifsl - ok
06:55:05.0515 0776 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
06:55:05.0545 0776 wscsvc - ok
06:55:05.0555 0776 WSearch - ok
06:55:05.0665 0776 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
06:55:05.0815 0776 wuauserv - ok
06:55:05.0835 0776 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
06:55:05.0955 0776 WudfPf - ok
06:55:05.0985 0776 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
06:55:06.0105 0776 WUDFRd - ok
06:55:06.0135 0776 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
06:55:06.0235 0776 wudfsvc - ok
06:55:06.0265 0776 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
06:55:06.0315 0776 WwanSvc - ok
06:55:06.0365 0776 [ 5250193EF8E173AA7491250F00EB367F ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
06:55:06.0405 0776 yukonw7 - ok
06:55:06.0435 0776 ================ Scan global ===============================
06:55:06.0465 0776 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
06:55:06.0515 0776 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
06:55:06.0535 0776 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
06:55:06.0555 0776 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
06:55:06.0585 0776 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
06:55:06.0595 0776 [Global] - ok
06:55:06.0595 0776 ================ Scan MBR ==================================
06:55:06.0615 0776 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
06:55:07.0235 0776 \Device\Harddisk0\DR0 - ok
06:55:07.0245 0776 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
06:55:07.0395 0776 \Device\Harddisk1\DR1 - ok
06:55:07.0395 0776 ================ Scan VBR ==================================
06:55:07.0395 0776 [ D13BA666E79E6DD15C6A5CDBD6756BFF ] \Device\Harddisk0\DR0\Partition1
06:55:07.0405 0776 \Device\Harddisk0\DR0\Partition1 - ok
06:55:07.0435 0776 [ 6ACE03AB53B1B73A0AAE986A2AAA26A8 ] \Device\Harddisk0\DR0\Partition2
06:55:07.0435 0776 \Device\Harddisk0\DR0\Partition2 - ok
06:55:07.0445 0776 [ CDC534A490EA309F5C08A5EB011A8CE6 ] \Device\Harddisk1\DR1\Partition1
06:55:07.0445 0776 \Device\Harddisk1\DR1\Partition1 - ok
06:55:07.0445 0776 ============================================================
06:55:07.0445 0776 Scan finished
06:55:07.0445 0776 ============================================================
06:55:07.0465 7120 Detected object count: 3
06:55:07.0465 7120 Actual detected object count: 3
07:00:56.0759 7120 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
07:00:56.0759 7120 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:00:56.0759 7120 IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
07:00:56.0759 7120 IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:00:56.0759 7120 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
07:00:56.0759 7120 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:01:17.0962 7436 Deinitialize success
Geändert von cosinus (29.10.2012 um 13:00 Uhr) Grund: CODE-Tags |
|
29.10.2012, 13:01
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.10.2012, 20:09
| #6 |
| | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefundenCode:
ATTFilter .
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-01-02 08:12 721288 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C36B-6118-11DC-9C72-001320C79847}]
2010-12-12 16:01 314168 ----a-r- c:\program files (x86)\SweetIM\Social\mgFB.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-07-10 3524536]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-10 21432]
"CAHeadless"="c:\program files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe" [2009-10-09 615808]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-27 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-07-10 975800]
"114FC0B0D9B2D06F85709F2B12B157519C2B074C._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2012-10-10 1239064]
"Alle meine Passworte"="c:\progra~2\AMP\AMP.EXE" [2012-08-06 3816328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-09 98304]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Babylon Client"="c:\program files (x86)\Babylon\Babylon-Pro\Babylon.exe" [2011-08-25 3346544]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2011-12-16 220744]
.
c:\users\nessie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\nessie\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
tbhcn.lnk - c:\users\nessie\AppData\Roaming\BrowserCompanion\tbhcn.exe [2012-7-2 695448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 136176]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe [2012-06-02 373120]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-26 398176]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 05:49]
.
2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-27 05:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
2011-01-02 08:12 1057160 ----a-w- c:\progra~2\IMESHA~1\MediaBar\Datamngr\x64\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\nessie\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.searchplusnetwork.com/?sp=vit4
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Free YouTube to MP3 Converter - c:\users\nessie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\nessie\AppData\Roaming\Mozilla\Firefox\Profiles\har5cqfe.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2866295&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search the web
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: browser.search.selectedEngine - Search the web
FF - user.js: browser.search.order.1 - Search the web
FF - user.js: browser.search.defaultenginename - Search the web
FF - user.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Easy Driver Pro - c:\program files (x86)\Probit Software\Easy Driver Pro\DPLauncher.exe
Toolbar-10 - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
AddRemove-toolplugin - c:\users\nessie\AppData\Local\Temp\WZSE0.TMP\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1267291588-3835666318-4105151594-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*<%Ô*ë*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1267291588-3835666318-4105151594-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*<%Ô*ë*\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-29 20:06:38 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-10-29 19:06
.
Vor Suchlauf: 20 Verzeichnis(se), 207.328.071.680 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 207.027.298.304 Bytes frei
.
- - End Of File - - 8A1CFE92985A17320F5C00EDECB00DC6
|
|
31.10.2012, 16:13
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden Log ist unvollständig!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.10.2012, 20:06
| #8 |
| | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden Hallo cosinus, was und welchen log meinst du mit unvollständig? VG nessie |
|
31.10.2012, 20:07
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden Überleg doch mal was du zuletzt posten solltest
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.10.2012, 20:09
| #10 |
| | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden hm, ich habe aber nur dieses log! liegt es vielleicht daran, das ich combolfix 2 mal aufrufen musste? beim ersten mal ist er bis zum Neustart gekommen, hat jedoch kein logfile erstellt bzw. ist auch nach 30 Min wartezeit stehen geblieben. Hatte dann gedacht, das ich mit einem Neuaufruf von combofix auf die logdatei stoße. Das Programm lief dann erneut durch und der gepostete log wurde erstellt! War das falsch und wenn, wo kann ich evtl. den ersten log finden? unter c:combofix.txt steht der hier gepostete log |
|
31.10.2012, 20:46
| #11 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefundenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.11.2012, 06:26
| #12 | |
| | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefundenZitat:
Kann man hier denn jetzt noch weiter helfen, das ich den Trojaner los werde? Lieben Dank schon einmal für deine Hilfe! |
|
01.11.2012, 14:33
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden Es geht nicht um den ersten Durchlauf, sondern darum, dass das Log insgesamt unvollständig ist! Als wenn nur die Hälfte gepostet wurde und die erste Hälfte fehlt! Schau bitte endlich nach ob du wirklich alles aus dem Log gepostet hast und du nicht versehentlich einfach nur nicht alles markiert hast
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.11.2012, 18:31
| #14 |
| | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden Im Log steht das, was ich gepostet habe, nichts mehr oder weniger. Ich habe daher das mit dem ersten log gefragt, weil dort evtl. das von dir vermisste drin stehen könnte - aber gut, ich hab es nicht und du möchtest nicht drauf eingehen. Meine zweite Frage war und ist; ist eine Behebung des Problems dennoch möglich? Da ich nicht der Spezi bin, würde ich mich um etwas mehr Verständnis freuen > ich versuche ja auch alles! Nach wie vor bin ich um jede Hilfe sehr dankbar. |
|
03.11.2012, 00:20
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden Die Erfahrung bei nicht vollständigen Logs hat micht gelehrt, dass der TO wahrscheinlich das Log nicht komplett kopiert hat, es ist seltener, dass ein Log an sich vom entsprechenden Tool unvollständig erstellt wurde Führe CF bitte nochmal aus. Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es nochmal mit diesem Tool.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Esed meldet tbhcn.exe Problem;Malewarebytes hat PUP. Blabbers gefunden |
| .exe, .exe problem, anwendung, bekannte, bereits, gefunde, google, hierbei, hoffe, installier, installiert, komplette, kompletten, malewarebytes, melde, meldet, nichts, problem, sache, scan, spezi, tagen, tbhcn.exe |
Linear-Darstellung
