| |
| |||||||
Log-Analyse und Auswertung: Weißer Bildschirm-VirusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
11.05.2013, 14:29
| #1 |
 |  Weißer Bildschirm-Virus Hallo zusammen, ich habe auf meinem Rechner das folgende Problem: wenn ich den Pc starte, erscheint nach der Passwort-Abfrage lediglich ein weißer Bildschirm. Der Rechner reagiert nicht mehr. wenn ich Strg+Alt+Entf drücke, sehe ich das Programm Yjdgwef, kann es aber nicht beenden. ich habe dann im Trojaner Board nach Lösungen gesucht. Ich habe brav die Anleitung befolgt und OTL mit einem USB-Stick auf den infizierten Rechner gespielt. nun habe ich die beiden Dateien OTL.txt und Extras.txt. allerdings weiß ich nicht, wie ich nun die Fix-Datei für OTL erstellen kann. kann mir jemand helfen? danke und viele Grüße Peter |
|
11.05.2013, 17:26
| #2 |
| /// TB-Ausbilder   | Weißer Bildschirm-Virus Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Führe bitte OTL nochmal im abgesicherten Modus mit Eingabeaufforderung aus und zwar dieses Mal so:
Code:
ATTFilter /md5start
userinit.exe
/md5stop
|
|
11.05.2013, 17:38
| #3 |
| | Weißer Bildschirm-Virus Hi Matthias,
__________________vielen Dank!!! ganz brav die Befehle ausgeführt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 11.05.2013 18:31:14 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = f:\
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,99 Gb Total Physical Memory | 3,54 Gb Available Physical Memory | 88,66% Memory free
8,16 Gb Paging File | 7,82 Gb Available in Paging File | 95,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,40 Gb Total Space | 98,29 Gb Free Space | 34,68% Space Free | Partition Type: NTFS
Drive D: | 14,65 Gb Total Space | 6,92 Gb Free Space | 47,21% Space Free | Partition Type: NTFS
Drive F: | 940,73 Mb Total Space | 940,00 Mb Free Space | 99,92% Space Free | Partition Type: FAT
Computer Name: HENNIPET-PC | User Name: hennipet | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
========== Custom Scans ==========
< MD5 for: USERINIT.EXE >
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 04:49:46 | 000,028,160 | ---- | M] () MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
< End of report >
mfg Peter |
|
11.05.2013, 17:45
| #4 |
| /// TB-Ausbilder | Weißer Bildschirm-Virus Servus, ok, wir starten jetzt einen Fix mit OTL: Fixen mit OTL
Code:
ATTFilter :OTL
[2013.05.11 14:29:03 | 000,000,004 | ---- | M] () -- C:\Users\hennipet\AppData\Roaming\skype.ini
:files
C:\Windows\SysNative\userinit.exe|C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe /replace
:Commands
[emptytemp]
Bitte berichte mir, ob der Rechner danach wieder in den normalen Modus startet! |
|
11.05.2013, 17:54
| #5 |
| | Weißer Bildschirm-Virus jipi! läuft. hier das neue Textdokument: All processes killed ========== OTL ========== C:\Users\hennipet\AppData\Roaming\skype.ini moved successfully. ========== FILES ========== Unable to replace file: C:\Windows\SysNative\userinit.exe with C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe without a reboot. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: hennipet ->Temp folder emptied: 683979709 bytes ->Temporary Internet Files folder emptied: 503508553 bytes ->Java cache emptied: 92606051 bytes ->FireFox cache emptied: 62738445 bytes ->Google Chrome cache emptied: 25464413 bytes ->Flash cache emptied: 8748005 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 1564672 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 458349855 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 9857660 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 755 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes RecycleBin emptied: 2664837812 bytes Total Files Cleaned = 4.303,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 05112013_184737 Files\Folders moved on Reboot... File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKBK0K87\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5M8VNOQ\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HGHOGVWD\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DABMCWFW\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TRG07T\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot. File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot. PendingFileRenameOperations files... [2008.01.21 04:49:46 | 000,028,160 | ---- | M] () C:\Windows\SysNative\userinit.exe : MD5=A0AB2BB9A92293D9CE66E252719AB5FE Registry entries deleted on Reboot... läuft = startet wieder im normalen Modus.. sorry für den Gefühlsausbruch  |
|
11.05.2013, 17:57
| #6 |
| /// TB-Ausbilder | Weißer Bildschirm-Virus Servus, dann führe bitte im normalen Modus zur Kontrolle nochmal OTL aus: Starte bitte OTL.exe. Wähle unter Extra Registrierung: Benutze Safe List und klicke auf den Scan Button. Poste die OTL.txt und die Extras.txt hier in deinen Thread. |
|
13.05.2013, 13:16
| #7 |
| | Weißer Bildschirm-Virus uuuuuuund eine Frage noch: mein Anti-Viren-Programm McAfee hat das Problem ja weder verhindern noch lösen können. Selbst ein vollständiger Scan hat nichts gebracht. Außerdem hat sich der "Echt-Zeit-Scan" selber abgeschaltet und scheint das immer noch "zu versuchen". ist das kein gutes Anti-Viren- Programm? muss ich die Einstellungen verändern? vg Peter |
|
13.05.2013, 18:52
| #8 | ||
| /// TB-Ausbilder | Weißer Bildschirm-Virus Servus Peter, Zitat:
 Schritt 1 Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
13.05.2013, 22:42
| #9 |
| | Weißer Bildschirm-Virus Hiho, unter c:\windows gibt es keinen Ordner, der SysNative heißt.. Ergo finden weder das Programm noch ich die Datei Userinit.exe. Ist der Pfad falsch gewesen? oder ist das Fehlen der Datei das eigentliche Problem? :-) es gibt eine Userinit.exe-Datei unter D:\Windows\System32... das Ergebnis von TDSSKiller ist laut "Anhangprogramm" zu groß zum anhängen. soll ich den Text einfach hier hineinkopieren? schönen Abend noch P. Geändert von hennipet (13.05.2013 um 22:53 Uhr) |
|
14.05.2013, 18:37
| #10 | ||
| /// TB-Ausbilder | Weißer Bildschirm-VirusZitat:
Zitat:
Code:
ATTFilter logdatei hier rein
|
|
14.05.2013, 18:48
| #11 |
| | Weißer Bildschirm-Virus hi, Teil 1, damit es passt: Code:
ATTFilter 23:36:16.0513 4200 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:36:17.0914 4200 ============================================================
23:36:17.0915 4200 Current date / time: 2013/05/13 23:36:17.0914
23:36:17.0915 4200 SystemInfo:
23:36:17.0915 4200
23:36:17.0915 4200 OS Version: 6.0.6001 ServicePack: 1.0
23:36:17.0915 4200 Product type: Workstation
23:36:17.0915 4200 ComputerName: HENNIPET-PC
23:36:17.0915 4200 UserName: hennipet
23:36:17.0915 4200 Windows directory: C:\Windows
23:36:17.0915 4200 System windows directory: C:\Windows
23:36:17.0915 4200 Running under WOW64
23:36:17.0915 4200 Processor architecture: Intel x64
23:36:17.0915 4200 Number of processors: 2
23:36:17.0915 4200 Page size: 0x1000
23:36:17.0915 4200 Boot type: Normal boot
23:36:17.0915 4200 ============================================================
23:36:19.0512 4200 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:36:19.0529 4200 ============================================================
23:36:19.0529 4200 \Device\Harddisk0\DR0:
23:36:19.0530 4200 MBR partitions:
23:36:19.0530 4200 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
23:36:19.0530 4200 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x236CE8EB
23:36:19.0530 4200 ============================================================
23:36:19.0553 4200 C: <-> \Device\Harddisk0\DR0\Partition2
23:36:19.0585 4200 D: <-> \Device\Harddisk0\DR0\Partition1
23:36:19.0586 4200 ============================================================
23:36:19.0586 4200 Initialize success
23:36:19.0586 4200 ============================================================
23:36:43.0987 4508 ============================================================
23:36:43.0987 4508 Scan started
23:36:43.0987 4508 Mode: Manual; SigCheck; TDLFS;
23:36:43.0987 4508 ============================================================
23:36:44.0959 4508 ================ Scan system memory ========================
23:36:44.0960 4508 System memory - ok
23:36:44.0961 4508 ================ Scan services =============================
23:36:45.0185 4508 [ AF3A1AA81F875169DD9E55B1320057D6 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:36:45.0430 4508 ACPI - ok
23:36:45.0486 4508 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:36:45.0512 4508 adp94xx - ok
23:36:45.0582 4508 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:36:45.0633 4508 adpahci - ok
23:36:45.0658 4508 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:36:45.0699 4508 adpu160m - ok
23:36:45.0725 4508 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:36:45.0771 4508 adpu320 - ok
23:36:45.0815 4508 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:36:45.0882 4508 AeLookupSvc - ok
23:36:46.0023 4508 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
23:36:46.0122 4508 AESTFilters - ok
23:36:46.0163 4508 [ DB37041AB857ABC7E179E856D8E1582C ] AFD C:\Windows\system32\drivers\afd.sys
23:36:46.0306 4508 AFD - ok
23:36:46.0352 4508 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:36:46.0391 4508 agp440 - ok
23:36:46.0447 4508 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:36:46.0487 4508 aic78xx - ok
23:36:46.0512 4508 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
23:36:46.0572 4508 ALG - ok
23:36:46.0589 4508 [ 9544C2C55541C0C6BFD7B489D0E7D430 ] aliide C:\Windows\system32\drivers\aliide.sys
23:36:46.0602 4508 aliide - ok
23:36:46.0623 4508 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
23:36:46.0635 4508 amdide - ok
23:36:46.0654 4508 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:36:46.0763 4508 AmdK8 - ok
23:36:46.0811 4508 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
23:36:46.0928 4508 Appinfo - ok
23:36:47.0067 4508 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:36:47.0118 4508 Apple Mobile Device - ok
23:36:47.0193 4508 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
23:36:47.0233 4508 arc - ok
23:36:47.0274 4508 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:36:47.0314 4508 arcsas - ok
23:36:47.0350 4508 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:36:47.0475 4508 AsyncMac - ok
23:36:47.0504 4508 [ F988BB0690CD660318037908E9B8DBF7 ] atapi C:\Windows\system32\drivers\atapi.sys
23:36:47.0540 4508 atapi - ok
23:36:47.0583 4508 [ 00DACE1D9A0DA60215022C6B1FAC1673 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
23:36:47.0773 4508 Ati External Event Utility - ok
23:36:47.0965 4508 [ CEF278088637401F07A0064B0B900A32 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:36:48.0251 4508 atikmdag - ok
23:36:48.0318 4508 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:36:48.0362 4508 AudioEndpointBuilder - ok
23:36:48.0370 4508 [ 2A54B6A48AB6D2166271B05E9469326E ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:36:48.0409 4508 AudioSrv - ok
23:36:48.0433 4508 Beep - ok
23:36:48.0457 4508 [ BC4737AAFFA5964E4F8827C9B8C0EB8E ] BFE C:\Windows\System32\bfe.dll
23:36:48.0590 4508 BFE - ok
23:36:48.0668 4508 [ D896A0D43F8AB81ECB1FC6C24DECFD58 ] BITS C:\Windows\system32\qmgr.dll
23:36:48.0850 4508 BITS - ok
23:36:48.0897 4508 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:36:49.0002 4508 blbdrive - ok
23:36:49.0194 4508 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:36:49.0245 4508 Bonjour Service - ok
23:36:49.0276 4508 [ 8B2B19031D0AEADE6E1B933DF1ACBA7E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:36:49.0333 4508 bowser - ok
23:36:49.0373 4508 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:36:49.0409 4508 BrFiltLo - ok
23:36:49.0429 4508 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:36:49.0480 4508 BrFiltUp - ok
23:36:49.0526 4508 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
23:36:49.0623 4508 Browser - ok
23:36:49.0656 4508 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
23:36:49.0829 4508 Brserid - ok
23:36:49.0860 4508 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:36:49.0926 4508 BrSerWdm - ok
23:36:49.0960 4508 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:36:50.0086 4508 BrUsbMdm - ok
23:36:50.0108 4508 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:36:50.0263 4508 BrUsbSer - ok
23:36:50.0321 4508 [ 471FF09330A53177BBE9FD6DDF8A8259 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
23:36:50.0376 4508 BthEnum - ok
23:36:50.0413 4508 [ 752FC84A394CA712D51DD9BD53F58E73 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:36:50.0532 4508 BTHMODEM - ok
23:36:50.0587 4508 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:36:50.0727 4508 BthPan - ok
23:36:50.0813 4508 [ 7D104F22C04A76F0D2F96F789AC07FCB ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
23:36:50.0907 4508 BTHPORT - ok
23:36:50.0967 4508 [ 90E967B4BB5556EDC9C2EA0EB653D1B2 ] BthServ C:\Windows\System32\bthserv.dll
23:36:51.0038 4508 BthServ - ok
23:36:51.0080 4508 [ D9324F0C142267961CE900BFC3798BB1 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
23:36:51.0128 4508 BTHUSB - ok
23:36:51.0180 4508 [ E2677B9234E4C31055B940B70536D377 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:36:51.0295 4508 btwaudio - ok
23:36:51.0348 4508 [ E59A0C091AE64063B53B9AC1294A3679 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:36:51.0385 4508 btwavdt - ok
23:36:51.0468 4508 [ 51342B4A550B8D6D2FCAFA5BC198E8C1 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
23:36:51.0530 4508 btwdins - ok
23:36:51.0558 4508 [ D33875CA5940F2E0ED06FB74D556E2DB ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:36:51.0589 4508 btwl2cap - ok
23:36:51.0631 4508 [ A465B855CEF659655DE80D012C2DE761 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:36:51.0662 4508 btwrchid - ok
23:36:51.0698 4508 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:36:51.0822 4508 cdfs - ok
23:36:51.0865 4508 [ 3B2FB35363423ED60C8FBF15FC8680BD ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:36:52.0009 4508 cdrom - ok
23:36:52.0047 4508 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] CertPropSvc C:\Windows\System32\certprop.dll
23:36:52.0174 4508 CertPropSvc - ok
23:36:52.0237 4508 [ D2B3252AD4EB499C935A56467997AA3C ] cfwids C:\Windows\system32\drivers\cfwids.sys
23:36:52.0273 4508 cfwids - ok
23:36:52.0293 4508 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
23:36:52.0407 4508 circlass - ok
23:36:52.0436 4508 [ C12C4EE07843B595036DA0BAA6317936 ] CLFS C:\Windows\system32\CLFS.sys
23:36:52.0490 4508 CLFS - ok
23:36:52.0574 4508 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:36:52.0611 4508 clr_optimization_v2.0.50727_32 - ok
23:36:52.0682 4508 [ FA58B51ED71C9133E141164EAA7C54EB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:36:52.0719 4508 clr_optimization_v2.0.50727_64 - ok
23:36:52.0831 4508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:36:52.0875 4508 clr_optimization_v4.0.30319_32 - ok
23:36:52.0963 4508 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:36:53.0003 4508 clr_optimization_v4.0.30319_64 - ok
23:36:53.0043 4508 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:36:53.0122 4508 CmBatt - ok
23:36:53.0163 4508 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:36:53.0178 4508 cmdide - ok
23:36:53.0195 4508 [ 34A6AA82AA36C87FC8816F2097EFA345 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:36:53.0209 4508 Compbatt - ok
23:36:53.0212 4508 COMSysApp - ok
23:36:53.0218 4508 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:36:53.0231 4508 crcdisk - ok
23:36:53.0272 4508 [ 4374F784121D8B3BB466B03F5E5EBD33 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:36:53.0389 4508 CryptSvc - ok
23:36:53.0418 4508 [ 11F13042577705093612C6A123CAF12F ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
23:36:53.0475 4508 CtClsFlt - ok
23:36:53.0526 4508 [ 52CDADE8289FF21F1F2215FF51A5F36C ] DcomLaunch C:\Windows\system32\rpcss.dll
23:36:53.0617 4508 DcomLaunch - ok
23:36:53.0631 4508 [ BD4ACC56E477AD7419CBE90FCEEB621B ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:36:53.0667 4508 DfsC - ok
23:36:53.0766 4508 [ 1781F99840979EE7B126C9073C377FD0 ] DFSR C:\Windows\system32\DFSR.exe
23:36:53.0953 4508 DFSR - ok
23:36:54.0054 4508 [ FDAA0EDFCFB70CD529589AD654651B40 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:36:54.0120 4508 Dhcp - ok
23:36:54.0144 4508 [ 2DC415FC05FB8A079F896CBBACB19324 ] disk C:\Windows\system32\drivers\disk.sys
23:36:54.0158 4508 disk - ok
23:36:54.0175 4508 [ 93CE26DBED3182634F18DD2FE10E41BE ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:36:54.0223 4508 Dnscache - ok
23:36:54.0301 4508 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
23:36:54.0310 4508 DockLoginService ( UnsignedFile.Multi.Generic ) - warning
23:36:54.0310 4508 DockLoginService - detected UnsignedFile.Multi.Generic (1)
23:36:54.0317 4508 [ CC661867677627F2911C2A4970DEE0F1 ] dot3svc C:\Windows\System32\dot3svc.dll
23:36:54.0385 4508 dot3svc - ok
23:36:54.0431 4508 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
23:36:54.0485 4508 DPS - ok
23:36:54.0528 4508 [ 97DC2A789C1BE458976507846A1A8CED ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:36:54.0572 4508 drmkaud - ok
23:36:54.0621 4508 [ 412964040CE920FF83AFF6B5B551BF99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:36:54.0693 4508 DXGKrnl - ok
23:36:54.0732 4508 [ 17D40652EF3E55EEAE187A89DF40965A ] e1express C:\Windows\system32\DRIVERS\e1e6032e.sys
23:36:54.0788 4508 e1express - ok
23:36:54.0822 4508 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
23:36:54.0879 4508 E1G60 - ok
23:36:54.0967 4508 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
23:36:55.0064 4508 EapHost - ok
23:36:55.0103 4508 [ 7343D950A34A95DCB7441642E3E6BEEF ] Ecache C:\Windows\system32\drivers\ecache.sys
23:36:55.0119 4508 Ecache - ok
23:36:55.0175 4508 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:36:55.0230 4508 ehRecvr - ok
23:36:55.0259 4508 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
23:36:55.0279 4508 ehSched - ok
23:36:55.0310 4508 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
23:36:55.0377 4508 ehstart - ok
23:36:55.0416 4508 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:36:55.0459 4508 elxstor - ok
23:36:55.0516 4508 [ E4EB76D0A8FC43DB7F36302E1F33791F ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:36:55.0589 4508 EMDMgmt - ok
23:36:55.0609 4508 [ 991FAB6AA066E1214EFB5B496FB7959A ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:36:55.0677 4508 ErrDev - ok
23:36:55.0702 4508 [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66 ] EventSystem C:\Windows\system32\es.dll
23:36:55.0798 4508 EventSystem - ok
23:36:55.0834 4508 [ 2A546B9A84658B0554B1EC35CD9ADAF5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:36:55.0899 4508 exfat - ok
23:36:55.0959 4508 [ FE731D345ED9EEABBC72A59B35941834 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:36:56.0041 4508 fastfat - ok
23:36:56.0076 4508 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:36:56.0128 4508 fdc - ok
23:36:56.0178 4508 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
23:36:56.0244 4508 fdPHost - ok
23:36:56.0262 4508 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
23:36:56.0313 4508 FDResPub - ok
23:36:56.0326 4508 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:36:56.0354 4508 FileInfo - ok
23:36:56.0374 4508 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:36:56.0409 4508 Filetrace - ok
23:36:56.0429 4508 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:36:56.0476 4508 flpydisk - ok
23:36:56.0520 4508 [ 7DACF1A3A4219575070C6DC7C957428A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:36:56.0545 4508 FltMgr - ok
23:36:56.0593 4508 [ 73D0F1D32EDAE3DCC4E84468BF910ADD ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:36:56.0620 4508 FontCache3.0.0.0 - ok
23:36:56.0634 4508 [ 29D99E860A1CA0A03C6A733FDD0DA703 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:36:56.0690 4508 Fs_Rec - ok
23:36:56.0737 4508 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:36:56.0771 4508 gagp30kx - ok
23:36:56.0833 4508 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:36:56.0851 4508 GEARAspiWDM - ok
23:36:56.0930 4508 [ 9E5B254D58232EC8921EC3C5A94C81ED ] gpsvc C:\Windows\System32\gpsvc.dll
23:36:57.0002 4508 gpsvc - ok
23:36:57.0140 4508 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:36:57.0158 4508 gupdate - ok
23:36:57.0187 4508 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:36:57.0204 4508 gupdatem - ok
23:36:57.0251 4508 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:36:57.0322 4508 HdAudAddService - ok
23:36:57.0354 4508 [ 0C0D0F8A3FF09ECC81963D09EC6A0A84 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:36:57.0428 4508 HDAudBus - ok
23:36:57.0455 4508 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:36:57.0527 4508 HidBth - ok
23:36:57.0549 4508 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
23:36:57.0617 4508 HidIr - ok
23:36:57.0657 4508 [ 77E34697087CFDBCFD9E0009704FB5AF ] hidserv C:\Windows\System32\hidserv.dll
23:36:57.0744 4508 hidserv - ok
23:36:57.0790 4508 [ 59A7B5E13356C20D67983868242167C5 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:36:57.0821 4508 HidUsb - ok
23:36:57.0895 4508 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
23:36:57.0910 4508 HipShieldK - ok
23:36:57.0987 4508 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
23:36:58.0046 4508 hkmsvc - ok
23:36:58.0096 4508 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:36:58.0116 4508 HpCISSs - ok
23:36:58.0326 4508 [ E690736DA6C543F5D99C8FA27BEA31DB ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:36:58.0609 4508 HTTP - ok
23:36:58.0742 4508 hwdatacard - ok
23:36:58.0788 4508 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:36:58.0845 4508 i2omp - ok
23:36:58.0878 4508 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:36:58.0954 4508 i8042prt - ok
23:36:59.0006 4508 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:36:59.0028 4508 iaStorV - ok
23:36:59.0114 4508 [ 76EA63CDB2D88DAE7209691D089BEF1D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:36:59.0148 4508 idsvc - ok
23:36:59.0172 4508 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:36:59.0185 4508 iirsp - ok
23:36:59.0278 4508 [ 3A3B232140C33376E134E7B61A0EAA44 ] IKEEXT C:\Windows\System32\ikeext.dll
23:36:59.0359 4508 IKEEXT - ok
23:36:59.0396 4508 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
23:36:59.0410 4508 intelide - ok
23:36:59.0427 4508 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:36:59.0463 4508 intelppm - ok
23:36:59.0472 4508 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:36:59.0529 4508 IPBusEnum - ok
23:36:59.0564 4508 [ 99B821F5BEBD6A3CC3FE564F802AE0FD ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:36:59.0601 4508 IpFilterDriver - ok
23:36:59.0626 4508 [ 82EFC3D6D161DD874F1203C5F60F623C ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:36:59.0682 4508 iphlpsvc - ok
23:36:59.0686 4508 IpInIp - ok
23:36:59.0703 4508 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:36:59.0755 4508 IPMIDRV - ok
23:36:59.0771 4508 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:36:59.0817 4508 IPNAT - ok
23:36:59.0904 4508 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:36:59.0935 4508 iPod Service - ok
23:36:59.0983 4508 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:37:00.0079 4508 IRENUM - ok
23:37:00.0132 4508 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:37:00.0154 4508 isapnp - ok
23:37:00.0201 4508 [ 49E4CCBF74783FCE5D2CC1FF6480E1F4 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:37:00.0224 4508 iScsiPrt - ok
23:37:00.0242 4508 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:37:00.0263 4508 iteatapi - ok
23:37:00.0304 4508 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:37:00.0318 4508 iteraid - ok
23:37:00.0370 4508 [ EB5C7891B9E6E4A1A4428F2160B12B53 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
23:37:00.0401 4508 k57nd60a - ok
23:37:00.0420 4508 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:37:00.0434 4508 kbdclass - ok
23:37:00.0449 4508 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:37:00.0500 4508 kbdhid - ok
23:37:00.0546 4508 [ 80F4593E92FF960E4763380D3168E498 ] KeyIso C:\Windows\system32\lsass.exe
23:37:00.0603 4508 KeyIso - ok
23:37:00.0701 4508 [ CCDCCE6224E1E207E953AF826B98A9D9 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:37:00.0762 4508 KSecDD - ok
23:37:00.0800 4508 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:37:00.0888 4508 ksthunk - ok
23:37:00.0992 4508 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
23:37:01.0064 4508 KtmRm - ok
23:37:01.0142 4508 [ 6F212EDD7AAE8BD905C9E8824A34F8AE ] LanmanServer C:\Windows\System32\srvsvc.dll
23:37:01.0181 4508 LanmanServer - ok
23:37:01.0219 4508 [ 6E25FFC6FEAD6544C6E9F1D23329570C ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:37:01.0258 4508 LanmanWorkstation - ok
23:37:01.0277 4508 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:37:01.0339 4508 lltdio - ok
23:37:01.0388 4508 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:37:01.0428 4508 lltdsvc - ok
23:37:01.0443 4508 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:37:01.0497 4508 lmhosts - ok
23:37:01.0543 4508 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:37:01.0558 4508 LSI_FC - ok
23:37:01.0578 4508 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:37:01.0593 4508 LSI_SAS - ok
23:37:01.0610 4508 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:37:01.0625 4508 LSI_SCSI - ok
23:37:01.0641 4508 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
23:37:01.0695 4508 luafv - ok
23:37:01.0889 4508 [ 4571B4E5D316CA688CEDD3AB0F2563F1 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
23:37:01.0903 4508 McAfee SiteAdvisor Service - ok
23:37:02.0049 4508 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
23:37:02.0079 4508 McComponentHostService - ok
23:37:02.0271 4508 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:37:02.0297 4508 McMPFSvc - ok
23:37:02.0322 4508 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:37:02.0342 4508 mcmscsvc - ok
23:37:02.0360 4508 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:37:02.0380 4508 McNaiAnn - ok
23:37:02.0394 4508 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:37:02.0414 4508 McNASvc - ok
23:37:02.0591 4508 [ 1814532DB0404C5FB65AA3EB051B2BE5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
23:37:02.0635 4508 McODS - ok
23:37:02.0651 4508 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:37:02.0690 4508 McProxy - ok
23:37:02.0853 4508 [ 21F81090A00932C5E96700EDF2977582 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
23:37:02.0910 4508 McShield - ok
23:37:02.0981 4508 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:37:03.0058 4508 Mcx2Svc - ok
23:37:03.0114 4508 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
23:37:03.0165 4508 megasas - ok
23:37:03.0210 4508 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:37:03.0247 4508 MegaSR - ok
23:37:03.0300 4508 [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
23:37:03.0321 4508 mfeapfk - ok
23:37:03.0462 4508 [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
23:37:03.0522 4508 mfeavfk - ok
23:37:03.0548 4508 mfeavfk01 - ok
23:37:03.0601 4508 [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
23:37:03.0615 4508 mfefire - ok
23:37:03.0780 4508 [ CECC9841D036EE008091825272D91331 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
23:37:03.0805 4508 mfefirek - ok
23:37:04.0101 4508 [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
23:37:04.0252 4508 mfehidk - ok
23:37:04.0311 4508 [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
23:37:04.0334 4508 mferkdet - ok
23:37:04.0410 4508 [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp C:\Windows\system32\mfevtps.exe
23:37:04.0423 4508 mfevtp - ok
23:37:04.0511 4508 [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
23:37:04.0527 4508 mfewfpk - ok
23:37:04.0561 4508 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
23:37:04.0615 4508 MMCSS - ok
23:37:04.0636 4508 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
23:37:04.0710 4508 Modem - ok
23:37:04.0737 4508 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:37:04.0777 4508 monitor - ok
23:37:04.0788 4508 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:37:04.0801 4508 mouclass - ok
23:37:04.0826 4508 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:37:04.0862 4508 mouhid - ok
23:37:04.0875 4508 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:37:04.0893 4508 MountMgr - ok
23:37:04.0985 4508 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:37:05.0000 4508 MozillaMaintenance - ok
23:37:05.0061 4508 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
23:37:05.0077 4508 mpio - ok
23:37:05.0129 4508 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:37:05.0197 4508 mpsdrv - ok
23:37:05.0253 4508 [ 8A670648C755867A3AA38DA50BA569AA ] MpsSvc C:\Windows\system32\mpssvc.dll
23:37:05.0347 4508 MpsSvc - ok
23:37:05.0401 4508 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:37:05.0433 4508 Mraid35x - ok
23:37:05.0456 4508 [ FE2706C15F8345C342820E4E4583FEA0 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:37:05.0502 4508 MRxDAV - ok
23:37:05.0544 4508 [ 937512D4321B4F5218AD5A0AEBF2B5CC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:37:05.0583 4508 mrxsmb - ok
23:37:05.0612 4508 [ 152B673B3984356390E7BAA4199F1114 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:37:05.0661 4508 mrxsmb10 - ok
23:37:05.0667 4508 [ 65E45C26BA6FD66CD2889913F73823EF ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:37:05.0708 4508 mrxsmb20 - ok
23:37:05.0737 4508 [ 730B784962D22D2C6481EAE2370E7C8C ] msahci C:\Windows\system32\drivers\msahci.sys
23:37:05.0756 4508 msahci - ok
23:37:05.0779 4508 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:37:05.0816 4508 msdsm - ok
23:37:05.0848 4508 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
23:37:06.0003 4508 MSDTC - ok
23:37:06.0030 4508 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:37:06.0081 4508 Msfs - ok
23:37:06.0120 4508 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:37:06.0135 4508 msisadrv - ok
23:37:06.0174 4508 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:37:06.0221 4508 MSiSCSI - ok
23:37:06.0225 4508 msiserver - ok
23:37:06.0281 4508 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:37:06.0294 4508 MSK80Service - ok
23:37:06.0329 4508 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:37:06.0364 4508 MSKSSRV - ok
23:37:06.0399 4508 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:37:06.0453 4508 MSPCLOCK - ok
23:37:06.0472 4508 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:37:06.0522 4508 MSPQM - ok
23:37:06.0594 4508 [ B8E32E6103FBBA9FBB1D0C11FF0D13B5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:37:06.0623 4508 MsRPC - ok
23:37:06.0646 4508 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:37:06.0664 4508 mssmbios - ok
23:37:06.0668 4508 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:37:06.0724 4508 MSTEE - ok
23:37:06.0740 4508 [ DDF133501F68D6988A0F55DFA88637B4 ] Mup C:\Windows\system32\Drivers\mup.sys
23:37:06.0754 4508 Mup - ok
23:37:06.0865 4508 [ C25022CDD18980846973B598900915F8 ] napagent C:\Windows\system32\qagentRT.dll
23:37:06.0976 4508 napagent - ok
23:37:07.0002 4508 [ 73B99C98FA3A2ED1566E02D6FE1913A5 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:37:07.0020 4508 NativeWifiP - ok
23:37:07.0136 4508 [ F9A3AE5C9F047D71A36A99F9ABCA7D02 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:37:07.0192 4508 NDIS - ok
23:37:07.0243 4508 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:37:07.0306 4508 NdisTapi - ok
23:37:07.0330 4508 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:37:07.0391 4508 Ndisuio - ok
23:37:07.0433 4508 [ 52E3E8E35101399BE9B2938C992AA087 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:37:07.0518 4508 NdisWan - ok
23:37:07.0543 4508 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:37:07.0608 4508 NDProxy - ok
23:37:07.0626 4508 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:37:07.0704 4508 NetBIOS - ok
23:37:07.0738 4508 [ 7A29CA243A629230799754162D80120F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:37:07.0795 4508 netbt - ok
23:37:07.0811 4508 [ 80F4593E92FF960E4763380D3168E498 ] Netlogon C:\Windows\system32\lsass.exe
23:37:07.0843 4508 Netlogon - ok
23:37:07.0885 4508 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
23:37:08.0016 4508 Netman - ok
23:37:08.0041 4508 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
23:37:08.0116 4508 netprofm - ok
23:37:08.0164 4508 [ B84613B469B98E09F50A748C1D02E132 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:37:08.0185 4508 NetTcpPortSharing - ok
23:37:08.0383 4508 [ F17EDA58C8C5B1A4F873B322729168FF ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
23:37:08.0581 4508 NETw5v64 - ok
23:37:08.0652 4508 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:37:08.0678 4508 nfrd960 - ok
23:37:08.0707 4508 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
23:37:08.0767 4508 NlaSvc - ok
23:37:08.0783 4508 [ B06154E2A2C91E9BE5599FCA53BC4CD0 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:37:08.0835 4508 Npfs - ok
23:37:08.0867 4508 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
23:37:08.0920 4508 nsi - ok
23:37:08.0972 4508 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:37:09.0029 4508 nsiproxy - ok
23:37:09.0271 4508 [ FE86BA5AC3B50E2CA911E9C60C07B638 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:37:09.0417 4508 Ntfs - ok
23:37:09.0467 4508 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
23:37:09.0593 4508 Null - ok
23:37:09.0607 4508 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:37:09.0629 4508 nvraid - ok
23:37:09.0653 4508 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:37:09.0668 4508 nvstor - ok
23:37:09.0689 4508 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:37:09.0704 4508 nv_agp - ok
23:37:09.0708 4508 NwlnkFlt - ok
23:37:09.0712 4508 NwlnkFwd - ok
23:37:09.0752 4508 [ D09CC91E92FD1FF81AF3A14BE2CBB20D ] OA008Ufd C:\Windows\system32\DRIVERS\OA008Ufd.sys
23:37:09.0797 4508 OA008Ufd - ok
23:37:09.0813 4508 [ 60FD277CFD34F680A1668AC123B324AE ] OA008Vid C:\Windows\system32\DRIVERS\OA008Vid.sys
23:37:09.0834 4508 OA008Vid - ok
23:37:09.0945 4508 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:37:09.0972 4508 odserv - ok
23:37:10.0011 4508 [ 1B30103FDE512915A9214B108B6E7A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:37:10.0121 4508 ohci1394 - ok
23:37:10.0228 4508 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:37:10.0260 4508 ose - ok
23:37:10.0298 4508 [ 430F35C5592D253F43A26B4F5A523DBF ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:37:10.0396 4508 p2pimsvc - ok
23:37:10.0411 4508 [ 430F35C5592D253F43A26B4F5A523DBF ] p2psvc C:\Windows\system32\p2psvc.dll
23:37:10.0470 4508 p2psvc - ok
23:37:10.0511 4508 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
23:37:10.0605 4508 Parport - ok
23:37:10.0632 4508 [ 5AB40C36894F4C06BDAB0C9A2FBA282D ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:37:10.0662 4508 partmgr - ok
23:37:10.0679 4508 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
23:37:10.0714 4508 PcaSvc - ok
23:37:10.0991 4508 [ 58C1CD52347C4835DC3606CD4723F426 ] PCD5SRVC{048DBD20-445E8C82-05040104} C:\PROGRA~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms
23:37:11.0183 4508 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
23:37:11.0238 4508 [ 2A5B2A51559066EA84742909B5B2CD69 ] pci C:\Windows\system32\drivers\pci.sys
23:37:11.0265 4508 pci - ok
23:37:11.0288 4508 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
23:37:11.0301 4508 pciide - ok
23:37:11.0321 4508 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:37:11.0339 4508 pcmcia - ok
23:37:11.0373 4508 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:37:11.0468 4508 PEAUTH - ok
23:37:11.0930 4508 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:37:12.0089 4508 PerfHost - ok
23:37:12.0467 4508 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
23:37:12.0652 4508 pla - ok
23:37:12.0753 4508 [ 5AAA0C5534B05ED49919FCD9DBD11A5B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:37:12.0815 4508 PlugPlay - ok
23:37:12.0864 4508 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:37:12.0925 4508 PNRPAutoReg - ok
23:37:12.0937 4508 [ 430F35C5592D253F43A26B4F5A523DBF ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:37:13.0007 4508 PNRPsvc - ok
23:37:13.0075 4508 [ EEF3688D5E9592CBBBED00DE71DDA1EF ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:37:13.0159 4508 PolicyAgent - ok
23:37:13.0243 4508 [ F5739F2C6DB2534C384AD5150808E8F5 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:37:13.0330 4508 PptpMiniport - ok
23:37:13.0374 4508 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
23:37:13.0477 4508 Processor - ok
23:37:13.0511 4508 [ B21FE10DAD3AB59E78DF7AA3FBF41E70 ] ProfSvc C:\Windows\system32\profsvc.dll
23:37:13.0567 4508 ProfSvc - ok
23:37:13.0632 4508 [ 80F4593E92FF960E4763380D3168E498 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:37:13.0660 4508 ProtectedStorage - ok
23:37:13.0698 4508 [ 0E0E205A296095FE4C631E6A4775AD6C ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:37:13.0761 4508 PSched - ok
23:37:13.0806 4508 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
23:37:13.0834 4508 PxHlpa64 - ok
23:37:13.0903 4508 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:37:14.0062 4508 ql2300 - ok
23:37:14.0091 4508 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:37:14.0141 4508 ql40xx - ok
23:37:14.0362 4508 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
23:37:14.0453 4508 QWAVE - ok
23:37:14.0486 4508 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:37:14.0542 4508 QWAVEdrv - ok
23:37:15.0001 4508 [ CEF278088637401F07A0064B0B900A32 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
23:37:15.0131 4508 R300 - ok
23:37:15.0208 4508 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:37:15.0266 4508 RasAcd - ok
23:37:15.0322 4508 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
23:37:15.0359 4508 RasAuto - ok
23:37:15.0389 4508 [ 3B9085F91EF00ABD15A6F36570E90E12 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:37:15.0456 4508 Rasl2tp - ok
23:37:15.0481 4508 [ D0C346D7DF0DF9B4899631796F177D56 ] RasMan C:\Windows\System32\rasmans.dll
23:37:15.0546 4508 RasMan - ok
23:37:15.0567 4508 [ 2CE1703C27196094FB6E4C6E439F2C21 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:37:15.0625 4508 RasPppoe - ok
23:37:15.0658 4508 [ FCD04FA67E8B40FA0AD361DD38593942 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:37:15.0695 4508 RasSstp - ok
23:37:15.0762 4508 [ 33FA5B6136D92EE0F53F021C79091300 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:37:15.0843 4508 rdbss - ok
23:37:15.0867 4508 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:37:15.0937 4508 RDPCDD - ok
23:37:16.0056 4508 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:37:16.0098 4508 rdpdr - ok
23:37:16.0102 4508 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:37:16.0145 4508 RDPENCDD - ok
23:37:16.0174 4508 [ 7747082F672AA2846235C9CEA42E2E72 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:37:16.0230 4508 RDPWD - ok
23:37:16.0284 4508 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:37:16.0321 4508 RemoteAccess - ok
23:37:16.0425 4508 [ 416C611369CBE49074B89CEE2F83ABEF ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:37:16.0492 4508 RemoteRegistry - ok
23:37:16.0582 4508 [ 72C35598BA591ABDDC37FCE7D26FE1C4 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:37:16.0602 4508 RFCOMM - ok
23:37:16.0644 4508 [ D13D70FAC45FC1DF69F88559B1F72F0A ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
23:37:16.0676 4508 rimmptsk - ok
23:37:16.0693 4508 [ BB9EDC55B0B8CB4FCD713428820E0776 ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
23:37:16.0734 4508 rimsptsk - ok
23:37:16.0789 4508 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
23:37:16.0849 4508 RimUsb - ok
23:37:16.0911 4508 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
23:37:17.0024 4508 RimVSerPort - ok
23:37:17.0084 4508 [ 481C3FDEACAAE04B74C58288DBC91DF9 ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
23:37:17.0129 4508 rismxdp - ok
23:37:17.0194 4508 [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
23:37:17.0322 4508 ROOTMODEM - ok
23:37:17.0355 4508 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
23:37:17.0422 4508 RpcLocator - ok
23:37:17.0600 4508 [ 52CDADE8289FF21F1F2215FF51A5F36C ] RpcSs C:\Windows\system32\rpcss.dll
23:37:17.0657 4508 RpcSs - ok
23:37:17.0678 4508 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:37:17.0732 4508 rspndr - ok
23:37:17.0764 4508 [ 80F4593E92FF960E4763380D3168E498 ] SamSs C:\Windows\system32\lsass.exe
23:37:17.0791 4508 SamSs - ok
23:37:17.0855 4508 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:37:17.0889 4508 sbp2port - ok
23:37:18.0065 4508 [ F024D560FEA06F8B56D673849EB89AE6 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:37:18.0165 4508 SCardSvr - ok
23:37:18.0411 4508 [ C74C6C01353D87AAFE1193B426D667B0 ] Schedule C:\Windows\system32\schedsvc.dll
23:37:18.0532 4508 Schedule - ok
23:37:18.0594 4508 [ EDFFFC8B6AFB609BF33DBE0A900426B6 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:37:18.0631 4508 SCPolicySvc - ok
23:37:18.0697 4508 [ FB30126D3E617C86CD8E8643792CA3CF ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:37:18.0750 4508 sdbus - ok
23:37:18.0788 4508 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:37:18.0853 4508 SDRSVC - ok
23:37:19.0044 4508 [ 271077B91D7AD1B616F8AFDFE8E3F981 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23:37:19.0066 4508 SeaPort - ok
23:37:19.0118 4508 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:37:19.0185 4508 secdrv - ok
23:37:19.0239 4508 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
23:37:19.0284 4508 seclogon - ok
23:37:19.0368 4508 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
23:37:19.0423 4508 SENS - ok
23:37:19.0455 4508 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:37:19.0525 4508 Serenum - ok
23:37:19.0552 4508 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
23:37:19.0618 4508 Serial - ok
23:37:19.0665 4508 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:37:19.0713 4508 sermouse - ok
23:37:19.0740 4508 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
23:37:19.0787 4508 SessionEnv - ok
23:37:19.0800 4508 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:37:19.0837 4508 sffdisk - ok
23:37:19.0861 4508 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:37:19.0924 4508 sffp_mmc - ok
23:37:19.0985 4508 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:37:20.0030 4508 sffp_sd - ok
23:37:20.0057 4508 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:37:20.0146 4508 sfloppy - ok
23:37:20.0176 4508 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:37:20.0246 4508 SharedAccess - ok
23:37:20.0288 4508 [ EB3114330236CF030E8EDF62881BAF67 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:37:20.0329 4508 ShellHWDetection - ok
23:37:20.0363 4508 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:37:20.0377 4508 SiSRaid2 - ok
23:37:20.0396 4508 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:37:20.0420 4508 SiSRaid4 - ok
23:37:20.0779 4508 [ A301D2CEFB4747DFE0C24425DCBE0B78 ] slsvc C:\Windows\system32\SLsvc.exe
23:37:20.0876 4508 slsvc - ok
23:37:20.0916 4508 [ F5DDF7C0AF85EB72CB295171F8C3CB35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:37:20.0997 4508 SLUINotify - ok
23:37:21.0046 4508 [ 41EB2E8E005FEEDCAFCE301983EFF932 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:37:21.0090 4508 Smb - ok
23:37:21.0163 4508 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:37:21.0215 4508 SNMPTRAP - ok
23:37:21.0289 4508 [ F9CB0672162F7F04248E2B82C1FF4617 ] spldr C:\Windows\system32\drivers\spldr.sys
23:37:21.0303 4508 spldr - ok
23:37:21.0388 4508 [ 92E6738D25C2123BE9515C0EAC0776CD ] Spooler C:\Windows\System32\spoolsv.exe
23:37:21.0450 4508 Spooler - ok
23:37:21.0570 4508 [ D630B6F2E8379B6F10DC16E82A426552 ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
23:37:21.0698 4508 sprtsvc_DellSupportCenter - ok
23:37:21.0747 4508 [ B9657A0AFF28C1CB114ACC0CB93EE4BB ] sp_rsdrv2 C:\Windows\system32\DRIVERS\stflt.sys
23:37:21.0767 4508 sp_rsdrv2 - ok
23:37:21.0883 4508 [ 4ADB9A620FF071EE7D17487A87861659 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:37:21.0965 4508 srv - ok
23:37:22.0029 4508 [ 2AEA7A85CEB33ABB332D35617990F50B ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:37:22.0092 4508 srv2 - ok
23:37:22.0189 4508 [ 4D0858B640CDBCBA671C5439A8EF45CB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:37:22.0251 4508 srvnet - ok
23:37:22.0330 4508 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:37:22.0394 4508 SSDPSRV - ok
23:37:22.0442 4508 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:37:22.0503 4508 SstpSvc - ok
23:37:22.0850 4508 [ 24543AAF056D3AFCED3F4FF487F53C90 ] ST2012_Svc C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
23:37:22.0916 4508 ST2012_Svc - ok
23:37:23.0190 4508 [ C5DF63AE2693C9B6B01B4A2E6C1C64AC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
23:37:23.0216 4508 STacSV - ok
23:37:23.0373 4508 [ BA16447226ABFD342E130D2F24F73D32 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
23:37:23.0402 4508 STHDA - ok
23:37:23.0598 4508 [ F14F7D7D68A66777FB999D5D0F21138D ] stisvc C:\Windows\System32\wiaservc.dll
23:37:23.0691 4508 stisvc - ok
23:37:23.0821 4508 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
23:37:23.0859 4508 stllssvr - ok
23:37:23.0891 4508 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:37:23.0904 4508 swenum - ok
23:37:24.0043 4508 [ DA34D6EB4A3154C0BEBAEB0A2483EF3E ] swprv C:\Windows\System32\swprv.dll
23:37:24.0148 4508 swprv - ok
23:37:24.0212 4508 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:37:24.0248 4508 Symc8xx - ok
23:37:24.0289 4508 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:37:24.0325 4508 Sym_hi - ok
23:37:24.0344 4508 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:37:24.0364 4508 Sym_u3 - ok
23:37:24.0411 4508 [ 79A93EC9D224B1F43C0E2F023D61DCA3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:37:24.0433 4508 SynTP - ok
23:37:24.0528 4508 [ BEA0D5521ED21DF8F6FFEED86DAEDE7B ] SysMain C:\Windows\system32\sysmain.dll
23:37:24.0702 4508 SysMain - ok
23:37:24.0726 4508 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:37:24.0811 4508 TabletInputService - ok
23:37:24.0845 4508 [ 52091001CAF20AE84CF47023EE21B4BB ] TapiSrv C:\Windows\System32\tapisrv.dll
23:37:24.0913 4508 TapiSrv - ok
23:37:24.0989 4508 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
23:37:25.0046 4508 TBS - ok
23:37:25.0197 4508 [ 3BCD46BE9988B09D3510A0EF54F0D65B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:37:25.0244 4508 Tcpip - ok
23:37:25.0264 4508 [ 3BCD46BE9988B09D3510A0EF54F0D65B ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:37:25.0305 4508 Tcpip6 - ok
23:37:25.0329 4508 [ C29D4B3B08AD0B7E8564814E4FF6A57B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:37:25.0417 4508 tcpipreg - ok
23:37:25.0428 4508 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:37:25.0481 4508 TDPIPE - ok
23:37:25.0500 4508 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:37:25.0548 4508 TDTCP - ok
23:37:25.0570 4508 [ 8C39C72E0E853DE04748C0337D9B9216 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:37:25.0627 4508 tdx - ok
23:37:25.0654 4508 [ 3F0EBF6EE609F2A276C0D5FAF244EC90 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:37:25.0668 4508 TermDD - ok
23:37:25.0815 4508 [ F870A5589D6A94B426EFB13689023946 ] TermService C:\Windows\System32\termsrv.dll
23:37:25.0914 4508 TermService - ok
23:37:25.0975 4508 [ EB3114330236CF030E8EDF62881BAF67 ] Themes C:\Windows\system32\shsvcs.dll
23:37:26.0015 4508 Themes - ok
23:37:26.0068 4508 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
23:37:26.0105 4508 THREADORDER - ok
23:37:26.0132 4508 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
23:37:26.0208 4508 TrkWks - ok
23:37:26.0282 4508 [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:37:26.0349 4508 TrustedInstaller - ok
23:37:26.0378 4508 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:37:26.0431 4508 tssecsrv - ok
23:37:26.0475 4508 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:37:26.0562 4508 tunmp - ok
23:37:26.0590 4508 [ F6A4FBA7C03AC2EFD00F3301C0C1E067 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:37:26.0643 4508 tunnel - ok
23:37:26.0670 4508 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:37:26.0686 4508 uagp35 - ok
23:37:26.0705 4508 [ ECA6629E33F122AFFF18A2AB7C3EB033 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:37:26.0745 4508 udfs - ok
23:37:26.0778 4508 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:37:26.0815 4508 UI0Detect - ok
23:37:26.0838 4508 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:37:26.0871 4508 uliagpkx - ok
23:37:26.0894 4508 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:37:26.0913 4508 uliahci - ok
23:37:27.0015 4508 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:37:27.0031 4508 UlSata - ok
23:37:27.0081 4508 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:37:27.0106 4508 ulsata2 - ok
23:37:27.0141 4508 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:37:27.0255 4508 umbus - ok
23:37:27.0301 4508 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
23:37:27.0358 4508 upnphost - ok
23:37:27.0431 4508 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:37:27.0485 4508 USBAAPL64 - ok
23:37:27.0528 4508 [ AE3DEA342F01249317B2BB3DF0424238 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:37:27.0579 4508 usbccgp - ok
23:37:27.0626 4508 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:37:27.0729 4508 usbcir - ok
23:37:27.0767 4508 [ B89F9FE9FC1E7C9CB03ACB8819EB511D ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:37:27.0822 4508 usbehci - ok
23:37:27.0899 4508 [ F2C1D8EFF9C7CF84FF0235408ACD3F4B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:37:27.0955 4508 usbhub - ok
23:37:28.0018 4508 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:37:28.0147 4508 usbohci - ok
23:37:28.0192 4508 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:37:28.0268 4508 usbprint - ok
23:37:28.0309 4508 [ 586D9876A4945779C8EEA926C0D16889 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:37:28.0360 4508 USBSTOR - ok
23:37:28.0405 4508 [ 225E107785315874BA5C1ABC7DDA7BFC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:37:28.0448 4508 usbuhci - ok
23:37:28.0472 4508 [ 9190F03C82547AFA87367F1CECA88F3B ] UxSms C:\Windows\System32\uxsms.dll
23:37:28.0513 4508 UxSms - ok
23:37:28.0530 4508 [ C15A4A550CBA7B9F1F68B72528E04CE1 ] vds C:\Windows\System32\vds.exe
23:37:28.0649 4508 vds - ok
23:37:28.0715 4508 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:37:28.0772 4508 vga - ok
23:37:28.0799 4508 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:37:28.0870 4508 VgaSave - ok
23:37:28.0903 4508 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
23:37:28.0922 4508 viaide - ok
23:37:28.0985 4508 [ 793D9B32A1C462C91F6F70358283AC97 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:37:29.0030 4508 volmgr - ok
23:37:29.0237 4508 [ 5AA217DA5DC4FF5B9AC9AB86563B3223 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:37:29.0339 4508 volmgrx - ok
23:37:29.0368 4508 [ DE4307412D98050239026E56A7DFF3C0 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:37:29.0417 4508 volsnap - ok
23:37:29.0443 4508 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:37:29.0460 4508 vsmraid - ok
23:37:29.0870 4508 [ 186BD53F8A408AD20F5A056C05678629 ] VSS C:\Windows\system32\vssvc.exe
23:37:30.0024 4508 VSS - ok
23:37:30.0182 4508 [ BA29F34A61CB55C0DEE29E787542EDF4 ] W32Time C:\Windows\system32\w32time.dll
23:37:30.0244 4508 W32Time - ok
23:37:30.0343 4508 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:37:30.0414 4508 WacomPen - ok
23:37:30.0441 4508 [ AEA75207E443C8623C36B8D03596F84F ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:37:30.0495 4508 Wanarp - ok
23:37:30.0500 4508 [ AEA75207E443C8623C36B8D03596F84F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:37:30.0536 4508 Wanarpv6 - ok
23:37:30.0561 4508 [ 055449247C490E24B968B44FE8A969EB ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:37:30.0627 4508 wcncsvc - ok
23:37:30.0643 4508 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:37:30.0703 4508 WcsPlugInService - ok
23:37:30.0721 4508 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
23:37:30.0735 4508 Wd - ok
23:37:30.0763 4508 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:37:30.0797 4508 Wdf01000 - ok
23:37:30.0831 4508 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:37:30.0882 4508 WdiServiceHost - ok
23:37:30.0886 4508 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:37:30.0924 4508 WdiSystemHost - ok
23:37:30.0976 4508 [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B ] WebClient C:\Windows\System32\webclnt.dll
23:37:31.0036 4508 WebClient - ok
23:37:31.0078 4508 [ BD9A749F36710FFA02E0E530F7451936 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:37:31.0142 4508 Wecsvc - ok
23:37:31.0170 4508 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:37:31.0208 4508 wercplsupport - ok
23:37:31.0256 4508 [ FC25242B3BCAF7E84D9184082274AE08 ] WerSvc C:\Windows\System32\WerSvc.dll
23:37:31.0340 4508 WerSvc - ok
23:37:31.0372 4508 WinDefend - ok
23:37:31.0378 4508 WinHttpAutoProxySvc - ok
23:37:31.0453 4508 [ AC98F38FEAB066A8F983D54FF3F4FD4C ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:37:31.0506 4508 Winmgmt - ok
23:37:31.0721 4508 [ AEB6C5200FD5517F06076AF0EE4538E1 ] WinRM C:\Windows\system32\WsmSvc.dll
23:37:31.0824 4508 WinRM - ok
23:37:31.0901 4508 [ 0A69955261C1B54206ADC9BEB89517DE ] Wlansvc C:\Windows\System32\wlansvc.dll
23:37:32.0013 4508 Wlansvc - ok
23:37:32.0066 4508 [ 7999DFB1C555EFC0DB69576F70027867 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:37:32.0093 4508 WmiAcpi - ok
23:37:32.0172 4508 [ D303322DD577C3DEDA1251ED2E7A496C ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:37:32.0311 4508 wmiApSrv - ok
23:37:32.0336 4508 WMPNetworkSvc - ok
23:37:32.0374 4508 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:37:32.0430 4508 WPCSvc - ok
23:37:32.0444 4508 [ A27C8F92D84E2DDC151978E4692C978E ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:37:32.0501 4508 WPDBusEnum - ok
23:37:32.0543 4508 [ 6329D1990DB931073B86AB5946D8E317 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:37:32.0592 4508 WpdUsb - ok
23:37:32.0908 4508 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:37:32.0945 4508 WPFFontCache_v0400 - ok
23:37:33.0004 4508 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:37:33.0041 4508 ws2ifsl - ok
23:37:33.0099 4508 [ CB8EA6D95949384925CCFCA21CC6DFD8 ] wscsvc C:\Windows\system32\wscsvc.dll
23:37:33.0142 4508 wscsvc - ok
23:37:33.0148 4508 WSearch - ok
23:37:33.0689 4508 [ FB3796754FE00F0BDC87A36F164A5F4D ] wuauserv C:\Windows\system32\wuaueng.dll
23:37:33.0769 4508 wuauserv - ok
23:37:33.0823 4508 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:37:33.0877 4508 WUDFRd - ok
23:37:33.0964 4508 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:37:34.0028 4508 wudfsvc - ok
23:37:34.0061 4508 ZTEusbmdm6k - ok
23:37:34.0068 4508 ZTEusbnmea - ok
23:37:34.0074 4508 ZTEusbser6k - ok
23:37:34.0083 4508 ================ Scan global ===============================
23:37:34.0116 4508 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
23:37:34.0186 4508 [ A9C654098A5CA39618DA9D022A6691B8 ] C:\Windows\system32\winsrv.dll
23:37:34.0201 4508 [ A9C654098A5CA39618DA9D022A6691B8 ] C:\Windows\system32\winsrv.dll
23:37:34.0254 4508 [ DFAC660F0F139276CC9299812DE42719 ] C:\Windows\system32\services.exe
23:37:34.0259 4508 [Global] - ok
23:37:34.0259 4508 ================ Scan MBR ==================================
23:37:34.0271 4508 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
23:37:36.0028 4508 \Device\Harddisk0\DR0 - ok
23:37:36.0029 4508 ================ Scan VBR ==================================
23:37:36.0066 4508 [ 699F28E2B509CA731FB222C61422522B ] \Device\Harddisk0\DR0\Partition1
23:37:36.0070 4508 \Device\Harddisk0\DR0\Partition1 - ok
23:37:36.0112 4508 [ 7BDE9048671208B939C218667ED213A4 ] \Device\Harddisk0\DR0\Partition2
23:37:36.0143 4508 \Device\Harddisk0\DR0\Partition2 - ok
23:37:36.0144 4508 ============================================================
23:37:36.0144 4508 Scan finished
23:37:36.0144 4508 ============================================================
23:37:36.0165 0872 Detected object count: 1
23:37:36.0165 0872 Actual detected object count: 1
23:38:06.0154 0872 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:06.0154 0872 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
14.05.2013, 19:14
| #12 |
| /// TB-Ausbilder | Weißer Bildschirm-Virus Servus, ok, danke für die Antwort. Melde mich morgen wieder. |
|
16.05.2013, 16:01
| #13 |
| /// TB-Ausbilder | Weißer Bildschirm-Virus Servus, tut mir Leid für die Verspätung. Wir entfernen noch ein paar Reste und kontrollieren nochmal alles: Schritt 1 Fixen mit OTL
Code:
ATTFilter :files
C:\Program Files (x86)\FilesFrog Update Checker
C:\ProgramData\Babylon
C:\Users\All Users\Babylon
:Commands
[emptytemp]
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
20.05.2013, 10:30
| #14 |
| /// TB-Ausbilder | Weißer Bildschirm-Virus Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
24.05.2013, 13:02
| #15 |
| | Weißer Bildschirm-Virus hi. bin wieder da. bitte entschuldige die lange Verzögerung.. hier kommen meine Aufgaben.. OTL-Logfile: Code:
ATTFilter All processes killed
========== FILES ==========
C:\Program Files (x86)\FilesFrog Update Checker folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
File\Folder C:\Users\All Users\Babylon not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: hennipet
->Temp folder emptied: 224756 bytes
->Temporary Internet Files folder emptied: 2096445 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 4812673 bytes
->Google Chrome cache emptied: 7274810 bytes
->Flash cache emptied: 506 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 855364 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33237 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 15,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05242013_134903
Files\Folders moved on Reboot...
C:\Windows\temp\sqlite_7wOAkhTE1Fm59V0 moved successfully.
C:\Windows\temp\sqlite_igy19zQrI2YdPvZ moved successfully.
C:\Windows\temp\sqlite_PhyXtPOc55Ues2B moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZKBK0K87\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M5M8VNOQ\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HGHOGVWD\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DABMCWFW\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TRG07T\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Anti Malware: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.24.04 Windows Vista Service Pack 1 x64 NTFS Internet Explorer 7.0.6001.18000 hennipet :: HENNIPET-PC [Administrator] 24.05.2013 14:00:14 mbam-log-2013-05-24 (14-00-14).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 219996 Laufzeit: 7 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=342b6b152feb584081f69017ad87c0f0
# engine=13905
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-05-24 03:32:01
# local_time=2013-05-24 05:32:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5122 16777213 100 88 1133057 118192117 0 0
# compatibility_mode=5892 16776574 100 100 947366 206933427 0 0
# compatibility_mode=7937 16777214 28 75 963225 3623169 0 0
# scanned=183814
# found=0
# cleaned=0
# scan_time=4743
|
|
| Themen zu Weißer Bildschirm-Virus |
| anleitung, board, dateien, erscheint, erstelle, erstellen, folge, folgende, gesuch, hallo zusammen, infizierte, infizierten, leitung, lösungen, problem, programm, reagiert, rechner, starte, strg, troja, trojaner, trojaner board, weißer, zusammen |
Textbox.
Hybrid-Darstellung
