| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus system repairWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.03.2013, 16:37
| #1 |
 |  Virus system repair Hallo zusammen, ich denke ich habe das selbe Problem (system repair) wie der Smilow vom 22.02.2013, 18:31. Ich habe die Logfiles wie beim Ihm beschrieben, kann aber nichts damit anfangen. Logfiles von den ersten Schritten habe ich angehängt. Kann mir jemand weiterhelfen? Danke |
|
01.03.2013, 16:43
| #2 |
| /// Malware-holic   | Virus system repair Hi
__________________prinzipiell ja, aber ohne Logs, nein
__________________ |
|
01.03.2013, 18:40
| #3 |
| | Virus system repair Hallo Markus,
__________________danke für die Antwort. Habe Versucht sie anzuhängen, dürfte nicht funktioniert haben. Code:
ATTFilter Rkill 2.4.7 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
hxxp://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 03/01/2013 03:38:31 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
* SMTMP folder detected. Please see this link for more information: hxxp://www.bleepingcomputer.com/forums/topic405109.html
Checking Windows Service Integrity:
* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: hxxp://www.bleepingcomputer.com/download/hosts-permbat/
Program finished at: 03/01/2013 03:38:34 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)
Code:
ATTFilter OTL logfile created on: 01.03.2013 15:57:54 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Englader\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,85 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 47,50% Memory free 7,70 Gb Paging File | 5,46 Gb Available in Paging File | 70,83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 918,70 Gb Total Space | 813,19 Gb Free Space | 88,52% Space Free | Partition Type: NTFS Computer Name: ENGLADER-STANPC | User Name: Englader | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.03.01 15:57:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Englader\Desktop\OTL.exe PRC - [2013.02.27 08:07:09 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe PRC - [2013.02.07 14:21:39 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.02.07 14:20:40 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE PRC - [2013.02.07 14:20:38 | 000,400,608 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe PRC - [2013.02.07 14:20:37 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.02.07 14:20:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.07.27 21:51:46 | 001,261,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe PRC - [2012.07.27 21:51:38 | 000,823,224 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe PRC - [2012.07.27 12:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.09.22 11:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE PRC - [2011.09.22 11:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE PRC - [2011.09.21 11:30:12 | 004,109,312 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE PRC - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2011.05.20 11:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.11.17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ========== Modules (No Company Name) ========== MOD - [2013.02.15 03:34:44 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll MOD - [2013.02.15 03:28:41 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll MOD - [2013.02.15 03:28:31 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll MOD - [2013.01.10 03:40:28 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll MOD - [2013.01.10 03:40:25 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll MOD - [2013.01.10 03:39:01 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll MOD - [2013.01.10 03:39:01 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll MOD - [2013.01.10 03:38:58 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll MOD - [2013.01.10 03:34:10 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\59b69c377cada679ff7934e0d8cbaf15\System.ServiceModel.ni.dll MOD - [2013.01.10 03:34:01 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll MOD - [2013.01.10 03:33:59 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll MOD - [2013.01.10 03:33:58 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll MOD - [2013.01.10 03:30:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll MOD - [2013.01.10 03:30:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll MOD - [2013.01.10 03:30:41 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll MOD - [2013.01.10 03:30:27 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll MOD - [2013.01.10 03:30:25 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll MOD - [2013.01.10 03:30:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll MOD - [2013.01.10 03:30:15 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll MOD - [2013.01.10 03:30:12 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll MOD - [2013.01.10 03:30:12 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll MOD - [2013.01.10 03:30:04 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll MOD - [2012.07.27 21:51:54 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu MOD - [2012.07.27 21:51:46 | 000,249,272 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll MOD - [2012.02.24 18:55:56 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2011.09.22 11:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE MOD - [2010.11.24 23:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll MOD - [2010.11.21 07:49:35 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll MOD - [2010.11.21 07:49:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2010.11.17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ========== Services (SafeList) ========== SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2013.02.27 08:43:22 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.02.07 14:21:39 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.02.07 14:20:40 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2013.02.07 14:20:38 | 000,400,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2013.02.07 14:20:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.07.27 12:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.09.22 11:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService) SRV - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2010.11.25 06:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12) SRV - [2010.11.25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM) SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.11.18 02:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.10 15:38:09 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.12.10 15:38:09 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.10.10 07:08:35 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.24 18:56:01 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012.02.24 18:56:01 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.08.17 08:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2011.08.17 08:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2011.08.17 08:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011.08.17 08:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2011.08.09 17:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.05.20 18:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 04:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc) DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010.11.21 04:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.15 10:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV:64bit: - [2010.09.22 04:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2010.06.08 13:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2010.03.19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2006.11.01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2011.12.14 02:19:10 | 000,025,072 | -H-- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gemeindebedarf.at/ IE - HKCU\..\SearchScopes,DefaultScope = {F6E21579-8DF3-4135-AF4F-A87038B2F43C} IE - HKCU\..\SearchScopes\{F6E21579-8DF3-4135-AF4F-A87038B2F43C}: "URL" = hxxp://www.google.at/search?q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Englader\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Englader\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Englader\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Englader\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Englader\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.10.01 07:32:35 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [oKJlROuTVCyA.exe] C:\ProgramData\oKJlROuTVCyA.exe () O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D370C26F-6EF6-4D14-9062-EFBC4D653C32}: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D370C26F-6EF6-4D14-9062-EFBC4D653C32}: NameServer = 195.3.96.67,195.3.96.68 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.01 15:57:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Englader\Desktop\OTL.exe [2013.03.01 15:50:44 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Englader\Desktop\tdsskiller.exe [2013.03.01 15:37:39 | 000,000,000 | ---D | C] -- C:\Users\Englader\Desktop\rkill [2013.03.01 15:36:29 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Englader\Desktop\rkill.com [2013.03.01 14:02:58 | 000,000,000 | -H-D | C] -- C:\Users\Englader\AppData\Roaming\PCDr [2013.03.01 10:37:08 | 000,000,000 | ---D | C] -- C:\Users\Englader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair [2013.02.27 19:22:38 | 000,000,000 | -H-D | C] -- C:\Users\Englader\AppData\Roaming\Mozilla [2013.02.25 11:20:18 | 000,000,000 | -H-D | C] -- C:\Users\Englader\Documents\Vertrieb-IPA [2013.02.20 14:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingBill 2013 [2013.02.20 14:56:00 | 000,000,000 | -H-D | C] -- C:\KingBill GmbH [2013.02.15 03:00:57 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.02.15 03:00:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.02.15 03:00:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.02.15 03:00:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.02.15 03:00:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.02.15 03:00:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.02.15 03:00:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.02.15 03:00:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.02.15 03:00:54 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.02.15 03:00:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.02.15 03:00:53 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.15 03:00:53 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.15 03:00:52 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.15 03:00:52 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.15 03:00:52 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.02.14 08:28:13 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.02.14 08:28:11 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.02.14 08:28:10 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.02.14 08:28:07 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS [2013.02.14 08:28:07 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013.02.14 08:28:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013.02.14 08:28:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013.02.14 08:28:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013.02.14 08:28:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013.02.14 08:28:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013.02.03 17:18:55 | 000,000,000 | -H-D | C] -- C:\Users\Englader\AppData\Roaming\streamlife.Streamlife [2013.02.03 17:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\streamlife ========== Files - Modified Within 30 Days ========== [2013.03.01 15:57:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Englader\Desktop\OTL.exe [2013.03.01 15:50:44 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Englader\Desktop\tdsskiller.exe [2013.03.01 15:43:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.01 15:36:29 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Englader\Desktop\rkill.com [2013.03.01 15:21:02 | 000,001,132 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-687154380-900311623-483718333-1001UA.job [2013.03.01 15:06:30 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.01 15:06:30 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.01 14:52:02 | 000,001,499 | ---- | M] () -- C:\Users\Englader\Desktop\System Repair.lnk [2013.03.01 14:46:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.01 14:46:09 | 3102,031,872 | -HS- | M] () -- C:\hiberfil.sys [2013.03.01 14:03:12 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2013.03.01 12:51:56 | 639,634,201 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.03.01 10:43:14 | 000,000,168 | -H-- | M] () -- C:\ProgramData\oKJlROuTVCyA [2013.03.01 10:40:24 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-oKJlROuTVCyAr [2013.03.01 10:40:24 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-oKJlROuTVCyA [2013.03.01 10:38:37 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2013.03.01 10:24:15 | 000,299,008 | -H-- | M] () -- C:\ProgramData\oKJlROuTVCyA.exe [2013.03.01 08:21:00 | 000,001,080 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-687154380-900311623-483718333-1001Core.job [2013.02.28 10:50:55 | 000,001,456 | -H-- | M] () -- C:\Users\Englader\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2013.02.28 08:49:11 | 000,071,181 | -H-- | M] () -- C:\Users\Englader\Documents\Jänner-2013-Kto-Riederer.pdf [2013.02.27 08:43:22 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.02.27 08:43:22 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.02.26 16:10:46 | 000,013,677 | -H-- | M] () -- C:\Users\Englader\Desktop\Gesamt - Aquise - 04-2013.lnk [2013.02.26 16:09:40 | 000,007,133 | -H-- | M] () -- C:\Users\Englader\Desktop\Jahresplanung-2012-2013-2013-02-26 - Verknüpfung.lnk [2013.02.25 15:59:30 | 000,001,338 | -H-- | M] () -- C:\Users\Englader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2013.02.19 09:58:00 | 000,023,708 | -H-- | M] () -- C:\Users\Englader\AppData\Roaming\Microsoft Excel 97-2003.ADR [2013.02.15 03:28:03 | 005,077,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.02.15 03:04:07 | 001,633,540 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.02.15 03:04:07 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.02.15 03:04:07 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.02.15 03:04:07 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.02.15 03:04:07 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.02.13 15:37:44 | 000,004,456 | -H-- | M] () -- C:\Users\Englader\Desktop\Begleitschreiben Willpflegen-2013-02-12-O.lnk [2013.02.13 15:09:27 | 000,002,090 | -H-- | M] () -- C:\Users\Englader\Documents\template.zip [2013.02.12 11:07:54 | 000,447,570 | -H-- | M] () -- C:\Users\Englader\Documents\gesundheitsmesse-wels.pdf [2013.02.07 18:01:30 | 000,617,520 | -H-- | M] () -- C:\Users\Englader\Documents\Tel-Ams-Sammelmappe.pdf ========== Files Created - No Company Name ========== [2013.03.01 10:37:08 | 000,001,499 | ---- | C] () -- C:\Users\Englader\Desktop\System Repair.lnk [2013.03.01 10:26:27 | 000,000,176 | -H-- | C] () -- C:\ProgramData\-oKJlROuTVCyAr [2013.03.01 10:26:26 | 000,000,176 | -H-- | C] () -- C:\ProgramData\-oKJlROuTVCyA [2013.03.01 10:26:25 | 000,000,168 | -H-- | C] () -- C:\ProgramData\oKJlROuTVCyA [2013.03.01 10:26:20 | 000,299,008 | -H-- | C] () -- C:\ProgramData\oKJlROuTVCyA.exe [2013.02.28 08:49:11 | 000,071,181 | -H-- | C] () -- C:\Users\Englader\Documents\Jänner-2013-Kto-Riederer.pdf [2013.02.26 16:09:40 | 000,007,133 | -H-- | C] () -- C:\Users\Englader\Desktop\Jahresplanung-2012-2013-2013-02-26 - Verknüpfung.lnk [2013.02.13 15:37:44 | 000,004,456 | -H-- | C] () -- C:\Users\Englader\Desktop\Begleitschreiben Willpflegen-2013-02-12-O.lnk [2013.02.13 15:09:27 | 000,002,090 | -H-- | C] () -- C:\Users\Englader\Documents\template.zip [2013.02.12 11:07:54 | 000,447,570 | -H-- | C] () -- C:\Users\Englader\Documents\gesundheitsmesse-wels.pdf [2013.02.07 18:01:30 | 000,617,520 | -H-- | C] () -- C:\Users\Englader\Documents\Tel-Ams-Sammelmappe.pdf [2013.02.05 10:23:05 | 000,013,677 | -H-- | C] () -- C:\Users\Englader\Desktop\Gesamt - Aquise - 04-2013.lnk [2012.11.21 08:52:43 | 000,023,909 | -H-- | C] () -- C:\Users\Englader\AppData\Roaming\Kommagetrennte Werte (Windows).ADR [2012.10.03 15:27:27 | 000,023,708 | -H-- | C] () -- C:\Users\Englader\AppData\Roaming\Microsoft Excel 97-2003.ADR [2012.09.28 07:55:47 | 000,000,132 | -H-- | C] () -- C:\Users\Englader\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012.06.14 15:22:44 | 000,000,132 | -H-- | C] () -- C:\Users\Englader\AppData\Roaming\Adobe GIF Format CS5 Prefs [2012.05.31 16:37:58 | 000,001,456 | -H-- | C] () -- C:\Users\Englader\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2012.02.24 18:46:22 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2012.02.24 18:46:21 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012.02.24 18:46:20 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.02.24 18:46:19 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2012.02.24 18:46:18 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 1130 bytes -> C:\Users\Englader\AppData\Local\rQFkaQwsqMVD:CqQciN0TMhX5D6nHgMRUdT < End of report > Muss die Logs aufteilen weil es zu viele Zeichen sind. Danke für die Unterstützung |
|
01.03.2013, 18:44
| #4 |
| /// Malware-holic | Virus system repair Hi, otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O4 - HKCU..\Run: [oKJlROuTVCyA.exe] C:\ProgramData\oKJlROuTVCyA.exe ()
[2013.03.01 10:37:08 | 000,000,000 | ---D | C] -- C:\Users\Englader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair
[2013.03.01 14:52:02 | 000,001,499 | ---- | M] () -- C:\Users\Englader\Desktop\System Repair.lnk
[2013.03.01 10:43:14 | 000,000,168 | -H-- | M] () -- C:\ProgramData\oKJlROuTVCyA
[2013.03.01 10:40:24 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-oKJlROuTVCyAr
[2013.03.01 10:40:24 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-oKJlROuTVCyA
:files
:Commands
[Reboot]
falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
 lade unhide: http://filepony.de/download-unhide/ doppelklicken, dateien werden sichtbar
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
01.03.2013, 18:45
| #5 |
| | Virus system repair OTL-Extra Code:
ATTFilter OTL Extras logfile created on: 01.03.2013 15:57:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Englader\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3,85 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 47,50% Memory free
7,70 Gb Paging File | 5,46 Gb Available in Paging File | 70,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,70 Gb Total Space | 813,19 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
Computer Name: ENGLADER-STANPC | User Name: Englader | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C605EA-0DF5-4776-B304-EDA87968FB97}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0F378A28-C825-48CE-801E-C75F0E55F553}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{26244719-3C64-4CB9-9472-98CB3E5E5DA3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2FDF479D-E8C4-4531-B0B1-F5ED122AFDC0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{47A79A27-ED65-4672-9FB9-AFDC20714BB8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E828ED1-3970-4AE8-A1F3-3ABDB08DEED1}" = rport=139 | protocol=6 | dir=out | app=system |
"{5262B54D-590A-4B19-8EFB-A8213921EF1D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{52CFB241-3430-438D-8010-C9F948F11D62}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{55BD309F-2569-4A5A-8FE7-F491F7A6FD63}" = rport=445 | protocol=6 | dir=out | app=system |
"{577A0E14-5BD3-453D-BCFD-D915CDB53305}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5999D579-0C37-4F8E-AE11-AE9F01E3D1EC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{60EBDBE0-D4AF-40B9-8FA5-C8C407833320}" = rport=137 | protocol=17 | dir=out | app=system |
"{615B591D-FC45-4652-9198-FBBCC8724D8D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6582EC01-8429-4F30-A7C1-17B7A7F4F4D8}" = lport=137 | protocol=17 | dir=in | app=system |
"{8F834CAA-D7E4-43F8-9F73-F51CF684036A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{920698C4-9C7C-41EC-97E9-EEB35B47954E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A71095DA-C1B8-460A-ABEC-4107788EC7E2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BEC6387B-737D-45D6-87A1-3F8AE1E7BBC9}" = lport=139 | protocol=6 | dir=in | app=system |
"{C01994BA-D903-4727-BC5F-826A5C0037B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DEE50EB9-DF85-4874-8F83-D1A857685813}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E7E27953-3CFD-4FA5-966E-2C6515957999}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC8EF839-11F9-4203-A01E-4C338F78581B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EEEC2C59-C33E-4286-9F9F-BCCFB76C7797}" = lport=138 | protocol=17 | dir=in | app=system |
"{F363633E-B46E-41FE-8F4B-FBD5CDD07071}" = lport=445 | protocol=6 | dir=in | app=system |
"{F71C6F70-6333-47A9-9DEC-8AC9DA7A7A58}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FF97FD0D-D001-458D-8B73-FD46053677DE}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08174E5B-0E41-4E75-AE85-D33A53E3144F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{1746BA77-0AB9-42F6-8B7F-D86956775A1F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18E2854D-2A07-44DE-B939-86DD96CE4EEF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{19F7C374-074E-4E1F-BA57-1FE37995F600}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{25395EBC-66B1-4E41-A3E1-15598338F2A6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2CD697C4-178E-4F6A-9B91-DCE008001184}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{35F7E11A-A8C2-45C5-816A-4A8494C73614}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{57B503C8-1EF4-4D0D-9138-61A88D13264A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E1F775C-6D1D-40FB-BB38-0433D4FF9D33}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{66BF80DC-B247-4617-B4A4-5C199951A546}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6C82699F-21F6-4036-838E-69D18EBCACC0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{71636557-A8CB-4D9D-AB8A-6ABE269EF72B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7AF6F8CA-183B-4D9E-8713-2093E5172B79}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B5F5752-5460-4DF1-8F8D-7F59B38A1637}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{898B9B0E-FE23-42CC-A121-A78B224ECF13}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8B62E10F-026D-42E7-AE69-6F65142F6239}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9ECBF658-3116-452A-B5B1-4F71CD676F0F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AB2DB78B-30F8-490F-AE9B-E942B7A2E8D5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF56A2D5-5B12-4ACA-AA53-FF59598256D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C8A8CEA4-215F-4309-968D-AB43BB68ECA0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D818B7CB-14F5-4A55-A59A-49ADF66BF814}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC54AAB8-6F91-493D-BB3D-1BA8E9765916}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCD13391-F29C-4448-A697-B1E479E785AE}" = protocol=6 | dir=out | app=system |
"{E8F64D3A-70BC-49CE-9F42-17CC5B61DD4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{23F943B3-AEC9-4036-AFBC-97D2B0128F78}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D2C45750-9D3A-43CC-B1C9-FF25269BB2A4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Support Center" = Dell Support Center
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5BEBD7F0-5544-3B4C-8D15-7154AA35BEA2}" = Google Talk Plugin
"{60E59A6C-7399-495A-B85C-C829F4E59602}" = Adobe Creative Suite 5.5 Design Premium
"{62F26EC8-E58A-E16A-F867-074ED20C3257}" = streamlife
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0D0FE27-F362-4A6B-8F07-E5F887FF90FA}" = KingBill 2013
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Antivirus Premium
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"Office14.SingleImage" = Microsoft Office Professional 2010
"streamlife.Streamlife" = streamlife
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.01.2013 07:37:03 | Computer Name = Englader-StanPC | Source = Microsoft-Windows-Defrag | ID = 257
Description =
Error - 05.02.2013 07:19:28 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
Error - 14.02.2013 22:28:15 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
Error - 26.02.2013 09:29:27 | Computer Name = Englader-StanPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
Zeitstempel: 0x50ecc35d Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c40f2
ID
des fehlerhaften Prozesses: 0x21cc Startzeit der fehlerhaften Anwendung: 0x01ce14228b5fd3cd
Pfad
der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 8a3e0fad-8018-11e2-9921-d4bed9955623
Error - 01.03.2013 05:39:59 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
Error - 01.03.2013 05:52:41 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
Error - 01.03.2013 07:44:45 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
Error - 01.03.2013 07:53:44 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
Error - 01.03.2013 09:10:05 | Computer Name = Englader-StanPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c40f2
ID
des fehlerhaften Prozesses: 0x5a4 Startzeit der fehlerhaften Anwendung: 0x01ce167c43c499d7
Pfad
der fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 5548db15-8271-11e2-b0b5-d4bed9955623
Error - 01.03.2013 09:48:01 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 18.02.2013 07:23:26 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
Error - 18.02.2013 07:23:26 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
Error - 18.02.2013 07:30:07 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
Error - 18.02.2013 07:30:07 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
Error - 20.02.2013 05:24:50 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
Error - 20.02.2013 05:24:50 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
Error - 20.02.2013 05:28:19 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
Error - 20.02.2013 05:28:19 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
Error - 20.02.2013 05:30:48 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
Error - 20.02.2013 05:30:48 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
< End of report >
|
|
01.03.2013, 18:46
| #6 |
| /// Malware-holic | Virus system repair sorry überschnitten, siehe post vorher
__________________ --> Virus system repair |
|
01.03.2013, 19:08
| #7 |
| | Virus system repair Die Datei kann ich nicht zippen. bei rechtsklick und senden kommt nur DVD Code:
ATTFilter ========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\oKJlROuTVCyA.exe deleted successfully.
C:\ProgramData\oKJlROuTVCyA.exe moved successfully.
C:\Users\Englader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair folder moved successfully.
C:\Users\Englader\Desktop\System Repair.lnk moved successfully.
C:\ProgramData\oKJlROuTVCyA moved successfully.
C:\ProgramData\-oKJlROuTVCyAr moved successfully.
C:\ProgramData\-oKJlROuTVCyA moved successfully.
========== FILES ==========
========== COMMANDS ==========
OTL by OldTimer - Version 3.2.69.0 log created on 03012013_190112
|
|
01.03.2013, 19:20
| #8 |
| /// Malware-holic | Virus system repair 7-Zip.de 7zip laden instalieren, neustarten und dann über rechtsklick, 7zip, packen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
01.03.2013, 19:22
| #9 |
| | Virus system repair Upload hat funktioniert, muss ich das Code:
ATTFilter lade unhide:
hxxp://download.bleepingcomputer.com/grinler/unhide.exe
doppelklicken, dateien werden sichtbar
|
|
01.03.2013, 19:24
| #10 |
| /// Malware-holic | Virus system repair weiter mit unhide bitte hattest du den tdss killer genutzt, dann log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
01.03.2013, 19:36
| #11 |
| | Virus system repair habe nach anklicken ausführen bestätigt, jetzt ist eine kleines schwarzes fenster. die Logs habe ich wieder geziebt und raufgeladen weil es zu viele Zeichen waren. unhide exe sagt jetzt: Es befindet sich kein Datenträger im Laufwerk. Legen Sie einen Datenträger in Laufwerk\Device\Harddisk1\DR1 ein |
|
01.03.2013, 19:44
| #12 |
| /// Malware-holic | Virus system repair und was ist, wenn du ok klickst? logs bitte hier im forum posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
01.03.2013, 19:52
| #13 |
| | Virus system repair Muss ich teile weil es zu viele Zeichen hat. 1.Teil Code:
ATTFilter 15:51:01.0454 6812 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:51:01.0812 6812 ============================================================
15:51:01.0812 6812 Current date / time: 2013/03/01 15:51:01.0812
15:51:01.0812 6812 SystemInfo:
15:51:01.0812 6812
15:51:01.0812 6812 OS Version: 6.1.7601 ServicePack: 1.0
15:51:01.0812 6812 Product type: Workstation
15:51:01.0812 6812 ComputerName: ENGLADER-STANPC
15:51:01.0812 6812 UserName: Englader
15:51:01.0812 6812 Windows directory: C:\Windows
15:51:01.0812 6812 System windows directory: C:\Windows
15:51:01.0812 6812 Running under WOW64
15:51:01.0812 6812 Processor architecture: Intel x64
15:51:01.0812 6812 Number of processors: 4
15:51:01.0812 6812 Page size: 0x1000
15:51:01.0812 6812 Boot type: Normal boot
15:51:01.0812 6812 ============================================================
15:51:02.0374 6812 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:51:02.0390 6812 ============================================================
15:51:02.0390 6812 \Device\Harddisk0\DR0:
15:51:02.0390 6812 MBR partitions:
15:51:02.0390 6812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1986000
15:51:02.0390 6812 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x199A000, BlocksNum 0x72D655B0
15:51:02.0390 6812 ============================================================
15:51:02.0421 6812 C: <-> \Device\Harddisk0\DR0\Partition2
15:51:02.0421 6812 ============================================================
15:51:02.0421 6812 Initialize success
15:51:02.0421 6812 ============================================================
15:51:04.0652 0688 ============================================================
15:51:04.0652 0688 Scan started
15:51:04.0652 0688 Mode: Manual;
15:51:04.0652 0688 ============================================================
15:51:06.0352 0688 ================ Scan system memory ========================
15:51:06.0352 0688 System memory - ok
15:51:06.0352 0688 ================ Scan services =============================
15:51:06.0602 0688 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:51:06.0602 0688 1394ohci - ok
15:51:06.0664 0688 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:51:06.0680 0688 ACPI - ok
15:51:06.0695 0688 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:51:06.0695 0688 AcpiPmi - ok
15:51:06.0789 0688 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:51:06.0820 0688 AdobeARMservice - ok
15:51:06.0914 0688 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:51:06.0914 0688 AdobeFlashPlayerUpdateSvc - ok
15:51:06.0929 0688 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:51:06.0945 0688 adp94xx - ok
15:51:06.0945 0688 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:51:06.0960 0688 adpahci - ok
15:51:06.0976 0688 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:51:06.0976 0688 adpu320 - ok
15:51:06.0992 0688 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:51:07.0007 0688 AeLookupSvc - ok
15:51:07.0038 0688 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:51:07.0038 0688 AERTFilters - ok
15:51:07.0085 0688 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:51:07.0101 0688 AFD - ok
15:51:07.0116 0688 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:51:07.0116 0688 agp440 - ok
15:51:07.0132 0688 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:51:07.0132 0688 ALG - ok
15:51:07.0148 0688 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:51:07.0148 0688 aliide - ok
15:51:07.0163 0688 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:51:07.0163 0688 amdide - ok
15:51:07.0179 0688 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:51:07.0179 0688 AmdK8 - ok
15:51:07.0194 0688 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:51:07.0194 0688 AmdPPM - ok
15:51:07.0210 0688 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:51:07.0210 0688 amdsata - ok
15:51:07.0210 0688 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:51:07.0226 0688 amdsbs - ok
15:51:07.0241 0688 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:51:07.0241 0688 amdxata - ok
15:51:07.0335 0688 [ B73EB5109193A4BACE8520B79DD77B25 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
15:51:07.0366 0688 AntiVirMailService - ok
15:51:07.0444 0688 [ 44E76CC89F7E38B3C31F000A4E566856 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:51:07.0460 0688 AntiVirSchedulerService - ok
15:51:07.0522 0688 [ 3FE1CDD4DCF5D42DDBD6F1A3F83B5D3A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:51:07.0553 0688 AntiVirService - ok
15:51:07.0569 0688 [ 4B46FED191BEB6EAFED88DE90E97A7DB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:51:07.0600 0688 AntiVirWebService - ok
15:51:07.0616 0688 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:51:07.0616 0688 AppID - ok
15:51:07.0631 0688 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:51:07.0647 0688 AppIDSvc - ok
15:51:07.0662 0688 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:51:07.0662 0688 Appinfo - ok
15:51:07.0709 0688 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:51:07.0709 0688 AppMgmt - ok
15:51:07.0725 0688 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:51:07.0725 0688 arc - ok
15:51:07.0740 0688 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:51:07.0740 0688 arcsas - ok
15:51:07.0865 0688 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:51:07.0896 0688 aspnet_state - ok
15:51:07.0912 0688 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:51:07.0912 0688 AsyncMac - ok
15:51:07.0943 0688 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:51:07.0943 0688 atapi - ok
15:51:07.0974 0688 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:51:07.0990 0688 AudioEndpointBuilder - ok
15:51:08.0006 0688 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:51:08.0006 0688 AudioSrv - ok
15:51:08.0037 0688 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:51:08.0037 0688 avgntflt - ok
15:51:08.0068 0688 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:51:08.0068 0688 avipbb - ok
15:51:08.0068 0688 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:51:08.0084 0688 avkmgr - ok
15:51:08.0099 0688 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:51:08.0099 0688 AxInstSV - ok
15:51:08.0131 0688 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:51:08.0131 0688 b06bdrv - ok
15:51:08.0146 0688 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:51:08.0146 0688 b57nd60a - ok
15:51:08.0162 0688 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:51:08.0177 0688 BDESVC - ok
15:51:08.0177 0688 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:51:08.0177 0688 Beep - ok
15:51:08.0209 0688 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:51:08.0240 0688 BFE - ok
15:51:08.0271 0688 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:51:08.0287 0688 BITS - ok
15:51:08.0302 0688 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:51:08.0318 0688 blbdrive - ok
15:51:08.0333 0688 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:51:08.0333 0688 bowser - ok
15:51:08.0333 0688 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:51:08.0349 0688 BrFiltLo - ok
15:51:08.0349 0688 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:51:08.0349 0688 BrFiltUp - ok
15:51:08.0380 0688 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:51:08.0380 0688 Browser - ok
15:51:08.0396 0688 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:51:08.0396 0688 Brserid - ok
15:51:08.0411 0688 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:51:08.0411 0688 BrSerWdm - ok
15:51:08.0427 0688 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:51:08.0427 0688 BrUsbMdm - ok
15:51:08.0427 0688 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:51:08.0427 0688 BrUsbSer - ok
15:51:08.0443 0688 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:51:08.0443 0688 BTHMODEM - ok
15:51:08.0474 0688 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:51:08.0489 0688 bthserv - ok
15:51:08.0505 0688 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:51:08.0505 0688 cdfs - ok
15:51:08.0521 0688 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:51:08.0521 0688 cdrom - ok
15:51:08.0521 0688 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:51:08.0536 0688 CertPropSvc - ok
15:51:08.0552 0688 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:51:08.0552 0688 circlass - ok
15:51:08.0552 0688 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:51:08.0567 0688 CLFS - ok
15:51:08.0630 0688 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:51:08.0645 0688 clr_optimization_v2.0.50727_32 - ok
15:51:08.0692 0688 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:51:08.0708 0688 clr_optimization_v2.0.50727_64 - ok
15:51:08.0755 0688 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:51:08.0786 0688 clr_optimization_v4.0.30319_32 - ok
15:51:08.0801 0688 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:51:08.0817 0688 clr_optimization_v4.0.30319_64 - ok
15:51:08.0833 0688 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:51:08.0833 0688 CmBatt - ok
15:51:08.0833 0688 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:51:08.0833 0688 cmdide - ok
15:51:08.0879 0688 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:51:08.0879 0688 CNG - ok
15:51:08.0895 0688 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:51:08.0911 0688 Compbatt - ok
15:51:08.0926 0688 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:51:08.0926 0688 CompositeBus - ok
15:51:08.0926 0688 COMSysApp - ok
15:51:08.0942 0688 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:51:08.0942 0688 crcdisk - ok
15:51:08.0973 0688 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:51:08.0973 0688 CryptSvc - ok
15:51:09.0004 0688 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:51:09.0004 0688 CSC - ok
15:51:09.0035 0688 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:51:09.0035 0688 CscService - ok
15:51:09.0067 0688 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:51:09.0082 0688 DcomLaunch - ok
15:51:09.0113 0688 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:51:09.0129 0688 defragsvc - ok
15:51:09.0145 0688 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:51:09.0145 0688 DfsC - ok
15:51:09.0160 0688 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:51:09.0176 0688 Dhcp - ok
15:51:09.0191 0688 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:51:09.0191 0688 discache - ok
15:51:09.0207 0688 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:51:09.0207 0688 Disk - ok
15:51:09.0223 0688 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:51:09.0223 0688 dmvsc - ok
15:51:09.0254 0688 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:51:09.0269 0688 Dnscache - ok
15:51:09.0269 0688 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:51:09.0285 0688 dot3svc - ok
15:51:09.0301 0688 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:51:09.0301 0688 DPS - ok
15:51:09.0332 0688 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:51:09.0332 0688 drmkaud - ok
15:51:09.0363 0688 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:51:09.0379 0688 DXGKrnl - ok
15:51:09.0410 0688 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:51:09.0425 0688 EapHost - ok
15:51:09.0535 0688 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:51:09.0675 0688 ebdrv - ok
15:51:09.0722 0688 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:51:09.0722 0688 EFS - ok
15:51:09.0769 0688 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:51:09.0784 0688 ehRecvr - ok
15:51:09.0800 0688 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:51:09.0800 0688 ehSched - ok
15:51:09.0815 0688 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:51:09.0815 0688 elxstor - ok
15:51:09.0831 0688 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:51:09.0831 0688 ErrDev - ok
15:51:09.0862 0688 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:51:09.0862 0688 EventSystem - ok
15:51:09.0878 0688 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:51:09.0878 0688 exfat - ok
15:51:09.0893 0688 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:51:09.0909 0688 fastfat - ok
15:51:09.0925 0688 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:51:09.0940 0688 Fax - ok
15:51:09.0956 0688 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:51:09.0956 0688 fdc - ok
15:51:09.0956 0688 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:51:09.0971 0688 fdPHost - ok
15:51:09.0971 0688 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:51:09.0987 0688 FDResPub - ok
15:51:09.0987 0688 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:51:09.0987 0688 FileInfo - ok
15:51:10.0003 0688 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:51:10.0003 0688 Filetrace - ok
15:51:10.0003 0688 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:51:10.0003 0688 flpydisk - ok
15:51:10.0018 0688 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:51:10.0018 0688 FltMgr - ok
15:51:10.0049 0688 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:51:10.0081 0688 FontCache - ok
15:51:10.0112 0688 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:51:10.0159 0688 FontCache3.0.0.0 - ok
15:51:10.0190 0688 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:51:10.0190 0688 FsDepends - ok
15:51:10.0221 0688 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:51:10.0221 0688 Fs_Rec - ok
15:51:10.0221 0688 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:51:10.0221 0688 fvevol - ok
15:51:10.0237 0688 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:51:10.0252 0688 gagp30kx - ok
15:51:10.0283 0688 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:51:10.0315 0688 gpsvc - ok
15:51:10.0330 0688 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:51:10.0330 0688 hcw85cir - ok
15:51:10.0346 0688 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:51:10.0346 0688 HDAudBus - ok
15:51:10.0361 0688 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:51:10.0361 0688 HidBatt - ok
15:51:10.0377 0688 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:51:10.0377 0688 HidBth - ok
15:51:10.0393 0688 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:51:10.0393 0688 HidIr - ok
15:51:10.0408 0688 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:51:10.0408 0688 hidserv - ok
15:51:10.0424 0688 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:51:10.0424 0688 HidUsb - ok
15:51:10.0424 0688 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:51:10.0439 0688 hkmsvc - ok
15:51:10.0455 0688 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:51:10.0471 0688 HomeGroupListener - ok
15:51:10.0502 0688 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:51:10.0517 0688 HomeGroupProvider - ok
15:51:10.0533 0688 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:51:10.0533 0688 HpSAMD - ok
15:51:10.0549 0688 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:51:10.0564 0688 HTTP - ok
15:51:10.0564 0688 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:51:10.0564 0688 hwpolicy - ok
15:51:10.0564 0688 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:51:10.0564 0688 i8042prt - ok
15:51:10.0611 0688 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:51:10.0611 0688 iaStor - ok
15:51:10.0673 0688 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:51:10.0673 0688 IAStorDataMgrSvc - ok
15:51:10.0689 0688 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:51:10.0705 0688 iaStorV - ok
15:51:10.0751 0688 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:51:10.0798 0688 idsvc - ok
15:51:10.0985 0688 [ 33FAA40B288002C89529DBD14F3AB72C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:51:11.0141 0688 igfx - ok
15:51:11.0157 0688 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:51:11.0157 0688 iirsp - ok
15:51:11.0188 0688 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:51:11.0219 0688 IKEEXT - ok
15:51:11.0282 0688 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:51:11.0329 0688 IntcAzAudAddService - ok
15:51:11.0344 0688 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:51:11.0344 0688 IntcDAud - ok
15:51:11.0360 0688 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:51:11.0360 0688 intelide - ok
15:51:11.0375 0688 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:51:11.0375 0688 intelppm - ok
15:51:11.0391 0688 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:51:11.0407 0688 IPBusEnum - ok
15:51:11.0422 0688 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:51:11.0422 0688 IpFilterDriver - ok
15:51:11.0469 0688 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:51:11.0485 0688 iphlpsvc - ok
15:51:11.0500 0688 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:51:11.0500 0688 IPMIDRV - ok
15:51:11.0516 0688 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:51:11.0516 0688 IPNAT - ok
15:51:11.0547 0688 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:51:11.0547 0688 IRENUM - ok
15:51:11.0563 0688 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:51:11.0563 0688 isapnp - ok
15:51:11.0578 0688 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:51:11.0594 0688 iScsiPrt - ok
15:51:11.0641 0688 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
15:51:11.0656 0688 k57nd60a - ok
15:51:11.0672 0688 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:51:11.0672 0688 kbdclass - ok
15:51:11.0703 0688 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:51:11.0703 0688 kbdhid - ok
15:51:11.0719 0688 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:51:11.0719 0688 KeyIso - ok
15:51:11.0750 0688 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:51:11.0750 0688 KSecDD - ok
15:51:11.0765 0688 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:51:11.0765 0688 KSecPkg - ok
15:51:11.0781 0688 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:51:11.0781 0688 ksthunk - ok
15:51:11.0797 0688 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:51:11.0812 0688 KtmRm - ok
15:51:11.0843 0688 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:51:11.0859 0688 LanmanServer - ok
15:51:11.0875 0688 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:51:11.0890 0688 LanmanWorkstation - ok
15:51:11.0906 0688 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:51:11.0921 0688 lltdio - ok
15:51:11.0937 0688 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:51:11.0937 0688 lltdsvc - ok
15:51:11.0953 0688 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:51:11.0968 0688 lmhosts - ok
15:51:11.0999 0688 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:51:11.0999 0688 LSI_FC - ok
15:51:12.0031 0688 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:51:12.0031 0688 LSI_SAS - ok
15:51:12.0046 0688 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:51:12.0046 0688 LSI_SAS2 - ok
15:51:12.0062 0688 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:51:12.0077 0688 LSI_SCSI - ok
15:51:12.0093 0688 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:51:12.0093 0688 luafv - ok
15:51:12.0109 0688 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:51:12.0109 0688 Mcx2Svc - ok
15:51:12.0124 0688 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:51:12.0124 0688 megasas - ok
15:51:12.0155 0688 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:51:12.0155 0688 MegaSR - ok
15:51:12.0171 0688 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:51:12.0171 0688 MEIx64 - ok
15:51:12.0187 0688 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:51:12.0187 0688 MMCSS - ok
15:51:12.0202 0688 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:51:12.0202 0688 Modem - ok
15:51:12.0202 0688 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:51:12.0202 0688 monitor - ok
15:51:12.0233 0688 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:51:12.0233 0688 mouclass - ok
15:51:12.0249 0688 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:51:12.0249 0688 mouhid - ok
15:51:12.0249 0688 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:51:12.0249 0688 mountmgr - ok
15:51:12.0280 0688 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:51:12.0280 0688 mpio - ok
15:51:12.0296 0688 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:51:12.0296 0688 mpsdrv - ok
15:51:12.0327 0688 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:51:12.0343 0688 MpsSvc - ok
15:51:12.0358 0688 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:51:12.0358 0688 MRxDAV - ok
15:51:12.0389 0688 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:51:12.0389 0688 mrxsmb - ok
15:51:12.0389 0688 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:51:12.0405 0688 mrxsmb10 - ok
15:51:12.0405 0688 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:51:12.0421 0688 mrxsmb20 - ok
15:51:12.0421 0688 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:51:12.0421 0688 msahci - ok
15:51:12.0436 0688 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:51:12.0452 0688 msdsm - ok
15:51:12.0467 0688 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:51:12.0467 0688 MSDTC - ok
15:51:12.0483 0688 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:51:12.0499 0688 Msfs - ok
15:51:12.0499 0688 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:51:12.0499 0688 mshidkmdf - ok
15:51:12.0530 0688 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:51:12.0530 0688 msisadrv - ok
15:51:12.0545 0688 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:51:12.0561 0688 MSiSCSI - ok
15:51:12.0561 0688 msiserver - ok
15:51:12.0577 0688 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:51:12.0577 0688 MSKSSRV - ok
15:51:12.0592 0688 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:51:12.0592 0688 MSPCLOCK - ok
15:51:12.0608 0688 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:51:12.0608 0688 MSPQM - ok
15:51:12.0623 0688 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:51:12.0623 0688 MsRPC - ok
15:51:12.0639 0688 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:51:12.0639 0688 mssmbios - ok
15:51:12.0655 0688 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:51:12.0655 0688 MSTEE - ok
15:51:12.0670 0688 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:51:12.0670 0688 MTConfig - ok
15:51:12.0686 0688 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:51:12.0686 0688 Mup - ok
15:51:12.0701 0688 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:51:12.0717 0688 napagent - ok
15:51:12.0748 0688 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:51:12.0748 0688 NativeWifiP - ok
15:51:12.0811 0688 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:51:12.0811 0688 NDIS - ok
15:51:12.0826 0688 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:51:12.0826 0688 NdisCap - ok
15:51:12.0857 0688 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:51:12.0857 0688 NdisTapi - ok
15:51:12.0873 0688 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:51:12.0889 0688 Ndisuio - ok
15:51:12.0920 0688 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:51:12.0935 0688 NdisWan - ok
15:51:12.0935 0688 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:51:12.0951 0688 NDProxy - ok
15:51:12.0951 0688 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:51:12.0951 0688 NetBIOS - ok
15:51:12.0967 0688 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:51:12.0967 0688 NetBT - ok
15:51:12.0982 0688 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:51:12.0982 0688 Netlogon - ok
15:51:13.0013 0688 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:51:13.0013 0688 Netman - ok
15:51:13.0045 0688 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:13.0091 0688 NetMsmqActivator - ok
15:51:13.0091 0688 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:13.0091 0688 NetPipeActivator - ok
15:51:13.0123 0688 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:51:13.0138 0688 netprofm - ok
15:51:13.0154 0688 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:13.0154 0688 NetTcpActivator - ok
15:51:13.0154 0688 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:13.0154 0688 NetTcpPortSharing - ok
15:51:13.0185 0688 [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
15:51:13.0185 0688 netvsc - ok
15:51:13.0216 0688 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:51:13.0216 0688 nfrd960 - ok
15:51:13.0232 0688 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:51:13.0247 0688 NlaSvc - ok
15:51:13.0294 0688 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
15:51:13.0294 0688 nmwcd - ok
15:51:13.0325 0688 [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
15:51:13.0325 0688 nmwcdc - ok
15:51:13.0325 0688 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:51:13.0341 0688 Npfs - ok
15:51:13.0341 0688 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:51:13.0341 0688 nsi - ok
15:51:13.0357 0688 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:51:13.0357 0688 nsiproxy - ok
15:51:13.0450 0688 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:51:13.0481 0688 Ntfs - ok
15:51:13.0481 0688 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:51:13.0497 0688 Null - ok
15:51:13.0513 0688 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:51:13.0513 0688 nvraid - ok
15:51:13.0528 0688 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:51:13.0528 0688 nvstor - ok
15:51:13.0544 0688 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:51:13.0544 0688 nv_agp - ok
15:51:13.0559 0688 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:51:13.0559 0688 ohci1394 - ok
15:51:13.0653 0688 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:51:13.0684 0688 ose - ok
15:51:13.0825 0688 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:51:13.0934 0688 osppsvc - ok
15:51:13.0965 0688 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:51:13.0965 0688 p2pimsvc - ok
15:51:13.0981 0688 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:51:13.0996 0688 p2psvc - ok
15:51:14.0012 0688 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:51:14.0012 0688 Parport - ok
15:51:14.0043 0688 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:51:14.0043 0688 partmgr - ok
15:51:14.0059 0688 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:51:14.0074 0688 PcaSvc - ok
15:51:14.0137 0688 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
15:51:14.0152 0688 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:51:14.0168 0688 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:51:14.0168 0688 pci - ok
15:51:14.0199 0688 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:51:14.0199 0688 pciide - ok
15:51:14.0215 0688 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:51:14.0215 0688 pcmcia - ok
15:51:14.0246 0688 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:51:14.0246 0688 pcw - ok
15:51:14.0261 0688 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:51:14.0261 0688 PEAUTH - ok
15:51:14.0308 0688 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:51:14.0339 0688 PeerDistSvc - ok
15:51:14.0386 0688 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:51:14.0402 0688 PerfHost - ok
15:51:14.0464 0688 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:51:14.0542 0688 pla - ok
15:51:14.0573 0688 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:51:14.0589 0688 PlugPlay - ok
15:51:14.0605 0688 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:51:14.0605 0688 PNRPAutoReg - ok
15:51:14.0620 0688 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:51:14.0620 0688 PNRPsvc - ok
15:51:14.0683 0688 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:51:14.0683 0688 PolicyAgent - ok
15:51:14.0714 0688 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
15:51:14.0714 0688 Power - ok
15:51:14.0745 0688 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:51:14.0745 0688 PptpMiniport - ok
15:51:14.0761 0688 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:51:14.0761 0688 Processor - ok
15:51:14.0839 0688 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:51:14.0854 0688 ProfSvc - ok
15:51:14.0870 0688 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:51:14.0870 0688 ProtectedStorage - ok
15:51:14.0901 0688 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:51:14.0901 0688 Psched - ok
15:51:14.0932 0688 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:51:14.0932 0688 PxHlpa64 - ok
15:51:14.0995 0688 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:51:15.0026 0688 ql2300 - ok
15:51:15.0026 0688 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:51:15.0026 0688 ql40xx - ok
15:51:15.0041 0688 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:51:15.0057 0688 QWAVE - ok
15:51:15.0073 0688 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:51:15.0073 0688 QWAVEdrv - ok
15:51:15.0088 0688 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:51:15.0088 0688 RasAcd - ok
15:51:15.0119 0688 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:51:15.0119 0688 RasAgileVpn - ok
15:51:15.0135 0688 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:51:15.0135 0688 RasAuto - ok
15:51:15.0151 0688 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:51:15.0151 0688 Rasl2tp - ok
15:51:15.0182 0688 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:51:15.0197 0688 RasMan - ok
15:51:15.0213 0688 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:51:15.0213 0688 RasPppoe - ok
15:51:15.0213 0688 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:51:15.0229 0688 RasSstp - ok
15:51:15.0229 0688 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:51:15.0244 0688 rdbss - ok
15:51:15.0244 0688 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:51:15.0244 0688 rdpbus - ok
15:51:15.0275 0688 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:51:15.0275 0688 RDPCDD - ok
15:51:15.0307 0688 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:51:15.0307 0688 RDPDR - ok
15:51:15.0322 0688 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:51:15.0322 0688 RDPENCDD - ok
15:51:15.0322 0688 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:51:15.0338 0688 RDPREFMP - ok
15:51:15.0369 0688 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:51:15.0369 0688 RDPWD - ok
15:51:15.0400 0688 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:51:15.0400 0688 rdyboost - ok
15:51:15.0400 0688 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:51:15.0416 0688 RemoteAccess - ok
15:51:15.0431 0688 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:51:15.0431 0688 RemoteRegistry - ok
15:51:15.0712 0688 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:51:15.0806 0688 RoxMediaDB12OEM - ok
15:51:15.0853 0688 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:51:15.0853 0688 RoxWatch12 - ok
15:51:15.0868 0688 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:51:15.0884 0688 RpcEptMapper - ok
15:51:15.0899 0688 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:51:15.0915 0688 RpcLocator - ok
15:51:15.0915 0688 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:51:15.0931 0688 RpcSs - ok
15:51:15.0946 0688 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:51:15.0946 0688 rspndr - ok
15:51:15.0962 0688 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:51:15.0962 0688 s3cap - ok
15:51:15.0977 0688 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:51:15.0977 0688 SamSs - ok
15:51:15.0993 0688 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:51:15.0993 0688 sbp2port - ok
15:51:16.0009 0688 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:51:16.0024 0688 SCardSvr - ok
15:51:16.0040 0688 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:51:16.0040 0688 scfilter - ok
15:51:16.0071 0688 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:51:16.0071 0688 Schedule - ok
15:51:16.0102 0688 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:51:16.0102 0688 SCPolicySvc - ok
15:51:16.0118 0688 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:51:16.0118 0688 SDRSVC - ok
15:51:16.0133 0688 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:51:16.0133 0688 secdrv - ok
15:51:16.0149 0688 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:51:16.0149 0688 seclogon - ok
15:51:16.0180 0688 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:51:16.0180 0688 SENS - ok
15:51:16.0196 0688 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:51:16.0196 0688 SensrSvc - ok
15:51:16.0211 0688 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:51:16.0211 0688 Serenum - ok
15:51:16.0227 0688 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:51:16.0227 0688 Serial - ok
15:51:16.0258 0688 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:51:16.0258 0688 sermouse - ok
15:51:16.0274 0688 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:51:16.0289 0688 SessionEnv - ok
15:51:16.0289 0688 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:51:16.0289 0688 sffdisk - ok
15:51:16.0305 0688 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:51:16.0305 0688 sffp_mmc - ok
15:51:16.0305 0688 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:51:16.0305 0688 sffp_sd - ok
15:51:16.0305 0688 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:51:16.0305 0688 sfloppy - ok
15:51:16.0367 0688 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:51:16.0461 0688 SftService - ok
15:51:16.0477 0688 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:51:16.0492 0688 SharedAccess - ok
15:51:16.0523 0688 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:51:16.0523 0688 ShellHWDetection - ok
15:51:16.0539 0688 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:51:16.0539 0688 SiSRaid2 - ok
15:51:16.0570 0688 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:51:16.0570 0688 SiSRaid4 - ok
15:51:16.0586 0688 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:51:16.0586 0688 Smb - ok
15:51:16.0601 0688 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:51:16.0617 0688 SNMPTRAP - ok
15:51:16.0617 0688 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:51:16.0617 0688 spldr - ok
15:51:16.0648 0688 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:51:16.0664 0688 Spooler - ok
15:51:16.0913 0688 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:51:16.0960 0688 sppsvc - ok
15:51:16.0976 0688 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:51:16.0991 0688 sppuinotify - ok
15:51:17.0038 0688 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:51:17.0038 0688 srv - ok
15:51:17.0054 0688 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:51:17.0054 0688 srv2 - ok
15:51:17.0069 0688 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:51:17.0069 0688 srvnet - ok
15:51:17.0085 0688 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:51:17.0101 0688 SSDPSRV - ok
15:51:17.0116 0688 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:51:17.0116 0688 SstpSvc - ok
15:51:17.0132 0688 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:51:17.0132 0688 stexstor - ok
15:51:17.0147 0688 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:51:17.0163 0688 stisvc - ok
15:51:17.0194 0688 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:51:17.0225 0688 stllssvr - ok
15:51:17.0257 0688 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:51:17.0257 0688 StorSvc - ok
15:51:17.0272 0688 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:51:17.0288 0688 storvsc - ok
15:51:17.0303 0688 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:51:17.0303 0688 swenum - ok
15:51:17.0350 0688 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:51:17.0397 0688 SwitchBoard - ok
15:51:17.0459 0688 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:51:17.0475 0688 swprv - ok
15:51:17.0491 0688 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
15:51:17.0491 0688 SynthVid - ok
15:51:17.0522 0688 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:51:17.0553 0688 SysMain - ok
15:51:17.0569 0688 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:51:17.0569 0688 TabletInputService - ok
15:51:17.0584 0688 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:51:17.0584 0688 TapiSrv - ok
15:51:17.0600 0688 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:51:17.0600 0688 TBS - ok
15:51:17.0662 0688 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:51:17.0693 0688 Tcpip - ok
15:51:17.0725 0688 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:51:17.0740 0688 TCPIP6 - ok
15:51:17.0771 0688 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:51:17.0787 0688 tcpipreg - ok
15:51:17.0803 0688 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:51:17.0803 0688 TDPIPE - ok
15:51:17.0818 0688 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:51:17.0834 0688 TDTCP - ok
15:51:17.0849 0688 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:51:17.0849 0688 tdx - ok
15:51:17.0865 0688 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:51:17.0865 0688 TermDD - ok
15:51:17.0881 0688 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:51:17.0896 0688 TermService - ok
15:51:17.0896 0688 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:51:17.0912 0688 Themes - ok
15:51:17.0927 0688 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:51:17.0927 0688 THREADORDER - ok
15:51:17.0943 0688 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:51:17.0959 0688 TrkWks - ok
15:51:17.0990 0688 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:51:17.0990 0688 TrustedInstaller - ok
15:51:18.0005 0688 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:51:18.0021 0688 tssecsrv - ok
15:51:18.0021 0688 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:51:18.0037 0688 TsUsbFlt - ok
15:51:18.0052 0688 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:51:18.0052 0688 TsUsbGD - ok
15:51:18.0068 0688 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:51:18.0068 0688 tunnel - ok
15:51:18.0083 0688 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:51:18.0083 0688 uagp35 - ok
15:51:18.0099 0688 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:51:18.0115 0688 udfs - ok
15:51:18.0130 0688 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:51:18.0130 0688 UI0Detect - ok
15:51:18.0161 0688 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:51:18.0161 0688 uliagpkx - ok
15:51:18.0177 0688 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:51:18.0177 0688 umbus - ok
15:51:18.0193 0688 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:51:18.0193 0688 UmPass - ok
15:51:18.0208 0688 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:51:18.0224 0688 UmRdpService - ok
15:51:18.0255 0688 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:51:18.0255 0688 upnphost - ok
15:51:18.0302 0688 [ 4E93C8496359E97830C75AC36393654D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:51:18.0302 0688 upperdev - ok
15:51:18.0302 0688 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:51:18.0302 0688 usbccgp - ok
15:51:18.0317 0688 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:51:18.0333 0688 usbcir - ok
15:51:18.0333 0688 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:51:18.0349 0688 usbehci - ok
15:51:18.0364 0688 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:51:18.0364 0688 usbhub - ok
15:51:18.0380 0688 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:51:18.0380 0688 usbohci - ok
15:51:18.0395 0688 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:51:18.0395 0688 usbprint - ok
15:51:18.0442 0688 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
15:51:18.0442 0688 usbser - ok
15:51:18.0442 0688 [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:51:18.0442 0688 UsbserFilt - ok
15:51:18.0458 0688 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:51:18.0458 0688 USBSTOR - ok
15:51:18.0489 0688 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:51:18.0489 0688 usbuhci - ok
15:51:18.0505 0688 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:51:18.0520 0688 UxSms - ok
15:51:18.0614 0688 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:51:18.0614 0688 VaultSvc - ok
15:51:18.0614 0688 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:51:18.0614 0688 vdrvroot - ok
15:51:18.0676 0688 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:51:18.0723 0688 vds - ok
15:51:18.0754 0688 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:51:18.0754 0688 vga - ok
15:51:18.0770 0688 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:51:18.0785 0688 VgaSave - ok
15:51:18.0801 0688 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:51:18.0801 0688 vhdmp - ok
15:51:18.0817 0688 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:51:18.0817 0688 viaide - ok
15:51:18.0832 0688 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:51:18.0832 0688 VMBusHID - ok
15:51:18.0863 0688 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:51:18.0863 0688 volmgr - ok
15:51:18.0879 0688 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:51:18.0879 0688 volmgrx - ok
15:51:18.0895 0688 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:51:18.0910 0688 volsnap - ok
15:51:18.0926 0688 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:51:18.0926 0688 vsmraid - ok
15:51:18.0973 0688 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:51:19.0019 0688 VSS - ok
15:51:19.0035 0688 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:51:19.0051 0688 vwifibus - ok
15:51:19.0066 0688 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:51:19.0066 0688 W32Time - ok
15:51:19.0082 0688 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:51:19.0082 0688 WacomPen - ok
15:51:19.0097 0688 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:51:19.0097 0688 WANARP - ok
15:51:19.0113 0688 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:51:19.0113 0688 Wanarpv6 - ok
15:51:19.0160 0688 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:51:19.0207 0688 WatAdminSvc - ok
15:51:19.0253 0688 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:51:19.0285 0688 wbengine - ok
15:51:19.0300 0688 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:51:19.0316 0688 WbioSrvc - ok
15:51:19.0316 0688 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:51:19.0331 0688 wcncsvc - ok
15:51:19.0331 0688 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:51:19.0347 0688 WcsPlugInService - ok
15:51:19.0363 0688 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:51:19.0363 0688 Wd - ok
15:51:19.0394 0688 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:51:19.0394 0688 Wdf01000 - ok
15:51:19.0409 0688 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:51:19.0409 0688 WdiServiceHost - ok
15:51:19.0425 0688 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:51:19.0425 0688 WdiSystemHost - ok
15:51:19.0441 0688 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:51:19.0456 0688 WebClient - ok
15:51:19.0456 0688 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:51:19.0472 0688 Wecsvc - ok
15:51:19.0487 0688 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:51:19.0487 0688 wercplsupport - ok
15:51:19.0503 0688 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:51:19.0519 0688 WerSvc - ok
15:51:19.0534 0688 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:51:19.0534 0688 WfpLwf - ok
15:51:19.0565 0688 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:51:19.0565 0688 WimFltr - ok
15:51:19.0581 0688 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:51:19.0581 0688 WIMMount - ok
|
|
01.03.2013, 19:53
| #14 |
| | Virus system repair 2.Teil Code:
ATTFilter
15:51:19.0597 0688 WinDefend - ok
15:51:19.0597 0688 WinHttpAutoProxySvc - ok
15:51:19.0659 0688 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:51:19.0659 0688 Winmgmt - ok
15:51:19.0706 0688 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:51:19.0753 0688 WinRM - ok
15:51:19.0846 0688 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:51:19.0846 0688 WinUsb - ok
15:51:19.0877 0688 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:51:19.0893 0688 Wlansvc - ok
15:51:19.0971 0688 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:51:19.0987 0688 wlcrasvc - ok
15:51:20.0096 0688 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:51:20.0174 0688 wlidsvc - ok
15:51:20.0205 0688 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:51:20.0205 0688 WmiAcpi - ok
15:51:20.0221 0688 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:51:20.0236 0688 wmiApSrv - ok
15:51:20.0267 0688 WMPNetworkSvc - ok
15:51:20.0283 0688 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:51:20.0283 0688 WPCSvc - ok
15:51:20.0299 0688 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:51:20.0299 0688 WPDBusEnum - ok
15:51:20.0314 0688 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:51:20.0314 0688 ws2ifsl - ok
15:51:20.0330 0688 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:51:20.0345 0688 wscsvc - ok
15:51:20.0345 0688 WSearch - ok
15:51:20.0439 0688 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:51:20.0486 0688 wuauserv - ok
15:51:20.0517 0688 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:51:20.0517 0688 WudfPf - ok
15:51:20.0548 0688 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:51:20.0548 0688 WUDFRd - ok
15:51:20.0548 0688 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:51:20.0564 0688 wudfsvc - ok
15:51:20.0579 0688 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:51:20.0595 0688 WwanSvc - ok
15:51:20.0595 0688 ================ Scan global ===============================
15:51:20.0626 0688 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:51:20.0657 0688 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:20.0673 0688 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:20.0689 0688 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:51:20.0704 0688 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:51:20.0704 0688 [Global] - ok
15:51:20.0704 0688 ================ Scan MBR ==================================
15:51:20.0720 0688 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:51:21.0094 0688 Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
15:51:21.0172 0688 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:51:21.0172 0688 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:51:21.0172 0688 ================ Scan VBR ==================================
15:51:21.0219 0688 [ 53975848382FC36F3CB5D792F2563280 ] \Device\Harddisk0\DR0\Partition1
15:51:21.0219 0688 \Device\Harddisk0\DR0\Partition1 - ok
15:51:21.0266 0688 [ 21028167BC9C48551F4E7105EA9D9599 ] \Device\Harddisk0\DR0\Partition2
15:51:21.0266 0688 \Device\Harddisk0\DR0\Partition2 - ok
15:51:21.0266 0688 ============================================================
15:51:21.0266 0688 Scan finished
15:51:21.0266 0688 ============================================================
15:51:21.0266 4108 Detected object count: 1
15:51:21.0266 4108 Actual detected object count: 1
15:52:14.0306 4108 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
15:52:14.0306 4108 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
15:52:54.0799 0764 ============================================================
15:52:54.0799 0764 Scan started
15:52:54.0799 0764 Mode: Manual;
15:52:54.0799 0764 ============================================================
15:52:54.0923 0764 ================ Scan system memory ========================
15:52:54.0923 0764 System memory - ok
15:52:54.0923 0764 ================ Scan services =============================
15:52:55.0189 0764 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:52:55.0189 0764 1394ohci - ok
15:52:55.0204 0764 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:52:55.0204 0764 ACPI - ok
15:52:55.0220 0764 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:52:55.0220 0764 AcpiPmi - ok
15:52:55.0345 0764 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:52:55.0345 0764 AdobeARMservice - ok
15:52:55.0407 0764 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:52:55.0407 0764 AdobeFlashPlayerUpdateSvc - ok
15:52:55.0423 0764 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:52:55.0438 0764 adp94xx - ok
15:52:55.0438 0764 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:52:55.0438 0764 adpahci - ok
15:52:55.0454 0764 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:52:55.0454 0764 adpu320 - ok
15:52:55.0485 0764 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:52:55.0485 0764 AeLookupSvc - ok
15:52:55.0516 0764 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:52:55.0516 0764 AERTFilters - ok
15:52:55.0547 0764 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:52:55.0547 0764 AFD - ok
15:52:55.0563 0764 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:52:55.0563 0764 agp440 - ok
15:52:55.0579 0764 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:52:55.0579 0764 ALG - ok
15:52:55.0594 0764 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:52:55.0594 0764 aliide - ok
15:52:55.0594 0764 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:52:55.0594 0764 amdide - ok
15:52:55.0610 0764 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:52:55.0625 0764 AmdK8 - ok
15:52:55.0641 0764 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:52:55.0641 0764 AmdPPM - ok
15:52:55.0641 0764 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:52:55.0641 0764 amdsata - ok
15:52:55.0641 0764 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:52:55.0641 0764 amdsbs - ok
15:52:55.0657 0764 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:52:55.0657 0764 amdxata - ok
15:52:55.0703 0764 [ B73EB5109193A4BACE8520B79DD77B25 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
15:52:55.0703 0764 AntiVirMailService - ok
15:52:55.0735 0764 [ 44E76CC89F7E38B3C31F000A4E566856 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:52:55.0735 0764 AntiVirSchedulerService - ok
15:52:55.0766 0764 [ 3FE1CDD4DCF5D42DDBD6F1A3F83B5D3A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:52:55.0766 0764 AntiVirService - ok
15:52:55.0781 0764 [ 4B46FED191BEB6EAFED88DE90E97A7DB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:52:55.0781 0764 AntiVirWebService - ok
15:52:55.0797 0764 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:52:55.0797 0764 AppID - ok
15:52:55.0828 0764 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:52:55.0828 0764 AppIDSvc - ok
15:52:55.0828 0764 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:52:55.0828 0764 Appinfo - ok
15:52:55.0844 0764 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:52:55.0859 0764 AppMgmt - ok
15:52:55.0875 0764 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:52:55.0875 0764 arc - ok
15:52:55.0891 0764 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:52:55.0891 0764 arcsas - ok
15:52:55.0969 0764 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:52:55.0969 0764 aspnet_state - ok
15:52:55.0984 0764 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:52:55.0984 0764 AsyncMac - ok
15:52:56.0015 0764 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:52:56.0015 0764 atapi - ok
15:52:56.0062 0764 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:52:56.0062 0764 AudioEndpointBuilder - ok
15:52:56.0078 0764 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:52:56.0078 0764 AudioSrv - ok
15:52:56.0109 0764 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:52:56.0125 0764 avgntflt - ok
15:52:56.0156 0764 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:52:56.0156 0764 avipbb - ok
15:52:56.0187 0764 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:52:56.0187 0764 avkmgr - ok
15:52:56.0203 0764 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:52:56.0203 0764 AxInstSV - ok
15:52:56.0234 0764 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:52:56.0234 0764 b06bdrv - ok
15:52:56.0249 0764 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:52:56.0249 0764 b57nd60a - ok
15:52:56.0281 0764 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:52:56.0281 0764 BDESVC - ok
15:52:56.0296 0764 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:52:56.0296 0764 Beep - ok
15:52:56.0312 0764 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:52:56.0312 0764 BFE - ok
15:52:56.0343 0764 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:52:56.0343 0764 BITS - ok
15:52:56.0359 0764 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:52:56.0359 0764 blbdrive - ok
15:52:56.0374 0764 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:52:56.0374 0764 bowser - ok
15:52:56.0390 0764 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:52:56.0390 0764 BrFiltLo - ok
15:52:56.0390 0764 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:52:56.0390 0764 BrFiltUp - ok
15:52:56.0421 0764 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:52:56.0421 0764 Browser - ok
15:52:56.0437 0764 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:52:56.0437 0764 Brserid - ok
15:52:56.0452 0764 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:52:56.0452 0764 BrSerWdm - ok
15:52:56.0452 0764 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:52:56.0452 0764 BrUsbMdm - ok
15:52:56.0452 0764 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:52:56.0468 0764 BrUsbSer - ok
15:52:56.0468 0764 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:52:56.0468 0764 BTHMODEM - ok
15:52:56.0499 0764 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:52:56.0499 0764 bthserv - ok
15:52:56.0515 0764 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:52:56.0515 0764 cdfs - ok
15:52:56.0546 0764 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:52:56.0546 0764 cdrom - ok
15:52:56.0561 0764 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:52:56.0561 0764 CertPropSvc - ok
15:52:56.0577 0764 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:52:56.0577 0764 circlass - ok
15:52:56.0593 0764 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:52:56.0608 0764 CLFS - ok
15:52:56.0655 0764 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:52:56.0655 0764 clr_optimization_v2.0.50727_32 - ok
15:52:56.0686 0764 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:52:56.0686 0764 clr_optimization_v2.0.50727_64 - ok
15:52:56.0733 0764 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:52:56.0733 0764 clr_optimization_v4.0.30319_32 - ok
15:52:56.0749 0764 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:52:56.0749 0764 clr_optimization_v4.0.30319_64 - ok
15:52:56.0764 0764 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:52:56.0764 0764 CmBatt - ok
15:52:56.0780 0764 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:52:56.0780 0764 cmdide - ok
15:52:56.0811 0764 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:52:56.0827 0764 CNG - ok
15:52:56.0842 0764 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:52:56.0842 0764 Compbatt - ok
15:52:56.0858 0764 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:52:56.0858 0764 CompositeBus - ok
15:52:56.0858 0764 COMSysApp - ok
15:52:56.0873 0764 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:52:56.0873 0764 crcdisk - ok
15:52:56.0920 0764 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:52:56.0920 0764 CryptSvc - ok
15:52:56.0936 0764 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:52:56.0951 0764 CSC - ok
15:52:56.0967 0764 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:52:56.0983 0764 CscService - ok
15:52:57.0014 0764 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:52:57.0014 0764 DcomLaunch - ok
15:52:57.0029 0764 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:52:57.0029 0764 defragsvc - ok
15:52:57.0061 0764 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:52:57.0061 0764 DfsC - ok
15:52:57.0107 0764 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:52:57.0107 0764 Dhcp - ok
15:52:57.0107 0764 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:52:57.0107 0764 discache - ok
15:52:57.0123 0764 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:52:57.0139 0764 Disk - ok
15:52:57.0154 0764 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:52:57.0170 0764 dmvsc - ok
15:52:57.0185 0764 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:52:57.0185 0764 Dnscache - ok
15:52:57.0201 0764 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:52:57.0201 0764 dot3svc - ok
15:52:57.0232 0764 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:52:57.0232 0764 DPS - ok
15:52:57.0248 0764 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:52:57.0263 0764 drmkaud - ok
15:52:57.0295 0764 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:52:57.0295 0764 DXGKrnl - ok
15:52:57.0326 0764 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:52:57.0326 0764 EapHost - ok
15:52:57.0388 0764 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:52:57.0419 0764 ebdrv - ok
15:52:57.0435 0764 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:52:57.0435 0764 EFS - ok
15:52:57.0466 0764 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:52:57.0482 0764 ehRecvr - ok
15:52:57.0482 0764 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:52:57.0482 0764 ehSched - ok
15:52:57.0513 0764 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:52:57.0529 0764 elxstor - ok
15:52:57.0544 0764 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:52:57.0544 0764 ErrDev - ok
15:52:57.0560 0764 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:52:57.0575 0764 EventSystem - ok
15:52:57.0591 0764 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:52:57.0591 0764 exfat - ok
15:52:57.0607 0764 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:52:57.0607 0764 fastfat - ok
15:52:57.0638 0764 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:52:57.0638 0764 Fax - ok
15:52:57.0653 0764 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:52:57.0669 0764 fdc - ok
15:52:57.0669 0764 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:52:57.0669 0764 fdPHost - ok
15:52:57.0685 0764 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:52:57.0685 0764 FDResPub - ok
15:52:57.0700 0764 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:52:57.0700 0764 FileInfo - ok
15:52:57.0700 0764 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:52:57.0700 0764 Filetrace - ok
15:52:57.0716 0764 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:52:57.0716 0764 flpydisk - ok
15:52:57.0731 0764 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:52:57.0731 0764 FltMgr - ok
15:52:57.0778 0764 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:52:57.0778 0764 FontCache - ok
15:52:57.0809 0764 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:52:57.0809 0764 FontCache3.0.0.0 - ok
15:52:57.0841 0764 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:52:57.0841 0764 FsDepends - ok
15:52:57.0856 0764 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:52:57.0856 0764 Fs_Rec - ok
15:52:57.0872 0764 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:52:57.0872 0764 fvevol - ok
15:52:57.0887 0764 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:52:57.0887 0764 gagp30kx - ok
15:52:57.0919 0764 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:52:57.0919 0764 gpsvc - ok
15:52:57.0934 0764 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:52:57.0934 0764 hcw85cir - ok
15:52:57.0950 0764 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:52:57.0965 0764 HDAudBus - ok
15:52:57.0981 0764 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:52:57.0981 0764 HidBatt - ok
15:52:57.0997 0764 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:52:57.0997 0764 HidBth - ok
15:52:58.0012 0764 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:52:58.0012 0764 HidIr - ok
15:52:58.0028 0764 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:52:58.0028 0764 hidserv - ok
15:52:58.0043 0764 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:52:58.0043 0764 HidUsb - ok
15:52:58.0090 0764 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:52:58.0090 0764 hkmsvc - ok
15:52:58.0090 0764 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:52:58.0106 0764 HomeGroupListener - ok
15:52:58.0121 0764 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:52:58.0121 0764 HomeGroupProvider - ok
15:52:58.0137 0764 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:52:58.0137 0764 HpSAMD - ok
15:52:58.0168 0764 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:52:58.0168 0764 HTTP - ok
15:52:58.0199 0764 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:52:58.0199 0764 hwpolicy - ok
15:52:58.0199 0764 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:52:58.0215 0764 i8042prt - ok
15:52:58.0262 0764 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:52:58.0293 0764 iaStor - ok
15:52:58.0340 0764 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:52:58.0340 0764 IAStorDataMgrSvc - ok
15:52:58.0355 0764 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:52:58.0355 0764 iaStorV - ok
15:52:58.0418 0764 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:52:58.0418 0764 idsvc - ok
15:52:58.0605 0764 [ 33FAA40B288002C89529DBD14F3AB72C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:52:58.0777 0764 igfx - ok
15:52:58.0792 0764 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:52:58.0792 0764 iirsp - ok
15:52:58.0823 0764 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:52:58.0823 0764 IKEEXT - ok
15:52:58.0870 0764 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:52:58.0901 0764 IntcAzAudAddService - ok
15:52:58.0933 0764 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:52:58.0933 0764 IntcDAud - ok
15:52:58.0948 0764 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:52:58.0948 0764 intelide - ok
15:52:58.0948 0764 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:52:58.0948 0764 intelppm - ok
15:52:58.0964 0764 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:52:58.0964 0764 IPBusEnum - ok
15:52:58.0979 0764 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:52:58.0979 0764 IpFilterDriver - ok
15:52:59.0042 0764 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:52:59.0042 0764 iphlpsvc - ok
15:52:59.0057 0764 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:52:59.0057 0764 IPMIDRV - ok
15:52:59.0073 0764 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:52:59.0073 0764 IPNAT - ok
15:52:59.0089 0764 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:52:59.0089 0764 IRENUM - ok
15:52:59.0104 0764 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:52:59.0104 0764 isapnp - ok
15:52:59.0120 0764 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:52:59.0120 0764 iScsiPrt - ok
15:52:59.0151 0764 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
15:52:59.0151 0764 k57nd60a - ok
15:52:59.0167 0764 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:52:59.0167 0764 kbdclass - ok
15:52:59.0182 0764 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:52:59.0182 0764 kbdhid - ok
15:52:59.0182 0764 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:52:59.0182 0764 KeyIso - ok
15:52:59.0229 0764 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:52:59.0229 0764 KSecDD - ok
15:52:59.0260 0764 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:52:59.0260 0764 KSecPkg - ok
15:52:59.0276 0764 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:52:59.0276 0764 ksthunk - ok
15:52:59.0307 0764 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:52:59.0307 0764 KtmRm - ok
15:52:59.0338 0764 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:52:59.0338 0764 LanmanServer - ok
15:52:59.0354 0764 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:52:59.0354 0764 LanmanWorkstation - ok
15:52:59.0369 0764 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:52:59.0369 0764 lltdio - ok
15:52:59.0401 0764 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:52:59.0401 0764 lltdsvc - ok
15:52:59.0416 0764 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:52:59.0416 0764 lmhosts - ok
15:52:59.0432 0764 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:52:59.0432 0764 LSI_FC - ok
15:52:59.0447 0764 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:52:59.0447 0764 LSI_SAS - ok
15:52:59.0463 0764 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:52:59.0463 0764 LSI_SAS2 - ok
15:52:59.0479 0764 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:52:59.0479 0764 LSI_SCSI - ok
15:52:59.0494 0764 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:52:59.0494 0764 luafv - ok
15:52:59.0525 0764 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:52:59.0525 0764 Mcx2Svc - ok
15:52:59.0525 0764 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:52:59.0541 0764 megasas - ok
15:52:59.0541 0764 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:52:59.0541 0764 MegaSR - ok
15:52:59.0572 0764 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:52:59.0572 0764 MEIx64 - ok
15:52:59.0572 0764 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:52:59.0588 0764 MMCSS - ok
15:52:59.0588 0764 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:52:59.0588 0764 Modem - ok
15:52:59.0588 0764 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:52:59.0588 0764 monitor - ok
15:52:59.0603 0764 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:52:59.0603 0764 mouclass - ok
15:52:59.0619 0764 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:52:59.0619 0764 mouhid - ok
15:52:59.0619 0764 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:52:59.0619 0764 mountmgr - ok
15:52:59.0635 0764 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:52:59.0635 0764 mpio - ok
15:52:59.0650 0764 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:52:59.0650 0764 mpsdrv - ok
15:52:59.0681 0764 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:52:59.0681 0764 MpsSvc - ok
15:52:59.0697 0764 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:52:59.0697 0764 MRxDAV - ok
15:52:59.0713 0764 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:52:59.0713 0764 mrxsmb - ok
15:52:59.0744 0764 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:52:59.0744 0764 mrxsmb10 - ok
15:52:59.0759 0764 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:52:59.0759 0764 mrxsmb20 - ok
15:52:59.0775 0764 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:52:59.0775 0764 msahci - ok
15:52:59.0791 0764 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:52:59.0806 0764 msdsm - ok
15:52:59.0822 0764 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:52:59.0822 0764 MSDTC - ok
15:52:59.0837 0764 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:52:59.0837 0764 Msfs - ok
15:52:59.0853 0764 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:52:59.0853 0764 mshidkmdf - ok
15:52:59.0853 0764 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:52:59.0853 0764 msisadrv - ok
15:52:59.0884 0764 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:52:59.0884 0764 MSiSCSI - ok
15:52:59.0884 0764 msiserver - ok
15:52:59.0900 0764 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:52:59.0900 0764 MSKSSRV - ok
15:52:59.0900 0764 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:52:59.0900 0764 MSPCLOCK - ok
15:52:59.0915 0764 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:52:59.0915 0764 MSPQM - ok
15:52:59.0931 0764 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:52:59.0947 0764 MsRPC - ok
15:52:59.0947 0764 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:52:59.0947 0764 mssmbios - ok
15:52:59.0962 0764 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:52:59.0978 0764 MSTEE - ok
15:52:59.0978 0764 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:52:59.0978 0764 MTConfig - ok
15:53:00.0009 0764 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:53:00.0009 0764 Mup - ok
15:53:00.0040 0764 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:53:00.0040 0764 napagent - ok
15:53:00.0056 0764 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:53:00.0071 0764 NativeWifiP - ok
15:53:00.0118 0764 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:53:00.0134 0764 NDIS - ok
15:53:00.0149 0764 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:53:00.0149 0764 NdisCap - ok
15:53:00.0149 0764 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:53:00.0165 0764 NdisTapi - ok
15:53:00.0181 0764 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:53:00.0196 0764 Ndisuio - ok
15:53:00.0212 0764 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:53:00.0212 0764 NdisWan - ok
15:53:00.0243 0764 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:53:00.0243 0764 NDProxy - ok
15:53:00.0259 0764 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:53:00.0259 0764 NetBIOS - ok
15:53:00.0274 0764 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:53:00.0274 0764 NetBT - ok
15:53:00.0290 0764 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:53:00.0290 0764 Netlogon - ok
15:53:00.0337 0764 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:53:00.0383 0764 Netman - ok
15:53:00.0399 0764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0399 0764 NetMsmqActivator - ok
15:53:00.0399 0764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0399 0764 NetPipeActivator - ok
15:53:00.0415 0764 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:53:00.0415 0764 netprofm - ok
15:53:00.0430 0764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0430 0764 NetTcpActivator - ok
15:53:00.0430 0764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0430 0764 NetTcpPortSharing - ok
15:53:00.0446 0764 [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
15:53:00.0461 0764 netvsc - ok
15:53:00.0477 0764 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:53:00.0477 0764 nfrd960 - ok
15:53:00.0493 0764 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:53:00.0493 0764 NlaSvc - ok
15:53:00.0524 0764 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
15:53:00.0524 0764 nmwcd - ok
15:53:00.0539 0764 [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
15:53:00.0539 0764 nmwcdc - ok
15:53:00.0555 0764 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:53:00.0555 0764 Npfs - ok
15:53:00.0586 0764 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:53:00.0586 0764 nsi - ok
15:53:00.0586 0764 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:53:00.0586 0764 nsiproxy - ok
15:53:00.0649 0764 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:53:00.0680 0764 Ntfs - ok
15:53:00.0695 0764 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:53:00.0695 0764 Null - ok
15:53:00.0711 0764 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:53:00.0711 0764 nvraid - ok
15:53:00.0727 0764 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:53:00.0727 0764 nvstor - ok
15:53:00.0742 0764 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:53:00.0742 0764 nv_agp - ok
15:53:00.0758 0764 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:53:00.0773 0764 ohci1394 - ok
15:53:00.0836 0764 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:53:00.0836 0764 ose - ok
15:53:00.0961 0764 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:53:00.0976 0764 osppsvc - ok
15:53:01.0007 0764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:53:01.0023 0764 p2pimsvc - ok
15:53:01.0039 0764 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:53:01.0039 0764 p2psvc - ok
15:53:01.0054 0764 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:53:01.0054 0764 Parport - ok
15:53:01.0085 0764 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:53:01.0085 0764 partmgr - ok
15:53:01.0117 0764 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:53:01.0117 0764 PcaSvc - ok
15:53:01.0226 0764 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
15:53:01.0226 0764 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:53:01.0257 0764 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:53:01.0257 0764 pci - ok
15:53:01.0273 0764 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:53:01.0273 0764 pciide - ok
15:53:01.0288 0764 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:53:01.0288 0764 pcmcia - ok
15:53:01.0304 0764 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:53:01.0304 0764 pcw - ok
15:53:01.0319 0764 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:53:01.0335 0764 PEAUTH - ok
15:53:01.0382 0764 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:53:01.0397 0764 PeerDistSvc - ok
15:53:01.0460 0764 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:53:01.0460 0764 PerfHost - ok
15:53:01.0491 0764 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:53:01.0507 0764 pla - ok
15:53:01.0538 0764 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:53:01.0538 0764 PlugPlay - ok
15:53:01.0553 0764 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:53:01.0553 0764 PNRPAutoReg - ok
15:53:01.0569 0764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:53:01.0569 0764 PNRPsvc - ok
15:53:01.0600 0764 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:53:01.0616 0764 PolicyAgent - ok
15:53:01.0631 0764 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
15:53:01.0631 0764 Power - ok
15:53:01.0647 0764 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:53:01.0647 0764 PptpMiniport - ok
15:53:01.0663 0764 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:53:01.0663 0764 Processor - ok
15:53:01.0694 0764 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:53:01.0694 0764 ProfSvc - ok
15:53:01.0709 0764 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:53:01.0709 0764 ProtectedStorage - ok
15:53:01.0725 0764 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:53:01.0725 0764 Psched - ok
15:53:01.0741 0764 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:53:01.0741 0764 PxHlpa64 - ok
15:53:01.0788 0764 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:53:01.0803 0764 ql2300 - ok
15:53:01.0803 0764 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:53:01.0803 0764 ql40xx - ok
15:53:01.0819 0764 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:53:01.0834 0764 QWAVE - ok
15:53:01.0834 0764 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:53:01.0834 0764 QWAVEdrv - ok
15:53:01.0866 0764 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:53:01.0866 0764 RasAcd - ok
15:53:01.0881 0764 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:53:01.0881 0764 RasAgileVpn - ok
15:53:01.0897 0764 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:53:01.0912 0764 RasAuto - ok
15:53:01.0912 0764 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:53:01.0928 0764 Rasl2tp - ok
15:53:01.0928 0764 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:53:01.0944 0764 RasMan - ok
15:53:01.0944 0764 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:53:01.0944 0764 RasPppoe - ok
15:53:01.0959 0764 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:53:01.0959 0764 RasSstp - ok
15:53:01.0975 0764 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:53:01.0975 0764 rdbss - ok
15:53:01.0990 0764 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:53:01.0990 0764 rdpbus - ok
15:53:01.0990 0764 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:53:01.0990 0764 RDPCDD - ok
15:53:02.0022 0764 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:53:02.0022 0764 RDPDR - ok
15:53:02.0037 0764 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:53:02.0037 0764 RDPENCDD - ok
15:53:02.0053 0764 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:53:02.0053 0764 RDPREFMP - ok
15:53:02.0084 0764 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:53:02.0084 0764 RDPWD - ok
15:53:02.0100 0764 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:53:02.0100 0764 rdyboost - ok
15:53:02.0115 0764 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:53:02.0115 0764 RemoteAccess - ok
15:53:02.0146 0764 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:53:02.0146 0764 RemoteRegistry - ok
15:53:02.0271 0764 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:53:02.0287 0764 RoxMediaDB12OEM - ok
15:53:02.0318 0764 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:53:02.0318 0764 RoxWatch12 - ok
15:53:02.0334 0764 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:53:02.0334 0764 RpcEptMapper - ok
15:53:02.0349 0764 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:53:02.0349 0764 RpcLocator - ok
15:53:02.0380 0764 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:53:02.0380 0764 RpcSs - ok
15:53:02.0396 0764 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:53:02.0396 0764 rspndr - ok
15:53:02.0412 0764 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:53:02.0412 0764 s3cap - ok
15:53:02.0443 0764 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:53:02.0443 0764 SamSs - ok
15:53:02.0458 0764 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:53:02.0474 0764 sbp2port - ok
15:53:02.0490 0764 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:53:02.0490 0764 SCardSvr - ok
15:53:02.0505 0764 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:53:02.0505 0764 scfilter - ok
15:53:02.0521 0764 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:53:02.0536 0764 Schedule - ok
15:53:02.0552 0764 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:53:02.0552 0764 SCPolicySvc - ok
15:53:02.0552 0764 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:53:02.0568 0764 SDRSVC - ok
15:53:02.0568 0764 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:53:02.0568 0764 secdrv - ok
15:53:02.0568 0764 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:53:02.0568 0764 seclogon - ok
15:53:02.0583 0764 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:53:02.0583 0764 SENS - ok
15:53:02.0583 0764 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:53:02.0599 0764 SensrSvc - ok
15:53:02.0599 0764 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:53:02.0614 0764 Serenum - ok
15:53:02.0614 0764 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:53:02.0614 0764 Serial - ok
15:53:02.0630 0764 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:53:02.0630 0764 sermouse - ok
15:53:02.0661 0764 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:53:02.0661 0764 SessionEnv - ok
15:53:02.0661 0764 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:53:02.0661 0764 sffdisk - ok
15:53:02.0661 0764 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:53:02.0661 0764 sffp_mmc - ok
15:53:02.0677 0764 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:53:02.0677 0764 sffp_sd - ok
15:53:02.0677 0764 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:53:02.0677 0764 sfloppy - ok
15:53:02.0739 0764 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:53:02.0755 0764 SftService - ok
15:53:02.0770 0764 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:53:02.0786 0764 SharedAccess - ok
15:53:02.0802 0764 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:53:02.0802 0764 ShellHWDetection - ok
15:53:02.0817 0764 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:53:02.0817 0764 SiSRaid2 - ok
15:53:02.0833 0764 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:53:02.0833 0764 SiSRaid4 - ok
15:53:02.0848 0764 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:53:02.0848 0764 Smb - ok
15:53:02.0864 0764 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:53:02.0880 0764 SNMPTRAP - ok
15:53:02.0880 0764 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:53:02.0880 0764 spldr - ok
15:53:02.0942 0764 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:53:02.0942 0764 Spooler - ok
15:53:03.0004 0764 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:53:03.0067 0764 sppsvc - ok
15:53:03.0082 0764 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:53:03.0082 0764 sppuinotify - ok
15:53:03.0114 0764 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:53:03.0114 0764 srv - ok
15:53:03.0129 0764 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:53:03.0145 0764 srv2 - ok
15:53:03.0145 0764 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:53:03.0160 0764 srvnet - ok
15:53:03.0160 0764 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:53:03.0176 0764 SSDPSRV - ok
15:53:03.0176 0764 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:53:03.0176 0764 SstpSvc - ok
15:53:03.0207 0764 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:53:03.0207 0764 stexstor - ok
15:53:03.0238 0764 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:53:03.0238 0764 stisvc - ok
15:53:03.0301 0764 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:53:03.0301 0764 stllssvr - ok
15:53:03.0332 0764 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:53:03.0332 0764 StorSvc - ok
15:53:03.0348 0764 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:53:03.0348 0764 storvsc - ok
15:53:03.0348 0764 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:53:03.0348 0764 swenum - ok
15:53:03.0426 0764 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:53:03.0426 0764 SwitchBoard - ok
15:53:03.0441 0764 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:53:03.0457 0764 swprv - ok
15:53:03.0457 0764 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
15:53:03.0472 0764 SynthVid - ok
15:53:03.0535 0764 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:53:03.0566 0764 SysMain - ok
15:53:03.0582 0764 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:53:03.0582 0764 TabletInputService - ok
15:53:03.0597 0764 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:53:03.0597 0764 TapiSrv - ok
15:53:03.0613 0764 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:53:03.0613 0764 TBS - ok
15:53:03.0675 0764 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:53:03.0706 0764 Tcpip - ok
15:53:03.0753 0764 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:53:03.0753 0764 TCPIP6 - ok
15:53:03.0784 0764 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:53:03.0784 0764 tcpipreg - ok
15:53:03.0800 0764 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:53:03.0800 0764 TDPIPE - ok
15:53:03.0816 0764 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:53:03.0831 0764 TDTCP - ok
15:53:03.0847 0764 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:53:03.0847 0764 tdx - ok
15:53:03.0847 0764 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:53:03.0847 0764 TermDD - ok
15:53:03.0878 0764 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:53:03.0878 0764 TermService - ok
15:53:03.0894 0764 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:53:03.0894 0764 Themes - ok
15:53:03.0909 0764 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:53:03.0909 0764 THREADORDER - ok
15:53:03.0925 0764 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:53:03.0925 0764 TrkWks - ok
15:53:03.0972 0764 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:53:03.0972 0764 TrustedInstaller - ok
15:53:03.0987 0764 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:53:03.0987 0764 tssecsrv - ok
15:53:04.0003 0764 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:53:04.0003 0764 TsUsbFlt - ok
15:53:04.0018 0764 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:53:04.0018 0764 TsUsbGD - ok
15:53:04.0034 0764 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:53:04.0034 0764 tunnel - ok
15:53:04.0050 0764 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:53:04.0050 0764 uagp35 - ok
15:53:04.0065 0764 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:53:04.0065 0764 udfs - ok
15:53:04.0081 0764 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:53:04.0096 0764 UI0Detect - ok
15:53:04.0096 0764 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:53:04.0112 0764 uliagpkx - ok
15:53:04.0112 0764 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:53:04.0112 0764 umbus - ok
15:53:04.0128 0764 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:53:04.0143 0764 UmPass - ok
15:53:04.0159 0764 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:53:04.0159 0764 UmRdpService - ok
15:53:04.0174 0764 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:53:04.0190 0764 upnphost - ok
15:53:04.0206 0764 [ 4E93C8496359E97830C75AC36393654D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:53:04.0206 0764 upperdev - ok
15:53:04.0237 0764 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:53:04.0237 0764 usbccgp - ok
15:53:04.0252 0764 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:53:04.0252 0764 usbcir - ok
15:53:04.0268 0764 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:53:04.0268 0764 usbehci - ok
15:53:04.0299 0764 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:53:04.0299 0764 usbhub - ok
15:53:04.0315 0764 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:53:04.0315 0764 usbohci - ok
15:53:04.0330 0764 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:53:04.0330 0764 usbprint - ok
15:53:04.0346 0764 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
15:53:04.0346 0764 usbser - ok
15:53:04.0346 0764 [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:53:04.0346 0764 UsbserFilt - ok
15:53:04.0362 0764 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:53:04.0362 0764 USBSTOR - ok
15:53:04.0393 0764 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:53:04.0393 0764 usbuhci - ok
15:53:04.0440 0764 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:53:04.0440 0764 UxSms - ok
15:53:04.0440 0764 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:53:04.0455 0764 VaultSvc - ok
15:53:04.0455 0764 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:53:04.0455 0764 vdrvroot - ok
15:53:04.0471 0764 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:53:04.0471 0764 vds - ok
15:53:04.0518 0764 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:53:04.0533 0764 vga - ok
15:53:04.0549 0764 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:53:04.0549 0764 VgaSave - ok
15:53:04.0564 0764 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:53:04.0564 0764 vhdmp - ok
15:53:04.0580 0764 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:53:04.0580 0764 viaide - ok
15:53:04.0596 0764 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:53:04.0596 0764 VMBusHID - ok
15:53:04.0611 0764 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:53:04.0611 0764 volmgr - ok
15:53:04.0627 0764 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:53:04.0627 0764 volmgrx - ok
15:53:04.0642 0764 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:53:04.0658 0764 volsnap - ok
15:53:04.0674 0764 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:53:04.0674 0764 vsmraid - ok
15:53:04.0705 0764 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:53:04.0752 0764 VSS - ok
15:53:04.0767 0764 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:53:04.0767 0764 vwifibus - ok
15:53:04.0783 0764 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:53:04.0798 0764 W32Time - ok
15:53:04.0814 0764 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:53:04.0814 0764 WacomPen - ok
15:53:04.0830 0764 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:53:04.0830 0764 WANARP - ok
15:53:04.0830 0764 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:53:04.0830 0764 Wanarpv6 - ok
15:53:04.0876 0764 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:53:04.0892 0764 WatAdminSvc - ok
15:53:04.0908 0764 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:53:04.0923 0764 wbengine - ok
15:53:04.0939 0764 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:53:04.0939 0764 WbioSrvc - ok
15:53:04.0954 0764 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:53:04.0954 0764 wcncsvc - ok
15:53:04.0954 0764 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:53:04.0954 0764 WcsPlugInService - ok
15:53:04.0970 0764 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:53:04.0970 0764 Wd - ok
15:53:05.0001 0764 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:53:05.0001 0764 Wdf01000 - ok
15:53:05.0017 0764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:53:05.0017 0764 WdiServiceHost - ok
15:53:05.0017 0764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:53:05.0017 0764 WdiSystemHost - ok
15:53:05.0032 0764 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:53:05.0032 0764 WebClient - ok
15:53:05.0048 0764 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:53:05.0048 0764 Wecsvc - ok
15:53:05.0064 0764 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:53:05.0079 0764 wercplsupport - ok
15:53:05.0079 0764 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:53:05.0079 0764 WerSvc - ok
15:53:05.0095 0764 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:53:05.0095 0764 WfpLwf - ok
15:53:05.0110 0764 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:53:05.0126 0764 WimFltr - ok
15:53:05.0142 0764 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:53:05.0142 0764 WIMMount - ok
15:53:05.0142 0764 WinDefend - ok
15:53:05.0142 0764 WinHttpAutoProxySvc - ok
15:53:05.0188 0764 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:53:05.0188 0764 Winmgmt - ok
15:53:05.0235 0764 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:53:05.0235 0764 WinRM - ok
15:53:05.0282 0764 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:53:05.0282 0764 WinUsb - ok
15:53:05.0298 0764 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:53:05.0313 0764 Wlansvc - ok
15:53:05.0391 0764 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:53:05.0391 0764 wlcrasvc - ok
15:53:05.0516 0764 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:53:05.0532 0764 wlidsvc - ok
15:53:05.0563 0764 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:53:05.0578 0764 WmiAcpi - ok
15:53:05.0610 0764 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:53:05.0610 0764 wmiApSrv - ok
15:53:05.0625 0764 WMPNetworkSvc - ok
15:53:05.0641 0764 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:53:05.0641 0764 WPCSvc - ok
15:53:05.0641 0764 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:53:05.0656 0764 WPDBusEnum - ok
15:53:05.0672 0764 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:53:05.0672 0764 ws2ifsl - ok
15:53:05.0688 0764 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:53:05.0688 0764 wscsvc - ok
15:53:05.0688 0764 WSearch - ok
15:53:05.0766 0764 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:53:05.0797 0764 wuauserv - ok
15:53:05.0828 0764 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:53:05.0844 0764 WudfPf - ok
15:53:05.0844 0764 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:53:05.0859 0764 WUDFRd - ok
15:53:05.0859 0764 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:53:05.0859 0764 wudfsvc - ok
15:53:05.0875 0764 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:53:05.0875 0764 WwanSvc - ok
15:53:05.0890 0764 ================ Scan global ===============================
15:53:05.0906 0764 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:53:05.0953 0764 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:05.0953 0764 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:05.0968 0764 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:53:06.0000 0764 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:53:06.0000 0764 [Global] - ok
15:53:06.0000 0764 ================ Scan MBR ==================================
15:53:06.0015 0764 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:53:06.0280 0764 Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
15:53:06.0343 0764 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:53:06.0343 0764 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:53:06.0343 0764 ================ Scan VBR ==================================
15:53:06.0374 0764 [ 53975848382FC36F3CB5D792F2563280 ] \Device\Harddisk0\DR0\Partition1
15:53:06.0374 0764 \Device\Harddisk0\DR0\Partition1 - ok
15:53:06.0390 0764 [ 21028167BC9C48551F4E7105EA9D9599 ] \Device\Harddisk0\DR0\Partition2
15:53:06.0390 0764 \Device\Harddisk0\DR0\Partition2 - ok
15:53:06.0390 0764 ============================================================
15:53:06.0390 0764 Scan finished
15:53:06.0390 0764 ============================================================
15:53:06.0405 7100 Detected object count: 1
15:53:06.0405 7100 Actual detected object count: 1
15:53:42.0753 7100 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
15:53:42.0753 7100 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
15:53:47.0464 4724 Deinitialize success
|
|
01.03.2013, 19:54
| #15 |
| | Virus system repair Rkill Code:
ATTFilter
15:51:19.0597 0688 WinDefend - ok
15:51:19.0597 0688 WinHttpAutoProxySvc - ok
15:51:19.0659 0688 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:51:19.0659 0688 Winmgmt - ok
15:51:19.0706 0688 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:51:19.0753 0688 WinRM - ok
15:51:19.0846 0688 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:51:19.0846 0688 WinUsb - ok
15:51:19.0877 0688 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:51:19.0893 0688 Wlansvc - ok
15:51:19.0971 0688 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:51:19.0987 0688 wlcrasvc - ok
15:51:20.0096 0688 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:51:20.0174 0688 wlidsvc - ok
15:51:20.0205 0688 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:51:20.0205 0688 WmiAcpi - ok
15:51:20.0221 0688 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:51:20.0236 0688 wmiApSrv - ok
15:51:20.0267 0688 WMPNetworkSvc - ok
15:51:20.0283 0688 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:51:20.0283 0688 WPCSvc - ok
15:51:20.0299 0688 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:51:20.0299 0688 WPDBusEnum - ok
15:51:20.0314 0688 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:51:20.0314 0688 ws2ifsl - ok
15:51:20.0330 0688 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:51:20.0345 0688 wscsvc - ok
15:51:20.0345 0688 WSearch - ok
15:51:20.0439 0688 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:51:20.0486 0688 wuauserv - ok
15:51:20.0517 0688 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:51:20.0517 0688 WudfPf - ok
15:51:20.0548 0688 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:51:20.0548 0688 WUDFRd - ok
15:51:20.0548 0688 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:51:20.0564 0688 wudfsvc - ok
15:51:20.0579 0688 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:51:20.0595 0688 WwanSvc - ok
15:51:20.0595 0688 ================ Scan global ===============================
15:51:20.0626 0688 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:51:20.0657 0688 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:20.0673 0688 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:20.0689 0688 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:51:20.0704 0688 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:51:20.0704 0688 [Global] - ok
15:51:20.0704 0688 ================ Scan MBR ==================================
15:51:20.0720 0688 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:51:21.0094 0688 Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
15:51:21.0172 0688 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:51:21.0172 0688 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:51:21.0172 0688 ================ Scan VBR ==================================
15:51:21.0219 0688 [ 53975848382FC36F3CB5D792F2563280 ] \Device\Harddisk0\DR0\Partition1
15:51:21.0219 0688 \Device\Harddisk0\DR0\Partition1 - ok
15:51:21.0266 0688 [ 21028167BC9C48551F4E7105EA9D9599 ] \Device\Harddisk0\DR0\Partition2
15:51:21.0266 0688 \Device\Harddisk0\DR0\Partition2 - ok
15:51:21.0266 0688 ============================================================
15:51:21.0266 0688 Scan finished
15:51:21.0266 0688 ============================================================
15:51:21.0266 4108 Detected object count: 1
15:51:21.0266 4108 Actual detected object count: 1
15:52:14.0306 4108 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
15:52:14.0306 4108 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
15:52:54.0799 0764 ============================================================
15:52:54.0799 0764 Scan started
15:52:54.0799 0764 Mode: Manual;
15:52:54.0799 0764 ============================================================
15:52:54.0923 0764 ================ Scan system memory ========================
15:52:54.0923 0764 System memory - ok
15:52:54.0923 0764 ================ Scan services =============================
15:52:55.0189 0764 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:52:55.0189 0764 1394ohci - ok
15:52:55.0204 0764 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:52:55.0204 0764 ACPI - ok
15:52:55.0220 0764 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:52:55.0220 0764 AcpiPmi - ok
15:52:55.0345 0764 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:52:55.0345 0764 AdobeARMservice - ok
15:52:55.0407 0764 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:52:55.0407 0764 AdobeFlashPlayerUpdateSvc - ok
15:52:55.0423 0764 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:52:55.0438 0764 adp94xx - ok
15:52:55.0438 0764 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:52:55.0438 0764 adpahci - ok
15:52:55.0454 0764 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:52:55.0454 0764 adpu320 - ok
15:52:55.0485 0764 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:52:55.0485 0764 AeLookupSvc - ok
15:52:55.0516 0764 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:52:55.0516 0764 AERTFilters - ok
15:52:55.0547 0764 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:52:55.0547 0764 AFD - ok
15:52:55.0563 0764 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:52:55.0563 0764 agp440 - ok
15:52:55.0579 0764 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:52:55.0579 0764 ALG - ok
15:52:55.0594 0764 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:52:55.0594 0764 aliide - ok
15:52:55.0594 0764 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:52:55.0594 0764 amdide - ok
15:52:55.0610 0764 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:52:55.0625 0764 AmdK8 - ok
15:52:55.0641 0764 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:52:55.0641 0764 AmdPPM - ok
15:52:55.0641 0764 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:52:55.0641 0764 amdsata - ok
15:52:55.0641 0764 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:52:55.0641 0764 amdsbs - ok
15:52:55.0657 0764 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:52:55.0657 0764 amdxata - ok
15:52:55.0703 0764 [ B73EB5109193A4BACE8520B79DD77B25 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
15:52:55.0703 0764 AntiVirMailService - ok
15:52:55.0735 0764 [ 44E76CC89F7E38B3C31F000A4E566856 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:52:55.0735 0764 AntiVirSchedulerService - ok
15:52:55.0766 0764 [ 3FE1CDD4DCF5D42DDBD6F1A3F83B5D3A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:52:55.0766 0764 AntiVirService - ok
15:52:55.0781 0764 [ 4B46FED191BEB6EAFED88DE90E97A7DB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:52:55.0781 0764 AntiVirWebService - ok
15:52:55.0797 0764 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:52:55.0797 0764 AppID - ok
15:52:55.0828 0764 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:52:55.0828 0764 AppIDSvc - ok
15:52:55.0828 0764 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:52:55.0828 0764 Appinfo - ok
15:52:55.0844 0764 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:52:55.0859 0764 AppMgmt - ok
15:52:55.0875 0764 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:52:55.0875 0764 arc - ok
15:52:55.0891 0764 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:52:55.0891 0764 arcsas - ok
15:52:55.0969 0764 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:52:55.0969 0764 aspnet_state - ok
15:52:55.0984 0764 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:52:55.0984 0764 AsyncMac - ok
15:52:56.0015 0764 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:52:56.0015 0764 atapi - ok
15:52:56.0062 0764 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:52:56.0062 0764 AudioEndpointBuilder - ok
15:52:56.0078 0764 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:52:56.0078 0764 AudioSrv - ok
15:52:56.0109 0764 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:52:56.0125 0764 avgntflt - ok
15:52:56.0156 0764 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:52:56.0156 0764 avipbb - ok
15:52:56.0187 0764 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:52:56.0187 0764 avkmgr - ok
15:52:56.0203 0764 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:52:56.0203 0764 AxInstSV - ok
15:52:56.0234 0764 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:52:56.0234 0764 b06bdrv - ok
15:52:56.0249 0764 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:52:56.0249 0764 b57nd60a - ok
15:52:56.0281 0764 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:52:56.0281 0764 BDESVC - ok
15:52:56.0296 0764 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:52:56.0296 0764 Beep - ok
15:52:56.0312 0764 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:52:56.0312 0764 BFE - ok
15:52:56.0343 0764 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:52:56.0343 0764 BITS - ok
15:52:56.0359 0764 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:52:56.0359 0764 blbdrive - ok
15:52:56.0374 0764 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:52:56.0374 0764 bowser - ok
15:52:56.0390 0764 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:52:56.0390 0764 BrFiltLo - ok
15:52:56.0390 0764 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:52:56.0390 0764 BrFiltUp - ok
15:52:56.0421 0764 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:52:56.0421 0764 Browser - ok
15:52:56.0437 0764 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:52:56.0437 0764 Brserid - ok
15:52:56.0452 0764 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:52:56.0452 0764 BrSerWdm - ok
15:52:56.0452 0764 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:52:56.0452 0764 BrUsbMdm - ok
15:52:56.0452 0764 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:52:56.0468 0764 BrUsbSer - ok
15:52:56.0468 0764 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:52:56.0468 0764 BTHMODEM - ok
15:52:56.0499 0764 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:52:56.0499 0764 bthserv - ok
15:52:56.0515 0764 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:52:56.0515 0764 cdfs - ok
15:52:56.0546 0764 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:52:56.0546 0764 cdrom - ok
15:52:56.0561 0764 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:52:56.0561 0764 CertPropSvc - ok
15:52:56.0577 0764 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:52:56.0577 0764 circlass - ok
15:52:56.0593 0764 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:52:56.0608 0764 CLFS - ok
15:52:56.0655 0764 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:52:56.0655 0764 clr_optimization_v2.0.50727_32 - ok
15:52:56.0686 0764 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:52:56.0686 0764 clr_optimization_v2.0.50727_64 - ok
15:52:56.0733 0764 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:52:56.0733 0764 clr_optimization_v4.0.30319_32 - ok
15:52:56.0749 0764 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:52:56.0749 0764 clr_optimization_v4.0.30319_64 - ok
15:52:56.0764 0764 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:52:56.0764 0764 CmBatt - ok
15:52:56.0780 0764 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:52:56.0780 0764 cmdide - ok
15:52:56.0811 0764 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:52:56.0827 0764 CNG - ok
15:52:56.0842 0764 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:52:56.0842 0764 Compbatt - ok
15:52:56.0858 0764 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:52:56.0858 0764 CompositeBus - ok
15:52:56.0858 0764 COMSysApp - ok
15:52:56.0873 0764 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:52:56.0873 0764 crcdisk - ok
15:52:56.0920 0764 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:52:56.0920 0764 CryptSvc - ok
15:52:56.0936 0764 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:52:56.0951 0764 CSC - ok
15:52:56.0967 0764 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:52:56.0983 0764 CscService - ok
15:52:57.0014 0764 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:52:57.0014 0764 DcomLaunch - ok
15:52:57.0029 0764 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:52:57.0029 0764 defragsvc - ok
15:52:57.0061 0764 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:52:57.0061 0764 DfsC - ok
15:52:57.0107 0764 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:52:57.0107 0764 Dhcp - ok
15:52:57.0107 0764 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:52:57.0107 0764 discache - ok
15:52:57.0123 0764 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:52:57.0139 0764 Disk - ok
15:52:57.0154 0764 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:52:57.0170 0764 dmvsc - ok
15:52:57.0185 0764 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:52:57.0185 0764 Dnscache - ok
15:52:57.0201 0764 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:52:57.0201 0764 dot3svc - ok
15:52:57.0232 0764 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:52:57.0232 0764 DPS - ok
15:52:57.0248 0764 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:52:57.0263 0764 drmkaud - ok
15:52:57.0295 0764 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:52:57.0295 0764 DXGKrnl - ok
15:52:57.0326 0764 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:52:57.0326 0764 EapHost - ok
15:52:57.0388 0764 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:52:57.0419 0764 ebdrv - ok
15:52:57.0435 0764 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:52:57.0435 0764 EFS - ok
15:52:57.0466 0764 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:52:57.0482 0764 ehRecvr - ok
15:52:57.0482 0764 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:52:57.0482 0764 ehSched - ok
15:52:57.0513 0764 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:52:57.0529 0764 elxstor - ok
15:52:57.0544 0764 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:52:57.0544 0764 ErrDev - ok
15:52:57.0560 0764 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:52:57.0575 0764 EventSystem - ok
15:52:57.0591 0764 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:52:57.0591 0764 exfat - ok
15:52:57.0607 0764 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:52:57.0607 0764 fastfat - ok
15:52:57.0638 0764 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:52:57.0638 0764 Fax - ok
15:52:57.0653 0764 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:52:57.0669 0764 fdc - ok
15:52:57.0669 0764 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:52:57.0669 0764 fdPHost - ok
15:52:57.0685 0764 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:52:57.0685 0764 FDResPub - ok
15:52:57.0700 0764 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:52:57.0700 0764 FileInfo - ok
15:52:57.0700 0764 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:52:57.0700 0764 Filetrace - ok
15:52:57.0716 0764 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:52:57.0716 0764 flpydisk - ok
15:52:57.0731 0764 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:52:57.0731 0764 FltMgr - ok
15:52:57.0778 0764 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:52:57.0778 0764 FontCache - ok
15:52:57.0809 0764 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:52:57.0809 0764 FontCache3.0.0.0 - ok
15:52:57.0841 0764 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:52:57.0841 0764 FsDepends - ok
15:52:57.0856 0764 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:52:57.0856 0764 Fs_Rec - ok
15:52:57.0872 0764 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:52:57.0872 0764 fvevol - ok
15:52:57.0887 0764 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:52:57.0887 0764 gagp30kx - ok
15:52:57.0919 0764 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:52:57.0919 0764 gpsvc - ok
15:52:57.0934 0764 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:52:57.0934 0764 hcw85cir - ok
15:52:57.0950 0764 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:52:57.0965 0764 HDAudBus - ok
15:52:57.0981 0764 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:52:57.0981 0764 HidBatt - ok
15:52:57.0997 0764 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:52:57.0997 0764 HidBth - ok
15:52:58.0012 0764 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:52:58.0012 0764 HidIr - ok
15:52:58.0028 0764 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:52:58.0028 0764 hidserv - ok
15:52:58.0043 0764 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:52:58.0043 0764 HidUsb - ok
15:52:58.0090 0764 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:52:58.0090 0764 hkmsvc - ok
15:52:58.0090 0764 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:52:58.0106 0764 HomeGroupListener - ok
15:52:58.0121 0764 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:52:58.0121 0764 HomeGroupProvider - ok
15:52:58.0137 0764 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:52:58.0137 0764 HpSAMD - ok
15:52:58.0168 0764 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:52:58.0168 0764 HTTP - ok
15:52:58.0199 0764 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:52:58.0199 0764 hwpolicy - ok
15:52:58.0199 0764 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:52:58.0215 0764 i8042prt - ok
15:52:58.0262 0764 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:52:58.0293 0764 iaStor - ok
15:52:58.0340 0764 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:52:58.0340 0764 IAStorDataMgrSvc - ok
15:52:58.0355 0764 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:52:58.0355 0764 iaStorV - ok
15:52:58.0418 0764 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:52:58.0418 0764 idsvc - ok
15:52:58.0605 0764 [ 33FAA40B288002C89529DBD14F3AB72C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:52:58.0777 0764 igfx - ok
15:52:58.0792 0764 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:52:58.0792 0764 iirsp - ok
15:52:58.0823 0764 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:52:58.0823 0764 IKEEXT - ok
15:52:58.0870 0764 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:52:58.0901 0764 IntcAzAudAddService - ok
15:52:58.0933 0764 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:52:58.0933 0764 IntcDAud - ok
15:52:58.0948 0764 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:52:58.0948 0764 intelide - ok
15:52:58.0948 0764 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:52:58.0948 0764 intelppm - ok
15:52:58.0964 0764 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:52:58.0964 0764 IPBusEnum - ok
15:52:58.0979 0764 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:52:58.0979 0764 IpFilterDriver - ok
15:52:59.0042 0764 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:52:59.0042 0764 iphlpsvc - ok
15:52:59.0057 0764 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:52:59.0057 0764 IPMIDRV - ok
15:52:59.0073 0764 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:52:59.0073 0764 IPNAT - ok
15:52:59.0089 0764 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:52:59.0089 0764 IRENUM - ok
15:52:59.0104 0764 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:52:59.0104 0764 isapnp - ok
15:52:59.0120 0764 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:52:59.0120 0764 iScsiPrt - ok
15:52:59.0151 0764 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
15:52:59.0151 0764 k57nd60a - ok
15:52:59.0167 0764 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:52:59.0167 0764 kbdclass - ok
15:52:59.0182 0764 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:52:59.0182 0764 kbdhid - ok
15:52:59.0182 0764 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:52:59.0182 0764 KeyIso - ok
15:52:59.0229 0764 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:52:59.0229 0764 KSecDD - ok
15:52:59.0260 0764 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:52:59.0260 0764 KSecPkg - ok
15:52:59.0276 0764 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:52:59.0276 0764 ksthunk - ok
15:52:59.0307 0764 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:52:59.0307 0764 KtmRm - ok
15:52:59.0338 0764 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:52:59.0338 0764 LanmanServer - ok
15:52:59.0354 0764 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:52:59.0354 0764 LanmanWorkstation - ok
15:52:59.0369 0764 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:52:59.0369 0764 lltdio - ok
15:52:59.0401 0764 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:52:59.0401 0764 lltdsvc - ok
15:52:59.0416 0764 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:52:59.0416 0764 lmhosts - ok
15:52:59.0432 0764 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:52:59.0432 0764 LSI_FC - ok
15:52:59.0447 0764 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:52:59.0447 0764 LSI_SAS - ok
15:52:59.0463 0764 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:52:59.0463 0764 LSI_SAS2 - ok
15:52:59.0479 0764 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:52:59.0479 0764 LSI_SCSI - ok
15:52:59.0494 0764 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:52:59.0494 0764 luafv - ok
15:52:59.0525 0764 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:52:59.0525 0764 Mcx2Svc - ok
15:52:59.0525 0764 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:52:59.0541 0764 megasas - ok
15:52:59.0541 0764 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:52:59.0541 0764 MegaSR - ok
15:52:59.0572 0764 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:52:59.0572 0764 MEIx64 - ok
15:52:59.0572 0764 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:52:59.0588 0764 MMCSS - ok
15:52:59.0588 0764 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:52:59.0588 0764 Modem - ok
15:52:59.0588 0764 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:52:59.0588 0764 monitor - ok
15:52:59.0603 0764 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:52:59.0603 0764 mouclass - ok
15:52:59.0619 0764 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:52:59.0619 0764 mouhid - ok
15:52:59.0619 0764 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:52:59.0619 0764 mountmgr - ok
15:52:59.0635 0764 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:52:59.0635 0764 mpio - ok
15:52:59.0650 0764 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:52:59.0650 0764 mpsdrv - ok
15:52:59.0681 0764 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:52:59.0681 0764 MpsSvc - ok
15:52:59.0697 0764 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:52:59.0697 0764 MRxDAV - ok
15:52:59.0713 0764 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:52:59.0713 0764 mrxsmb - ok
15:52:59.0744 0764 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:52:59.0744 0764 mrxsmb10 - ok
15:52:59.0759 0764 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:52:59.0759 0764 mrxsmb20 - ok
15:52:59.0775 0764 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:52:59.0775 0764 msahci - ok
15:52:59.0791 0764 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:52:59.0806 0764 msdsm - ok
15:52:59.0822 0764 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:52:59.0822 0764 MSDTC - ok
15:52:59.0837 0764 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:52:59.0837 0764 Msfs - ok
15:52:59.0853 0764 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:52:59.0853 0764 mshidkmdf - ok
15:52:59.0853 0764 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:52:59.0853 0764 msisadrv - ok
15:52:59.0884 0764 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:52:59.0884 0764 MSiSCSI - ok
15:52:59.0884 0764 msiserver - ok
15:52:59.0900 0764 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:52:59.0900 0764 MSKSSRV - ok
15:52:59.0900 0764 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:52:59.0900 0764 MSPCLOCK - ok
15:52:59.0915 0764 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:52:59.0915 0764 MSPQM - ok
15:52:59.0931 0764 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:52:59.0947 0764 MsRPC - ok
15:52:59.0947 0764 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:52:59.0947 0764 mssmbios - ok
15:52:59.0962 0764 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:52:59.0978 0764 MSTEE - ok
15:52:59.0978 0764 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:52:59.0978 0764 MTConfig - ok
15:53:00.0009 0764 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:53:00.0009 0764 Mup - ok
15:53:00.0040 0764 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:53:00.0040 0764 napagent - ok
15:53:00.0056 0764 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:53:00.0071 0764 NativeWifiP - ok
15:53:00.0118 0764 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:53:00.0134 0764 NDIS - ok
15:53:00.0149 0764 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:53:00.0149 0764 NdisCap - ok
15:53:00.0149 0764 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:53:00.0165 0764 NdisTapi - ok
15:53:00.0181 0764 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:53:00.0196 0764 Ndisuio - ok
15:53:00.0212 0764 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:53:00.0212 0764 NdisWan - ok
15:53:00.0243 0764 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:53:00.0243 0764 NDProxy - ok
15:53:00.0259 0764 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:53:00.0259 0764 NetBIOS - ok
15:53:00.0274 0764 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:53:00.0274 0764 NetBT - ok
15:53:00.0290 0764 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:53:00.0290 0764 Netlogon - ok
15:53:00.0337 0764 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:53:00.0383 0764 Netman - ok
15:53:00.0399 0764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0399 0764 NetMsmqActivator - ok
15:53:00.0399 0764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0399 0764 NetPipeActivator - ok
15:53:00.0415 0764 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:53:00.0415 0764 netprofm - ok
15:53:00.0430 0764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0430 0764 NetTcpActivator - ok
15:53:00.0430 0764 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0430 0764 NetTcpPortSharing - ok
15:53:00.0446 0764 [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
15:53:00.0461 0764 netvsc - ok
15:53:00.0477 0764 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:53:00.0477 0764 nfrd960 - ok
15:53:00.0493 0764 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:53:00.0493 0764 NlaSvc - ok
15:53:00.0524 0764 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
15:53:00.0524 0764 nmwcd - ok
15:53:00.0539 0764 [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
15:53:00.0539 0764 nmwcdc - ok
15:53:00.0555 0764 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:53:00.0555 0764 Npfs - ok
15:53:00.0586 0764 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:53:00.0586 0764 nsi - ok
15:53:00.0586 0764 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:53:00.0586 0764 nsiproxy - ok
15:53:00.0649 0764 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:53:00.0680 0764 Ntfs - ok
15:53:00.0695 0764 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:53:00.0695 0764 Null - ok
15:53:00.0711 0764 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:53:00.0711 0764 nvraid - ok
15:53:00.0727 0764 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:53:00.0727 0764 nvstor - ok
15:53:00.0742 0764 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:53:00.0742 0764 nv_agp - ok
15:53:00.0758 0764 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:53:00.0773 0764 ohci1394 - ok
15:53:00.0836 0764 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:53:00.0836 0764 ose - ok
15:53:00.0961 0764 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:53:00.0976 0764 osppsvc - ok
15:53:01.0007 0764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:53:01.0023 0764 p2pimsvc - ok
15:53:01.0039 0764 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:53:01.0039 0764 p2psvc - ok
15:53:01.0054 0764 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:53:01.0054 0764 Parport - ok
15:53:01.0085 0764 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:53:01.0085 0764 partmgr - ok
15:53:01.0117 0764 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:53:01.0117 0764 PcaSvc - ok
15:53:01.0226 0764 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
15:53:01.0226 0764 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:53:01.0257 0764 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:53:01.0257 0764 pci - ok
15:53:01.0273 0764 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:53:01.0273 0764 pciide - ok
15:53:01.0288 0764 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:53:01.0288 0764 pcmcia - ok
15:53:01.0304 0764 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:53:01.0304 0764 pcw - ok
15:53:01.0319 0764 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:53:01.0335 0764 PEAUTH - ok
15:53:01.0382 0764 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:53:01.0397 0764 PeerDistSvc - ok
15:53:01.0460 0764 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:53:01.0460 0764 PerfHost - ok
15:53:01.0491 0764 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:53:01.0507 0764 pla - ok
15:53:01.0538 0764 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:53:01.0538 0764 PlugPlay - ok
15:53:01.0553 0764 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:53:01.0553 0764 PNRPAutoReg - ok
15:53:01.0569 0764 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:53:01.0569 0764 PNRPsvc - ok
15:53:01.0600 0764 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:53:01.0616 0764 PolicyAgent - ok
15:53:01.0631 0764 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
15:53:01.0631 0764 Power - ok
15:53:01.0647 0764 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:53:01.0647 0764 PptpMiniport - ok
15:53:01.0663 0764 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:53:01.0663 0764 Processor - ok
15:53:01.0694 0764 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:53:01.0694 0764 ProfSvc - ok
15:53:01.0709 0764 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:53:01.0709 0764 ProtectedStorage - ok
15:53:01.0725 0764 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:53:01.0725 0764 Psched - ok
15:53:01.0741 0764 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:53:01.0741 0764 PxHlpa64 - ok
15:53:01.0788 0764 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:53:01.0803 0764 ql2300 - ok
15:53:01.0803 0764 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:53:01.0803 0764 ql40xx - ok
15:53:01.0819 0764 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:53:01.0834 0764 QWAVE - ok
15:53:01.0834 0764 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:53:01.0834 0764 QWAVEdrv - ok
15:53:01.0866 0764 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:53:01.0866 0764 RasAcd - ok
15:53:01.0881 0764 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:53:01.0881 0764 RasAgileVpn - ok
15:53:01.0897 0764 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:53:01.0912 0764 RasAuto - ok
15:53:01.0912 0764 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:53:01.0928 0764 Rasl2tp - ok
15:53:01.0928 0764 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:53:01.0944 0764 RasMan - ok
15:53:01.0944 0764 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:53:01.0944 0764 RasPppoe - ok
15:53:01.0959 0764 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:53:01.0959 0764 RasSstp - ok
15:53:01.0975 0764 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:53:01.0975 0764 rdbss - ok
15:53:01.0990 0764 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:53:01.0990 0764 rdpbus - ok
15:53:01.0990 0764 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:53:01.0990 0764 RDPCDD - ok
15:53:02.0022 0764 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:53:02.0022 0764 RDPDR - ok
15:53:02.0037 0764 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:53:02.0037 0764 RDPENCDD - ok
15:53:02.0053 0764 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:53:02.0053 0764 RDPREFMP - ok
15:53:02.0084 0764 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:53:02.0084 0764 RDPWD - ok
15:53:02.0100 0764 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:53:02.0100 0764 rdyboost - ok
15:53:02.0115 0764 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:53:02.0115 0764 RemoteAccess - ok
15:53:02.0146 0764 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:53:02.0146 0764 RemoteRegistry - ok
15:53:02.0271 0764 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:53:02.0287 0764 RoxMediaDB12OEM - ok
15:53:02.0318 0764 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:53:02.0318 0764 RoxWatch12 - ok
15:53:02.0334 0764 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:53:02.0334 0764 RpcEptMapper - ok
15:53:02.0349 0764 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:53:02.0349 0764 RpcLocator - ok
15:53:02.0380 0764 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:53:02.0380 0764 RpcSs - ok
15:53:02.0396 0764 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:53:02.0396 0764 rspndr - ok
15:53:02.0412 0764 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:53:02.0412 0764 s3cap - ok
15:53:02.0443 0764 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:53:02.0443 0764 SamSs - ok
15:53:02.0458 0764 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:53:02.0474 0764 sbp2port - ok
15:53:02.0490 0764 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:53:02.0490 0764 SCardSvr - ok
15:53:02.0505 0764 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:53:02.0505 0764 scfilter - ok
15:53:02.0521 0764 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:53:02.0536 0764 Schedule - ok
15:53:02.0552 0764 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:53:02.0552 0764 SCPolicySvc - ok
15:53:02.0552 0764 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:53:02.0568 0764 SDRSVC - ok
15:53:02.0568 0764 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:53:02.0568 0764 secdrv - ok
15:53:02.0568 0764 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:53:02.0568 0764 seclogon - ok
15:53:02.0583 0764 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:53:02.0583 0764 SENS - ok
15:53:02.0583 0764 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:53:02.0599 0764 SensrSvc - ok
15:53:02.0599 0764 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:53:02.0614 0764 Serenum - ok
15:53:02.0614 0764 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:53:02.0614 0764 Serial - ok
15:53:02.0630 0764 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:53:02.0630 0764 sermouse - ok
15:53:02.0661 0764 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:53:02.0661 0764 SessionEnv - ok
15:53:02.0661 0764 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:53:02.0661 0764 sffdisk - ok
15:53:02.0661 0764 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:53:02.0661 0764 sffp_mmc - ok
15:53:02.0677 0764 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:53:02.0677 0764 sffp_sd - ok
15:53:02.0677 0764 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:53:02.0677 0764 sfloppy - ok
15:53:02.0739 0764 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:53:02.0755 0764 SftService - ok
15:53:02.0770 0764 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:53:02.0786 0764 SharedAccess - ok
15:53:02.0802 0764 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:53:02.0802 0764 ShellHWDetection - ok
15:53:02.0817 0764 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:53:02.0817 0764 SiSRaid2 - ok
15:53:02.0833 0764 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:53:02.0833 0764 SiSRaid4 - ok
15:53:02.0848 0764 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:53:02.0848 0764 Smb - ok
15:53:02.0864 0764 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:53:02.0880 0764 SNMPTRAP - ok
15:53:02.0880 0764 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:53:02.0880 0764 spldr - ok
15:53:02.0942 0764 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:53:02.0942 0764 Spooler - ok
15:53:03.0004 0764 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:53:03.0067 0764 sppsvc - ok
15:53:03.0082 0764 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:53:03.0082 0764 sppuinotify - ok
15:53:03.0114 0764 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:53:03.0114 0764 srv - ok
15:53:03.0129 0764 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:53:03.0145 0764 srv2 - ok
15:53:03.0145 0764 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:53:03.0160 0764 srvnet - ok
15:53:03.0160 0764 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:53:03.0176 0764 SSDPSRV - ok
15:53:03.0176 0764 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:53:03.0176 0764 SstpSvc - ok
15:53:03.0207 0764 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:53:03.0207 0764 stexstor - ok
15:53:03.0238 0764 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:53:03.0238 0764 stisvc - ok
15:53:03.0301 0764 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:53:03.0301 0764 stllssvr - ok
15:53:03.0332 0764 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:53:03.0332 0764 StorSvc - ok
15:53:03.0348 0764 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:53:03.0348 0764 storvsc - ok
15:53:03.0348 0764 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:53:03.0348 0764 swenum - ok
15:53:03.0426 0764 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:53:03.0426 0764 SwitchBoard - ok
15:53:03.0441 0764 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:53:03.0457 0764 swprv - ok
15:53:03.0457 0764 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
15:53:03.0472 0764 SynthVid - ok
15:53:03.0535 0764 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:53:03.0566 0764 SysMain - ok
15:53:03.0582 0764 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:53:03.0582 0764 TabletInputService - ok
15:53:03.0597 0764 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:53:03.0597 0764 TapiSrv - ok
15:53:03.0613 0764 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:53:03.0613 0764 TBS - ok
15:53:03.0675 0764 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:53:03.0706 0764 Tcpip - ok
15:53:03.0753 0764 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:53:03.0753 0764 TCPIP6 - ok
15:53:03.0784 0764 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:53:03.0784 0764 tcpipreg - ok
15:53:03.0800 0764 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:53:03.0800 0764 TDPIPE - ok
15:53:03.0816 0764 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:53:03.0831 0764 TDTCP - ok
15:53:03.0847 0764 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:53:03.0847 0764 tdx - ok
15:53:03.0847 0764 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:53:03.0847 0764 TermDD - ok
15:53:03.0878 0764 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:53:03.0878 0764 TermService - ok
15:53:03.0894 0764 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:53:03.0894 0764 Themes - ok
15:53:03.0909 0764 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:53:03.0909 0764 THREADORDER - ok
15:53:03.0925 0764 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:53:03.0925 0764 TrkWks - ok
15:53:03.0972 0764 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:53:03.0972 0764 TrustedInstaller - ok
15:53:03.0987 0764 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:53:03.0987 0764 tssecsrv - ok
15:53:04.0003 0764 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:53:04.0003 0764 TsUsbFlt - ok
15:53:04.0018 0764 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:53:04.0018 0764 TsUsbGD - ok
15:53:04.0034 0764 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:53:04.0034 0764 tunnel - ok
15:53:04.0050 0764 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:53:04.0050 0764 uagp35 - ok
15:53:04.0065 0764 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:53:04.0065 0764 udfs - ok
15:53:04.0081 0764 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:53:04.0096 0764 UI0Detect - ok
15:53:04.0096 0764 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:53:04.0112 0764 uliagpkx - ok
15:53:04.0112 0764 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:53:04.0112 0764 umbus - ok
15:53:04.0128 0764 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:53:04.0143 0764 UmPass - ok
15:53:04.0159 0764 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:53:04.0159 0764 UmRdpService - ok
15:53:04.0174 0764 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:53:04.0190 0764 upnphost - ok
15:53:04.0206 0764 [ 4E93C8496359E97830C75AC36393654D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:53:04.0206 0764 upperdev - ok
15:53:04.0237 0764 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:53:04.0237 0764 usbccgp - ok
15:53:04.0252 0764 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:53:04.0252 0764 usbcir - ok
15:53:04.0268 0764 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:53:04.0268 0764 usbehci - ok
15:53:04.0299 0764 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:53:04.0299 0764 usbhub - ok
15:53:04.0315 0764 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:53:04.0315 0764 usbohci - ok
15:53:04.0330 0764 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:53:04.0330 0764 usbprint - ok
15:53:04.0346 0764 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
15:53:04.0346 0764 usbser - ok
15:53:04.0346 0764 [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:53:04.0346 0764 UsbserFilt - ok
15:53:04.0362 0764 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:53:04.0362 0764 USBSTOR - ok
15:53:04.0393 0764 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:53:04.0393 0764 usbuhci - ok
15:53:04.0440 0764 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:53:04.0440 0764 UxSms - ok
15:53:04.0440 0764 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:53:04.0455 0764 VaultSvc - ok
15:53:04.0455 0764 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:53:04.0455 0764 vdrvroot - ok
15:53:04.0471 0764 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:53:04.0471 0764 vds - ok
15:53:04.0518 0764 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:53:04.0533 0764 vga - ok
15:53:04.0549 0764 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:53:04.0549 0764 VgaSave - ok
15:53:04.0564 0764 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:53:04.0564 0764 vhdmp - ok
15:53:04.0580 0764 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:53:04.0580 0764 viaide - ok
15:53:04.0596 0764 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:53:04.0596 0764 VMBusHID - ok
15:53:04.0611 0764 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:53:04.0611 0764 volmgr - ok
15:53:04.0627 0764 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:53:04.0627 0764 volmgrx - ok
15:53:04.0642 0764 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:53:04.0658 0764 volsnap - ok
15:53:04.0674 0764 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:53:04.0674 0764 vsmraid - ok
15:53:04.0705 0764 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:53:04.0752 0764 VSS - ok
15:53:04.0767 0764 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:53:04.0767 0764 vwifibus - ok
15:53:04.0783 0764 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:53:04.0798 0764 W32Time - ok
15:53:04.0814 0764 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:53:04.0814 0764 WacomPen - ok
15:53:04.0830 0764 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:53:04.0830 0764 WANARP - ok
15:53:04.0830 0764 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:53:04.0830 0764 Wanarpv6 - ok
15:53:04.0876 0764 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:53:04.0892 0764 WatAdminSvc - ok
15:53:04.0908 0764 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:53:04.0923 0764 wbengine - ok
15:53:04.0939 0764 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:53:04.0939 0764 WbioSrvc - ok
15:53:04.0954 0764 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:53:04.0954 0764 wcncsvc - ok
15:53:04.0954 0764 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:53:04.0954 0764 WcsPlugInService - ok
15:53:04.0970 0764 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:53:04.0970 0764 Wd - ok
15:53:05.0001 0764 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:53:05.0001 0764 Wdf01000 - ok
15:53:05.0017 0764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:53:05.0017 0764 WdiServiceHost - ok
15:53:05.0017 0764 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:53:05.0017 0764 WdiSystemHost - ok
15:53:05.0032 0764 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:53:05.0032 0764 WebClient - ok
15:53:05.0048 0764 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:53:05.0048 0764 Wecsvc - ok
15:53:05.0064 0764 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:53:05.0079 0764 wercplsupport - ok
15:53:05.0079 0764 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:53:05.0079 0764 WerSvc - ok
15:53:05.0095 0764 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:53:05.0095 0764 WfpLwf - ok
15:53:05.0110 0764 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:53:05.0126 0764 WimFltr - ok
15:53:05.0142 0764 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:53:05.0142 0764 WIMMount - ok
15:53:05.0142 0764 WinDefend - ok
15:53:05.0142 0764 WinHttpAutoProxySvc - ok
15:53:05.0188 0764 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:53:05.0188 0764 Winmgmt - ok
15:53:05.0235 0764 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:53:05.0235 0764 WinRM - ok
15:53:05.0282 0764 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:53:05.0282 0764 WinUsb - ok
15:53:05.0298 0764 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:53:05.0313 0764 Wlansvc - ok
15:53:05.0391 0764 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:53:05.0391 0764 wlcrasvc - ok
15:53:05.0516 0764 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:53:05.0532 0764 wlidsvc - ok
15:53:05.0563 0764 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:53:05.0578 0764 WmiAcpi - ok
15:53:05.0610 0764 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:53:05.0610 0764 wmiApSrv - ok
15:53:05.0625 0764 WMPNetworkSvc - ok
15:53:05.0641 0764 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:53:05.0641 0764 WPCSvc - ok
15:53:05.0641 0764 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:53:05.0656 0764 WPDBusEnum - ok
15:53:05.0672 0764 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:53:05.0672 0764 ws2ifsl - ok
15:53:05.0688 0764 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:53:05.0688 0764 wscsvc - ok
15:53:05.0688 0764 WSearch - ok
15:53:05.0766 0764 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:53:05.0797 0764 wuauserv - ok
15:53:05.0828 0764 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:53:05.0844 0764 WudfPf - ok
15:53:05.0844 0764 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:53:05.0859 0764 WUDFRd - ok
15:53:05.0859 0764 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:53:05.0859 0764 wudfsvc - ok
15:53:05.0875 0764 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:53:05.0875 0764 WwanSvc - ok
15:53:05.0890 0764 ================ Scan global ===============================
15:53:05.0906 0764 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:53:05.0953 0764 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:05.0953 0764 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:05.0968 0764 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:53:06.0000 0764 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:53:06.0000 0764 [Global] - ok
15:53:06.0000 0764 ================ Scan MBR ==================================
15:53:06.0015 0764 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:53:06.0280 0764 Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
15:53:06.0343 0764 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:53:06.0343 0764 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:53:06.0343 0764 ================ Scan VBR ==================================
15:53:06.0374 0764 [ 53975848382FC36F3CB5D792F2563280 ] \Device\Harddisk0\DR0\Partition1
15:53:06.0374 0764 \Device\Harddisk0\DR0\Partition1 - ok
15:53:06.0390 0764 [ 21028167BC9C48551F4E7105EA9D9599 ] \Device\Harddisk0\DR0\Partition2
15:53:06.0390 0764 \Device\Harddisk0\DR0\Partition2 - ok
15:53:06.0390 0764 ============================================================
15:53:06.0390 0764 Scan finished
15:53:06.0390 0764 ============================================================
15:53:06.0405 7100 Detected object count: 1
15:53:06.0405 7100 Actual detected object count: 1
15:53:42.0753 7100 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
15:53:42.0753 7100 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
15:53:47.0464 4724 Deinitialize success
|
|
| Themen zu Virus system repair |
| hallo zusammen, logfiles, nichts, problem, schritte, system, system repair, virus, weiterhelfen, zusammen |
Textbox. 
Linear-Darstellung
