| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefundenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.09.2012, 16:08
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O32 - HKLM CDRom: AutoRun - 1
:Files
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache
C:\windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}
C:\Users\saskia\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.09.2012, 16:47
| #17 |
 | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Hier das Logfile:
__________________Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
========== FILES ==========
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\saskia\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
C:\windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U folder moved successfully.
C:\windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L folder moved successfully.
C:\windows\Installer\{3b99f81f-31d5-dbab-1bcf-87d0107a285a} folder moved successfully.
C:\Users\saskia\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U folder moved successfully.
C:\Users\saskia\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L folder moved successfully.
C:\Users\saskia\AppData\Local\{3b99f81f-31d5-dbab-1bcf-87d0107a285a} folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\saskia\Downloads\cmd.bat deleted successfully.
C:\Users\saskia\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
User: saskia
->Temp folder emptied: 130662989 bytes
->Temporary Internet Files folder emptied: 103834043 bytes
->Flash cache emptied: 56944 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 186447328 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 3287846 bytes
Total Files Cleaned = 405,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
User: saskia
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.60.0 log created on 09042012_174120
Files\Folders moved on Reboot...
C:\Users\saskia\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
04.09.2012, 19:10
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html
__________________Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
05.09.2012, 16:44
| #19 |
| | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Hallo, hier der Report: Code:
ATTFilter 17:38:18.0493 4696 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:38:18.0634 4696 ============================================================
17:38:18.0634 4696 Current date / time: 2012/09/05 17:38:18.0634
17:38:18.0634 4696 SystemInfo:
17:38:18.0634 4696
17:38:18.0634 4696 OS Version: 6.1.7601 ServicePack: 1.0
17:38:18.0634 4696 Product type: Workstation
17:38:18.0634 4696 ComputerName: SASKIA-PC
17:38:18.0634 4696 UserName: saskia
17:38:18.0634 4696 Windows directory: C:\windows
17:38:18.0634 4696 System windows directory: C:\windows
17:38:18.0634 4696 Running under WOW64
17:38:18.0634 4696 Processor architecture: Intel x64
17:38:18.0634 4696 Number of processors: 4
17:38:18.0634 4696 Page size: 0x1000
17:38:18.0634 4696 Boot type: Normal boot
17:38:18.0634 4696 ============================================================
17:38:19.0102 4696 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:38:19.0102 4696 ============================================================
17:38:19.0102 4696 \Device\Harddisk0\DR0:
17:38:19.0117 4696 MBR partitions:
17:38:19.0117 4696 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
17:38:19.0117 4696 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
17:38:19.0117 4696 ============================================================
17:38:19.0149 4696 C: <-> \Device\Harddisk0\DR0\Partition2
17:38:19.0149 4696 ============================================================
17:38:19.0149 4696 Initialize success
17:38:19.0149 4696 ============================================================
17:39:32.0827 0720 ============================================================
17:39:32.0827 0720 Scan started
17:39:32.0827 0720 Mode: Manual; SigCheck; TDLFS;
17:39:32.0827 0720 ============================================================
17:39:33.0124 0720 ================ Scan services =============================
17:39:33.0405 0720 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:39:33.0545 0720 1394ohci - ok
17:39:33.0576 0720 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:39:33.0592 0720 ACPI - ok
17:39:33.0607 0720 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:39:33.0670 0720 AcpiPmi - ok
17:39:33.0810 0720 [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
17:39:33.0841 0720 AdobeActiveFileMonitor10.0 - ok
17:39:33.0904 0720 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:39:33.0919 0720 adp94xx - ok
17:39:33.0951 0720 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
17:39:33.0966 0720 adpahci - ok
17:39:34.0013 0720 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:39:34.0044 0720 adpu320 - ok
17:39:34.0075 0720 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:39:34.0169 0720 AeLookupSvc - ok
17:39:34.0294 0720 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
17:39:34.0341 0720 AESTFilters - ok
17:39:34.0434 0720 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:39:34.0497 0720 AFD - ok
17:39:34.0543 0720 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:39:34.0559 0720 agp440 - ok
17:39:34.0590 0720 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:39:34.0653 0720 ALG - ok
17:39:34.0668 0720 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:39:34.0699 0720 aliide - ok
17:39:34.0715 0720 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:39:34.0731 0720 amdide - ok
17:39:34.0762 0720 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:39:34.0824 0720 AmdK8 - ok
17:39:34.0840 0720 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:39:34.0855 0720 AmdPPM - ok
17:39:34.0887 0720 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:39:34.0902 0720 amdsata - ok
17:39:34.0902 0720 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:39:34.0918 0720 amdsbs - ok
17:39:34.0933 0720 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:39:34.0949 0720 amdxata - ok
17:39:35.0011 0720 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:39:35.0043 0720 AntiVirSchedulerService - ok
17:39:35.0089 0720 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:39:35.0105 0720 AntiVirService - ok
17:39:35.0152 0720 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
17:39:35.0183 0720 AntiVirWebService - ok
17:39:35.0230 0720 [ 6690E42CED5D067233ABAD42DA141213 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
17:39:35.0277 0720 ApfiltrService - ok
17:39:35.0323 0720 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:39:35.0433 0720 AppID - ok
17:39:35.0464 0720 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:39:35.0573 0720 AppIDSvc - ok
17:39:35.0635 0720 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:39:35.0713 0720 Appinfo - ok
17:39:35.0745 0720 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
17:39:35.0776 0720 arc - ok
17:39:35.0776 0720 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
17:39:35.0791 0720 arcsas - ok
17:39:35.0916 0720 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:39:35.0947 0720 aspnet_state - ok
17:39:35.0994 0720 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:39:36.0119 0720 AsyncMac - ok
17:39:36.0166 0720 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:39:36.0181 0720 atapi - ok
17:39:36.0228 0720 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
17:39:36.0244 0720 AthBTPort - ok
17:39:36.0322 0720 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
17:39:36.0337 0720 Atheros Bt&Wlan Coex Agent - ok
17:39:36.0353 0720 [ 44FB485B94A8332D877F659366CEDBC8 ] AtherosSvc C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
17:39:36.0369 0720 AtherosSvc - ok
17:39:36.0462 0720 [ 5493ED5D300AFC7A9A0A87FCA08E5381 ] athr C:\windows\system32\DRIVERS\athrx.sys
17:39:36.0603 0720 athr - ok
17:39:36.0665 0720 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:39:36.0790 0720 AudioEndpointBuilder - ok
17:39:36.0821 0720 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:39:36.0852 0720 AudioSrv - ok
17:39:36.0883 0720 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
17:39:36.0899 0720 avgntflt - ok
17:39:36.0930 0720 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
17:39:36.0961 0720 avipbb - ok
17:39:36.0977 0720 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
17:39:36.0993 0720 avkmgr - ok
17:39:37.0039 0720 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:39:37.0117 0720 AxInstSV - ok
17:39:37.0180 0720 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:39:37.0227 0720 b06bdrv - ok
17:39:37.0273 0720 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:39:37.0320 0720 b57nd60a - ok
17:39:37.0461 0720 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
17:39:37.0492 0720 BBSvc - ok
17:39:37.0554 0720 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
17:39:37.0585 0720 BBUpdate - ok
17:39:37.0632 0720 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:39:37.0679 0720 BDESVC - ok
17:39:37.0726 0720 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:39:37.0819 0720 Beep - ok
17:39:37.0866 0720 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:39:37.0913 0720 blbdrive - ok
17:39:37.0929 0720 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:39:37.0960 0720 bowser - ok
17:39:38.0007 0720 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:39:38.0053 0720 BrFiltLo - ok
17:39:38.0069 0720 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:39:38.0100 0720 BrFiltUp - ok
17:39:38.0147 0720 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
17:39:38.0241 0720 Browser - ok
17:39:38.0256 0720 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:39:38.0303 0720 Brserid - ok
17:39:38.0319 0720 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:39:38.0350 0720 BrSerWdm - ok
17:39:38.0350 0720 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:39:38.0397 0720 BrUsbMdm - ok
17:39:38.0412 0720 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:39:38.0443 0720 BrUsbSer - ok
17:39:38.0521 0720 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
17:39:38.0537 0720 BTATH_A2DP - ok
17:39:38.0568 0720 [ A9DF22429E8D69ED849B0BBBE16BD327 ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
17:39:38.0584 0720 BTATH_BUS - ok
17:39:38.0631 0720 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
17:39:38.0646 0720 BTATH_HCRP - ok
17:39:38.0724 0720 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
17:39:38.0740 0720 BTATH_LWFLT - ok
17:39:38.0787 0720 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
17:39:38.0818 0720 BTATH_RCP - ok
17:39:38.0833 0720 [ FF59EE1DDAC776246F43BF434194650F ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
17:39:38.0865 0720 BtFilter - ok
17:39:38.0896 0720 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
17:39:38.0958 0720 BthEnum - ok
17:39:38.0989 0720 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:39:39.0052 0720 BTHMODEM - ok
17:39:39.0083 0720 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
17:39:39.0145 0720 BthPan - ok
17:39:39.0192 0720 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
17:39:39.0255 0720 BTHPORT - ok
17:39:39.0301 0720 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:39:39.0379 0720 bthserv - ok
17:39:39.0411 0720 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
17:39:39.0457 0720 BTHUSB - ok
17:39:39.0489 0720 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:39:39.0613 0720 cdfs - ok
17:39:39.0660 0720 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:39:39.0723 0720 cdrom - ok
17:39:39.0754 0720 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:39:39.0863 0720 CertPropSvc - ok
17:39:39.0910 0720 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
17:39:39.0957 0720 circlass - ok
17:39:39.0988 0720 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:39:40.0035 0720 CLFS - ok
17:39:40.0113 0720 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:39:40.0128 0720 clr_optimization_v2.0.50727_32 - ok
17:39:40.0175 0720 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:39:40.0191 0720 clr_optimization_v2.0.50727_64 - ok
17:39:40.0253 0720 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:39:40.0269 0720 clr_optimization_v4.0.30319_32 - ok
17:39:40.0284 0720 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:39:40.0315 0720 clr_optimization_v4.0.30319_64 - ok
17:39:40.0347 0720 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:39:40.0393 0720 CmBatt - ok
17:39:40.0425 0720 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:39:40.0456 0720 cmdide - ok
17:39:40.0503 0720 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:39:40.0581 0720 CNG - ok
17:39:40.0612 0720 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
17:39:40.0643 0720 Compbatt - ok
17:39:40.0674 0720 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:39:40.0737 0720 CompositeBus - ok
17:39:40.0768 0720 COMSysApp - ok
17:39:40.0783 0720 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:39:40.0815 0720 crcdisk - ok
17:39:40.0846 0720 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
17:39:40.0861 0720 CryptSvc - ok
17:39:40.0924 0720 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\windows\system32\DRIVERS\CtClsFlt.sys
17:39:40.0986 0720 CtClsFlt - ok
17:39:41.0111 0720 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:39:41.0173 0720 cvhsvc - ok
17:39:41.0205 0720 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:39:41.0298 0720 DcomLaunch - ok
17:39:41.0345 0720 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:39:41.0470 0720 defragsvc - ok
17:39:41.0501 0720 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:39:41.0610 0720 DfsC - ok
17:39:41.0673 0720 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:39:41.0782 0720 Dhcp - ok
17:39:41.0813 0720 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:39:41.0907 0720 discache - ok
17:39:41.0922 0720 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
17:39:41.0938 0720 Disk - ok
17:39:41.0953 0720 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:39:41.0985 0720 Dnscache - ok
17:39:42.0016 0720 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:39:42.0141 0720 dot3svc - ok
17:39:42.0172 0720 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:39:42.0281 0720 DPS - ok
17:39:42.0312 0720 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:39:42.0375 0720 drmkaud - ok
17:39:42.0437 0720 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:39:42.0499 0720 DXGKrnl - ok
17:39:42.0531 0720 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:39:42.0640 0720 EapHost - ok
17:39:42.0749 0720 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
17:39:42.0905 0720 ebdrv - ok
17:39:42.0952 0720 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:39:42.0999 0720 EFS - ok
17:39:43.0077 0720 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:39:43.0155 0720 ehRecvr - ok
17:39:43.0170 0720 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:39:43.0201 0720 ehSched - ok
17:39:43.0264 0720 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:39:43.0311 0720 elxstor - ok
17:39:43.0389 0720 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
17:39:43.0420 0720 EPSON_PM_RPCV4_01 - ok
17:39:43.0420 0720 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:39:43.0467 0720 ErrDev - ok
17:39:43.0513 0720 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:39:43.0638 0720 EventSystem - ok
17:39:43.0669 0720 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:39:43.0701 0720 exfat - ok
17:39:43.0716 0720 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:39:43.0763 0720 fastfat - ok
17:39:43.0825 0720 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:39:43.0903 0720 Fax - ok
17:39:43.0903 0720 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
17:39:43.0935 0720 fdc - ok
17:39:43.0966 0720 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:39:43.0997 0720 fdPHost - ok
17:39:44.0013 0720 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:39:44.0106 0720 FDResPub - ok
17:39:44.0137 0720 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:39:44.0137 0720 FileInfo - ok
17:39:44.0153 0720 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:39:44.0262 0720 Filetrace - ok
17:39:44.0278 0720 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:39:44.0293 0720 flpydisk - ok
17:39:44.0309 0720 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:39:44.0356 0720 FltMgr - ok
17:39:44.0403 0720 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:39:44.0449 0720 FontCache - ok
17:39:44.0512 0720 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:39:44.0527 0720 FontCache3.0.0.0 - ok
17:39:44.0559 0720 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:39:44.0574 0720 FsDepends - ok
17:39:44.0605 0720 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:39:44.0637 0720 Fs_Rec - ok
17:39:44.0668 0720 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:39:44.0683 0720 fvevol - ok
17:39:44.0699 0720 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:39:44.0699 0720 gagp30kx - ok
17:39:44.0730 0720 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:39:44.0761 0720 gpsvc - ok
17:39:44.0777 0720 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:39:44.0808 0720 hcw85cir - ok
17:39:44.0839 0720 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:39:44.0917 0720 HdAudAddService - ok
17:39:44.0933 0720 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:39:44.0980 0720 HDAudBus - ok
17:39:44.0980 0720 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:39:45.0011 0720 HidBatt - ok
17:39:45.0027 0720 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:39:45.0042 0720 HidBth - ok
17:39:45.0073 0720 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
17:39:45.0073 0720 HidIr - ok
17:39:45.0105 0720 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:39:45.0214 0720 hidserv - ok
17:39:45.0245 0720 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:39:45.0261 0720 HidUsb - ok
17:39:45.0292 0720 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:39:45.0417 0720 hkmsvc - ok
17:39:45.0448 0720 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:39:45.0463 0720 HomeGroupListener - ok
17:39:45.0510 0720 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:39:45.0557 0720 HomeGroupProvider - ok
17:39:45.0588 0720 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:39:45.0619 0720 HpSAMD - ok
17:39:45.0682 0720 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:39:45.0807 0720 HTTP - ok
17:39:45.0822 0720 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:39:45.0838 0720 hwpolicy - ok
17:39:45.0853 0720 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:39:45.0885 0720 i8042prt - ok
17:39:45.0931 0720 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:39:45.0963 0720 iaStor - ok
17:39:46.0009 0720 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:39:46.0025 0720 IAStorDataMgrSvc - ok
17:39:46.0041 0720 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:39:46.0087 0720 iaStorV - ok
17:39:46.0134 0720 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:39:46.0212 0720 idsvc - ok
17:39:46.0493 0720 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:39:46.0899 0720 igfx - ok
17:39:46.0945 0720 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:39:46.0961 0720 iirsp - ok
17:39:47.0023 0720 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
17:39:47.0179 0720 IKEEXT - ok
17:39:47.0226 0720 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
17:39:47.0226 0720 IntcDAud - ok
17:39:47.0257 0720 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:39:47.0273 0720 intelide - ok
17:39:47.0304 0720 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:39:47.0351 0720 intelppm - ok
17:39:47.0398 0720 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:39:47.0491 0720 IPBusEnum - ok
17:39:47.0523 0720 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:39:47.0569 0720 IpFilterDriver - ok
17:39:47.0585 0720 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:39:47.0616 0720 IPMIDRV - ok
17:39:47.0647 0720 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:39:47.0725 0720 IPNAT - ok
17:39:47.0757 0720 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:39:47.0772 0720 IRENUM - ok
17:39:47.0788 0720 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:39:47.0803 0720 isapnp - ok
17:39:47.0819 0720 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:39:47.0835 0720 iScsiPrt - ok
17:39:47.0866 0720 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:39:47.0881 0720 kbdclass - ok
17:39:47.0897 0720 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:39:47.0944 0720 kbdhid - ok
17:39:47.0975 0720 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:39:47.0991 0720 KeyIso - ok
17:39:48.0037 0720 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:39:48.0069 0720 KSecDD - ok
17:39:48.0084 0720 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:39:48.0115 0720 KSecPkg - ok
17:39:48.0147 0720 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:39:48.0256 0720 ksthunk - ok
17:39:48.0303 0720 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:39:48.0427 0720 KtmRm - ok
17:39:48.0490 0720 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
17:39:48.0599 0720 LanmanServer - ok
17:39:48.0661 0720 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:39:48.0739 0720 LanmanWorkstation - ok
17:39:48.0802 0720 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:39:48.0911 0720 lltdio - ok
17:39:48.0958 0720 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:39:49.0067 0720 lltdsvc - ok
17:39:49.0098 0720 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:39:49.0207 0720 lmhosts - ok
17:39:49.0254 0720 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:39:49.0254 0720 LMS - ok
17:39:49.0285 0720 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:39:49.0301 0720 LSI_FC - ok
17:39:49.0332 0720 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:39:49.0363 0720 LSI_SAS - ok
17:39:49.0395 0720 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:39:49.0410 0720 LSI_SAS2 - ok
17:39:49.0441 0720 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:39:49.0473 0720 LSI_SCSI - ok
17:39:49.0488 0720 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:39:49.0582 0720 luafv - ok
17:39:49.0629 0720 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:39:49.0675 0720 Mcx2Svc - ok
17:39:49.0722 0720 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
17:39:49.0738 0720 megasas - ok
17:39:49.0769 0720 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:39:49.0816 0720 MegaSR - ok
17:39:49.0847 0720 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:39:49.0863 0720 MEIx64 - ok
17:39:49.0909 0720 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:39:50.0003 0720 MMCSS - ok
17:39:50.0034 0720 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:39:50.0128 0720 Modem - ok
17:39:50.0159 0720 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:39:50.0206 0720 monitor - ok
17:39:50.0237 0720 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:39:50.0268 0720 mouclass - ok
17:39:50.0284 0720 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:39:50.0346 0720 mouhid - ok
17:39:50.0346 0720 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:39:50.0393 0720 mountmgr - ok
17:39:50.0409 0720 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:39:50.0424 0720 mpio - ok
17:39:50.0440 0720 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:39:50.0455 0720 mpsdrv - ok
17:39:50.0471 0720 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:39:50.0502 0720 MRxDAV - ok
17:39:50.0533 0720 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:39:50.0580 0720 mrxsmb - ok
17:39:50.0643 0720 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:39:50.0689 0720 mrxsmb10 - ok
17:39:50.0721 0720 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:39:50.0752 0720 mrxsmb20 - ok
17:39:50.0752 0720 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
17:39:50.0783 0720 msahci - ok
17:39:50.0799 0720 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:39:50.0799 0720 msdsm - ok
17:39:50.0814 0720 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:39:50.0877 0720 MSDTC - ok
17:39:50.0892 0720 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:39:50.0970 0720 Msfs - ok
17:39:50.0986 0720 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:39:51.0033 0720 mshidkmdf - ok
17:39:51.0048 0720 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:39:51.0048 0720 msisadrv - ok
17:39:51.0079 0720 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:39:51.0189 0720 MSiSCSI - ok
17:39:51.0204 0720 msiserver - ok
17:39:51.0220 0720 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:39:51.0282 0720 MSKSSRV - ok
17:39:51.0298 0720 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:39:51.0391 0720 MSPCLOCK - ok
17:39:51.0407 0720 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:39:51.0485 0720 MSPQM - ok
17:39:51.0516 0720 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:39:51.0563 0720 MsRPC - ok
17:39:51.0579 0720 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:39:51.0610 0720 mssmbios - ok
17:39:51.0625 0720 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:39:51.0657 0720 MSTEE - ok
17:39:51.0672 0720 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:39:51.0672 0720 MTConfig - ok
17:39:51.0672 0720 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:39:51.0688 0720 Mup - ok
17:39:51.0735 0720 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:39:51.0813 0720 napagent - ok
17:39:51.0844 0720 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:39:51.0922 0720 NativeWifiP - ok
17:39:52.0015 0720 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:39:52.0062 0720 NAUpdate - ok
17:39:52.0093 0720 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\windows\system32\drivers\ndis.sys
17:39:52.0171 0720 NDIS - ok
17:39:52.0187 0720 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:39:52.0249 0720 NdisCap - ok
17:39:52.0281 0720 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:39:52.0343 0720 NdisTapi - ok
17:39:52.0359 0720 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:39:52.0390 0720 Ndisuio - ok
17:39:52.0390 0720 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:39:52.0437 0720 NdisWan - ok
17:39:52.0468 0720 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:39:52.0546 0720 NDProxy - ok
17:39:52.0561 0720 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:39:52.0608 0720 NetBIOS - ok
17:39:52.0608 0720 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:39:52.0639 0720 NetBT - ok
17:39:52.0671 0720 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:39:52.0671 0720 Netlogon - ok
17:39:52.0702 0720 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:39:52.0827 0720 Netman - ok
17:39:52.0858 0720 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:52.0858 0720 NetMsmqActivator - ok
17:39:52.0858 0720 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:52.0873 0720 NetPipeActivator - ok
17:39:52.0889 0720 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:39:53.0014 0720 netprofm - ok
17:39:53.0029 0720 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:53.0029 0720 NetTcpActivator - ok
17:39:53.0029 0720 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:53.0045 0720 NetTcpPortSharing - ok
17:39:53.0061 0720 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:39:53.0061 0720 nfrd960 - ok
17:39:53.0092 0720 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
17:39:53.0201 0720 NlaSvc - ok
17:39:53.0357 0720 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:39:53.0482 0720 NOBU - ok
17:39:53.0513 0720 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:39:53.0529 0720 Npfs - ok
17:39:53.0544 0720 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:39:53.0591 0720 nsi - ok
17:39:53.0622 0720 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:39:53.0669 0720 nsiproxy - ok
17:39:53.0731 0720 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:39:53.0825 0720 Ntfs - ok
17:39:53.0841 0720 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:39:53.0872 0720 Null - ok
17:39:53.0887 0720 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:39:53.0919 0720 nvraid - ok
17:39:53.0934 0720 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:39:53.0965 0720 nvstor - ok
17:39:53.0981 0720 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:39:54.0012 0720 nv_agp - ok
17:39:54.0012 0720 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:39:54.0043 0720 ohci1394 - ok
17:39:54.0090 0720 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:39:54.0121 0720 ose - ok
17:39:54.0324 0720 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:39:54.0511 0720 osppsvc - ok
17:39:54.0543 0720 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:39:54.0589 0720 p2pimsvc - ok
17:39:54.0636 0720 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:39:54.0667 0720 p2psvc - ok
17:39:54.0699 0720 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
17:39:54.0745 0720 Parport - ok
17:39:54.0792 0720 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:39:54.0823 0720 partmgr - ok
17:39:54.0839 0720 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:39:54.0917 0720 PcaSvc - ok
17:39:54.0948 0720 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:39:54.0979 0720 pci - ok
17:39:54.0979 0720 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
17:39:55.0011 0720 pciide - ok
17:39:55.0042 0720 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:39:55.0073 0720 pcmcia - ok
17:39:55.0073 0720 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:39:55.0104 0720 pcw - ok
17:39:55.0104 0720 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:39:55.0167 0720 PEAUTH - ok
17:39:55.0276 0720 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:39:55.0323 0720 PerfHost - ok
17:39:55.0385 0720 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:39:55.0557 0720 pla - ok
17:39:55.0603 0720 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:39:55.0666 0720 PlugPlay - ok
17:39:55.0697 0720 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:39:55.0744 0720 PNRPAutoReg - ok
17:39:55.0791 0720 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:39:55.0822 0720 PNRPsvc - ok
17:39:55.0869 0720 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:39:55.0947 0720 PolicyAgent - ok
17:39:55.0993 0720 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:39:56.0087 0720 Power - ok
17:39:56.0149 0720 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:39:56.0243 0720 PptpMiniport - ok
17:39:56.0259 0720 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
17:39:56.0290 0720 Processor - ok
17:39:56.0337 0720 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:39:56.0446 0720 ProfSvc - ok
17:39:56.0461 0720 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:39:56.0493 0720 ProtectedStorage - ok
17:39:56.0524 0720 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:39:56.0649 0720 Psched - ok
17:39:56.0711 0720 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
17:39:56.0711 0720 PxHlpa64 - ok
17:39:56.0789 0720 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:39:56.0914 0720 ql2300 - ok
17:39:56.0914 0720 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:39:56.0914 0720 ql40xx - ok
17:39:56.0961 0720 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:39:57.0007 0720 QWAVE - ok
17:39:57.0007 0720 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:39:57.0070 0720 QWAVEdrv - ok
17:39:57.0070 0720 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:39:57.0148 0720 RasAcd - ok
17:39:57.0195 0720 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:39:57.0288 0720 RasAgileVpn - ok
17:39:57.0304 0720 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:39:57.0429 0720 RasAuto - ok
17:39:57.0444 0720 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:39:57.0491 0720 Rasl2tp - ok
17:39:57.0507 0720 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:39:57.0538 0720 RasMan - ok
17:39:57.0553 0720 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:39:57.0647 0720 RasPppoe - ok
17:39:57.0678 0720 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:39:57.0787 0720 RasSstp - ok
17:39:57.0803 0720 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:39:57.0928 0720 rdbss - ok
17:39:57.0943 0720 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:39:57.0975 0720 rdpbus - ok
17:39:58.0006 0720 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:39:58.0099 0720 RDPCDD - ok
17:39:58.0099 0720 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:39:58.0146 0720 RDPENCDD - ok
17:39:58.0177 0720 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:39:58.0271 0720 RDPREFMP - ok
17:39:58.0302 0720 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:39:58.0318 0720 RDPWD - ok
17:39:58.0333 0720 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:39:58.0380 0720 rdyboost - ok
17:39:58.0411 0720 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:39:58.0521 0720 RemoteAccess - ok
17:39:58.0567 0720 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:39:58.0645 0720 RemoteRegistry - ok
17:39:58.0661 0720 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
17:39:58.0692 0720 RFCOMM - ok
17:39:58.0786 0720 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:39:58.0879 0720 RoxMediaDB12OEM - ok
17:39:58.0942 0720 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:39:58.0973 0720 RoxWatch12 - ok
17:39:59.0004 0720 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:39:59.0113 0720 RpcEptMapper - ok
17:39:59.0145 0720 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:39:59.0176 0720 RpcLocator - ok
17:39:59.0207 0720 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:39:59.0301 0720 RpcSs - ok
17:39:59.0332 0720 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:39:59.0363 0720 rspndr - ok
17:39:59.0410 0720 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:39:59.0410 0720 RSUSBSTOR - ok
17:39:59.0457 0720 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
17:39:59.0503 0720 RTL8167 - ok
17:39:59.0519 0720 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:39:59.0550 0720 SamSs - ok
17:39:59.0566 0720 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:39:59.0566 0720 sbp2port - ok
17:39:59.0597 0720 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:39:59.0659 0720 SCardSvr - ok
17:39:59.0675 0720 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:39:59.0722 0720 scfilter - ok
17:39:59.0753 0720 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:39:59.0862 0720 Schedule - ok
17:39:59.0909 0720 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:39:59.0971 0720 SCPolicySvc - ok
17:39:59.0987 0720 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:40:00.0018 0720 SDRSVC - ok
17:40:00.0065 0720 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:40:00.0174 0720 secdrv - ok
17:40:00.0190 0720 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:40:00.0283 0720 seclogon - ok
17:40:00.0299 0720 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:40:00.0424 0720 SENS - ok
17:40:00.0455 0720 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:40:00.0486 0720 SensrSvc - ok
17:40:00.0517 0720 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
17:40:00.0564 0720 Serenum - ok
17:40:00.0595 0720 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
17:40:00.0627 0720 Serial - ok
17:40:00.0673 0720 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
17:40:00.0720 0720 sermouse - ok
17:40:00.0767 0720 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:40:00.0861 0720 SessionEnv - ok
17:40:00.0876 0720 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:40:00.0907 0720 sffdisk - ok
17:40:00.0923 0720 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:40:00.0939 0720 sffp_mmc - ok
17:40:00.0939 0720 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:40:00.0970 0720 sffp_sd - ok
17:40:00.0970 0720 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:40:00.0985 0720 sfloppy - ok
17:40:01.0032 0720 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:40:01.0079 0720 Sftfs - ok
17:40:01.0157 0720 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:40:01.0188 0720 sftlist - ok
17:40:01.0219 0720 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:40:01.0235 0720 Sftplay - ok
17:40:01.0266 0720 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:40:01.0282 0720 Sftredir - ok
17:40:01.0360 0720 [ E1974A92AC0914A3859359A0A8C82C68 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:40:01.0391 0720 SftService - ok
17:40:01.0407 0720 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:40:01.0407 0720 Sftvol - ok
17:40:01.0422 0720 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:40:01.0438 0720 sftvsa - ok
17:40:01.0469 0720 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:40:01.0578 0720 ShellHWDetection - ok
17:40:01.0625 0720 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:40:01.0625 0720 SiSRaid2 - ok
17:40:01.0641 0720 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:40:01.0672 0720 SiSRaid4 - ok
17:40:01.0703 0720 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:40:01.0797 0720 Smb - ok
17:40:01.0843 0720 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:40:01.0875 0720 SNMPTRAP - ok
17:40:01.0906 0720 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:40:01.0921 0720 spldr - ok
17:40:01.0953 0720 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
17:40:02.0062 0720 Spooler - ok
17:40:02.0155 0720 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:40:02.0296 0720 sppsvc - ok
17:40:02.0327 0720 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:40:02.0421 0720 sppuinotify - ok
17:40:02.0452 0720 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:40:02.0483 0720 srv - ok
17:40:02.0514 0720 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:40:02.0577 0720 srv2 - ok
17:40:02.0608 0720 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:40:02.0639 0720 srvnet - ok
17:40:02.0670 0720 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:40:02.0795 0720 SSDPSRV - ok
17:40:02.0826 0720 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:40:02.0904 0720 SstpSvc - ok
17:40:02.0982 0720 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:40:03.0029 0720 STacSV - ok
17:40:03.0060 0720 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
17:40:03.0091 0720 stexstor - ok
17:40:03.0138 0720 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
17:40:03.0201 0720 STHDA - ok
17:40:03.0263 0720 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:40:03.0357 0720 stisvc - ok
17:40:03.0419 0720 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:40:03.0435 0720 stllssvr - ok
17:40:03.0466 0720 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:40:03.0497 0720 swenum - ok
17:40:03.0528 0720 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:40:03.0575 0720 swprv - ok
17:40:03.0622 0720 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:40:03.0747 0720 SysMain - ok
17:40:03.0778 0720 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:40:03.0825 0720 TabletInputService - ok
17:40:03.0840 0720 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:40:03.0887 0720 TapiSrv - ok
17:40:03.0887 0720 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:40:03.0918 0720 TBS - ok
17:40:04.0012 0720 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:40:04.0105 0720 Tcpip - ok
17:40:04.0152 0720 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:40:04.0183 0720 TCPIP6 - ok
17:40:04.0215 0720 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:40:04.0261 0720 tcpipreg - ok
17:40:04.0277 0720 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:40:04.0308 0720 TDPIPE - ok
17:40:04.0339 0720 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:40:04.0371 0720 TDTCP - ok
17:40:04.0386 0720 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:40:04.0495 0720 tdx - ok
17:40:04.0511 0720 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:40:04.0527 0720 TermDD - ok
17:40:04.0558 0720 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:40:04.0667 0720 TermService - ok
17:40:04.0683 0720 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:40:04.0714 0720 Themes - ok
17:40:04.0745 0720 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:40:04.0823 0720 THREADORDER - ok
17:40:04.0839 0720 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:40:04.0948 0720 TrkWks - ok
17:40:04.0995 0720 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:40:05.0104 0720 TrustedInstaller - ok
17:40:05.0135 0720 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:40:05.0182 0720 tssecsrv - ok
17:40:05.0229 0720 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:40:05.0244 0720 TsUsbFlt - ok
17:40:05.0275 0720 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:40:05.0291 0720 TsUsbGD - ok
17:40:05.0338 0720 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:40:05.0431 0720 tunnel - ok
17:40:05.0463 0720 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys
17:40:05.0463 0720 TurboB - ok
17:40:05.0494 0720 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:40:05.0525 0720 TurboBoost - ok
17:40:05.0541 0720 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:40:05.0572 0720 uagp35 - ok
17:40:05.0572 0720 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:40:05.0665 0720 udfs - ok
17:40:05.0712 0720 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:40:05.0743 0720 UI0Detect - ok
17:40:05.0759 0720 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:40:05.0790 0720 uliagpkx - ok
17:40:05.0806 0720 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:40:05.0868 0720 umbus - ok
17:40:05.0884 0720 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
17:40:05.0946 0720 UmPass - ok
17:40:06.0118 0720 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:40:06.0227 0720 UNS - ok
17:40:06.0258 0720 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:40:06.0305 0720 upnphost - ok
17:40:06.0336 0720 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:40:06.0367 0720 usbccgp - ok
17:40:06.0399 0720 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:40:06.0430 0720 usbcir - ok
17:40:06.0445 0720 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:40:06.0492 0720 usbehci - ok
17:40:06.0539 0720 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:40:06.0570 0720 usbhub - ok
17:40:06.0601 0720 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:40:06.0648 0720 usbohci - ok
17:40:06.0695 0720 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:40:06.0757 0720 usbprint - ok
17:40:06.0773 0720 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:40:06.0820 0720 USBSTOR - ok
17:40:06.0851 0720 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:40:06.0882 0720 usbuhci - ok
17:40:06.0929 0720 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:40:06.0991 0720 usbvideo - ok
17:40:07.0023 0720 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:40:07.0147 0720 UxSms - ok
17:40:07.0163 0720 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:40:07.0179 0720 VaultSvc - ok
17:40:07.0179 0720 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:40:07.0194 0720 vdrvroot - ok
17:40:07.0210 0720 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:40:07.0350 0720 vds - ok
17:40:07.0381 0720 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:40:07.0397 0720 vga - ok
17:40:07.0397 0720 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:40:07.0506 0720 VgaSave - ok
17:40:07.0506 0720 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:40:07.0522 0720 vhdmp - ok
17:40:07.0522 0720 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:40:07.0537 0720 viaide - ok
17:40:07.0553 0720 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:40:07.0569 0720 volmgr - ok
17:40:07.0569 0720 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:40:07.0584 0720 volmgrx - ok
17:40:07.0584 0720 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
17:40:07.0600 0720 volsnap - ok
17:40:07.0631 0720 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:40:07.0631 0720 vsmraid - ok
17:40:07.0693 0720 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:40:07.0865 0720 VSS - ok
17:40:07.0896 0720 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:40:07.0959 0720 vwifibus - ok
17:40:07.0990 0720 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:40:08.0052 0720 vwififlt - ok
17:40:08.0068 0720 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:40:08.0146 0720 W32Time - ok
17:40:08.0146 0720 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:40:08.0161 0720 WacomPen - ok
17:40:08.0177 0720 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:40:08.0286 0720 WANARP - ok
17:40:08.0317 0720 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:40:08.0411 0720 Wanarpv6 - ok
17:40:08.0458 0720 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:40:08.0567 0720 wbengine - ok
17:40:08.0583 0720 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:40:08.0629 0720 WbioSrvc - ok
17:40:08.0661 0720 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:40:08.0739 0720 wcncsvc - ok
17:40:08.0770 0720 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:40:08.0817 0720 WcsPlugInService - ok
17:40:08.0863 0720 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
17:40:08.0895 0720 Wd - ok
17:40:08.0926 0720 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:40:08.0973 0720 Wdf01000 - ok
17:40:08.0988 0720 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:40:09.0051 0720 WdiServiceHost - ok
17:40:09.0066 0720 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:40:09.0082 0720 WdiSystemHost - ok
17:40:09.0113 0720 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:40:09.0175 0720 WebClient - ok
17:40:09.0207 0720 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:40:09.0331 0720 Wecsvc - ok
17:40:09.0347 0720 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:40:09.0378 0720 wercplsupport - ok
17:40:09.0394 0720 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:40:09.0487 0720 WerSvc - ok
17:40:09.0519 0720 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:40:09.0550 0720 WfpLwf - ok
17:40:09.0597 0720 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
17:40:09.0597 0720 WimFltr - ok
17:40:09.0612 0720 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:40:09.0628 0720 WIMMount - ok
17:40:09.0643 0720 WinHttpAutoProxySvc - ok
17:40:09.0706 0720 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:40:09.0799 0720 Winmgmt - ok
17:40:09.0877 0720 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:40:10.0049 0720 WinRM - ok
17:40:10.0111 0720 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:40:10.0221 0720 Wlansvc - ok
17:40:10.0267 0720 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:40:10.0283 0720 wlcrasvc - ok
17:40:10.0392 0720 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:40:10.0533 0720 wlidsvc - ok
17:40:10.0564 0720 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
17:40:10.0611 0720 WmiAcpi - ok
17:40:10.0673 0720 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:40:10.0704 0720 wmiApSrv - ok
17:40:10.0720 0720 WMPNetworkSvc - ok
17:40:10.0751 0720 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:40:10.0767 0720 WPCSvc - ok
17:40:10.0782 0720 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:40:10.0813 0720 WPDBusEnum - ok
17:40:10.0829 0720 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:40:10.0891 0720 ws2ifsl - ok
17:40:10.0891 0720 WSearch - ok
17:40:10.0923 0720 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:40:11.0001 0720 WudfPf - ok
17:40:11.0032 0720 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:40:11.0141 0720 WUDFRd - ok
17:40:11.0172 0720 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:40:11.0266 0720 wudfsvc - ok
17:40:11.0297 0720 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:40:11.0344 0720 WwanSvc - ok
17:40:11.0344 0720 ================ Scan global ===============================
17:40:11.0375 0720 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:40:11.0422 0720 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:40:11.0437 0720 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:40:11.0469 0720 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:40:11.0500 0720 [ 014A9CB92514E27C0107614DF764BC06 ] C:\windows\system32\services.exe
17:40:11.0515 0720 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - infected
17:40:11.0515 0720 C:\windows\system32\services.exe - detected Virus.Win64.ZAccess.b (0)
17:40:11.0515 0720 ================ Scan MBR ==================================
17:40:11.0531 0720 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:40:12.0093 0720 \Device\Harddisk0\DR0 - ok
17:40:12.0093 0720 ================ Scan VBR ==================================
17:40:12.0108 0720 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
17:40:12.0108 0720 \Device\Harddisk0\DR0\Partition1 - ok
17:40:12.0140 0720 [ 9353CF31A6EC515E78353D1600509A2F ] \Device\Harddisk0\DR0\Partition2
17:40:12.0140 0720 \Device\Harddisk0\DR0\Partition2 - ok
17:40:12.0140 0720 ============================================================
17:40:12.0140 0720 Scan finished
17:40:12.0140 0720 ============================================================
17:40:12.0171 4984 Detected object count: 1
17:40:12.0171 4984 Actual detected object count: 1
17:41:11.0388 4984 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - skipped by user
17:41:11.0388 4984 C:\windows\system32\services.exe ( Virus.Win64.ZAccess.b ) - User select action: Skip
|
|
06.09.2012, 10:45
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Diesen Eintrag => Virus.Win64.ZAccess.b <= bitte mit dem TDSS-Killer fixen. Aber bitte nur diesen Eintrag! Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.09.2012, 16:53
| #21 |
| | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Hallo Cosinus, mir ist nicht ganz klar, wie ich das machen soll. Muss ich vor dem Fixen einen kompletten Scan machen und dann fixen (mit "delete"?) oder gibt es nach dem Öffnen des TDSS-Killers gleich eine Funktion, mit der ich das machen kann? Tut mir leid für die wahrscheinlich echt "dumme" Frage, aber ich hab sowas noch nie gemacht Danke! |
|
10.09.2012, 15:08
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Ja du musst das Tool neu scannen lassen, dauert doch auch nicht lange Dann hast du die Möglichkeit die gefundenen Einträge zu fixen Da wie gesagt nur den von mir genannten Eintrag fixen, alles andere muss auf SKIP stehen - statt "fix" wird dir entweder CURE oder DELETE angeboten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.09.2012, 16:34
| #23 |
| | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Hallo, hier nun das Log nach dem Fixen: Code:
ATTFilter 17:43:24.0561 0260 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:43:24.0771 0260 ============================================================
17:43:24.0771 0260 Current date / time: 2012/09/10 17:43:24.0771
17:43:24.0771 0260 SystemInfo:
17:43:24.0771 0260
17:43:24.0771 0260 OS Version: 6.1.7601 ServicePack: 1.0
17:43:24.0771 0260 Product type: Workstation
17:43:24.0771 0260 ComputerName: SASKIA-PC
17:43:24.0771 0260 UserName: saskia
17:43:24.0771 0260 Windows directory: C:\windows
17:43:24.0771 0260 System windows directory: C:\windows
17:43:24.0771 0260 Running under WOW64
17:43:24.0771 0260 Processor architecture: Intel x64
17:43:24.0771 0260 Number of processors: 4
17:43:24.0771 0260 Page size: 0x1000
17:43:24.0771 0260 Boot type: Normal boot
17:43:24.0771 0260 ============================================================
17:43:24.0911 0260 BG loaded
17:43:25.0211 0260 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:43:25.0221 0260 ============================================================
17:43:25.0221 0260 \Device\Harddisk0\DR0:
17:43:25.0221 0260 MBR partitions:
17:43:25.0231 0260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
17:43:25.0231 0260 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
17:43:25.0231 0260 ============================================================
17:43:25.0271 0260 C: <-> \Device\Harddisk0\DR0\Partition2
17:43:25.0271 0260 ============================================================
17:43:25.0271 0260 Initialize success
17:43:25.0271 0260 ============================================================
17:43:36.0841 2632 ============================================================
17:43:36.0841 2632 Scan started
17:43:36.0841 2632 Mode: Manual; SigCheck; TDLFS;
17:43:36.0841 2632 ============================================================
17:43:37.0121 2632 ================ Scan services =============================
17:43:37.0391 2632 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:43:37.0511 2632 1394ohci - ok
17:43:37.0571 2632 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:43:37.0611 2632 ACPI - ok
17:43:37.0651 2632 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:43:37.0731 2632 AcpiPmi - ok
17:43:37.0911 2632 [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
17:43:37.0951 2632 AdobeActiveFileMonitor10.0 - ok
17:43:38.0011 2632 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:43:38.0101 2632 adp94xx - ok
17:43:38.0141 2632 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
17:43:38.0181 2632 adpahci - ok
17:43:38.0201 2632 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:43:38.0211 2632 adpu320 - ok
17:43:38.0241 2632 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:43:38.0351 2632 AeLookupSvc - ok
17:43:38.0471 2632 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
17:43:38.0551 2632 AESTFilters - ok
17:43:38.0641 2632 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:43:38.0741 2632 AFD - ok
17:43:38.0791 2632 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:43:38.0831 2632 agp440 - ok
17:43:38.0881 2632 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:43:38.0971 2632 ALG - ok
17:43:39.0011 2632 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:43:39.0041 2632 aliide - ok
17:43:39.0071 2632 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:43:39.0101 2632 amdide - ok
17:43:39.0131 2632 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:43:39.0211 2632 AmdK8 - ok
17:43:39.0221 2632 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:43:39.0281 2632 AmdPPM - ok
17:43:39.0311 2632 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:43:39.0341 2632 amdsata - ok
17:43:39.0361 2632 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:43:39.0411 2632 amdsbs - ok
17:43:39.0421 2632 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:43:39.0451 2632 amdxata - ok
17:43:39.0541 2632 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:43:39.0571 2632 AntiVirSchedulerService - ok
17:43:39.0621 2632 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:43:39.0651 2632 AntiVirService - ok
17:43:39.0691 2632 [ 676894FA57B671FEC5C3F05F8929E03B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
17:43:39.0751 2632 AntiVirWebService - ok
17:43:39.0801 2632 [ 6690E42CED5D067233ABAD42DA141213 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
17:43:39.0861 2632 ApfiltrService - ok
17:43:39.0901 2632 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:43:40.0021 2632 AppID - ok
17:43:40.0051 2632 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:43:40.0171 2632 AppIDSvc - ok
17:43:40.0201 2632 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:43:40.0291 2632 Appinfo - ok
17:43:40.0321 2632 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
17:43:40.0361 2632 arc - ok
17:43:40.0361 2632 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
17:43:40.0401 2632 arcsas - ok
17:43:40.0531 2632 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:43:40.0561 2632 aspnet_state - ok
17:43:40.0601 2632 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:43:40.0721 2632 AsyncMac - ok
17:43:40.0751 2632 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:43:40.0761 2632 atapi - ok
17:43:40.0791 2632 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
17:43:40.0811 2632 AthBTPort - ok
17:43:40.0891 2632 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
17:43:40.0921 2632 Atheros Bt&Wlan Coex Agent - ok
17:43:40.0941 2632 [ 44FB485B94A8332D877F659366CEDBC8 ] AtherosSvc C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
17:43:40.0971 2632 AtherosSvc - ok
17:43:41.0051 2632 [ 5493ED5D300AFC7A9A0A87FCA08E5381 ] athr C:\windows\system32\DRIVERS\athrx.sys
17:43:41.0161 2632 athr - ok
17:43:41.0231 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:43:41.0371 2632 AudioEndpointBuilder - ok
17:43:41.0421 2632 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:43:41.0501 2632 AudioSrv - ok
17:43:41.0541 2632 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
17:43:41.0551 2632 avgntflt - ok
17:43:41.0591 2632 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
17:43:41.0631 2632 avipbb - ok
17:43:41.0641 2632 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
17:43:41.0671 2632 avkmgr - ok
17:43:41.0711 2632 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:43:41.0761 2632 AxInstSV - ok
17:43:41.0811 2632 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:43:41.0891 2632 b06bdrv - ok
17:43:41.0931 2632 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:43:41.0991 2632 b57nd60a - ok
17:43:42.0121 2632 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
17:43:42.0171 2632 BBSvc - ok
17:43:42.0231 2632 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
17:43:42.0261 2632 BBUpdate - ok
17:43:42.0301 2632 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:43:42.0371 2632 BDESVC - ok
17:43:42.0401 2632 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:43:42.0521 2632 Beep - ok
17:43:42.0571 2632 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:43:42.0611 2632 blbdrive - ok
17:43:42.0631 2632 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:43:42.0691 2632 bowser - ok
17:43:42.0731 2632 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:43:42.0791 2632 BrFiltLo - ok
17:43:42.0801 2632 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:43:42.0841 2632 BrFiltUp - ok
17:43:42.0881 2632 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
17:43:43.0001 2632 Browser - ok
17:43:43.0011 2632 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:43:43.0071 2632 Brserid - ok
17:43:43.0071 2632 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:43:43.0131 2632 BrSerWdm - ok
17:43:43.0141 2632 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:43:43.0191 2632 BrUsbMdm - ok
17:43:43.0201 2632 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:43:43.0241 2632 BrUsbSer - ok
17:43:43.0311 2632 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
17:43:43.0351 2632 BTATH_A2DP - ok
17:43:43.0381 2632 [ A9DF22429E8D69ED849B0BBBE16BD327 ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
17:43:43.0391 2632 BTATH_BUS - ok
17:43:43.0421 2632 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
17:43:43.0451 2632 BTATH_HCRP - ok
17:43:43.0491 2632 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
17:43:43.0511 2632 BTATH_LWFLT - ok
17:43:43.0541 2632 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
17:43:43.0571 2632 BTATH_RCP - ok
17:43:43.0611 2632 [ FF59EE1DDAC776246F43BF434194650F ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
17:43:43.0641 2632 BtFilter - ok
17:43:43.0681 2632 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
17:43:43.0741 2632 BthEnum - ok
17:43:43.0781 2632 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:43:43.0841 2632 BTHMODEM - ok
17:43:43.0881 2632 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
17:43:43.0941 2632 BthPan - ok
17:43:43.0991 2632 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
17:43:44.0061 2632 BTHPORT - ok
17:43:44.0101 2632 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:43:44.0201 2632 bthserv - ok
17:43:44.0241 2632 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
17:43:44.0281 2632 BTHUSB - ok
17:43:44.0311 2632 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:43:44.0431 2632 cdfs - ok
17:43:44.0481 2632 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:43:44.0531 2632 cdrom - ok
17:43:44.0581 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:43:44.0681 2632 CertPropSvc - ok
17:43:44.0681 2632 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
17:43:44.0701 2632 circlass - ok
17:43:44.0731 2632 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:43:44.0771 2632 CLFS - ok
17:43:44.0841 2632 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:43:44.0861 2632 clr_optimization_v2.0.50727_32 - ok
17:43:44.0901 2632 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:43:44.0921 2632 clr_optimization_v2.0.50727_64 - ok
17:43:44.0981 2632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:43:45.0011 2632 clr_optimization_v4.0.30319_32 - ok
17:43:45.0021 2632 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:43:45.0051 2632 clr_optimization_v4.0.30319_64 - ok
17:43:45.0081 2632 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:43:45.0141 2632 CmBatt - ok
17:43:45.0171 2632 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:43:45.0201 2632 cmdide - ok
17:43:45.0261 2632 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:43:45.0321 2632 CNG - ok
17:43:45.0351 2632 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
17:43:45.0361 2632 Compbatt - ok
17:43:45.0381 2632 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:43:45.0441 2632 CompositeBus - ok
17:43:45.0461 2632 COMSysApp - ok
17:43:45.0481 2632 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:43:45.0511 2632 crcdisk - ok
17:43:45.0551 2632 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
17:43:45.0601 2632 CryptSvc - ok
17:43:45.0661 2632 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\windows\system32\DRIVERS\CtClsFlt.sys
17:43:45.0711 2632 CtClsFlt - ok
17:43:45.0841 2632 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:43:45.0921 2632 cvhsvc - ok
17:43:45.0961 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:43:46.0101 2632 DcomLaunch - ok
17:43:46.0131 2632 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:43:46.0201 2632 defragsvc - ok
17:43:46.0221 2632 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:43:46.0341 2632 DfsC - ok
17:43:46.0381 2632 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:43:46.0491 2632 Dhcp - ok
17:43:46.0521 2632 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:43:46.0641 2632 discache - ok
17:43:46.0681 2632 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
17:43:46.0691 2632 Disk - ok
17:43:46.0701 2632 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:43:46.0781 2632 Dnscache - ok
17:43:46.0821 2632 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:43:46.0941 2632 dot3svc - ok
17:43:46.0961 2632 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:43:47.0011 2632 DPS - ok
17:43:47.0061 2632 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:43:47.0121 2632 drmkaud - ok
17:43:47.0161 2632 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:43:47.0241 2632 DXGKrnl - ok
17:43:47.0271 2632 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:43:47.0381 2632 EapHost - ok
17:43:47.0491 2632 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
17:43:47.0691 2632 ebdrv - ok
17:43:47.0711 2632 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:43:47.0771 2632 EFS - ok
17:43:47.0851 2632 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:43:47.0951 2632 ehRecvr - ok
17:43:47.0951 2632 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:43:48.0011 2632 ehSched - ok
17:43:48.0081 2632 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:43:48.0121 2632 elxstor - ok
17:43:48.0191 2632 [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
17:43:48.0271 2632 EPSON_PM_RPCV4_01 - ok
17:43:48.0281 2632 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:43:48.0341 2632 ErrDev - ok
17:43:48.0391 2632 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:43:48.0521 2632 EventSystem - ok
17:43:48.0571 2632 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:43:48.0661 2632 exfat - ok
17:43:48.0691 2632 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:43:48.0811 2632 fastfat - ok
17:43:48.0861 2632 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:43:48.0921 2632 Fax - ok
17:43:48.0931 2632 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
17:43:48.0981 2632 fdc - ok
17:43:49.0011 2632 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:43:49.0111 2632 fdPHost - ok
17:43:49.0131 2632 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:43:49.0161 2632 FDResPub - ok
17:43:49.0201 2632 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:43:49.0211 2632 FileInfo - ok
17:43:49.0221 2632 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:43:49.0331 2632 Filetrace - ok
17:43:49.0341 2632 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:43:49.0361 2632 flpydisk - ok
17:43:49.0361 2632 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:43:49.0381 2632 FltMgr - ok
17:43:49.0421 2632 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:43:49.0521 2632 FontCache - ok
17:43:49.0581 2632 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:43:49.0601 2632 FontCache3.0.0.0 - ok
17:43:49.0631 2632 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:43:49.0651 2632 FsDepends - ok
17:43:49.0671 2632 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:43:49.0711 2632 Fs_Rec - ok
17:43:49.0741 2632 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:43:49.0781 2632 fvevol - ok
17:43:49.0801 2632 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:43:49.0821 2632 gagp30kx - ok
17:43:49.0871 2632 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:43:49.0961 2632 gpsvc - ok
17:43:49.0971 2632 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:43:50.0031 2632 hcw85cir - ok
17:43:50.0071 2632 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:43:50.0141 2632 HdAudAddService - ok
17:43:50.0181 2632 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:43:50.0241 2632 HDAudBus - ok
17:43:50.0241 2632 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:43:50.0281 2632 HidBatt - ok
17:43:50.0291 2632 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:43:50.0341 2632 HidBth - ok
17:43:50.0371 2632 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
17:43:50.0411 2632 HidIr - ok
17:43:50.0431 2632 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:43:50.0541 2632 hidserv - ok
17:43:50.0571 2632 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:43:50.0571 2632 HidUsb - ok
17:43:50.0601 2632 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:43:50.0711 2632 hkmsvc - ok
17:43:50.0751 2632 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:43:50.0831 2632 HomeGroupListener - ok
17:43:50.0861 2632 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:43:50.0921 2632 HomeGroupProvider - ok
17:43:50.0961 2632 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:43:50.0991 2632 HpSAMD - ok
17:43:51.0041 2632 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:43:51.0131 2632 HTTP - ok
17:43:51.0161 2632 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:43:51.0191 2632 hwpolicy - ok
17:43:51.0211 2632 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:43:51.0261 2632 i8042prt - ok
17:43:51.0301 2632 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:43:51.0341 2632 iaStor - ok
17:43:51.0391 2632 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:43:51.0411 2632 IAStorDataMgrSvc - ok
17:43:51.0441 2632 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:43:51.0481 2632 iaStorV - ok
17:43:51.0541 2632 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:43:51.0641 2632 idsvc - ok
17:43:51.0901 2632 [ 795C99DC4F574C97C03D0BB39CF099EE ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:43:52.0041 2632 igfx - ok
17:43:52.0081 2632 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:43:52.0091 2632 iirsp - ok
17:43:52.0161 2632 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
17:43:52.0301 2632 IKEEXT - ok
17:43:52.0361 2632 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
17:43:52.0401 2632 IntcDAud - ok
17:43:52.0431 2632 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:43:52.0461 2632 intelide - ok
17:43:52.0501 2632 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:43:52.0551 2632 intelppm - ok
17:43:52.0591 2632 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:43:52.0681 2632 IPBusEnum - ok
17:43:52.0711 2632 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:43:52.0801 2632 IpFilterDriver - ok
17:43:52.0821 2632 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:43:52.0851 2632 IPMIDRV - ok
17:43:52.0881 2632 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:43:52.0961 2632 IPNAT - ok
17:43:53.0001 2632 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:43:53.0021 2632 IRENUM - ok
17:43:53.0051 2632 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:43:53.0071 2632 isapnp - ok
17:43:53.0101 2632 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:43:53.0131 2632 iScsiPrt - ok
17:43:53.0161 2632 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:43:53.0191 2632 kbdclass - ok
17:43:53.0211 2632 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:43:53.0271 2632 kbdhid - ok
17:43:53.0301 2632 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:43:53.0331 2632 KeyIso - ok
17:43:53.0371 2632 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:43:53.0391 2632 KSecDD - ok
17:43:53.0421 2632 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:43:53.0451 2632 KSecPkg - ok
17:43:53.0471 2632 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:43:53.0571 2632 ksthunk - ok
17:43:53.0631 2632 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:43:53.0741 2632 KtmRm - ok
17:43:53.0791 2632 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
17:43:53.0911 2632 LanmanServer - ok
17:43:53.0951 2632 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:43:54.0061 2632 LanmanWorkstation - ok
17:43:54.0111 2632 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:43:54.0221 2632 lltdio - ok
17:43:54.0271 2632 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:43:54.0391 2632 lltdsvc - ok
17:43:54.0421 2632 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:43:54.0521 2632 lmhosts - ok
17:43:54.0561 2632 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:43:54.0611 2632 LMS - ok
17:43:54.0641 2632 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:43:54.0671 2632 LSI_FC - ok
17:43:54.0701 2632 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:43:54.0731 2632 LSI_SAS - ok
17:43:54.0751 2632 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:43:54.0781 2632 LSI_SAS2 - ok
17:43:54.0801 2632 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:43:54.0831 2632 LSI_SCSI - ok
17:43:54.0851 2632 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:43:54.0941 2632 luafv - ok
17:43:55.0001 2632 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:43:55.0051 2632 Mcx2Svc - ok
17:43:55.0081 2632 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
17:43:55.0111 2632 megasas - ok
17:43:55.0141 2632 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:43:55.0181 2632 MegaSR - ok
17:43:55.0211 2632 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:43:55.0231 2632 MEIx64 - ok
17:43:55.0271 2632 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:43:55.0361 2632 MMCSS - ok
17:43:55.0391 2632 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:43:55.0501 2632 Modem - ok
17:43:55.0541 2632 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:43:55.0601 2632 monitor - ok
17:43:55.0631 2632 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:43:55.0661 2632 mouclass - ok
17:43:55.0691 2632 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:43:55.0741 2632 mouhid - ok
17:43:55.0771 2632 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:43:55.0791 2632 mountmgr - ok
17:43:55.0811 2632 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:43:55.0841 2632 mpio - ok
17:43:55.0841 2632 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:43:55.0871 2632 mpsdrv - ok
17:43:55.0871 2632 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:43:55.0931 2632 MRxDAV - ok
17:43:55.0971 2632 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:43:56.0031 2632 mrxsmb - ok
17:43:56.0081 2632 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:43:56.0131 2632 mrxsmb10 - ok
17:43:56.0151 2632 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:43:56.0171 2632 mrxsmb20 - ok
17:43:56.0171 2632 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
17:43:56.0181 2632 msahci - ok
17:43:56.0191 2632 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:43:56.0211 2632 msdsm - ok
17:43:56.0241 2632 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:43:56.0301 2632 MSDTC - ok
17:43:56.0341 2632 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:43:56.0431 2632 Msfs - ok
17:43:56.0451 2632 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:43:56.0491 2632 mshidkmdf - ok
17:43:56.0511 2632 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:43:56.0541 2632 msisadrv - ok
17:43:56.0581 2632 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:43:56.0681 2632 MSiSCSI - ok
17:43:56.0681 2632 msiserver - ok
17:43:56.0711 2632 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:43:56.0801 2632 MSKSSRV - ok
17:43:56.0821 2632 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:43:56.0921 2632 MSPCLOCK - ok
17:43:56.0941 2632 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:43:57.0021 2632 MSPQM - ok
17:43:57.0051 2632 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:43:57.0121 2632 MsRPC - ok
17:43:57.0131 2632 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:43:57.0161 2632 mssmbios - ok
17:43:57.0161 2632 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:43:57.0221 2632 MSTEE - ok
17:43:57.0221 2632 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:43:57.0261 2632 MTConfig - ok
17:43:57.0271 2632 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:43:57.0291 2632 Mup - ok
17:43:57.0341 2632 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:43:57.0441 2632 napagent - ok
17:43:57.0481 2632 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:43:57.0561 2632 NativeWifiP - ok
17:43:57.0661 2632 [ 9D1CCE440552500DED3A62F9D779CDB4 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:43:57.0701 2632 NAUpdate - ok
17:43:57.0731 2632 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\windows\system32\drivers\ndis.sys
17:43:57.0751 2632 NDIS - ok
17:43:57.0781 2632 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:43:57.0811 2632 NdisCap - ok
17:43:57.0841 2632 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:43:57.0931 2632 NdisTapi - ok
17:43:57.0951 2632 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:43:58.0061 2632 Ndisuio - ok
17:43:58.0071 2632 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:43:58.0181 2632 NdisWan - ok
17:43:58.0201 2632 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:43:58.0231 2632 NDProxy - ok
17:43:58.0241 2632 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:43:58.0291 2632 NetBIOS - ok
17:43:58.0291 2632 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:43:58.0321 2632 NetBT - ok
17:43:58.0341 2632 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:43:58.0351 2632 Netlogon - ok
17:43:58.0381 2632 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:43:58.0451 2632 Netman - ok
17:43:58.0481 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:43:58.0521 2632 NetMsmqActivator - ok
17:43:58.0531 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:43:58.0541 2632 NetPipeActivator - ok
17:43:58.0551 2632 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:43:58.0641 2632 netprofm - ok
17:43:58.0651 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:43:58.0681 2632 NetTcpActivator - ok
17:43:58.0681 2632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:43:58.0711 2632 NetTcpPortSharing - ok
17:43:58.0751 2632 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:43:58.0771 2632 nfrd960 - ok
17:43:58.0811 2632 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
17:43:58.0921 2632 NlaSvc - ok
17:43:59.0091 2632 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:43:59.0211 2632 NOBU - ok
17:43:59.0231 2632 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:43:59.0251 2632 Npfs - ok
17:43:59.0271 2632 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:43:59.0311 2632 nsi - ok
17:43:59.0341 2632 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:43:59.0451 2632 nsiproxy - ok
17:43:59.0501 2632 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:43:59.0591 2632 Ntfs - ok
17:43:59.0611 2632 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:43:59.0701 2632 Null - ok
17:43:59.0741 2632 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:43:59.0771 2632 nvraid - ok
17:43:59.0781 2632 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:43:59.0801 2632 nvstor - ok
17:43:59.0811 2632 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:43:59.0821 2632 nv_agp - ok
17:43:59.0821 2632 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:43:59.0851 2632 ohci1394 - ok
17:43:59.0901 2632 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:43:59.0921 2632 ose - ok
17:44:00.0101 2632 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:44:00.0301 2632 osppsvc - ok
17:44:00.0321 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:44:00.0381 2632 p2pimsvc - ok
17:44:00.0421 2632 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:44:00.0461 2632 p2psvc - ok
17:44:00.0481 2632 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
17:44:00.0531 2632 Parport - ok
17:44:00.0581 2632 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:44:00.0611 2632 partmgr - ok
17:44:00.0631 2632 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:44:00.0671 2632 PcaSvc - ok
17:44:00.0701 2632 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:44:00.0731 2632 pci - ok
17:44:00.0741 2632 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
17:44:00.0771 2632 pciide - ok
17:44:00.0781 2632 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:44:00.0811 2632 pcmcia - ok
17:44:00.0821 2632 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:44:00.0851 2632 pcw - ok
17:44:00.0861 2632 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:44:00.0931 2632 PEAUTH - ok
17:44:01.0031 2632 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:44:01.0081 2632 PerfHost - ok
17:44:01.0151 2632 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:44:01.0321 2632 pla - ok
17:44:01.0371 2632 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:44:01.0461 2632 PlugPlay - ok
17:44:01.0491 2632 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:44:01.0541 2632 PNRPAutoReg - ok
17:44:01.0581 2632 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:44:01.0601 2632 PNRPsvc - ok
17:44:01.0641 2632 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:44:01.0741 2632 PolicyAgent - ok
17:44:01.0801 2632 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:44:01.0931 2632 Power - ok
17:44:01.0981 2632 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:44:02.0061 2632 PptpMiniport - ok
17:44:02.0101 2632 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
17:44:02.0151 2632 Processor - ok
17:44:02.0201 2632 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:44:02.0261 2632 ProfSvc - ok
17:44:02.0271 2632 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:44:02.0301 2632 ProtectedStorage - ok
17:44:02.0321 2632 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:44:02.0371 2632 Psched - ok
17:44:02.0411 2632 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
17:44:02.0421 2632 PxHlpa64 - ok
17:44:02.0491 2632 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:44:02.0591 2632 ql2300 - ok
17:44:02.0611 2632 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:44:02.0621 2632 ql40xx - ok
17:44:02.0651 2632 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:44:02.0671 2632 QWAVE - ok
17:44:02.0671 2632 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:44:02.0721 2632 QWAVEdrv - ok
17:44:02.0731 2632 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:44:02.0801 2632 RasAcd - ok
17:44:02.0851 2632 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:44:02.0941 2632 RasAgileVpn - ok
17:44:02.0971 2632 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:44:03.0091 2632 RasAuto - ok
17:44:03.0121 2632 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:44:03.0181 2632 Rasl2tp - ok
17:44:03.0221 2632 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:44:03.0291 2632 RasMan - ok
17:44:03.0291 2632 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:44:03.0341 2632 RasPppoe - ok
17:44:03.0371 2632 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:44:03.0481 2632 RasSstp - ok
17:44:03.0491 2632 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:44:03.0561 2632 rdbss - ok
17:44:03.0591 2632 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:44:03.0651 2632 rdpbus - ok
17:44:03.0691 2632 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:44:03.0761 2632 RDPCDD - ok
17:44:03.0771 2632 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:44:03.0811 2632 RDPENCDD - ok
17:44:03.0841 2632 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:44:03.0861 2632 RDPREFMP - ok
17:44:03.0901 2632 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:44:03.0931 2632 RDPWD - ok
17:44:03.0961 2632 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:44:03.0991 2632 rdyboost - ok
17:44:04.0031 2632 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:44:04.0121 2632 RemoteAccess - ok
17:44:04.0161 2632 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:44:04.0221 2632 RemoteRegistry - ok
17:44:04.0261 2632 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
17:44:04.0331 2632 RFCOMM - ok
17:44:04.0431 2632 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:44:04.0541 2632 RoxMediaDB12OEM - ok
17:44:04.0601 2632 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:44:04.0631 2632 RoxWatch12 - ok
17:44:04.0661 2632 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:44:04.0761 2632 RpcEptMapper - ok
17:44:04.0801 2632 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:44:04.0861 2632 RpcLocator - ok
17:44:04.0901 2632 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:44:04.0971 2632 RpcSs - ok
17:44:05.0001 2632 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:44:05.0031 2632 rspndr - ok
17:44:05.0071 2632 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:44:05.0111 2632 RSUSBSTOR - ok
17:44:05.0151 2632 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
17:44:05.0201 2632 RTL8167 - ok
17:44:05.0211 2632 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:44:05.0221 2632 SamSs - ok
17:44:05.0241 2632 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:44:05.0251 2632 sbp2port - ok
17:44:05.0271 2632 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:44:05.0301 2632 SCardSvr - ok
17:44:05.0301 2632 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:44:05.0331 2632 scfilter - ok
17:44:05.0361 2632 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:44:05.0501 2632 Schedule - ok
17:44:05.0531 2632 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:44:05.0621 2632 SCPolicySvc - ok
17:44:05.0641 2632 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:44:05.0711 2632 SDRSVC - ok
17:44:05.0741 2632 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:44:05.0861 2632 secdrv - ok
17:44:05.0881 2632 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:44:05.0911 2632 seclogon - ok
17:44:05.0921 2632 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:44:05.0971 2632 SENS - ok
17:44:06.0021 2632 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:44:06.0091 2632 SensrSvc - ok
17:44:06.0111 2632 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
17:44:06.0151 2632 Serenum - ok
17:44:06.0161 2632 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
17:44:06.0201 2632 Serial - ok
17:44:06.0241 2632 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
17:44:06.0291 2632 sermouse - ok
17:44:06.0331 2632 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:44:06.0441 2632 SessionEnv - ok
17:44:06.0451 2632 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:44:06.0471 2632 sffdisk - ok
17:44:06.0471 2632 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:44:06.0491 2632 sffp_mmc - ok
17:44:06.0491 2632 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:44:06.0521 2632 sffp_sd - ok
17:44:06.0521 2632 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:44:06.0531 2632 sfloppy - ok
17:44:06.0581 2632 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:44:06.0641 2632 Sftfs - ok
17:44:06.0711 2632 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:44:06.0771 2632 sftlist - ok
17:44:06.0791 2632 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:44:06.0821 2632 Sftplay - ok
17:44:06.0841 2632 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:44:06.0841 2632 Sftredir - ok
17:44:06.0921 2632 [ E1974A92AC0914A3859359A0A8C82C68 ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:44:06.0981 2632 SftService - ok
17:44:06.0991 2632 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:44:07.0021 2632 Sftvol - ok
17:44:07.0041 2632 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:44:07.0071 2632 sftvsa - ok
17:44:07.0111 2632 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:44:07.0221 2632 ShellHWDetection - ok
17:44:07.0271 2632 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:44:07.0291 2632 SiSRaid2 - ok
17:44:07.0311 2632 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:44:07.0341 2632 SiSRaid4 - ok
17:44:07.0361 2632 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:44:07.0481 2632 Smb - ok
17:44:07.0521 2632 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:44:07.0571 2632 SNMPTRAP - ok
17:44:07.0601 2632 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:44:07.0631 2632 spldr - ok
17:44:07.0661 2632 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
17:44:07.0741 2632 Spooler - ok
17:44:07.0831 2632 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:44:07.0941 2632 sppsvc - ok
17:44:07.0961 2632 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:44:08.0061 2632 sppuinotify - ok
17:44:08.0111 2632 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:44:08.0151 2632 srv - ok
17:44:08.0191 2632 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:44:08.0261 2632 srv2 - ok
17:44:08.0291 2632 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:44:08.0331 2632 srvnet - ok
17:44:08.0371 2632 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:44:08.0491 2632 SSDPSRV - ok
17:44:08.0511 2632 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:44:08.0541 2632 SstpSvc - ok
17:44:08.0601 2632 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:44:08.0651 2632 STacSV - ok
17:44:08.0691 2632 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
17:44:08.0711 2632 stexstor - ok
17:44:08.0761 2632 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
17:44:08.0831 2632 STHDA - ok
17:44:08.0891 2632 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:44:08.0981 2632 stisvc - ok
17:44:09.0031 2632 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:44:09.0051 2632 stllssvr - ok
17:44:09.0081 2632 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:44:09.0111 2632 swenum - ok
17:44:09.0151 2632 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:44:09.0231 2632 swprv - ok
17:44:09.0271 2632 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:44:09.0361 2632 SysMain - ok
17:44:09.0381 2632 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:44:09.0431 2632 TabletInputService - ok
17:44:09.0441 2632 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:44:09.0521 2632 TapiSrv - ok
17:44:09.0531 2632 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:44:09.0561 2632 TBS - ok
17:44:09.0631 2632 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:44:09.0761 2632 Tcpip - ok
17:44:09.0801 2632 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:44:09.0861 2632 TCPIP6 - ok
17:44:09.0891 2632 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:44:10.0001 2632 tcpipreg - ok
17:44:10.0021 2632 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:44:10.0081 2632 TDPIPE - ok
17:44:10.0111 2632 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:44:10.0141 2632 TDTCP - ok
17:44:10.0151 2632 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:44:10.0241 2632 tdx - ok
17:44:10.0261 2632 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:44:10.0281 2632 TermDD - ok
17:44:10.0311 2632 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:44:10.0451 2632 TermService - ok
17:44:10.0481 2632 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:44:10.0491 2632 Themes - ok
17:44:10.0521 2632 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:44:10.0581 2632 THREADORDER - ok
17:44:10.0601 2632 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:44:10.0721 2632 TrkWks - ok
17:44:10.0771 2632 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:44:10.0871 2632 TrustedInstaller - ok
17:44:10.0911 2632 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:44:11.0011 2632 tssecsrv - ok
17:44:11.0041 2632 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:44:11.0081 2632 TsUsbFlt - ok
17:44:11.0101 2632 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:44:11.0131 2632 TsUsbGD - ok
17:44:11.0161 2632 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:44:11.0261 2632 tunnel - ok
17:44:11.0291 2632 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys
17:44:11.0301 2632 TurboB - ok
17:44:11.0321 2632 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:44:11.0351 2632 TurboBoost - ok
17:44:11.0371 2632 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:44:11.0391 2632 uagp35 - ok
17:44:11.0411 2632 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:44:11.0521 2632 udfs - ok
17:44:11.0581 2632 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:44:11.0601 2632 UI0Detect - ok
17:44:11.0621 2632 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:44:11.0641 2632 uliagpkx - ok
17:44:11.0671 2632 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:44:11.0721 2632 umbus - ok
17:44:11.0751 2632 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
17:44:11.0801 2632 UmPass - ok
17:44:11.0971 2632 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:44:12.0101 2632 UNS - ok
17:44:12.0131 2632 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:44:12.0271 2632 upnphost - ok
17:44:12.0311 2632 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:44:12.0371 2632 usbccgp - ok
17:44:12.0401 2632 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:44:12.0431 2632 usbcir - ok
17:44:12.0441 2632 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:44:12.0481 2632 usbehci - ok
17:44:12.0541 2632 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:44:12.0601 2632 usbhub - ok
17:44:12.0631 2632 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:44:12.0661 2632 usbohci - ok
17:44:12.0691 2632 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:44:12.0741 2632 usbprint - ok
17:44:12.0771 2632 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:44:12.0841 2632 USBSTOR - ok
17:44:12.0861 2632 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:44:12.0921 2632 usbuhci - ok
17:44:12.0961 2632 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:44:13.0031 2632 usbvideo - ok
17:44:13.0071 2632 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:44:13.0181 2632 UxSms - ok
17:44:13.0221 2632 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:44:13.0251 2632 VaultSvc - ok
17:44:13.0271 2632 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:44:13.0291 2632 vdrvroot - ok
17:44:13.0321 2632 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:44:13.0461 2632 vds - ok
17:44:13.0491 2632 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:44:13.0531 2632 vga - ok
17:44:13.0541 2632 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:44:13.0651 2632 VgaSave - ok
17:44:13.0661 2632 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:44:13.0671 2632 vhdmp - ok
17:44:13.0671 2632 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:44:13.0681 2632 viaide - ok
17:44:13.0691 2632 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:44:13.0701 2632 volmgr - ok
17:44:13.0711 2632 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:44:13.0721 2632 volmgrx - ok
17:44:13.0731 2632 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
17:44:13.0741 2632 volsnap - ok
17:44:13.0761 2632 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:44:13.0761 2632 vsmraid - ok
17:44:13.0801 2632 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:44:13.0951 2632 VSS - ok
17:44:13.0971 2632 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:44:14.0001 2632 vwifibus - ok
17:44:14.0041 2632 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:44:14.0111 2632 vwififlt - ok
17:44:14.0151 2632 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:44:14.0211 2632 W32Time - ok
17:44:14.0221 2632 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:44:14.0261 2632 WacomPen - ok
17:44:14.0291 2632 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:44:14.0371 2632 WANARP - ok
17:44:14.0411 2632 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:44:14.0491 2632 Wanarpv6 - ok
17:44:14.0541 2632 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:44:14.0671 2632 wbengine - ok
17:44:14.0681 2632 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:44:14.0731 2632 WbioSrvc - ok
17:44:14.0761 2632 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:44:14.0791 2632 wcncsvc - ok
17:44:14.0811 2632 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:44:14.0891 2632 WcsPlugInService - ok
17:44:14.0921 2632 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
17:44:14.0951 2632 Wd - ok
17:44:14.0981 2632 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:44:15.0041 2632 Wdf01000 - ok
17:44:15.0061 2632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:44:15.0201 2632 WdiServiceHost - ok
17:44:15.0211 2632 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:44:15.0251 2632 WdiSystemHost - ok
17:44:15.0291 2632 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:44:15.0361 2632 WebClient - ok
17:44:15.0401 2632 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:44:15.0511 2632 Wecsvc - ok
17:44:15.0551 2632 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:44:15.0571 2632 wercplsupport - ok
17:44:15.0591 2632 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:44:15.0621 2632 WerSvc - ok
17:44:15.0641 2632 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:44:15.0671 2632 WfpLwf - ok
17:44:15.0711 2632 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
17:44:15.0721 2632 WimFltr - ok
17:44:15.0731 2632 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:44:15.0741 2632 WIMMount - ok
17:44:15.0751 2632 WinHttpAutoProxySvc - ok
17:44:15.0811 2632 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:44:15.0891 2632 Winmgmt - ok
17:44:15.0961 2632 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:44:16.0141 2632 WinRM - ok
17:44:16.0211 2632 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:44:16.0271 2632 Wlansvc - ok
17:44:16.0321 2632 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:44:16.0341 2632 wlcrasvc - ok
17:44:16.0441 2632 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:44:16.0541 2632 wlidsvc - ok
17:44:16.0581 2632 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
17:44:16.0611 2632 WmiAcpi - ok
17:44:16.0661 2632 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:44:16.0691 2632 wmiApSrv - ok
17:44:16.0721 2632 WMPNetworkSvc - ok
17:44:16.0741 2632 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:44:16.0781 2632 WPCSvc - ok
17:44:16.0801 2632 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:44:16.0851 2632 WPDBusEnum - ok
17:44:16.0871 2632 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:44:16.0961 2632 ws2ifsl - ok
17:44:16.0961 2632 WSearch - ok
17:44:16.0981 2632 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:44:17.0051 2632 WudfPf - ok
17:44:17.0101 2632 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:44:17.0201 2632 WUDFRd - ok
17:44:17.0221 2632 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:44:17.0251 2632 wudfsvc - ok
17:44:17.0271 2632 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:44:17.0301 2632 WwanSvc - ok
17:44:17.0331 2632 ================ Scan global ===============================
17:44:17.0351 2632 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:44:17.0391 2632 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:44:17.0441 2632 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
17:44:17.0471 2632 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:44:17.0511 2632 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:44:17.0521 2632 [Global] - ok
17:44:17.0521 2632 ================ Scan MBR ==================================
17:44:17.0541 2632 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:44:18.0081 2632 \Device\Harddisk0\DR0 - ok
17:44:18.0081 2632 ================ Scan VBR ==================================
17:44:18.0091 2632 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
17:44:18.0091 2632 \Device\Harddisk0\DR0\Partition1 - ok
17:44:18.0121 2632 [ 9353CF31A6EC515E78353D1600509A2F ] \Device\Harddisk0\DR0\Partition2
17:44:18.0131 2632 \Device\Harddisk0\DR0\Partition2 - ok
17:44:18.0131 2632 ============================================================
17:44:18.0131 2632 Scan finished
17:44:18.0131 2632 ============================================================
17:44:18.0151 0556 Detected object count: 0
17:44:18.0151 0556 Actual detected object count: 0
Geändert von p.rococo (10.09.2012 um 16:45 Uhr) |
|
10.09.2012, 20:01
| #24 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Ja so isses gut Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.09.2012, 18:28
| #25 |
| | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Hallo, hier das Log von ComboFix: [code] Combofix Logfile: Code:
ATTFilter ComboFix 12-09-11.02 - saskia 11.09.2012 19:09:52.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4004.2638 [GMT 2:00]
ausgeführt von:: c:\users\saskia\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-08-11 bis 2012-09-11 ))))))))))))))))))))))))))))))
.
.
2012-09-11 17:14 . 2012-09-11 17:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-10 15:25 . 2012-09-10 15:25 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-04 15:41 . 2012-09-04 15:41 -------- d-----w- C:\_OTL
2012-08-16 19:53 . 2012-08-16 19:53 -------- d-----w- c:\program files (x86)\ESET
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-10 15:26 . 2009-07-13 23:19 328704 ----a-w- c:\windows\system32\services.exe
2012-07-03 11:46 . 2012-08-12 17:06 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-29 10:04 . 2012-08-10 06:37 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A82B4DBD-36FE-4E34-B0C5-0A9F07FCC7BA}\mpengine.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}]
2011-12-12 16:12 1600616 ----a-w- c:\program files (x86)\WEB.DE Toolbar\IE\uitb.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{C424171E-592A-415a-9EB1-DFD6D95D3530}"= "c:\program files (x86)\WEB.DE Toolbar\IE\uitb.dll" [2011-12-12 1600616]
.
[HKEY_CLASSES_ROOT\clsid\{c424171e-592a-415a-9eb1-dfd6d95d3530}]
[HKEY_CLASSES_ROOT\uitb.Toolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{99F77431-0658-476F-99CE-A05F35CDC7BA}]
[HKEY_CLASSES_ROOT\uitb.Toolbar]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\saskia\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\saskia\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\saskia\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2011-07-07 75064]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-30 885760]
.
c:\users\saskia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\saskia\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-3 26868192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-30 250984]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-20 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2011-05-20 80032]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2010-08-20 689472]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-05-20 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-05-20 298656]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-05-20 29344]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-20 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-20 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-20 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-05-20 282272]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-17 533096]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-09-11 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
2012-09-11 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}]
2011-12-12 16:12 1993832 ----a-w- c:\program files\WEB.DE Toolbar\IE\uitb.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{C424171E-592A-415a-9EB1-DFD6D95D3530}"= "c:\program files\WEB.DE Toolbar\IE\uitb.dll" [2011-12-12 1993832]
.
[HKEY_CLASSES_ROOT\CLSID\{C424171E-592A-415a-9EB1-DFD6D95D3530}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\saskia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\saskia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\saskia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\saskia\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-03-24 3668336]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-28 2022976]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2011-05-20 627360]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2011-05-20 379552]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-04-30 2055016]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - c:\program files (x86)\WEB.DE Toolbar\IE\uitb.dll
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://www.lidl-fotos.de/ips-opdata/layout/lidl02/objects/jordan.cab
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Device Detection - c:\program files (x86)\Lidl_Fotos\dd.exe
Wow6432Node-HKLM-Run-Adobe Reader Speed Launcher - c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
SafeBoot-24677814.sys
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-09-11 19:20:17 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-09-11 17:20
.
Vor Suchlauf: 11 Verzeichnis(se), 430.194.483.200 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 430.024.474.624 Bytes frei
.
- - End Of File - - 55DA5C0B7B280C2EA88C7B0400B08352
|
|
11.09.2012, 22:53
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.09.2012, 14:54
| #27 |
| | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Hier das Log von GMER: [code] GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-12 15:52:38
Windows 6.1.7601 Service Pack 1
Running: fwgbsv0z.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0015007f6c3b
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\bc7737048afc
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\e4d53d8e3260
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0015007f6c3b (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\bc7737048afc (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\e4d53d8e3260 (not active ControlSet)
---- EOF - GMER 1.0.15 ----
Log von OSAM: Code:
ATTFilter OSAM Logfile: Geändert von p.rococo (12.09.2012 um 15:15 Uhr) |
|
12.09.2012, 15:24
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden was ist mit aswMBR?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
12.09.2012, 15:30
| #29 |
| | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Log von aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-12 16:27:09
-----------------------------
16:27:09.746 OS Version: Windows x64 6.1.7601 Service Pack 1
16:27:09.746 Number of processors: 4 586 0x2A07
16:27:09.746 ComputerName: SASKIA-PC UserName: saskia
16:27:10.900 Initialize success
16:27:15.861 AVAST engine defs: 12091200
16:27:51.288 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:27:51.288 Disk 0 Vendor: WDC_WD50 03.0 Size: 476940MB BusType: 3
16:27:51.351 Disk 0 MBR read successfully
16:27:51.366 Disk 0 MBR scan
16:27:51.366 Disk 0 Windows 7 default MBR code
16:27:51.382 Disk 0 Partition 1 00 DE Dell Utility DELL 8.0 100 MB offset 2048
16:27:51.398 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
16:27:51.429 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461838 MB offset 30926848
16:27:51.444 Disk 0 scanning C:\windows\system32\drivers
16:27:59.432 Service scanning
16:28:26.186 Modules scanning
16:28:26.201 Disk 0 trace - called modules:
16:28:26.217 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
16:28:26.747 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80043d3060]
16:28:26.747 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa80036ece40]
16:28:26.763 5 ACPI.sys[fffff88000f4b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800410a050]
16:28:26.779 Scan finished successfully
16:29:22.471 Disk 0 MBR has been saved successfully to "C:\Users\saskia\Desktop\MBR.dat"
16:29:22.471 The log file has been saved successfully to "C:\Users\saskia\Desktop\aswMBR.txt"
|
|
12.09.2012, 15:34
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu TR/Sirefef.16896 und TR/ATRAPS.Gen2 auf Laptop gefunden |
| administrator, anti-malware, anweisung, appdata, autostart, avira, avira searchfree toolbar, bingbar, dateien, document, explorer, festgestellt, forum, gelöscht, install.exe, laptop, löschen, microsoft, origin, plug-in, quarantäne, report, scan, service, software, speicher, temp, tr/atraps.gen, tr/sirefef.16896 und tr/atraps.gen2, trojan.fakealert, trojan.phex.thagen, usb 2.0, version, viren, wscript.exe |
Linear-Darstellung
