Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virus system repair (https://www.trojaner-board.de/131701-virus-system-repair.html)

sagdoch 01.03.2013 16:37
Virus system repair
 
Hallo zusammen,

ich denke ich habe das selbe Problem (system repair) wie der Smilow vom 22.02.2013, 18:31.
Ich habe die Logfiles wie beim Ihm beschrieben, kann aber nichts damit anfangen.
Logfiles von den ersten Schritten habe ich angehängt.

Kann mir jemand weiterhelfen?

Danke

markusg 01.03.2013 16:43
Hi
prinzipiell ja, aber ohne Logs, nein

sagdoch 01.03.2013 18:40
Hallo Markus,

danke für die Antwort.
Habe Versucht sie anzuhängen, dürfte nicht funktioniert haben.

Code:
Rkill 2.4.7 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 hxxp://www.bleepingcomputer.com/forums/topic308364.html
 
Program started at: 03/01/2013 03:38:31 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
  [HKLM\SOFTWARE\Microsoft\Windows Defender]
  "DisableAntiSpyware" = dword:00000001
 
 * SMTMP folder detected. Please see this link for more information: hxxp://www.bleepingcomputer.com/forums/topic405109.html
 
Checking Windows Service Integrity:
 
 * Windows Defender (WinDefend) is not Running.
  Startup Type set to: Manual
 
Searching for Missing Digital Signatures:
 
 * No issues found.
 
Checking HOSTS File:
 
 * Cannot edit the HOSTS file.
 * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: hxxp://www.bleepingcomputer.com/download/hosts-permbat/
 
Program finished at: 03/01/2013 03:38:34 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

Code:
OTL logfile created on: 01.03.2013 15:57:54 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Englader\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,85 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 47,50% Memory free
7,70 Gb Paging File | 5,46 Gb Available in Paging File | 70,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,70 Gb Total Space | 813,19 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
 
Computer Name: ENGLADER-STANPC | User Name: Englader | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.03.01 15:57:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Englader\Desktop\OTL.exe
PRC - [2013.02.27 08:07:09 | 000,701,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe
PRC - [2013.02.07 14:21:39 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.02.07 14:20:40 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.02.07 14:20:38 | 000,400,608 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2013.02.07 14:20:37 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.02.07 14:20:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.07.27 21:51:46 | 001,261,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe
PRC - [2012.07.27 21:51:38 | 000,823,224 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012.07.27 12:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.09.22 11:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
PRC - [2011.09.22 11:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
PRC - [2011.09.21 11:30:12 | 004,109,312 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
PRC - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.05.20 11:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.11.17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.15 03:34:44 | 001,358,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll
MOD - [2013.02.15 03:28:41 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013.02.15 03:28:31 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.10 03:40:28 | 001,707,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll
MOD - [2013.01.10 03:40:25 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll
MOD - [2013.01.10 03:39:01 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll
MOD - [2013.01.10 03:39:01 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll
MOD - [2013.01.10 03:38:58 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll
MOD - [2013.01.10 03:34:10 | 017,478,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\59b69c377cada679ff7934e0d8cbaf15\System.ServiceModel.ni.dll
MOD - [2013.01.10 03:34:01 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
MOD - [2013.01.10 03:33:59 | 001,084,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll
MOD - [2013.01.10 03:33:58 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll
MOD - [2013.01.10 03:30:58 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.10 03:30:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 03:30:41 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.01.10 03:30:27 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 03:30:25 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.01.10 03:30:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.10 03:30:15 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 03:30:12 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 03:30:12 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 03:30:04 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.07.27 21:51:54 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
MOD - [2012.07.27 21:51:46 | 000,249,272 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll
MOD - [2012.02.24 18:55:56 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.09.22 11:14:16 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
MOD - [2010.11.24 23:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
MOD - [2010.11.21 07:49:35 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2010.11.21 07:49:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010.11.17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.27 08:43:22 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.07 14:21:39 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.02.07 14:20:40 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.02.07 14:20:38 | 000,400,608 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2013.02.07 14:20:37 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.27 12:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.09.22 11:06:12 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011.05.20 11:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.11.25 06:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010.11.25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.11.18 02:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.12.10 15:38:09 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.12.10 15:38:09 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.10.10 07:08:35 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.24 18:56:01 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.02.24 18:56:01 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.08.17 08:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.08.17 08:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.08.17 08:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.08.17 08:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.08.09 17:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.05.20 18:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.21 04:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.15 10:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.22 04:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.06.08 13:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010.03.19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006.11.01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.12.14 02:19:10 | 000,025,072 | -H-- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gemeindebedarf.at/
IE - HKCU\..\SearchScopes,DefaultScope = {F6E21579-8DF3-4135-AF4F-A87038B2F43C}
IE - HKCU\..\SearchScopes\{F6E21579-8DF3-4135-AF4F-A87038B2F43C}: "URL" = hxxp://www.google.at/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Englader\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Englader\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Englader\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Englader\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Englader\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.10.01 07:32:35 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [oKJlROuTVCyA.exe] C:\ProgramData\oKJlROuTVCyA.exe ()
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D370C26F-6EF6-4D14-9062-EFBC4D653C32}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D370C26F-6EF6-4D14-9062-EFBC4D653C32}: NameServer = 195.3.96.67,195.3.96.68
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.01 15:57:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Englader\Desktop\OTL.exe
[2013.03.01 15:50:44 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Englader\Desktop\tdsskiller.exe
[2013.03.01 15:37:39 | 000,000,000 | ---D | C] -- C:\Users\Englader\Desktop\rkill
[2013.03.01 15:36:29 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Englader\Desktop\rkill.com
[2013.03.01 14:02:58 | 000,000,000 | -H-D | C] -- C:\Users\Englader\AppData\Roaming\PCDr
[2013.03.01 10:37:08 | 000,000,000 | ---D | C] -- C:\Users\Englader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair
[2013.02.27 19:22:38 | 000,000,000 | -H-D | C] -- C:\Users\Englader\AppData\Roaming\Mozilla
[2013.02.25 11:20:18 | 000,000,000 | -H-D | C] -- C:\Users\Englader\Documents\Vertrieb-IPA
[2013.02.20 14:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingBill 2013
[2013.02.20 14:56:00 | 000,000,000 | -H-D | C] -- C:\KingBill GmbH
[2013.02.15 03:00:57 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.15 03:00:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.15 03:00:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.15 03:00:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.15 03:00:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.15 03:00:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.15 03:00:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.15 03:00:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.15 03:00:54 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.15 03:00:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.15 03:00:53 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.15 03:00:53 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.15 03:00:52 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.15 03:00:52 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.15 03:00:52 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.14 08:28:13 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.14 08:28:11 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.14 08:28:10 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.14 08:28:07 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.14 08:28:07 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.14 08:28:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.14 08:28:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.14 08:28:07 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.14 08:28:07 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.14 08:28:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.03 17:18:55 | 000,000,000 | -H-D | C] -- C:\Users\Englader\AppData\Roaming\streamlife.Streamlife
[2013.02.03 17:18:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\streamlife
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.01 15:57:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Englader\Desktop\OTL.exe
[2013.03.01 15:50:44 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Englader\Desktop\tdsskiller.exe
[2013.03.01 15:43:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.01 15:36:29 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Englader\Desktop\rkill.com
[2013.03.01 15:21:02 | 000,001,132 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-687154380-900311623-483718333-1001UA.job
[2013.03.01 15:06:30 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.01 15:06:30 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.01 14:52:02 | 000,001,499 | ---- | M] () -- C:\Users\Englader\Desktop\System Repair.lnk
[2013.03.01 14:46:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.01 14:46:09 | 3102,031,872 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.01 14:03:12 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013.03.01 12:51:56 | 639,634,201 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.03.01 10:43:14 | 000,000,168 | -H-- | M] () -- C:\ProgramData\oKJlROuTVCyA
[2013.03.01 10:40:24 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-oKJlROuTVCyAr
[2013.03.01 10:40:24 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-oKJlROuTVCyA
[2013.03.01 10:38:37 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2013.03.01 10:24:15 | 000,299,008 | -H-- | M] () -- C:\ProgramData\oKJlROuTVCyA.exe
[2013.03.01 08:21:00 | 000,001,080 | -H-- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-687154380-900311623-483718333-1001Core.job
[2013.02.28 10:50:55 | 000,001,456 | -H-- | M] () -- C:\Users\Englader\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2013.02.28 08:49:11 | 000,071,181 | -H-- | M] () -- C:\Users\Englader\Documents\Jänner-2013-Kto-Riederer.pdf
[2013.02.27 08:43:22 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.27 08:43:22 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.26 16:10:46 | 000,013,677 | -H-- | M] () -- C:\Users\Englader\Desktop\Gesamt - Aquise - 04-2013.lnk
[2013.02.26 16:09:40 | 000,007,133 | -H-- | M] () -- C:\Users\Englader\Desktop\Jahresplanung-2012-2013-2013-02-26 - Verknüpfung.lnk
[2013.02.25 15:59:30 | 000,001,338 | -H-- | M] () -- C:\Users\Englader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
[2013.02.19 09:58:00 | 000,023,708 | -H-- | M] () -- C:\Users\Englader\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2013.02.15 03:28:03 | 005,077,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.15 03:04:07 | 001,633,540 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.15 03:04:07 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.15 03:04:07 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.15 03:04:07 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.15 03:04:07 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.13 15:37:44 | 000,004,456 | -H-- | M] () -- C:\Users\Englader\Desktop\Begleitschreiben Willpflegen-2013-02-12-O.lnk
[2013.02.13 15:09:27 | 000,002,090 | -H-- | M] () -- C:\Users\Englader\Documents\template.zip
[2013.02.12 11:07:54 | 000,447,570 | -H-- | M] () -- C:\Users\Englader\Documents\gesundheitsmesse-wels.pdf
[2013.02.07 18:01:30 | 000,617,520 | -H-- | M] () -- C:\Users\Englader\Documents\Tel-Ams-Sammelmappe.pdf
 
========== Files Created - No Company Name ==========
 
[2013.03.01 10:37:08 | 000,001,499 | ---- | C] () -- C:\Users\Englader\Desktop\System Repair.lnk
[2013.03.01 10:26:27 | 000,000,176 | -H-- | C] () -- C:\ProgramData\-oKJlROuTVCyAr
[2013.03.01 10:26:26 | 000,000,176 | -H-- | C] () -- C:\ProgramData\-oKJlROuTVCyA
[2013.03.01 10:26:25 | 000,000,168 | -H-- | C] () -- C:\ProgramData\oKJlROuTVCyA
[2013.03.01 10:26:20 | 000,299,008 | -H-- | C] () -- C:\ProgramData\oKJlROuTVCyA.exe
[2013.02.28 08:49:11 | 000,071,181 | -H-- | C] () -- C:\Users\Englader\Documents\Jänner-2013-Kto-Riederer.pdf
[2013.02.26 16:09:40 | 000,007,133 | -H-- | C] () -- C:\Users\Englader\Desktop\Jahresplanung-2012-2013-2013-02-26 - Verknüpfung.lnk
[2013.02.13 15:37:44 | 000,004,456 | -H-- | C] () -- C:\Users\Englader\Desktop\Begleitschreiben Willpflegen-2013-02-12-O.lnk
[2013.02.13 15:09:27 | 000,002,090 | -H-- | C] () -- C:\Users\Englader\Documents\template.zip
[2013.02.12 11:07:54 | 000,447,570 | -H-- | C] () -- C:\Users\Englader\Documents\gesundheitsmesse-wels.pdf
[2013.02.07 18:01:30 | 000,617,520 | -H-- | C] () -- C:\Users\Englader\Documents\Tel-Ams-Sammelmappe.pdf
[2013.02.05 10:23:05 | 000,013,677 | -H-- | C] () -- C:\Users\Englader\Desktop\Gesamt - Aquise - 04-2013.lnk
[2012.11.21 08:52:43 | 000,023,909 | -H-- | C] () -- C:\Users\Englader\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2012.10.03 15:27:27 | 000,023,708 | -H-- | C] () -- C:\Users\Englader\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2012.09.28 07:55:47 | 000,000,132 | -H-- | C] () -- C:\Users\Englader\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.06.14 15:22:44 | 000,000,132 | -H-- | C] () -- C:\Users\Englader\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.05.31 16:37:58 | 000,001,456 | -H-- | C] () -- C:\Users\Englader\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.02.24 18:46:22 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.02.24 18:46:21 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.02.24 18:46:20 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.02.24 18:46:19 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.02.24 18:46:18 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1130 bytes -> C:\Users\Englader\AppData\Local\rQFkaQwsqMVD:CqQciN0TMhX5D6nHgMRUdT

< End of report >

Muss die Logs aufteilen weil es zu viele Zeichen sind.
Danke für die Unterstützung

markusg 01.03.2013 18:44
Hi,


otl fix

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:
:OTL
O4 - HKCU..\Run: [oKJlROuTVCyA.exe] C:\ProgramData\oKJlROuTVCyA.exe ()
[2013.03.01 10:37:08 | 000,000,000 | ---D | C] -- C:\Users\Englader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair
[2013.03.01 14:52:02 | 000,001,499 | ---- | M] () -- C:\Users\Englader\Desktop\System Repair.lnk
[2013.03.01 10:43:14 | 000,000,168 | -H-- | M] () -- C:\ProgramData\oKJlROuTVCyA
[2013.03.01 10:40:24 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-oKJlROuTVCyAr
[2013.03.01 10:40:24 | 000,000,176 | -H-- | M] () -- C:\ProgramData\-oKJlROuTVCyA

:files
:Commands
[Reboot]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread




falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!



Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus :)



lade unhide:
http://filepony.de/download-unhide/
doppelklicken, dateien werden sichtbar

sagdoch 01.03.2013 18:45
OTL-Extra
Code:
OTL Extras logfile created on: 01.03.2013 15:57:54 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Englader\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,85 Gb Total Physical Memory | 1,83 Gb Available Physical Memory | 47,50% Memory free
7,70 Gb Paging File | 5,46 Gb Available in Paging File | 70,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,70 Gb Total Space | 813,19 Gb Free Space | 88,52% Space Free | Partition Type: NTFS
 
Computer Name: ENGLADER-STANPC | User Name: Englader | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08C605EA-0DF5-4776-B304-EDA87968FB97}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0F378A28-C825-48CE-801E-C75F0E55F553}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{26244719-3C64-4CB9-9472-98CB3E5E5DA3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2FDF479D-E8C4-4531-B0B1-F5ED122AFDC0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{47A79A27-ED65-4672-9FB9-AFDC20714BB8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4E828ED1-3970-4AE8-A1F3-3ABDB08DEED1}" = rport=139 | protocol=6 | dir=out | app=system |
"{5262B54D-590A-4B19-8EFB-A8213921EF1D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{52CFB241-3430-438D-8010-C9F948F11D62}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{55BD309F-2569-4A5A-8FE7-F491F7A6FD63}" = rport=445 | protocol=6 | dir=out | app=system |
"{577A0E14-5BD3-453D-BCFD-D915CDB53305}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5999D579-0C37-4F8E-AE11-AE9F01E3D1EC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{60EBDBE0-D4AF-40B9-8FA5-C8C407833320}" = rport=137 | protocol=17 | dir=out | app=system |
"{615B591D-FC45-4652-9198-FBBCC8724D8D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6582EC01-8429-4F30-A7C1-17B7A7F4F4D8}" = lport=137 | protocol=17 | dir=in | app=system |
"{8F834CAA-D7E4-43F8-9F73-F51CF684036A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{920698C4-9C7C-41EC-97E9-EEB35B47954E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A71095DA-C1B8-460A-ABEC-4107788EC7E2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BEC6387B-737D-45D6-87A1-3F8AE1E7BBC9}" = lport=139 | protocol=6 | dir=in | app=system |
"{C01994BA-D903-4727-BC5F-826A5C0037B7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DEE50EB9-DF85-4874-8F83-D1A857685813}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E7E27953-3CFD-4FA5-966E-2C6515957999}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC8EF839-11F9-4203-A01E-4C338F78581B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EEEC2C59-C33E-4286-9F9F-BCCFB76C7797}" = lport=138 | protocol=17 | dir=in | app=system |
"{F363633E-B46E-41FE-8F4B-FBD5CDD07071}" = lport=445 | protocol=6 | dir=in | app=system |
"{F71C6F70-6333-47A9-9DEC-8AC9DA7A7A58}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FF97FD0D-D001-458D-8B73-FD46053677DE}" = rport=138 | protocol=17 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08174E5B-0E41-4E75-AE85-D33A53E3144F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{1746BA77-0AB9-42F6-8B7F-D86956775A1F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18E2854D-2A07-44DE-B939-86DD96CE4EEF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{19F7C374-074E-4E1F-BA57-1FE37995F600}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{25395EBC-66B1-4E41-A3E1-15598338F2A6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2CD697C4-178E-4F6A-9B91-DCE008001184}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{35F7E11A-A8C2-45C5-816A-4A8494C73614}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{57B503C8-1EF4-4D0D-9138-61A88D13264A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E1F775C-6D1D-40FB-BB38-0433D4FF9D33}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{66BF80DC-B247-4617-B4A4-5C199951A546}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6C82699F-21F6-4036-838E-69D18EBCACC0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{71636557-A8CB-4D9D-AB8A-6ABE269EF72B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7AF6F8CA-183B-4D9E-8713-2093E5172B79}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B5F5752-5460-4DF1-8F8D-7F59B38A1637}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{898B9B0E-FE23-42CC-A121-A78B224ECF13}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8B62E10F-026D-42E7-AE69-6F65142F6239}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9ECBF658-3116-452A-B5B1-4F71CD676F0F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AB2DB78B-30F8-490F-AE9B-E942B7A2E8D5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF56A2D5-5B12-4ACA-AA53-FF59598256D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C8A8CEA4-215F-4309-968D-AB43BB68ECA0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D818B7CB-14F5-4A55-A59A-49ADF66BF814}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC54AAB8-6F91-493D-BB3D-1BA8E9765916}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCD13391-F29C-4448-A697-B1E479E785AE}" = protocol=6 | dir=out | app=system |
"{E8F64D3A-70BC-49CE-9F42-17CC5B61DD4E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{23F943B3-AEC9-4036-AFBC-97D2B0128F78}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D2C45750-9D3A-43CC-B1C9-FF25269BB2A4}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Support Center" = Dell Support Center
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5BEBD7F0-5544-3B4C-8D15-7154AA35BEA2}" = Google Talk Plugin
"{60E59A6C-7399-495A-B85C-C829F4E59602}" = Adobe Creative Suite 5.5 Design Premium
"{62F26EC8-E58A-E16A-F867-074ED20C3257}" = streamlife
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0D0FE27-F362-4A6B-8F07-E5F887FF90FA}" = KingBill 2013
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Antivirus Premium
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"Office14.SingleImage" = Microsoft Office Professional 2010
"streamlife.Streamlife" = streamlife
"WinLiveSuite" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 30.01.2013 07:37:03 | Computer Name = Englader-StanPC | Source = Microsoft-Windows-Defrag | ID = 257
Description =
 
Error - 05.02.2013 07:19:28 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
 
Error - 14.02.2013 22:28:15 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
 
Error - 26.02.2013 09:29:27 | Computer Name = Englader-StanPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16464,
 Zeitstempel: 0x50ecc35d  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec4aa8e  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c40f2
ID
 des fehlerhaften Prozesses: 0x21cc  Startzeit der fehlerhaften Anwendung: 0x01ce14228b5fd3cd
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 8a3e0fad-8018-11e2-9921-d4bed9955623
 
Error - 01.03.2013 05:39:59 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
 
Error - 01.03.2013 05:52:41 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
 
Error - 01.03.2013 07:44:45 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
 
Error - 01.03.2013 07:53:44 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
 
Error - 01.03.2013 09:10:05 | Computer Name = Englader-StanPC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
 Zeitstempel: 0x4d672ee4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec4aa8e  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c40f2
ID
 des fehlerhaften Prozesses: 0x5a4  Startzeit der fehlerhaften Anwendung: 0x01ce167c43c499d7
Pfad
 der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 5548db15-8271-11e2-b0b5-d4bed9955623
 
Error - 01.03.2013 09:48:01 | Computer Name = Englader-StanPC | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 18.02.2013 07:23:26 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
Error - 18.02.2013 07:23:26 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
Error - 18.02.2013 07:30:07 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
Error - 18.02.2013 07:30:07 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
Error - 20.02.2013 05:24:50 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
Error - 20.02.2013 05:24:50 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
Error - 20.02.2013 05:28:19 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
Error - 20.02.2013 05:28:19 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
Error - 20.02.2013 05:30:48 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
Error - 20.02.2013 05:30:48 | Computer Name = Englader-StanPC | Source = DCOM | ID = 10016
Description =
 
 
< End of report >

markusg 01.03.2013 18:46
sorry überschnitten, siehe post vorher

sagdoch 01.03.2013 19:08
Die Datei kann ich nicht zippen.
bei rechtsklick und senden kommt nur DVD

Code:
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\oKJlROuTVCyA.exe deleted successfully.
C:\ProgramData\oKJlROuTVCyA.exe moved successfully.
C:\Users\Englader\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Repair folder moved successfully.
C:\Users\Englader\Desktop\System Repair.lnk moved successfully.
C:\ProgramData\oKJlROuTVCyA moved successfully.
C:\ProgramData\-oKJlROuTVCyAr moved successfully.
C:\ProgramData\-oKJlROuTVCyA moved successfully.
========== FILES ==========
========== COMMANDS ==========
 
OTL by OldTimer - Version 3.2.69.0 log created on 03012013_190112

markusg 01.03.2013 19:20
7-Zip.de
7zip laden instalieren, neustarten und dann über rechtsklick, 7zip, packen

sagdoch 01.03.2013 19:22
Upload hat funktioniert,


muss ich das

Code:
lade unhide:
hxxp://download.bleepingcomputer.com/grinler/unhide.exe
doppelklicken, dateien werden sichtbar
noch machen.

markusg 01.03.2013 19:24
weiter mit unhide bitte
hattest du den tdss killer genutzt, dann log posten

sagdoch 01.03.2013 19:36
habe nach anklicken ausführen bestätigt, jetzt ist eine kleines schwarzes fenster.


die Logs habe ich wieder geziebt und raufgeladen weil es zu viele Zeichen waren.

unhide exe sagt jetzt:
Es befindet sich kein Datenträger im Laufwerk.
Legen Sie einen Datenträger in Laufwerk\Device\Harddisk1\DR1 ein

markusg 01.03.2013 19:44
und was ist, wenn du ok klickst? logs bitte hier im forum posten

sagdoch 01.03.2013 19:52
Muss ich teile weil es zu viele Zeichen hat.
1.Teil

Code:
15:51:01.0454 6812  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:51:01.0812 6812  ============================================================
15:51:01.0812 6812  Current date / time: 2013/03/01 15:51:01.0812
15:51:01.0812 6812  SystemInfo:
15:51:01.0812 6812 
15:51:01.0812 6812  OS Version: 6.1.7601 ServicePack: 1.0
15:51:01.0812 6812  Product type: Workstation
15:51:01.0812 6812  ComputerName: ENGLADER-STANPC
15:51:01.0812 6812  UserName: Englader
15:51:01.0812 6812  Windows directory: C:\Windows
15:51:01.0812 6812  System windows directory: C:\Windows
15:51:01.0812 6812  Running under WOW64
15:51:01.0812 6812  Processor architecture: Intel x64
15:51:01.0812 6812  Number of processors: 4
15:51:01.0812 6812  Page size: 0x1000
15:51:01.0812 6812  Boot type: Normal boot
15:51:01.0812 6812  ============================================================
15:51:02.0374 6812  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:51:02.0390 6812  ============================================================
15:51:02.0390 6812  \Device\Harddisk0\DR0:
15:51:02.0390 6812  MBR partitions:
15:51:02.0390 6812  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1986000
15:51:02.0390 6812  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x199A000, BlocksNum 0x72D655B0
15:51:02.0390 6812  ============================================================
15:51:02.0421 6812  C: <-> \Device\Harddisk0\DR0\Partition2
15:51:02.0421 6812  ============================================================
15:51:02.0421 6812  Initialize success
15:51:02.0421 6812  ============================================================
15:51:04.0652 0688  ============================================================
15:51:04.0652 0688  Scan started
15:51:04.0652 0688  Mode: Manual;
15:51:04.0652 0688  ============================================================
15:51:06.0352 0688  ================ Scan system memory ========================
15:51:06.0352 0688  System memory - ok
15:51:06.0352 0688  ================ Scan services =============================
15:51:06.0602 0688  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:51:06.0602 0688  1394ohci - ok
15:51:06.0664 0688  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:51:06.0680 0688  ACPI - ok
15:51:06.0695 0688  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
15:51:06.0695 0688  AcpiPmi - ok
15:51:06.0789 0688  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:51:06.0820 0688  AdobeARMservice - ok
15:51:06.0914 0688  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:51:06.0914 0688  AdobeFlashPlayerUpdateSvc - ok
15:51:06.0929 0688  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
15:51:06.0945 0688  adp94xx - ok
15:51:06.0945 0688  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
15:51:06.0960 0688  adpahci - ok
15:51:06.0976 0688  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
15:51:06.0976 0688  adpu320 - ok
15:51:06.0992 0688  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
15:51:07.0007 0688  AeLookupSvc - ok
15:51:07.0038 0688  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:51:07.0038 0688  AERTFilters - ok
15:51:07.0085 0688  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
15:51:07.0101 0688  AFD - ok
15:51:07.0116 0688  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:51:07.0116 0688  agp440 - ok
15:51:07.0132 0688  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
15:51:07.0132 0688  ALG - ok
15:51:07.0148 0688  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:51:07.0148 0688  aliide - ok
15:51:07.0163 0688  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:51:07.0163 0688  amdide - ok
15:51:07.0179 0688  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
15:51:07.0179 0688  AmdK8 - ok
15:51:07.0194 0688  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:51:07.0194 0688  AmdPPM - ok
15:51:07.0210 0688  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
15:51:07.0210 0688  amdsata - ok
15:51:07.0210 0688  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:51:07.0226 0688  amdsbs - ok
15:51:07.0241 0688  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
15:51:07.0241 0688  amdxata - ok
15:51:07.0335 0688  [ B73EB5109193A4BACE8520B79DD77B25 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
15:51:07.0366 0688  AntiVirMailService - ok
15:51:07.0444 0688  [ 44E76CC89F7E38B3C31F000A4E566856 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:51:07.0460 0688  AntiVirSchedulerService - ok
15:51:07.0522 0688  [ 3FE1CDD4DCF5D42DDBD6F1A3F83B5D3A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:51:07.0553 0688  AntiVirService - ok
15:51:07.0569 0688  [ 4B46FED191BEB6EAFED88DE90E97A7DB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:51:07.0600 0688  AntiVirWebService - ok
15:51:07.0616 0688  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
15:51:07.0616 0688  AppID - ok
15:51:07.0631 0688  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:51:07.0647 0688  AppIDSvc - ok
15:51:07.0662 0688  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
15:51:07.0662 0688  Appinfo - ok
15:51:07.0709 0688  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt        C:\Windows\System32\appmgmts.dll
15:51:07.0709 0688  AppMgmt - ok
15:51:07.0725 0688  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\drivers\arc.sys
15:51:07.0725 0688  arc - ok
15:51:07.0740 0688  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:51:07.0740 0688  arcsas - ok
15:51:07.0865 0688  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:51:07.0896 0688  aspnet_state - ok
15:51:07.0912 0688  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:51:07.0912 0688  AsyncMac - ok
15:51:07.0943 0688  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
15:51:07.0943 0688  atapi - ok
15:51:07.0974 0688  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:51:07.0990 0688  AudioEndpointBuilder - ok
15:51:08.0006 0688  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:51:08.0006 0688  AudioSrv - ok
15:51:08.0037 0688  [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:51:08.0037 0688  avgntflt - ok
15:51:08.0068 0688  [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:51:08.0068 0688  avipbb - ok
15:51:08.0068 0688  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:51:08.0084 0688  avkmgr - ok
15:51:08.0099 0688  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:51:08.0099 0688  AxInstSV - ok
15:51:08.0131 0688  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
15:51:08.0131 0688  b06bdrv - ok
15:51:08.0146 0688  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:51:08.0146 0688  b57nd60a - ok
15:51:08.0162 0688  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:51:08.0177 0688  BDESVC - ok
15:51:08.0177 0688  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:51:08.0177 0688  Beep - ok
15:51:08.0209 0688  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
15:51:08.0240 0688  BFE - ok
15:51:08.0271 0688  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:51:08.0287 0688  BITS - ok
15:51:08.0302 0688  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:51:08.0318 0688  blbdrive - ok
15:51:08.0333 0688  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:51:08.0333 0688  bowser - ok
15:51:08.0333 0688  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:51:08.0349 0688  BrFiltLo - ok
15:51:08.0349 0688  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:51:08.0349 0688  BrFiltUp - ok
15:51:08.0380 0688  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
15:51:08.0380 0688  Browser - ok
15:51:08.0396 0688  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
15:51:08.0396 0688  Brserid - ok
15:51:08.0411 0688  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:51:08.0411 0688  BrSerWdm - ok
15:51:08.0427 0688  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:51:08.0427 0688  BrUsbMdm - ok
15:51:08.0427 0688  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:51:08.0427 0688  BrUsbSer - ok
15:51:08.0443 0688  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:51:08.0443 0688  BTHMODEM - ok
15:51:08.0474 0688  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
15:51:08.0489 0688  bthserv - ok
15:51:08.0505 0688  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:51:08.0505 0688  cdfs - ok
15:51:08.0521 0688  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
15:51:08.0521 0688  cdrom - ok
15:51:08.0521 0688  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
15:51:08.0536 0688  CertPropSvc - ok
15:51:08.0552 0688  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
15:51:08.0552 0688  circlass - ok
15:51:08.0552 0688  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:51:08.0567 0688  CLFS - ok
15:51:08.0630 0688  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:51:08.0645 0688  clr_optimization_v2.0.50727_32 - ok
15:51:08.0692 0688  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:51:08.0708 0688  clr_optimization_v2.0.50727_64 - ok
15:51:08.0755 0688  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:51:08.0786 0688  clr_optimization_v4.0.30319_32 - ok
15:51:08.0801 0688  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:51:08.0817 0688  clr_optimization_v4.0.30319_64 - ok
15:51:08.0833 0688  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:51:08.0833 0688  CmBatt - ok
15:51:08.0833 0688  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:51:08.0833 0688  cmdide - ok
15:51:08.0879 0688  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
15:51:08.0879 0688  CNG - ok
15:51:08.0895 0688  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:51:08.0911 0688  Compbatt - ok
15:51:08.0926 0688  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:51:08.0926 0688  CompositeBus - ok
15:51:08.0926 0688  COMSysApp - ok
15:51:08.0942 0688  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
15:51:08.0942 0688  crcdisk - ok
15:51:08.0973 0688  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:51:08.0973 0688  CryptSvc - ok
15:51:09.0004 0688  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC            C:\Windows\system32\drivers\csc.sys
15:51:09.0004 0688  CSC - ok
15:51:09.0035 0688  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
15:51:09.0035 0688  CscService - ok
15:51:09.0067 0688  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:51:09.0082 0688  DcomLaunch - ok
15:51:09.0113 0688  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
15:51:09.0129 0688  defragsvc - ok
15:51:09.0145 0688  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:51:09.0145 0688  DfsC - ok
15:51:09.0160 0688  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:51:09.0176 0688  Dhcp - ok
15:51:09.0191 0688  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:51:09.0191 0688  discache - ok
15:51:09.0207 0688  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
15:51:09.0207 0688  Disk - ok
15:51:09.0223 0688  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
15:51:09.0223 0688  dmvsc - ok
15:51:09.0254 0688  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:51:09.0269 0688  Dnscache - ok
15:51:09.0269 0688  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
15:51:09.0285 0688  dot3svc - ok
15:51:09.0301 0688  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
15:51:09.0301 0688  DPS - ok
15:51:09.0332 0688  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
15:51:09.0332 0688  drmkaud - ok
15:51:09.0363 0688  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
15:51:09.0379 0688  DXGKrnl - ok
15:51:09.0410 0688  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
15:51:09.0425 0688  EapHost - ok
15:51:09.0535 0688  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\drivers\evbda.sys
15:51:09.0675 0688  ebdrv - ok
15:51:09.0722 0688  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
15:51:09.0722 0688  EFS - ok
15:51:09.0769 0688  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
15:51:09.0784 0688  ehRecvr - ok
15:51:09.0800 0688  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
15:51:09.0800 0688  ehSched - ok
15:51:09.0815 0688  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
15:51:09.0815 0688  elxstor - ok
15:51:09.0831 0688  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:51:09.0831 0688  ErrDev - ok
15:51:09.0862 0688  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
15:51:09.0862 0688  EventSystem - ok
15:51:09.0878 0688  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
15:51:09.0878 0688  exfat - ok
15:51:09.0893 0688  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
15:51:09.0909 0688  fastfat - ok
15:51:09.0925 0688  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
15:51:09.0940 0688  Fax - ok
15:51:09.0956 0688  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\drivers\fdc.sys
15:51:09.0956 0688  fdc - ok
15:51:09.0956 0688  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
15:51:09.0971 0688  fdPHost - ok
15:51:09.0971 0688  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:51:09.0987 0688  FDResPub - ok
15:51:09.0987 0688  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:51:09.0987 0688  FileInfo - ok
15:51:10.0003 0688  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
15:51:10.0003 0688  Filetrace - ok
15:51:10.0003 0688  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:51:10.0003 0688  flpydisk - ok
15:51:10.0018 0688  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:51:10.0018 0688  FltMgr - ok
15:51:10.0049 0688  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
15:51:10.0081 0688  FontCache - ok
15:51:10.0112 0688  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:51:10.0159 0688  FontCache3.0.0.0 - ok
15:51:10.0190 0688  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
15:51:10.0190 0688  FsDepends - ok
15:51:10.0221 0688  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:51:10.0221 0688  Fs_Rec - ok
15:51:10.0221 0688  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:51:10.0221 0688  fvevol - ok
15:51:10.0237 0688  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:51:10.0252 0688  gagp30kx - ok
15:51:10.0283 0688  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
15:51:10.0315 0688  gpsvc - ok
15:51:10.0330 0688  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:51:10.0330 0688  hcw85cir - ok
15:51:10.0346 0688  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:51:10.0346 0688  HDAudBus - ok
15:51:10.0361 0688  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
15:51:10.0361 0688  HidBatt - ok
15:51:10.0377 0688  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:51:10.0377 0688  HidBth - ok
15:51:10.0393 0688  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\drivers\hidir.sys
15:51:10.0393 0688  HidIr - ok
15:51:10.0408 0688  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
15:51:10.0408 0688  hidserv - ok
15:51:10.0424 0688  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:51:10.0424 0688  HidUsb - ok
15:51:10.0424 0688  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:51:10.0439 0688  hkmsvc - ok
15:51:10.0455 0688  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:51:10.0471 0688  HomeGroupListener - ok
15:51:10.0502 0688  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:51:10.0517 0688  HomeGroupProvider - ok
15:51:10.0533 0688  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:51:10.0533 0688  HpSAMD - ok
15:51:10.0549 0688  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:51:10.0564 0688  HTTP - ok
15:51:10.0564 0688  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:51:10.0564 0688  hwpolicy - ok
15:51:10.0564 0688  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:51:10.0564 0688  i8042prt - ok
15:51:10.0611 0688  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
15:51:10.0611 0688  iaStor - ok
15:51:10.0673 0688  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:51:10.0673 0688  IAStorDataMgrSvc - ok
15:51:10.0689 0688  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
15:51:10.0705 0688  iaStorV - ok
15:51:10.0751 0688  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:51:10.0798 0688  idsvc - ok
15:51:10.0985 0688  [ 33FAA40B288002C89529DBD14F3AB72C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:51:11.0141 0688  igfx - ok
15:51:11.0157 0688  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
15:51:11.0157 0688  iirsp - ok
15:51:11.0188 0688  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:51:11.0219 0688  IKEEXT - ok
15:51:11.0282 0688  [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:51:11.0329 0688  IntcAzAudAddService - ok
15:51:11.0344 0688  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:51:11.0344 0688  IntcDAud - ok
15:51:11.0360 0688  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:51:11.0360 0688  intelide - ok
15:51:11.0375 0688  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:51:11.0375 0688  intelppm - ok
15:51:11.0391 0688  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
15:51:11.0407 0688  IPBusEnum - ok
15:51:11.0422 0688  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:51:11.0422 0688  IpFilterDriver - ok
15:51:11.0469 0688  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:51:11.0485 0688  iphlpsvc - ok
15:51:11.0500 0688  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
15:51:11.0500 0688  IPMIDRV - ok
15:51:11.0516 0688  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
15:51:11.0516 0688  IPNAT - ok
15:51:11.0547 0688  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:51:11.0547 0688  IRENUM - ok
15:51:11.0563 0688  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:51:11.0563 0688  isapnp - ok
15:51:11.0578 0688  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:51:11.0594 0688  iScsiPrt - ok
15:51:11.0641 0688  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
15:51:11.0656 0688  k57nd60a - ok
15:51:11.0672 0688  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:51:11.0672 0688  kbdclass - ok
15:51:11.0703 0688  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:51:11.0703 0688  kbdhid - ok
15:51:11.0719 0688  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:51:11.0719 0688  KeyIso - ok
15:51:11.0750 0688  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:51:11.0750 0688  KSecDD - ok
15:51:11.0765 0688  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
15:51:11.0765 0688  KSecPkg - ok
15:51:11.0781 0688  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
15:51:11.0781 0688  ksthunk - ok
15:51:11.0797 0688  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
15:51:11.0812 0688  KtmRm - ok
15:51:11.0843 0688  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:51:11.0859 0688  LanmanServer - ok
15:51:11.0875 0688  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:51:11.0890 0688  LanmanWorkstation - ok
15:51:11.0906 0688  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:51:11.0921 0688  lltdio - ok
15:51:11.0937 0688  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
15:51:11.0937 0688  lltdsvc - ok
15:51:11.0953 0688  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
15:51:11.0968 0688  lmhosts - ok
15:51:11.0999 0688  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:51:11.0999 0688  LSI_FC - ok
15:51:12.0031 0688  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
15:51:12.0031 0688  LSI_SAS - ok
15:51:12.0046 0688  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:51:12.0046 0688  LSI_SAS2 - ok
15:51:12.0062 0688  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:51:12.0077 0688  LSI_SCSI - ok
15:51:12.0093 0688  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
15:51:12.0093 0688  luafv - ok
15:51:12.0109 0688  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
15:51:12.0109 0688  Mcx2Svc - ok
15:51:12.0124 0688  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\drivers\megasas.sys
15:51:12.0124 0688  megasas - ok
15:51:12.0155 0688  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:51:12.0155 0688  MegaSR - ok
15:51:12.0171 0688  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:51:12.0171 0688  MEIx64 - ok
15:51:12.0187 0688  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
15:51:12.0187 0688  MMCSS - ok
15:51:12.0202 0688  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
15:51:12.0202 0688  Modem - ok
15:51:12.0202 0688  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
15:51:12.0202 0688  monitor - ok
15:51:12.0233 0688  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:51:12.0233 0688  mouclass - ok
15:51:12.0249 0688  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:51:12.0249 0688  mouhid - ok
15:51:12.0249 0688  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:51:12.0249 0688  mountmgr - ok
15:51:12.0280 0688  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:51:12.0280 0688  mpio - ok
15:51:12.0296 0688  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:51:12.0296 0688  mpsdrv - ok
15:51:12.0327 0688  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:51:12.0343 0688  MpsSvc - ok
15:51:12.0358 0688  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:51:12.0358 0688  MRxDAV - ok
15:51:12.0389 0688  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:51:12.0389 0688  mrxsmb - ok
15:51:12.0389 0688  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:51:12.0405 0688  mrxsmb10 - ok
15:51:12.0405 0688  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:51:12.0421 0688  mrxsmb20 - ok
15:51:12.0421 0688  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:51:12.0421 0688  msahci - ok
15:51:12.0436 0688  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
15:51:12.0452 0688  msdsm - ok
15:51:12.0467 0688  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
15:51:12.0467 0688  MSDTC - ok
15:51:12.0483 0688  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:51:12.0499 0688  Msfs - ok
15:51:12.0499 0688  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
15:51:12.0499 0688  mshidkmdf - ok
15:51:12.0530 0688  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:51:12.0530 0688  msisadrv - ok
15:51:12.0545 0688  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
15:51:12.0561 0688  MSiSCSI - ok
15:51:12.0561 0688  msiserver - ok
15:51:12.0577 0688  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
15:51:12.0577 0688  MSKSSRV - ok
15:51:12.0592 0688  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:51:12.0592 0688  MSPCLOCK - ok
15:51:12.0608 0688  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
15:51:12.0608 0688  MSPQM - ok
15:51:12.0623 0688  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
15:51:12.0623 0688  MsRPC - ok
15:51:12.0639 0688  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:51:12.0639 0688  mssmbios - ok
15:51:12.0655 0688  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
15:51:12.0655 0688  MSTEE - ok
15:51:12.0670 0688  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:51:12.0670 0688  MTConfig - ok
15:51:12.0686 0688  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
15:51:12.0686 0688  Mup - ok
15:51:12.0701 0688  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:51:12.0717 0688  napagent - ok
15:51:12.0748 0688  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
15:51:12.0748 0688  NativeWifiP - ok
15:51:12.0811 0688  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:51:12.0811 0688  NDIS - ok
15:51:12.0826 0688  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
15:51:12.0826 0688  NdisCap - ok
15:51:12.0857 0688  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:51:12.0857 0688  NdisTapi - ok
15:51:12.0873 0688  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
15:51:12.0889 0688  Ndisuio - ok
15:51:12.0920 0688  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
15:51:12.0935 0688  NdisWan - ok
15:51:12.0935 0688  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
15:51:12.0951 0688  NDProxy - ok
15:51:12.0951 0688  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
15:51:12.0951 0688  NetBIOS - ok
15:51:12.0967 0688  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
15:51:12.0967 0688  NetBT - ok
15:51:12.0982 0688  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:51:12.0982 0688  Netlogon - ok
15:51:13.0013 0688  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:51:13.0013 0688  Netman - ok
15:51:13.0045 0688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:13.0091 0688  NetMsmqActivator - ok
15:51:13.0091 0688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:13.0091 0688  NetPipeActivator - ok
15:51:13.0123 0688  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:51:13.0138 0688  netprofm - ok
15:51:13.0154 0688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:13.0154 0688  NetTcpActivator - ok
15:51:13.0154 0688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:51:13.0154 0688  NetTcpPortSharing - ok
15:51:13.0185 0688  [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
15:51:13.0185 0688  netvsc - ok
15:51:13.0216 0688  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
15:51:13.0216 0688  nfrd960 - ok
15:51:13.0232 0688  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:51:13.0247 0688  NlaSvc - ok
15:51:13.0294 0688  [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd          C:\Windows\system32\drivers\ccdcmbx64.sys
15:51:13.0294 0688  nmwcd - ok
15:51:13.0325 0688  [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
15:51:13.0325 0688  nmwcdc - ok
15:51:13.0325 0688  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:51:13.0341 0688  Npfs - ok
15:51:13.0341 0688  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
15:51:13.0341 0688  nsi - ok
15:51:13.0357 0688  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:51:13.0357 0688  nsiproxy - ok
15:51:13.0450 0688  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:51:13.0481 0688  Ntfs - ok
15:51:13.0481 0688  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:51:13.0497 0688  Null - ok
15:51:13.0513 0688  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:51:13.0513 0688  nvraid - ok
15:51:13.0528 0688  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:51:13.0528 0688  nvstor - ok
15:51:13.0544 0688  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:51:13.0544 0688  nv_agp - ok
15:51:13.0559 0688  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:51:13.0559 0688  ohci1394 - ok
15:51:13.0653 0688  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:51:13.0684 0688  ose - ok
15:51:13.0825 0688  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:51:13.0934 0688  osppsvc - ok
15:51:13.0965 0688  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:51:13.0965 0688  p2pimsvc - ok
15:51:13.0981 0688  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:51:13.0996 0688  p2psvc - ok
15:51:14.0012 0688  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\drivers\parport.sys
15:51:14.0012 0688  Parport - ok
15:51:14.0043 0688  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
15:51:14.0043 0688  partmgr - ok
15:51:14.0059 0688  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:51:14.0074 0688  PcaSvc - ok
15:51:14.0137 0688  [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
15:51:14.0152 0688  PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:51:14.0168 0688  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
15:51:14.0168 0688  pci - ok
15:51:14.0199 0688  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:51:14.0199 0688  pciide - ok
15:51:14.0215 0688  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:51:14.0215 0688  pcmcia - ok
15:51:14.0246 0688  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
15:51:14.0246 0688  pcw - ok
15:51:14.0261 0688  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:51:14.0261 0688  PEAUTH - ok
15:51:14.0308 0688  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
15:51:14.0339 0688  PeerDistSvc - ok
15:51:14.0386 0688  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:51:14.0402 0688  PerfHost - ok
15:51:14.0464 0688  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
15:51:14.0542 0688  pla - ok
15:51:14.0573 0688  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:51:14.0589 0688  PlugPlay - ok
15:51:14.0605 0688  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
15:51:14.0605 0688  PNRPAutoReg - ok
15:51:14.0620 0688  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
15:51:14.0620 0688  PNRPsvc - ok
15:51:14.0683 0688  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
15:51:14.0683 0688  PolicyAgent - ok
15:51:14.0714 0688  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power          C:\Windows\system32\umpo.dll
15:51:14.0714 0688  Power - ok
15:51:14.0745 0688  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:51:14.0745 0688  PptpMiniport - ok
15:51:14.0761 0688  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\drivers\processr.sys
15:51:14.0761 0688  Processor - ok
15:51:14.0839 0688  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
15:51:14.0854 0688  ProfSvc - ok
15:51:14.0870 0688  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:51:14.0870 0688  ProtectedStorage - ok
15:51:14.0901 0688  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:51:14.0901 0688  Psched - ok
15:51:14.0932 0688  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:51:14.0932 0688  PxHlpa64 - ok
15:51:14.0995 0688  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:51:15.0026 0688  ql2300 - ok
15:51:15.0026 0688  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:51:15.0026 0688  ql40xx - ok
15:51:15.0041 0688  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
15:51:15.0057 0688  QWAVE - ok
15:51:15.0073 0688  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:51:15.0073 0688  QWAVEdrv - ok
15:51:15.0088 0688  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:51:15.0088 0688  RasAcd - ok
15:51:15.0119 0688  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
15:51:15.0119 0688  RasAgileVpn - ok
15:51:15.0135 0688  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
15:51:15.0135 0688  RasAuto - ok
15:51:15.0151 0688  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
15:51:15.0151 0688  Rasl2tp - ok
15:51:15.0182 0688  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:51:15.0197 0688  RasMan - ok
15:51:15.0213 0688  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:51:15.0213 0688  RasPppoe - ok
15:51:15.0213 0688  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
15:51:15.0229 0688  RasSstp - ok
15:51:15.0229 0688  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
15:51:15.0244 0688  rdbss - ok
15:51:15.0244 0688  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:51:15.0244 0688  rdpbus - ok
15:51:15.0275 0688  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:51:15.0275 0688  RDPCDD - ok
15:51:15.0307 0688  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
15:51:15.0307 0688  RDPDR - ok
15:51:15.0322 0688  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:51:15.0322 0688  RDPENCDD - ok
15:51:15.0322 0688  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:51:15.0338 0688  RDPREFMP - ok
15:51:15.0369 0688  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
15:51:15.0369 0688  RDPWD - ok
15:51:15.0400 0688  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:51:15.0400 0688  rdyboost - ok
15:51:15.0400 0688  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:51:15.0416 0688  RemoteAccess - ok
15:51:15.0431 0688  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:51:15.0431 0688  RemoteRegistry - ok
15:51:15.0712 0688  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:51:15.0806 0688  RoxMediaDB12OEM - ok
15:51:15.0853 0688  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:51:15.0853 0688  RoxWatch12 - ok
15:51:15.0868 0688  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:51:15.0884 0688  RpcEptMapper - ok
15:51:15.0899 0688  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:51:15.0915 0688  RpcLocator - ok
15:51:15.0915 0688  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
15:51:15.0931 0688  RpcSs - ok
15:51:15.0946 0688  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:51:15.0946 0688  rspndr - ok
15:51:15.0962 0688  [ E60C0A09F997826C7627B244195AB581 ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
15:51:15.0962 0688  s3cap - ok
15:51:15.0977 0688  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
15:51:15.0977 0688  SamSs - ok
15:51:15.0993 0688  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:51:15.0993 0688  sbp2port - ok
15:51:16.0009 0688  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:51:16.0024 0688  SCardSvr - ok
15:51:16.0040 0688  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:51:16.0040 0688  scfilter - ok
15:51:16.0071 0688  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:51:16.0071 0688  Schedule - ok
15:51:16.0102 0688  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
15:51:16.0102 0688  SCPolicySvc - ok
15:51:16.0118 0688  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:51:16.0118 0688  SDRSVC - ok
15:51:16.0133 0688  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:51:16.0133 0688  secdrv - ok
15:51:16.0149 0688  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:51:16.0149 0688  seclogon - ok
15:51:16.0180 0688  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:51:16.0180 0688  SENS - ok
15:51:16.0196 0688  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:51:16.0196 0688  SensrSvc - ok
15:51:16.0211 0688  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\drivers\serenum.sys
15:51:16.0211 0688  Serenum - ok
15:51:16.0227 0688  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
15:51:16.0227 0688  Serial - ok
15:51:16.0258 0688  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:51:16.0258 0688  sermouse - ok
15:51:16.0274 0688  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:51:16.0289 0688  SessionEnv - ok
15:51:16.0289 0688  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
15:51:16.0289 0688  sffdisk - ok
15:51:16.0305 0688  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:51:16.0305 0688  sffp_mmc - ok
15:51:16.0305 0688  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
15:51:16.0305 0688  sffp_sd - ok
15:51:16.0305 0688  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
15:51:16.0305 0688  sfloppy - ok
15:51:16.0367 0688  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:51:16.0461 0688  SftService - ok
15:51:16.0477 0688  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:51:16.0492 0688  SharedAccess - ok
15:51:16.0523 0688  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:51:16.0523 0688  ShellHWDetection - ok
15:51:16.0539 0688  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:51:16.0539 0688  SiSRaid2 - ok
15:51:16.0570 0688  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:51:16.0570 0688  SiSRaid4 - ok
15:51:16.0586 0688  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
15:51:16.0586 0688  Smb - ok
15:51:16.0601 0688  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:51:16.0617 0688  SNMPTRAP - ok
15:51:16.0617 0688  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
15:51:16.0617 0688  spldr - ok
15:51:16.0648 0688  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
15:51:16.0664 0688  Spooler - ok
15:51:16.0913 0688  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:51:16.0960 0688  sppsvc - ok
15:51:16.0976 0688  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
15:51:16.0991 0688  sppuinotify - ok
15:51:17.0038 0688  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
15:51:17.0038 0688  srv - ok
15:51:17.0054 0688  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:51:17.0054 0688  srv2 - ok
15:51:17.0069 0688  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:51:17.0069 0688  srvnet - ok
15:51:17.0085 0688  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
15:51:17.0101 0688  SSDPSRV - ok
15:51:17.0116 0688  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
15:51:17.0116 0688  SstpSvc - ok
15:51:17.0132 0688  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:51:17.0132 0688  stexstor - ok
15:51:17.0147 0688  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:51:17.0163 0688  stisvc - ok
15:51:17.0194 0688  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:51:17.0225 0688  stllssvr - ok
15:51:17.0257 0688  [ C40841817EF57D491F22EB103DA587CC ] StorSvc        C:\Windows\system32\storsvc.dll
15:51:17.0257 0688  StorSvc - ok
15:51:17.0272 0688  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc        C:\Windows\system32\drivers\storvsc.sys
15:51:17.0288 0688  storvsc - ok
15:51:17.0303 0688  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:51:17.0303 0688  swenum - ok
15:51:17.0350 0688  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard    C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:51:17.0397 0688  SwitchBoard - ok
15:51:17.0459 0688  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
15:51:17.0475 0688  swprv - ok
15:51:17.0491 0688  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
15:51:17.0491 0688  SynthVid - ok
15:51:17.0522 0688  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
15:51:17.0553 0688  SysMain - ok
15:51:17.0569 0688  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:51:17.0569 0688  TabletInputService - ok
15:51:17.0584 0688  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
15:51:17.0584 0688  TapiSrv - ok
15:51:17.0600 0688  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
15:51:17.0600 0688  TBS - ok
15:51:17.0662 0688  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
15:51:17.0693 0688  Tcpip - ok
15:51:17.0725 0688  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:51:17.0740 0688  TCPIP6 - ok
15:51:17.0771 0688  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:51:17.0787 0688  tcpipreg - ok
15:51:17.0803 0688  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:51:17.0803 0688  TDPIPE - ok
15:51:17.0818 0688  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
15:51:17.0834 0688  TDTCP - ok
15:51:17.0849 0688  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
15:51:17.0849 0688  tdx - ok
15:51:17.0865 0688  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:51:17.0865 0688  TermDD - ok
15:51:17.0881 0688  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
15:51:17.0896 0688  TermService - ok
15:51:17.0896 0688  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:51:17.0912 0688  Themes - ok
15:51:17.0927 0688  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
15:51:17.0927 0688  THREADORDER - ok
15:51:17.0943 0688  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:51:17.0959 0688  TrkWks - ok
15:51:17.0990 0688  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:51:17.0990 0688  TrustedInstaller - ok
15:51:18.0005 0688  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:51:18.0021 0688  tssecsrv - ok
15:51:18.0021 0688  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:51:18.0037 0688  TsUsbFlt - ok
15:51:18.0052 0688  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
15:51:18.0052 0688  TsUsbGD - ok
15:51:18.0068 0688  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:51:18.0068 0688  tunnel - ok
15:51:18.0083 0688  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:51:18.0083 0688  uagp35 - ok
15:51:18.0099 0688  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:51:18.0115 0688  udfs - ok
15:51:18.0130 0688  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
15:51:18.0130 0688  UI0Detect - ok
15:51:18.0161 0688  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:51:18.0161 0688  uliagpkx - ok
15:51:18.0177 0688  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
15:51:18.0177 0688  umbus - ok
15:51:18.0193 0688  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:51:18.0193 0688  UmPass - ok
15:51:18.0208 0688  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
15:51:18.0224 0688  UmRdpService - ok
15:51:18.0255 0688  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:51:18.0255 0688  upnphost - ok
15:51:18.0302 0688  [ 4E93C8496359E97830C75AC36393654D ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:51:18.0302 0688  upperdev - ok
15:51:18.0302 0688  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
15:51:18.0302 0688  usbccgp - ok
15:51:18.0317 0688  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:51:18.0333 0688  usbcir - ok
15:51:18.0333 0688  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
15:51:18.0349 0688  usbehci - ok
15:51:18.0364 0688  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:51:18.0364 0688  usbhub - ok
15:51:18.0380 0688  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
15:51:18.0380 0688  usbohci - ok
15:51:18.0395 0688  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:51:18.0395 0688  usbprint - ok
15:51:18.0442 0688  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\drivers\usbser.sys
15:51:18.0442 0688  usbser - ok
15:51:18.0442 0688  [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:51:18.0442 0688  UsbserFilt - ok
15:51:18.0458 0688  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:51:18.0458 0688  USBSTOR - ok
15:51:18.0489 0688  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
15:51:18.0489 0688  usbuhci - ok
15:51:18.0505 0688  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
15:51:18.0520 0688  UxSms - ok
15:51:18.0614 0688  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:51:18.0614 0688  VaultSvc - ok
15:51:18.0614 0688  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:51:18.0614 0688  vdrvroot - ok
15:51:18.0676 0688  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
15:51:18.0723 0688  vds - ok
15:51:18.0754 0688  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
15:51:18.0754 0688  vga - ok
15:51:18.0770 0688  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
15:51:18.0785 0688  VgaSave - ok
15:51:18.0801 0688  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
15:51:18.0801 0688  vhdmp - ok
15:51:18.0817 0688  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:51:18.0817 0688  viaide - ok
15:51:18.0832 0688  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:51:18.0832 0688  VMBusHID - ok
15:51:18.0863 0688  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:51:18.0863 0688  volmgr - ok
15:51:18.0879 0688  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
15:51:18.0879 0688  volmgrx - ok
15:51:18.0895 0688  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
15:51:18.0910 0688  volsnap - ok
15:51:18.0926 0688  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
15:51:18.0926 0688  vsmraid - ok
15:51:18.0973 0688  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
15:51:19.0019 0688  VSS - ok
15:51:19.0035 0688  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:51:19.0051 0688  vwifibus - ok
15:51:19.0066 0688  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
15:51:19.0066 0688  W32Time - ok
15:51:19.0082 0688  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:51:19.0082 0688  WacomPen - ok
15:51:19.0097 0688  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:51:19.0097 0688  WANARP - ok
15:51:19.0113 0688  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:51:19.0113 0688  Wanarpv6 - ok
15:51:19.0160 0688  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
15:51:19.0207 0688  WatAdminSvc - ok
15:51:19.0253 0688  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:51:19.0285 0688  wbengine - ok
15:51:19.0300 0688  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:51:19.0316 0688  WbioSrvc - ok
15:51:19.0316 0688  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
15:51:19.0331 0688  wcncsvc - ok
15:51:19.0331 0688  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:51:19.0347 0688  WcsPlugInService - ok
15:51:19.0363 0688  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
15:51:19.0363 0688  Wd - ok
15:51:19.0394 0688  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:51:19.0394 0688  Wdf01000 - ok
15:51:19.0409 0688  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:51:19.0409 0688  WdiServiceHost - ok
15:51:19.0425 0688  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
15:51:19.0425 0688  WdiSystemHost - ok
15:51:19.0441 0688  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
15:51:19.0456 0688  WebClient - ok
15:51:19.0456 0688  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:51:19.0472 0688  Wecsvc - ok
15:51:19.0487 0688  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
15:51:19.0487 0688  wercplsupport - ok
15:51:19.0503 0688  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:51:19.0519 0688  WerSvc - ok
15:51:19.0534 0688  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:51:19.0534 0688  WfpLwf - ok
15:51:19.0565 0688  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr        C:\Windows\system32\DRIVERS\wimfltr.sys
15:51:19.0565 0688  WimFltr - ok
15:51:19.0581 0688  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:51:19.0581 0688  WIMMount - ok

sagdoch 01.03.2013 19:53
2.Teil

Code:

15:51:19.0597 0688  WinDefend - ok
15:51:19.0597 0688  WinHttpAutoProxySvc - ok
15:51:19.0659 0688  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
15:51:19.0659 0688  Winmgmt - ok
15:51:19.0706 0688  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
15:51:19.0753 0688  WinRM - ok
15:51:19.0846 0688  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:51:19.0846 0688  WinUsb - ok
15:51:19.0877 0688  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
15:51:19.0893 0688  Wlansvc - ok
15:51:19.0971 0688  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:51:19.0987 0688  wlcrasvc - ok
15:51:20.0096 0688  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:51:20.0174 0688  wlidsvc - ok
15:51:20.0205 0688  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
15:51:20.0205 0688  WmiAcpi - ok
15:51:20.0221 0688  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:51:20.0236 0688  wmiApSrv - ok
15:51:20.0267 0688  WMPNetworkSvc - ok
15:51:20.0283 0688  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:51:20.0283 0688  WPCSvc - ok
15:51:20.0299 0688  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:51:20.0299 0688  WPDBusEnum - ok
15:51:20.0314 0688  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
15:51:20.0314 0688  ws2ifsl - ok
15:51:20.0330 0688  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:51:20.0345 0688  wscsvc - ok
15:51:20.0345 0688  WSearch - ok
15:51:20.0439 0688  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:51:20.0486 0688  wuauserv - ok
15:51:20.0517 0688  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:51:20.0517 0688  WudfPf - ok
15:51:20.0548 0688  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:51:20.0548 0688  WUDFRd - ok
15:51:20.0548 0688  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
15:51:20.0564 0688  wudfsvc - ok
15:51:20.0579 0688  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
15:51:20.0595 0688  WwanSvc - ok
15:51:20.0595 0688  ================ Scan global ===============================
15:51:20.0626 0688  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:51:20.0657 0688  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:20.0673 0688  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:20.0689 0688  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:51:20.0704 0688  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:51:20.0704 0688  [Global] - ok
15:51:20.0704 0688  ================ Scan MBR ==================================
15:51:20.0720 0688  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:51:21.0094 0688  Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
15:51:21.0172 0688  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:51:21.0172 0688  \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:51:21.0172 0688  ================ Scan VBR ==================================
15:51:21.0219 0688  [ 53975848382FC36F3CB5D792F2563280 ] \Device\Harddisk0\DR0\Partition1
15:51:21.0219 0688  \Device\Harddisk0\DR0\Partition1 - ok
15:51:21.0266 0688  [ 21028167BC9C48551F4E7105EA9D9599 ] \Device\Harddisk0\DR0\Partition2
15:51:21.0266 0688  \Device\Harddisk0\DR0\Partition2 - ok
15:51:21.0266 0688  ============================================================
15:51:21.0266 0688  Scan finished
15:51:21.0266 0688  ============================================================
15:51:21.0266 4108  Detected object count: 1
15:51:21.0266 4108  Actual detected object count: 1
15:52:14.0306 4108  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
15:52:14.0306 4108  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
15:52:54.0799 0764  ============================================================
15:52:54.0799 0764  Scan started
15:52:54.0799 0764  Mode: Manual;
15:52:54.0799 0764  ============================================================
15:52:54.0923 0764  ================ Scan system memory ========================
15:52:54.0923 0764  System memory - ok
15:52:54.0923 0764  ================ Scan services =============================
15:52:55.0189 0764  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:52:55.0189 0764  1394ohci - ok
15:52:55.0204 0764  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:52:55.0204 0764  ACPI - ok
15:52:55.0220 0764  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
15:52:55.0220 0764  AcpiPmi - ok
15:52:55.0345 0764  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:52:55.0345 0764  AdobeARMservice - ok
15:52:55.0407 0764  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:52:55.0407 0764  AdobeFlashPlayerUpdateSvc - ok
15:52:55.0423 0764  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
15:52:55.0438 0764  adp94xx - ok
15:52:55.0438 0764  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
15:52:55.0438 0764  adpahci - ok
15:52:55.0454 0764  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
15:52:55.0454 0764  adpu320 - ok
15:52:55.0485 0764  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
15:52:55.0485 0764  AeLookupSvc - ok
15:52:55.0516 0764  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:52:55.0516 0764  AERTFilters - ok
15:52:55.0547 0764  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
15:52:55.0547 0764  AFD - ok
15:52:55.0563 0764  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:52:55.0563 0764  agp440 - ok
15:52:55.0579 0764  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
15:52:55.0579 0764  ALG - ok
15:52:55.0594 0764  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:52:55.0594 0764  aliide - ok
15:52:55.0594 0764  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:52:55.0594 0764  amdide - ok
15:52:55.0610 0764  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
15:52:55.0625 0764  AmdK8 - ok
15:52:55.0641 0764  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:52:55.0641 0764  AmdPPM - ok
15:52:55.0641 0764  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
15:52:55.0641 0764  amdsata - ok
15:52:55.0641 0764  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:52:55.0641 0764  amdsbs - ok
15:52:55.0657 0764  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
15:52:55.0657 0764  amdxata - ok
15:52:55.0703 0764  [ B73EB5109193A4BACE8520B79DD77B25 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
15:52:55.0703 0764  AntiVirMailService - ok
15:52:55.0735 0764  [ 44E76CC89F7E38B3C31F000A4E566856 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:52:55.0735 0764  AntiVirSchedulerService - ok
15:52:55.0766 0764  [ 3FE1CDD4DCF5D42DDBD6F1A3F83B5D3A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:52:55.0766 0764  AntiVirService - ok
15:52:55.0781 0764  [ 4B46FED191BEB6EAFED88DE90E97A7DB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:52:55.0781 0764  AntiVirWebService - ok
15:52:55.0797 0764  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
15:52:55.0797 0764  AppID - ok
15:52:55.0828 0764  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:52:55.0828 0764  AppIDSvc - ok
15:52:55.0828 0764  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
15:52:55.0828 0764  Appinfo - ok
15:52:55.0844 0764  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt        C:\Windows\System32\appmgmts.dll
15:52:55.0859 0764  AppMgmt - ok
15:52:55.0875 0764  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\drivers\arc.sys
15:52:55.0875 0764  arc - ok
15:52:55.0891 0764  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:52:55.0891 0764  arcsas - ok
15:52:55.0969 0764  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:52:55.0969 0764  aspnet_state - ok
15:52:55.0984 0764  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:52:55.0984 0764  AsyncMac - ok
15:52:56.0015 0764  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
15:52:56.0015 0764  atapi - ok
15:52:56.0062 0764  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:52:56.0062 0764  AudioEndpointBuilder - ok
15:52:56.0078 0764  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:52:56.0078 0764  AudioSrv - ok
15:52:56.0109 0764  [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:52:56.0125 0764  avgntflt - ok
15:52:56.0156 0764  [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:52:56.0156 0764  avipbb - ok
15:52:56.0187 0764  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:52:56.0187 0764  avkmgr - ok
15:52:56.0203 0764  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:52:56.0203 0764  AxInstSV - ok
15:52:56.0234 0764  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
15:52:56.0234 0764  b06bdrv - ok
15:52:56.0249 0764  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:52:56.0249 0764  b57nd60a - ok
15:52:56.0281 0764  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:52:56.0281 0764  BDESVC - ok
15:52:56.0296 0764  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:52:56.0296 0764  Beep - ok
15:52:56.0312 0764  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
15:52:56.0312 0764  BFE - ok
15:52:56.0343 0764  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:52:56.0343 0764  BITS - ok
15:52:56.0359 0764  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:52:56.0359 0764  blbdrive - ok
15:52:56.0374 0764  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:52:56.0374 0764  bowser - ok
15:52:56.0390 0764  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:52:56.0390 0764  BrFiltLo - ok
15:52:56.0390 0764  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:52:56.0390 0764  BrFiltUp - ok
15:52:56.0421 0764  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
15:52:56.0421 0764  Browser - ok
15:52:56.0437 0764  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
15:52:56.0437 0764  Brserid - ok
15:52:56.0452 0764  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:52:56.0452 0764  BrSerWdm - ok
15:52:56.0452 0764  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:52:56.0452 0764  BrUsbMdm - ok
15:52:56.0452 0764  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:52:56.0468 0764  BrUsbSer - ok
15:52:56.0468 0764  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:52:56.0468 0764  BTHMODEM - ok
15:52:56.0499 0764  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
15:52:56.0499 0764  bthserv - ok
15:52:56.0515 0764  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:52:56.0515 0764  cdfs - ok
15:52:56.0546 0764  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
15:52:56.0546 0764  cdrom - ok
15:52:56.0561 0764  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
15:52:56.0561 0764  CertPropSvc - ok
15:52:56.0577 0764  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
15:52:56.0577 0764  circlass - ok
15:52:56.0593 0764  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:52:56.0608 0764  CLFS - ok
15:52:56.0655 0764  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:52:56.0655 0764  clr_optimization_v2.0.50727_32 - ok
15:52:56.0686 0764  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:52:56.0686 0764  clr_optimization_v2.0.50727_64 - ok
15:52:56.0733 0764  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:52:56.0733 0764  clr_optimization_v4.0.30319_32 - ok
15:52:56.0749 0764  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:52:56.0749 0764  clr_optimization_v4.0.30319_64 - ok
15:52:56.0764 0764  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:52:56.0764 0764  CmBatt - ok
15:52:56.0780 0764  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:52:56.0780 0764  cmdide - ok
15:52:56.0811 0764  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
15:52:56.0827 0764  CNG - ok
15:52:56.0842 0764  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:52:56.0842 0764  Compbatt - ok
15:52:56.0858 0764  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:52:56.0858 0764  CompositeBus - ok
15:52:56.0858 0764  COMSysApp - ok
15:52:56.0873 0764  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
15:52:56.0873 0764  crcdisk - ok
15:52:56.0920 0764  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:52:56.0920 0764  CryptSvc - ok
15:52:56.0936 0764  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC            C:\Windows\system32\drivers\csc.sys
15:52:56.0951 0764  CSC - ok
15:52:56.0967 0764  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
15:52:56.0983 0764  CscService - ok
15:52:57.0014 0764  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:52:57.0014 0764  DcomLaunch - ok
15:52:57.0029 0764  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
15:52:57.0029 0764  defragsvc - ok
15:52:57.0061 0764  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:52:57.0061 0764  DfsC - ok
15:52:57.0107 0764  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:52:57.0107 0764  Dhcp - ok
15:52:57.0107 0764  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:52:57.0107 0764  discache - ok
15:52:57.0123 0764  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
15:52:57.0139 0764  Disk - ok
15:52:57.0154 0764  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
15:52:57.0170 0764  dmvsc - ok
15:52:57.0185 0764  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:52:57.0185 0764  Dnscache - ok
15:52:57.0201 0764  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
15:52:57.0201 0764  dot3svc - ok
15:52:57.0232 0764  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
15:52:57.0232 0764  DPS - ok
15:52:57.0248 0764  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
15:52:57.0263 0764  drmkaud - ok
15:52:57.0295 0764  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
15:52:57.0295 0764  DXGKrnl - ok
15:52:57.0326 0764  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
15:52:57.0326 0764  EapHost - ok
15:52:57.0388 0764  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\drivers\evbda.sys
15:52:57.0419 0764  ebdrv - ok
15:52:57.0435 0764  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
15:52:57.0435 0764  EFS - ok
15:52:57.0466 0764  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
15:52:57.0482 0764  ehRecvr - ok
15:52:57.0482 0764  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
15:52:57.0482 0764  ehSched - ok
15:52:57.0513 0764  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
15:52:57.0529 0764  elxstor - ok
15:52:57.0544 0764  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:52:57.0544 0764  ErrDev - ok
15:52:57.0560 0764  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
15:52:57.0575 0764  EventSystem - ok
15:52:57.0591 0764  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
15:52:57.0591 0764  exfat - ok
15:52:57.0607 0764  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
15:52:57.0607 0764  fastfat - ok
15:52:57.0638 0764  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
15:52:57.0638 0764  Fax - ok
15:52:57.0653 0764  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\drivers\fdc.sys
15:52:57.0669 0764  fdc - ok
15:52:57.0669 0764  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
15:52:57.0669 0764  fdPHost - ok
15:52:57.0685 0764  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:52:57.0685 0764  FDResPub - ok
15:52:57.0700 0764  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:52:57.0700 0764  FileInfo - ok
15:52:57.0700 0764  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
15:52:57.0700 0764  Filetrace - ok
15:52:57.0716 0764  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:52:57.0716 0764  flpydisk - ok
15:52:57.0731 0764  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:52:57.0731 0764  FltMgr - ok
15:52:57.0778 0764  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
15:52:57.0778 0764  FontCache - ok
15:52:57.0809 0764  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:52:57.0809 0764  FontCache3.0.0.0 - ok
15:52:57.0841 0764  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
15:52:57.0841 0764  FsDepends - ok
15:52:57.0856 0764  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:52:57.0856 0764  Fs_Rec - ok
15:52:57.0872 0764  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:52:57.0872 0764  fvevol - ok
15:52:57.0887 0764  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:52:57.0887 0764  gagp30kx - ok
15:52:57.0919 0764  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
15:52:57.0919 0764  gpsvc - ok
15:52:57.0934 0764  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:52:57.0934 0764  hcw85cir - ok
15:52:57.0950 0764  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:52:57.0965 0764  HDAudBus - ok
15:52:57.0981 0764  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
15:52:57.0981 0764  HidBatt - ok
15:52:57.0997 0764  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:52:57.0997 0764  HidBth - ok
15:52:58.0012 0764  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\drivers\hidir.sys
15:52:58.0012 0764  HidIr - ok
15:52:58.0028 0764  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
15:52:58.0028 0764  hidserv - ok
15:52:58.0043 0764  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:52:58.0043 0764  HidUsb - ok
15:52:58.0090 0764  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:52:58.0090 0764  hkmsvc - ok
15:52:58.0090 0764  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:52:58.0106 0764  HomeGroupListener - ok
15:52:58.0121 0764  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:52:58.0121 0764  HomeGroupProvider - ok
15:52:58.0137 0764  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:52:58.0137 0764  HpSAMD - ok
15:52:58.0168 0764  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:52:58.0168 0764  HTTP - ok
15:52:58.0199 0764  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:52:58.0199 0764  hwpolicy - ok
15:52:58.0199 0764  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:52:58.0215 0764  i8042prt - ok
15:52:58.0262 0764  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
15:52:58.0293 0764  iaStor - ok
15:52:58.0340 0764  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:52:58.0340 0764  IAStorDataMgrSvc - ok
15:52:58.0355 0764  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
15:52:58.0355 0764  iaStorV - ok
15:52:58.0418 0764  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:52:58.0418 0764  idsvc - ok
15:52:58.0605 0764  [ 33FAA40B288002C89529DBD14F3AB72C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:52:58.0777 0764  igfx - ok
15:52:58.0792 0764  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
15:52:58.0792 0764  iirsp - ok
15:52:58.0823 0764  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:52:58.0823 0764  IKEEXT - ok
15:52:58.0870 0764  [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:52:58.0901 0764  IntcAzAudAddService - ok
15:52:58.0933 0764  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:52:58.0933 0764  IntcDAud - ok
15:52:58.0948 0764  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:52:58.0948 0764  intelide - ok
15:52:58.0948 0764  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:52:58.0948 0764  intelppm - ok
15:52:58.0964 0764  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
15:52:58.0964 0764  IPBusEnum - ok
15:52:58.0979 0764  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:52:58.0979 0764  IpFilterDriver - ok
15:52:59.0042 0764  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:52:59.0042 0764  iphlpsvc - ok
15:52:59.0057 0764  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
15:52:59.0057 0764  IPMIDRV - ok
15:52:59.0073 0764  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
15:52:59.0073 0764  IPNAT - ok
15:52:59.0089 0764  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:52:59.0089 0764  IRENUM - ok
15:52:59.0104 0764  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:52:59.0104 0764  isapnp - ok
15:52:59.0120 0764  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:52:59.0120 0764  iScsiPrt - ok
15:52:59.0151 0764  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
15:52:59.0151 0764  k57nd60a - ok
15:52:59.0167 0764  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:52:59.0167 0764  kbdclass - ok
15:52:59.0182 0764  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:52:59.0182 0764  kbdhid - ok
15:52:59.0182 0764  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:52:59.0182 0764  KeyIso - ok
15:52:59.0229 0764  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:52:59.0229 0764  KSecDD - ok
15:52:59.0260 0764  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
15:52:59.0260 0764  KSecPkg - ok
15:52:59.0276 0764  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
15:52:59.0276 0764  ksthunk - ok
15:52:59.0307 0764  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
15:52:59.0307 0764  KtmRm - ok
15:52:59.0338 0764  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:52:59.0338 0764  LanmanServer - ok
15:52:59.0354 0764  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:52:59.0354 0764  LanmanWorkstation - ok
15:52:59.0369 0764  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:52:59.0369 0764  lltdio - ok
15:52:59.0401 0764  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
15:52:59.0401 0764  lltdsvc - ok
15:52:59.0416 0764  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
15:52:59.0416 0764  lmhosts - ok
15:52:59.0432 0764  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:52:59.0432 0764  LSI_FC - ok
15:52:59.0447 0764  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
15:52:59.0447 0764  LSI_SAS - ok
15:52:59.0463 0764  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:52:59.0463 0764  LSI_SAS2 - ok
15:52:59.0479 0764  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:52:59.0479 0764  LSI_SCSI - ok
15:52:59.0494 0764  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
15:52:59.0494 0764  luafv - ok
15:52:59.0525 0764  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
15:52:59.0525 0764  Mcx2Svc - ok
15:52:59.0525 0764  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\drivers\megasas.sys
15:52:59.0541 0764  megasas - ok
15:52:59.0541 0764  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:52:59.0541 0764  MegaSR - ok
15:52:59.0572 0764  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:52:59.0572 0764  MEIx64 - ok
15:52:59.0572 0764  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
15:52:59.0588 0764  MMCSS - ok
15:52:59.0588 0764  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
15:52:59.0588 0764  Modem - ok
15:52:59.0588 0764  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
15:52:59.0588 0764  monitor - ok
15:52:59.0603 0764  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:52:59.0603 0764  mouclass - ok
15:52:59.0619 0764  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:52:59.0619 0764  mouhid - ok
15:52:59.0619 0764  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:52:59.0619 0764  mountmgr - ok
15:52:59.0635 0764  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:52:59.0635 0764  mpio - ok
15:52:59.0650 0764  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:52:59.0650 0764  mpsdrv - ok
15:52:59.0681 0764  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:52:59.0681 0764  MpsSvc - ok
15:52:59.0697 0764  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:52:59.0697 0764  MRxDAV - ok
15:52:59.0713 0764  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:52:59.0713 0764  mrxsmb - ok
15:52:59.0744 0764  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:52:59.0744 0764  mrxsmb10 - ok
15:52:59.0759 0764  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:52:59.0759 0764  mrxsmb20 - ok
15:52:59.0775 0764  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:52:59.0775 0764  msahci - ok
15:52:59.0791 0764  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
15:52:59.0806 0764  msdsm - ok
15:52:59.0822 0764  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
15:52:59.0822 0764  MSDTC - ok
15:52:59.0837 0764  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:52:59.0837 0764  Msfs - ok
15:52:59.0853 0764  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
15:52:59.0853 0764  mshidkmdf - ok
15:52:59.0853 0764  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:52:59.0853 0764  msisadrv - ok
15:52:59.0884 0764  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
15:52:59.0884 0764  MSiSCSI - ok
15:52:59.0884 0764  msiserver - ok
15:52:59.0900 0764  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
15:52:59.0900 0764  MSKSSRV - ok
15:52:59.0900 0764  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:52:59.0900 0764  MSPCLOCK - ok
15:52:59.0915 0764  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
15:52:59.0915 0764  MSPQM - ok
15:52:59.0931 0764  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
15:52:59.0947 0764  MsRPC - ok
15:52:59.0947 0764  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:52:59.0947 0764  mssmbios - ok
15:52:59.0962 0764  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
15:52:59.0978 0764  MSTEE - ok
15:52:59.0978 0764  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:52:59.0978 0764  MTConfig - ok
15:53:00.0009 0764  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
15:53:00.0009 0764  Mup - ok
15:53:00.0040 0764  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:53:00.0040 0764  napagent - ok
15:53:00.0056 0764  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
15:53:00.0071 0764  NativeWifiP - ok
15:53:00.0118 0764  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:53:00.0134 0764  NDIS - ok
15:53:00.0149 0764  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
15:53:00.0149 0764  NdisCap - ok
15:53:00.0149 0764  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:53:00.0165 0764  NdisTapi - ok
15:53:00.0181 0764  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
15:53:00.0196 0764  Ndisuio - ok
15:53:00.0212 0764  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
15:53:00.0212 0764  NdisWan - ok
15:53:00.0243 0764  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
15:53:00.0243 0764  NDProxy - ok
15:53:00.0259 0764  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
15:53:00.0259 0764  NetBIOS - ok
15:53:00.0274 0764  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
15:53:00.0274 0764  NetBT - ok
15:53:00.0290 0764  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:53:00.0290 0764  Netlogon - ok
15:53:00.0337 0764  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:53:00.0383 0764  Netman - ok
15:53:00.0399 0764  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0399 0764  NetMsmqActivator - ok
15:53:00.0399 0764  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0399 0764  NetPipeActivator - ok
15:53:00.0415 0764  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:53:00.0415 0764  netprofm - ok
15:53:00.0430 0764  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0430 0764  NetTcpActivator - ok
15:53:00.0430 0764  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0430 0764  NetTcpPortSharing - ok
15:53:00.0446 0764  [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
15:53:00.0461 0764  netvsc - ok
15:53:00.0477 0764  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
15:53:00.0477 0764  nfrd960 - ok
15:53:00.0493 0764  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:53:00.0493 0764  NlaSvc - ok
15:53:00.0524 0764  [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd          C:\Windows\system32\drivers\ccdcmbx64.sys
15:53:00.0524 0764  nmwcd - ok
15:53:00.0539 0764  [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
15:53:00.0539 0764  nmwcdc - ok
15:53:00.0555 0764  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:53:00.0555 0764  Npfs - ok
15:53:00.0586 0764  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
15:53:00.0586 0764  nsi - ok
15:53:00.0586 0764  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:53:00.0586 0764  nsiproxy - ok
15:53:00.0649 0764  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:53:00.0680 0764  Ntfs - ok
15:53:00.0695 0764  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:53:00.0695 0764  Null - ok
15:53:00.0711 0764  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:53:00.0711 0764  nvraid - ok
15:53:00.0727 0764  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:53:00.0727 0764  nvstor - ok
15:53:00.0742 0764  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:53:00.0742 0764  nv_agp - ok
15:53:00.0758 0764  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:53:00.0773 0764  ohci1394 - ok
15:53:00.0836 0764  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:53:00.0836 0764  ose - ok
15:53:00.0961 0764  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:53:00.0976 0764  osppsvc - ok
15:53:01.0007 0764  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:53:01.0023 0764  p2pimsvc - ok
15:53:01.0039 0764  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:53:01.0039 0764  p2psvc - ok
15:53:01.0054 0764  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\drivers\parport.sys
15:53:01.0054 0764  Parport - ok
15:53:01.0085 0764  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
15:53:01.0085 0764  partmgr - ok
15:53:01.0117 0764  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:53:01.0117 0764  PcaSvc - ok
15:53:01.0226 0764  [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
15:53:01.0226 0764  PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:53:01.0257 0764  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
15:53:01.0257 0764  pci - ok
15:53:01.0273 0764  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:53:01.0273 0764  pciide - ok
15:53:01.0288 0764  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:53:01.0288 0764  pcmcia - ok
15:53:01.0304 0764  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
15:53:01.0304 0764  pcw - ok
15:53:01.0319 0764  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:53:01.0335 0764  PEAUTH - ok
15:53:01.0382 0764  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
15:53:01.0397 0764  PeerDistSvc - ok
15:53:01.0460 0764  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:53:01.0460 0764  PerfHost - ok
15:53:01.0491 0764  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
15:53:01.0507 0764  pla - ok
15:53:01.0538 0764  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:53:01.0538 0764  PlugPlay - ok
15:53:01.0553 0764  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
15:53:01.0553 0764  PNRPAutoReg - ok
15:53:01.0569 0764  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
15:53:01.0569 0764  PNRPsvc - ok
15:53:01.0600 0764  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
15:53:01.0616 0764  PolicyAgent - ok
15:53:01.0631 0764  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power          C:\Windows\system32\umpo.dll
15:53:01.0631 0764  Power - ok
15:53:01.0647 0764  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:53:01.0647 0764  PptpMiniport - ok
15:53:01.0663 0764  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\drivers\processr.sys
15:53:01.0663 0764  Processor - ok
15:53:01.0694 0764  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
15:53:01.0694 0764  ProfSvc - ok
15:53:01.0709 0764  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:53:01.0709 0764  ProtectedStorage - ok
15:53:01.0725 0764  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:53:01.0725 0764  Psched - ok
15:53:01.0741 0764  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:53:01.0741 0764  PxHlpa64 - ok
15:53:01.0788 0764  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:53:01.0803 0764  ql2300 - ok
15:53:01.0803 0764  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:53:01.0803 0764  ql40xx - ok
15:53:01.0819 0764  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
15:53:01.0834 0764  QWAVE - ok
15:53:01.0834 0764  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:53:01.0834 0764  QWAVEdrv - ok
15:53:01.0866 0764  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:53:01.0866 0764  RasAcd - ok
15:53:01.0881 0764  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
15:53:01.0881 0764  RasAgileVpn - ok
15:53:01.0897 0764  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
15:53:01.0912 0764  RasAuto - ok
15:53:01.0912 0764  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
15:53:01.0928 0764  Rasl2tp - ok
15:53:01.0928 0764  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:53:01.0944 0764  RasMan - ok
15:53:01.0944 0764  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:53:01.0944 0764  RasPppoe - ok
15:53:01.0959 0764  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
15:53:01.0959 0764  RasSstp - ok
15:53:01.0975 0764  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
15:53:01.0975 0764  rdbss - ok
15:53:01.0990 0764  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:53:01.0990 0764  rdpbus - ok
15:53:01.0990 0764  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:53:01.0990 0764  RDPCDD - ok
15:53:02.0022 0764  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
15:53:02.0022 0764  RDPDR - ok
15:53:02.0037 0764  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:53:02.0037 0764  RDPENCDD - ok
15:53:02.0053 0764  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:53:02.0053 0764  RDPREFMP - ok
15:53:02.0084 0764  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
15:53:02.0084 0764  RDPWD - ok
15:53:02.0100 0764  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:53:02.0100 0764  rdyboost - ok
15:53:02.0115 0764  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:53:02.0115 0764  RemoteAccess - ok
15:53:02.0146 0764  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:53:02.0146 0764  RemoteRegistry - ok
15:53:02.0271 0764  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:53:02.0287 0764  RoxMediaDB12OEM - ok
15:53:02.0318 0764  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:53:02.0318 0764  RoxWatch12 - ok
15:53:02.0334 0764  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:53:02.0334 0764  RpcEptMapper - ok
15:53:02.0349 0764  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:53:02.0349 0764  RpcLocator - ok
15:53:02.0380 0764  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
15:53:02.0380 0764  RpcSs - ok
15:53:02.0396 0764  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:53:02.0396 0764  rspndr - ok
15:53:02.0412 0764  [ E60C0A09F997826C7627B244195AB581 ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
15:53:02.0412 0764  s3cap - ok
15:53:02.0443 0764  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
15:53:02.0443 0764  SamSs - ok
15:53:02.0458 0764  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:53:02.0474 0764  sbp2port - ok
15:53:02.0490 0764  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:53:02.0490 0764  SCardSvr - ok
15:53:02.0505 0764  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:53:02.0505 0764  scfilter - ok
15:53:02.0521 0764  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:53:02.0536 0764  Schedule - ok
15:53:02.0552 0764  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
15:53:02.0552 0764  SCPolicySvc - ok
15:53:02.0552 0764  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:53:02.0568 0764  SDRSVC - ok
15:53:02.0568 0764  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:53:02.0568 0764  secdrv - ok
15:53:02.0568 0764  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:53:02.0568 0764  seclogon - ok
15:53:02.0583 0764  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:53:02.0583 0764  SENS - ok
15:53:02.0583 0764  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:53:02.0599 0764  SensrSvc - ok
15:53:02.0599 0764  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\drivers\serenum.sys
15:53:02.0614 0764  Serenum - ok
15:53:02.0614 0764  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
15:53:02.0614 0764  Serial - ok
15:53:02.0630 0764  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:53:02.0630 0764  sermouse - ok
15:53:02.0661 0764  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:53:02.0661 0764  SessionEnv - ok
15:53:02.0661 0764  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
15:53:02.0661 0764  sffdisk - ok
15:53:02.0661 0764  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:53:02.0661 0764  sffp_mmc - ok
15:53:02.0677 0764  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
15:53:02.0677 0764  sffp_sd - ok
15:53:02.0677 0764  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
15:53:02.0677 0764  sfloppy - ok
15:53:02.0739 0764  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:53:02.0755 0764  SftService - ok
15:53:02.0770 0764  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:53:02.0786 0764  SharedAccess - ok
15:53:02.0802 0764  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:53:02.0802 0764  ShellHWDetection - ok
15:53:02.0817 0764  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:53:02.0817 0764  SiSRaid2 - ok
15:53:02.0833 0764  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:53:02.0833 0764  SiSRaid4 - ok
15:53:02.0848 0764  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
15:53:02.0848 0764  Smb - ok
15:53:02.0864 0764  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:53:02.0880 0764  SNMPTRAP - ok
15:53:02.0880 0764  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
15:53:02.0880 0764  spldr - ok
15:53:02.0942 0764  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
15:53:02.0942 0764  Spooler - ok
15:53:03.0004 0764  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:53:03.0067 0764  sppsvc - ok
15:53:03.0082 0764  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
15:53:03.0082 0764  sppuinotify - ok
15:53:03.0114 0764  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
15:53:03.0114 0764  srv - ok
15:53:03.0129 0764  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:53:03.0145 0764  srv2 - ok
15:53:03.0145 0764  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:53:03.0160 0764  srvnet - ok
15:53:03.0160 0764  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
15:53:03.0176 0764  SSDPSRV - ok
15:53:03.0176 0764  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
15:53:03.0176 0764  SstpSvc - ok
15:53:03.0207 0764  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:53:03.0207 0764  stexstor - ok
15:53:03.0238 0764  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:53:03.0238 0764  stisvc - ok
15:53:03.0301 0764  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:53:03.0301 0764  stllssvr - ok
15:53:03.0332 0764  [ C40841817EF57D491F22EB103DA587CC ] StorSvc        C:\Windows\system32\storsvc.dll
15:53:03.0332 0764  StorSvc - ok
15:53:03.0348 0764  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc        C:\Windows\system32\drivers\storvsc.sys
15:53:03.0348 0764  storvsc - ok
15:53:03.0348 0764  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:53:03.0348 0764  swenum - ok
15:53:03.0426 0764  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard    C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:53:03.0426 0764  SwitchBoard - ok
15:53:03.0441 0764  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
15:53:03.0457 0764  swprv - ok
15:53:03.0457 0764  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
15:53:03.0472 0764  SynthVid - ok
15:53:03.0535 0764  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
15:53:03.0566 0764  SysMain - ok
15:53:03.0582 0764  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:53:03.0582 0764  TabletInputService - ok
15:53:03.0597 0764  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
15:53:03.0597 0764  TapiSrv - ok
15:53:03.0613 0764  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
15:53:03.0613 0764  TBS - ok
15:53:03.0675 0764  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
15:53:03.0706 0764  Tcpip - ok
15:53:03.0753 0764  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:53:03.0753 0764  TCPIP6 - ok
15:53:03.0784 0764  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:53:03.0784 0764  tcpipreg - ok
15:53:03.0800 0764  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:53:03.0800 0764  TDPIPE - ok
15:53:03.0816 0764  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
15:53:03.0831 0764  TDTCP - ok
15:53:03.0847 0764  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
15:53:03.0847 0764  tdx - ok
15:53:03.0847 0764  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:53:03.0847 0764  TermDD - ok
15:53:03.0878 0764  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
15:53:03.0878 0764  TermService - ok
15:53:03.0894 0764  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:53:03.0894 0764  Themes - ok
15:53:03.0909 0764  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
15:53:03.0909 0764  THREADORDER - ok
15:53:03.0925 0764  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:53:03.0925 0764  TrkWks - ok
15:53:03.0972 0764  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:53:03.0972 0764  TrustedInstaller - ok
15:53:03.0987 0764  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:53:03.0987 0764  tssecsrv - ok
15:53:04.0003 0764  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:53:04.0003 0764  TsUsbFlt - ok
15:53:04.0018 0764  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
15:53:04.0018 0764  TsUsbGD - ok
15:53:04.0034 0764  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:53:04.0034 0764  tunnel - ok
15:53:04.0050 0764  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:53:04.0050 0764  uagp35 - ok
15:53:04.0065 0764  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:53:04.0065 0764  udfs - ok
15:53:04.0081 0764  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
15:53:04.0096 0764  UI0Detect - ok
15:53:04.0096 0764  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:53:04.0112 0764  uliagpkx - ok
15:53:04.0112 0764  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
15:53:04.0112 0764  umbus - ok
15:53:04.0128 0764  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:53:04.0143 0764  UmPass - ok
15:53:04.0159 0764  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
15:53:04.0159 0764  UmRdpService - ok
15:53:04.0174 0764  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:53:04.0190 0764  upnphost - ok
15:53:04.0206 0764  [ 4E93C8496359E97830C75AC36393654D ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:53:04.0206 0764  upperdev - ok
15:53:04.0237 0764  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
15:53:04.0237 0764  usbccgp - ok
15:53:04.0252 0764  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:53:04.0252 0764  usbcir - ok
15:53:04.0268 0764  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
15:53:04.0268 0764  usbehci - ok
15:53:04.0299 0764  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:53:04.0299 0764  usbhub - ok
15:53:04.0315 0764  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
15:53:04.0315 0764  usbohci - ok
15:53:04.0330 0764  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:53:04.0330 0764  usbprint - ok
15:53:04.0346 0764  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\drivers\usbser.sys
15:53:04.0346 0764  usbser - ok
15:53:04.0346 0764  [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:53:04.0346 0764  UsbserFilt - ok
15:53:04.0362 0764  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:53:04.0362 0764  USBSTOR - ok
15:53:04.0393 0764  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
15:53:04.0393 0764  usbuhci - ok
15:53:04.0440 0764  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
15:53:04.0440 0764  UxSms - ok
15:53:04.0440 0764  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:53:04.0455 0764  VaultSvc - ok
15:53:04.0455 0764  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:53:04.0455 0764  vdrvroot - ok
15:53:04.0471 0764  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
15:53:04.0471 0764  vds - ok
15:53:04.0518 0764  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
15:53:04.0533 0764  vga - ok
15:53:04.0549 0764  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
15:53:04.0549 0764  VgaSave - ok
15:53:04.0564 0764  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
15:53:04.0564 0764  vhdmp - ok
15:53:04.0580 0764  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:53:04.0580 0764  viaide - ok
15:53:04.0596 0764  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:53:04.0596 0764  VMBusHID - ok
15:53:04.0611 0764  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:53:04.0611 0764  volmgr - ok
15:53:04.0627 0764  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
15:53:04.0627 0764  volmgrx - ok
15:53:04.0642 0764  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
15:53:04.0658 0764  volsnap - ok
15:53:04.0674 0764  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
15:53:04.0674 0764  vsmraid - ok
15:53:04.0705 0764  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
15:53:04.0752 0764  VSS - ok
15:53:04.0767 0764  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:53:04.0767 0764  vwifibus - ok
15:53:04.0783 0764  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
15:53:04.0798 0764  W32Time - ok
15:53:04.0814 0764  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:53:04.0814 0764  WacomPen - ok
15:53:04.0830 0764  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:53:04.0830 0764  WANARP - ok
15:53:04.0830 0764  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:53:04.0830 0764  Wanarpv6 - ok
15:53:04.0876 0764  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
15:53:04.0892 0764  WatAdminSvc - ok
15:53:04.0908 0764  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:53:04.0923 0764  wbengine - ok
15:53:04.0939 0764  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:53:04.0939 0764  WbioSrvc - ok
15:53:04.0954 0764  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
15:53:04.0954 0764  wcncsvc - ok
15:53:04.0954 0764  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:53:04.0954 0764  WcsPlugInService - ok
15:53:04.0970 0764  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
15:53:04.0970 0764  Wd - ok
15:53:05.0001 0764  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:53:05.0001 0764  Wdf01000 - ok
15:53:05.0017 0764  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:53:05.0017 0764  WdiServiceHost - ok
15:53:05.0017 0764  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
15:53:05.0017 0764  WdiSystemHost - ok
15:53:05.0032 0764  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
15:53:05.0032 0764  WebClient - ok
15:53:05.0048 0764  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:53:05.0048 0764  Wecsvc - ok
15:53:05.0064 0764  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
15:53:05.0079 0764  wercplsupport - ok
15:53:05.0079 0764  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:53:05.0079 0764  WerSvc - ok
15:53:05.0095 0764  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:53:05.0095 0764  WfpLwf - ok
15:53:05.0110 0764  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr        C:\Windows\system32\DRIVERS\wimfltr.sys
15:53:05.0126 0764  WimFltr - ok
15:53:05.0142 0764  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:53:05.0142 0764  WIMMount - ok
15:53:05.0142 0764  WinDefend - ok
15:53:05.0142 0764  WinHttpAutoProxySvc - ok
15:53:05.0188 0764  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
15:53:05.0188 0764  Winmgmt - ok
15:53:05.0235 0764  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
15:53:05.0235 0764  WinRM - ok
15:53:05.0282 0764  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:53:05.0282 0764  WinUsb - ok
15:53:05.0298 0764  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
15:53:05.0313 0764  Wlansvc - ok
15:53:05.0391 0764  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:53:05.0391 0764  wlcrasvc - ok
15:53:05.0516 0764  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:53:05.0532 0764  wlidsvc - ok
15:53:05.0563 0764  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
15:53:05.0578 0764  WmiAcpi - ok
15:53:05.0610 0764  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:53:05.0610 0764  wmiApSrv - ok
15:53:05.0625 0764  WMPNetworkSvc - ok
15:53:05.0641 0764  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:53:05.0641 0764  WPCSvc - ok
15:53:05.0641 0764  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:53:05.0656 0764  WPDBusEnum - ok
15:53:05.0672 0764  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
15:53:05.0672 0764  ws2ifsl - ok
15:53:05.0688 0764  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:53:05.0688 0764  wscsvc - ok
15:53:05.0688 0764  WSearch - ok
15:53:05.0766 0764  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:53:05.0797 0764  wuauserv - ok
15:53:05.0828 0764  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:53:05.0844 0764  WudfPf - ok
15:53:05.0844 0764  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:53:05.0859 0764  WUDFRd - ok
15:53:05.0859 0764  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
15:53:05.0859 0764  wudfsvc - ok
15:53:05.0875 0764  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
15:53:05.0875 0764  WwanSvc - ok
15:53:05.0890 0764  ================ Scan global ===============================
15:53:05.0906 0764  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:53:05.0953 0764  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:05.0953 0764  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:05.0968 0764  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:53:06.0000 0764  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:53:06.0000 0764  [Global] - ok
15:53:06.0000 0764  ================ Scan MBR ==================================
15:53:06.0015 0764  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:53:06.0280 0764  Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
15:53:06.0343 0764  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:53:06.0343 0764  \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:53:06.0343 0764  ================ Scan VBR ==================================
15:53:06.0374 0764  [ 53975848382FC36F3CB5D792F2563280 ] \Device\Harddisk0\DR0\Partition1
15:53:06.0374 0764  \Device\Harddisk0\DR0\Partition1 - ok
15:53:06.0390 0764  [ 21028167BC9C48551F4E7105EA9D9599 ] \Device\Harddisk0\DR0\Partition2
15:53:06.0390 0764  \Device\Harddisk0\DR0\Partition2 - ok
15:53:06.0390 0764  ============================================================
15:53:06.0390 0764  Scan finished
15:53:06.0390 0764  ============================================================
15:53:06.0405 7100  Detected object count: 1
15:53:06.0405 7100  Actual detected object count: 1
15:53:42.0753 7100  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
15:53:42.0753 7100  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
15:53:47.0464 4724  Deinitialize success

sagdoch 01.03.2013 19:54
Rkill

Code:

15:51:19.0597 0688  WinDefend - ok
15:51:19.0597 0688  WinHttpAutoProxySvc - ok
15:51:19.0659 0688  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
15:51:19.0659 0688  Winmgmt - ok
15:51:19.0706 0688  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
15:51:19.0753 0688  WinRM - ok
15:51:19.0846 0688  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:51:19.0846 0688  WinUsb - ok
15:51:19.0877 0688  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
15:51:19.0893 0688  Wlansvc - ok
15:51:19.0971 0688  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:51:19.0987 0688  wlcrasvc - ok
15:51:20.0096 0688  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:51:20.0174 0688  wlidsvc - ok
15:51:20.0205 0688  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
15:51:20.0205 0688  WmiAcpi - ok
15:51:20.0221 0688  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:51:20.0236 0688  wmiApSrv - ok
15:51:20.0267 0688  WMPNetworkSvc - ok
15:51:20.0283 0688  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:51:20.0283 0688  WPCSvc - ok
15:51:20.0299 0688  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:51:20.0299 0688  WPDBusEnum - ok
15:51:20.0314 0688  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
15:51:20.0314 0688  ws2ifsl - ok
15:51:20.0330 0688  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:51:20.0345 0688  wscsvc - ok
15:51:20.0345 0688  WSearch - ok
15:51:20.0439 0688  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:51:20.0486 0688  wuauserv - ok
15:51:20.0517 0688  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:51:20.0517 0688  WudfPf - ok
15:51:20.0548 0688  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:51:20.0548 0688  WUDFRd - ok
15:51:20.0548 0688  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
15:51:20.0564 0688  wudfsvc - ok
15:51:20.0579 0688  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
15:51:20.0595 0688  WwanSvc - ok
15:51:20.0595 0688  ================ Scan global ===============================
15:51:20.0626 0688  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:51:20.0657 0688  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:20.0673 0688  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:51:20.0689 0688  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:51:20.0704 0688  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:51:20.0704 0688  [Global] - ok
15:51:20.0704 0688  ================ Scan MBR ==================================
15:51:20.0720 0688  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:51:21.0094 0688  Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
15:51:21.0172 0688  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:51:21.0172 0688  \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:51:21.0172 0688  ================ Scan VBR ==================================
15:51:21.0219 0688  [ 53975848382FC36F3CB5D792F2563280 ] \Device\Harddisk0\DR0\Partition1
15:51:21.0219 0688  \Device\Harddisk0\DR0\Partition1 - ok
15:51:21.0266 0688  [ 21028167BC9C48551F4E7105EA9D9599 ] \Device\Harddisk0\DR0\Partition2
15:51:21.0266 0688  \Device\Harddisk0\DR0\Partition2 - ok
15:51:21.0266 0688  ============================================================
15:51:21.0266 0688  Scan finished
15:51:21.0266 0688  ============================================================
15:51:21.0266 4108  Detected object count: 1
15:51:21.0266 4108  Actual detected object count: 1
15:52:14.0306 4108  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
15:52:14.0306 4108  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
15:52:54.0799 0764  ============================================================
15:52:54.0799 0764  Scan started
15:52:54.0799 0764  Mode: Manual;
15:52:54.0799 0764  ============================================================
15:52:54.0923 0764  ================ Scan system memory ========================
15:52:54.0923 0764  System memory - ok
15:52:54.0923 0764  ================ Scan services =============================
15:52:55.0189 0764  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:52:55.0189 0764  1394ohci - ok
15:52:55.0204 0764  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:52:55.0204 0764  ACPI - ok
15:52:55.0220 0764  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
15:52:55.0220 0764  AcpiPmi - ok
15:52:55.0345 0764  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:52:55.0345 0764  AdobeARMservice - ok
15:52:55.0407 0764  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:52:55.0407 0764  AdobeFlashPlayerUpdateSvc - ok
15:52:55.0423 0764  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
15:52:55.0438 0764  adp94xx - ok
15:52:55.0438 0764  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci        C:\Windows\system32\drivers\adpahci.sys
15:52:55.0438 0764  adpahci - ok
15:52:55.0454 0764  [ E109549C90F62FB570B9540C4B148E54 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
15:52:55.0454 0764  adpu320 - ok
15:52:55.0485 0764  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
15:52:55.0485 0764  AeLookupSvc - ok
15:52:55.0516 0764  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
15:52:55.0516 0764  AERTFilters - ok
15:52:55.0547 0764  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD            C:\Windows\system32\drivers\afd.sys
15:52:55.0547 0764  AFD - ok
15:52:55.0563 0764  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:52:55.0563 0764  agp440 - ok
15:52:55.0579 0764  [ 3290D6946B5E30E70414990574883DDB ] ALG            C:\Windows\System32\alg.exe
15:52:55.0579 0764  ALG - ok
15:52:55.0594 0764  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:52:55.0594 0764  aliide - ok
15:52:55.0594 0764  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:52:55.0594 0764  amdide - ok
15:52:55.0610 0764  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
15:52:55.0625 0764  AmdK8 - ok
15:52:55.0641 0764  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:52:55.0641 0764  AmdPPM - ok
15:52:55.0641 0764  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
15:52:55.0641 0764  amdsata - ok
15:52:55.0641 0764  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:52:55.0641 0764  amdsbs - ok
15:52:55.0657 0764  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
15:52:55.0657 0764  amdxata - ok
15:52:55.0703 0764  [ B73EB5109193A4BACE8520B79DD77B25 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
15:52:55.0703 0764  AntiVirMailService - ok
15:52:55.0735 0764  [ 44E76CC89F7E38B3C31F000A4E566856 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:52:55.0735 0764  AntiVirSchedulerService - ok
15:52:55.0766 0764  [ 3FE1CDD4DCF5D42DDBD6F1A3F83B5D3A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:52:55.0766 0764  AntiVirService - ok
15:52:55.0781 0764  [ 4B46FED191BEB6EAFED88DE90E97A7DB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:52:55.0781 0764  AntiVirWebService - ok
15:52:55.0797 0764  [ 89A69C3F2F319B43379399547526D952 ] AppID          C:\Windows\system32\drivers\appid.sys
15:52:55.0797 0764  AppID - ok
15:52:55.0828 0764  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:52:55.0828 0764  AppIDSvc - ok
15:52:55.0828 0764  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo        C:\Windows\System32\appinfo.dll
15:52:55.0828 0764  Appinfo - ok
15:52:55.0844 0764  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt        C:\Windows\System32\appmgmts.dll
15:52:55.0859 0764  AppMgmt - ok
15:52:55.0875 0764  [ C484F8CEB1717C540242531DB7845C4E ] arc            C:\Windows\system32\drivers\arc.sys
15:52:55.0875 0764  arc - ok
15:52:55.0891 0764  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:52:55.0891 0764  arcsas - ok
15:52:55.0969 0764  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:52:55.0969 0764  aspnet_state - ok
15:52:55.0984 0764  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:52:55.0984 0764  AsyncMac - ok
15:52:56.0015 0764  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi          C:\Windows\system32\drivers\atapi.sys
15:52:56.0015 0764  atapi - ok
15:52:56.0062 0764  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:52:56.0062 0764  AudioEndpointBuilder - ok
15:52:56.0078 0764  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:52:56.0078 0764  AudioSrv - ok
15:52:56.0109 0764  [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:52:56.0125 0764  avgntflt - ok
15:52:56.0156 0764  [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:52:56.0156 0764  avipbb - ok
15:52:56.0187 0764  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:52:56.0187 0764  avkmgr - ok
15:52:56.0203 0764  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:52:56.0203 0764  AxInstSV - ok
15:52:56.0234 0764  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
15:52:56.0234 0764  b06bdrv - ok
15:52:56.0249 0764  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:52:56.0249 0764  b57nd60a - ok
15:52:56.0281 0764  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:52:56.0281 0764  BDESVC - ok
15:52:56.0296 0764  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:52:56.0296 0764  Beep - ok
15:52:56.0312 0764  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE            C:\Windows\System32\bfe.dll
15:52:56.0312 0764  BFE - ok
15:52:56.0343 0764  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:52:56.0343 0764  BITS - ok
15:52:56.0359 0764  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:52:56.0359 0764  blbdrive - ok
15:52:56.0374 0764  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:52:56.0374 0764  bowser - ok
15:52:56.0390 0764  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:52:56.0390 0764  BrFiltLo - ok
15:52:56.0390 0764  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:52:56.0390 0764  BrFiltUp - ok
15:52:56.0421 0764  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser        C:\Windows\System32\browser.dll
15:52:56.0421 0764  Browser - ok
15:52:56.0437 0764  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
15:52:56.0437 0764  Brserid - ok
15:52:56.0452 0764  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:52:56.0452 0764  BrSerWdm - ok
15:52:56.0452 0764  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:52:56.0452 0764  BrUsbMdm - ok
15:52:56.0452 0764  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:52:56.0468 0764  BrUsbSer - ok
15:52:56.0468 0764  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:52:56.0468 0764  BTHMODEM - ok
15:52:56.0499 0764  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv        C:\Windows\system32\bthserv.dll
15:52:56.0499 0764  bthserv - ok
15:52:56.0515 0764  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:52:56.0515 0764  cdfs - ok
15:52:56.0546 0764  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
15:52:56.0546 0764  cdrom - ok
15:52:56.0561 0764  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc    C:\Windows\System32\certprop.dll
15:52:56.0561 0764  CertPropSvc - ok
15:52:56.0577 0764  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
15:52:56.0577 0764  circlass - ok
15:52:56.0593 0764  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:52:56.0608 0764  CLFS - ok
15:52:56.0655 0764  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:52:56.0655 0764  clr_optimization_v2.0.50727_32 - ok
15:52:56.0686 0764  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:52:56.0686 0764  clr_optimization_v2.0.50727_64 - ok
15:52:56.0733 0764  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:52:56.0733 0764  clr_optimization_v4.0.30319_32 - ok
15:52:56.0749 0764  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:52:56.0749 0764  clr_optimization_v4.0.30319_64 - ok
15:52:56.0764 0764  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:52:56.0764 0764  CmBatt - ok
15:52:56.0780 0764  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:52:56.0780 0764  cmdide - ok
15:52:56.0811 0764  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG            C:\Windows\system32\Drivers\cng.sys
15:52:56.0827 0764  CNG - ok
15:52:56.0842 0764  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:52:56.0842 0764  Compbatt - ok
15:52:56.0858 0764  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:52:56.0858 0764  CompositeBus - ok
15:52:56.0858 0764  COMSysApp - ok
15:52:56.0873 0764  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
15:52:56.0873 0764  crcdisk - ok
15:52:56.0920 0764  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:52:56.0920 0764  CryptSvc - ok
15:52:56.0936 0764  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC            C:\Windows\system32\drivers\csc.sys
15:52:56.0951 0764  CSC - ok
15:52:56.0967 0764  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
15:52:56.0983 0764  CscService - ok
15:52:57.0014 0764  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:52:57.0014 0764  DcomLaunch - ok
15:52:57.0029 0764  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc      C:\Windows\System32\defragsvc.dll
15:52:57.0029 0764  defragsvc - ok
15:52:57.0061 0764  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:52:57.0061 0764  DfsC - ok
15:52:57.0107 0764  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:52:57.0107 0764  Dhcp - ok
15:52:57.0107 0764  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:52:57.0107 0764  discache - ok
15:52:57.0123 0764  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
15:52:57.0139 0764  Disk - ok
15:52:57.0154 0764  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
15:52:57.0170 0764  dmvsc - ok
15:52:57.0185 0764  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:52:57.0185 0764  Dnscache - ok
15:52:57.0201 0764  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc        C:\Windows\System32\dot3svc.dll
15:52:57.0201 0764  dot3svc - ok
15:52:57.0232 0764  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS            C:\Windows\system32\dps.dll
15:52:57.0232 0764  DPS - ok
15:52:57.0248 0764  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
15:52:57.0263 0764  drmkaud - ok
15:52:57.0295 0764  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
15:52:57.0295 0764  DXGKrnl - ok
15:52:57.0326 0764  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost        C:\Windows\System32\eapsvc.dll
15:52:57.0326 0764  EapHost - ok
15:52:57.0388 0764  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv          C:\Windows\system32\drivers\evbda.sys
15:52:57.0419 0764  ebdrv - ok
15:52:57.0435 0764  [ C118A82CD78818C29AB228366EBF81C3 ] EFS            C:\Windows\System32\lsass.exe
15:52:57.0435 0764  EFS - ok
15:52:57.0466 0764  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
15:52:57.0482 0764  ehRecvr - ok
15:52:57.0482 0764  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched        C:\Windows\ehome\ehsched.exe
15:52:57.0482 0764  ehSched - ok
15:52:57.0513 0764  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
15:52:57.0529 0764  elxstor - ok
15:52:57.0544 0764  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:52:57.0544 0764  ErrDev - ok
15:52:57.0560 0764  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem    C:\Windows\system32\es.dll
15:52:57.0575 0764  EventSystem - ok
15:52:57.0591 0764  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat          C:\Windows\system32\drivers\exfat.sys
15:52:57.0591 0764  exfat - ok
15:52:57.0607 0764  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
15:52:57.0607 0764  fastfat - ok
15:52:57.0638 0764  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax            C:\Windows\system32\fxssvc.exe
15:52:57.0638 0764  Fax - ok
15:52:57.0653 0764  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc            C:\Windows\system32\drivers\fdc.sys
15:52:57.0669 0764  fdc - ok
15:52:57.0669 0764  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost        C:\Windows\system32\fdPHost.dll
15:52:57.0669 0764  fdPHost - ok
15:52:57.0685 0764  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:52:57.0685 0764  FDResPub - ok
15:52:57.0700 0764  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:52:57.0700 0764  FileInfo - ok
15:52:57.0700 0764  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
15:52:57.0700 0764  Filetrace - ok
15:52:57.0716 0764  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:52:57.0716 0764  flpydisk - ok
15:52:57.0731 0764  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:52:57.0731 0764  FltMgr - ok
15:52:57.0778 0764  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache      C:\Windows\system32\FntCache.dll
15:52:57.0778 0764  FontCache - ok
15:52:57.0809 0764  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:52:57.0809 0764  FontCache3.0.0.0 - ok
15:52:57.0841 0764  [ D43703496149971890703B4B1B723EAC ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
15:52:57.0841 0764  FsDepends - ok
15:52:57.0856 0764  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:52:57.0856 0764  Fs_Rec - ok
15:52:57.0872 0764  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:52:57.0872 0764  fvevol - ok
15:52:57.0887 0764  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:52:57.0887 0764  gagp30kx - ok
15:52:57.0919 0764  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc          C:\Windows\System32\gpsvc.dll
15:52:57.0919 0764  gpsvc - ok
15:52:57.0934 0764  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:52:57.0934 0764  hcw85cir - ok
15:52:57.0950 0764  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:52:57.0965 0764  HDAudBus - ok
15:52:57.0981 0764  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
15:52:57.0981 0764  HidBatt - ok
15:52:57.0997 0764  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:52:57.0997 0764  HidBth - ok
15:52:58.0012 0764  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr          C:\Windows\system32\drivers\hidir.sys
15:52:58.0012 0764  HidIr - ok
15:52:58.0028 0764  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv        C:\Windows\system32\hidserv.dll
15:52:58.0028 0764  hidserv - ok
15:52:58.0043 0764  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:52:58.0043 0764  HidUsb - ok
15:52:58.0090 0764  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:52:58.0090 0764  hkmsvc - ok
15:52:58.0090 0764  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:52:58.0106 0764  HomeGroupListener - ok
15:52:58.0121 0764  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:52:58.0121 0764  HomeGroupProvider - ok
15:52:58.0137 0764  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:52:58.0137 0764  HpSAMD - ok
15:52:58.0168 0764  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:52:58.0168 0764  HTTP - ok
15:52:58.0199 0764  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:52:58.0199 0764  hwpolicy - ok
15:52:58.0199 0764  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:52:58.0215 0764  i8042prt - ok
15:52:58.0262 0764  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
15:52:58.0293 0764  iaStor - ok
15:52:58.0340 0764  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:52:58.0340 0764  IAStorDataMgrSvc - ok
15:52:58.0355 0764  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
15:52:58.0355 0764  iaStorV - ok
15:52:58.0418 0764  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:52:58.0418 0764  idsvc - ok
15:52:58.0605 0764  [ 33FAA40B288002C89529DBD14F3AB72C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:52:58.0777 0764  igfx - ok
15:52:58.0792 0764  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
15:52:58.0792 0764  iirsp - ok
15:52:58.0823 0764  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:52:58.0823 0764  IKEEXT - ok
15:52:58.0870 0764  [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:52:58.0901 0764  IntcAzAudAddService - ok
15:52:58.0933 0764  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:52:58.0933 0764  IntcDAud - ok
15:52:58.0948 0764  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:52:58.0948 0764  intelide - ok
15:52:58.0948 0764  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:52:58.0948 0764  intelppm - ok
15:52:58.0964 0764  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
15:52:58.0964 0764  IPBusEnum - ok
15:52:58.0979 0764  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:52:58.0979 0764  IpFilterDriver - ok
15:52:59.0042 0764  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:52:59.0042 0764  iphlpsvc - ok
15:52:59.0057 0764  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
15:52:59.0057 0764  IPMIDRV - ok
15:52:59.0073 0764  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
15:52:59.0073 0764  IPNAT - ok
15:52:59.0089 0764  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:52:59.0089 0764  IRENUM - ok
15:52:59.0104 0764  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:52:59.0104 0764  isapnp - ok
15:52:59.0120 0764  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:52:59.0120 0764  iScsiPrt - ok
15:52:59.0151 0764  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
15:52:59.0151 0764  k57nd60a - ok
15:52:59.0167 0764  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:52:59.0167 0764  kbdclass - ok
15:52:59.0182 0764  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:52:59.0182 0764  kbdhid - ok
15:52:59.0182 0764  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:52:59.0182 0764  KeyIso - ok
15:52:59.0229 0764  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:52:59.0229 0764  KSecDD - ok
15:52:59.0260 0764  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
15:52:59.0260 0764  KSecPkg - ok
15:52:59.0276 0764  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
15:52:59.0276 0764  ksthunk - ok
15:52:59.0307 0764  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm          C:\Windows\system32\msdtckrm.dll
15:52:59.0307 0764  KtmRm - ok
15:52:59.0338 0764  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:52:59.0338 0764  LanmanServer - ok
15:52:59.0354 0764  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:52:59.0354 0764  LanmanWorkstation - ok
15:52:59.0369 0764  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:52:59.0369 0764  lltdio - ok
15:52:59.0401 0764  [ C1185803384AB3FEED115F79F109427F ] lltdsvc        C:\Windows\System32\lltdsvc.dll
15:52:59.0401 0764  lltdsvc - ok
15:52:59.0416 0764  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts        C:\Windows\System32\lmhsvc.dll
15:52:59.0416 0764  lmhosts - ok
15:52:59.0432 0764  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:52:59.0432 0764  LSI_FC - ok
15:52:59.0447 0764  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
15:52:59.0447 0764  LSI_SAS - ok
15:52:59.0463 0764  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:52:59.0463 0764  LSI_SAS2 - ok
15:52:59.0479 0764  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:52:59.0479 0764  LSI_SCSI - ok
15:52:59.0494 0764  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv          C:\Windows\system32\drivers\luafv.sys
15:52:59.0494 0764  luafv - ok
15:52:59.0525 0764  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
15:52:59.0525 0764  Mcx2Svc - ok
15:52:59.0525 0764  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas        C:\Windows\system32\drivers\megasas.sys
15:52:59.0541 0764  megasas - ok
15:52:59.0541 0764  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:52:59.0541 0764  MegaSR - ok
15:52:59.0572 0764  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:52:59.0572 0764  MEIx64 - ok
15:52:59.0572 0764  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS          C:\Windows\system32\mmcss.dll
15:52:59.0588 0764  MMCSS - ok
15:52:59.0588 0764  [ 800BA92F7010378B09F9ED9270F07137 ] Modem          C:\Windows\system32\drivers\modem.sys
15:52:59.0588 0764  Modem - ok
15:52:59.0588 0764  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
15:52:59.0588 0764  monitor - ok
15:52:59.0603 0764  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:52:59.0603 0764  mouclass - ok
15:52:59.0619 0764  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:52:59.0619 0764  mouhid - ok
15:52:59.0619 0764  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:52:59.0619 0764  mountmgr - ok
15:52:59.0635 0764  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:52:59.0635 0764  mpio - ok
15:52:59.0650 0764  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:52:59.0650 0764  mpsdrv - ok
15:52:59.0681 0764  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:52:59.0681 0764  MpsSvc - ok
15:52:59.0697 0764  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:52:59.0697 0764  MRxDAV - ok
15:52:59.0713 0764  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:52:59.0713 0764  mrxsmb - ok
15:52:59.0744 0764  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:52:59.0744 0764  mrxsmb10 - ok
15:52:59.0759 0764  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:52:59.0759 0764  mrxsmb20 - ok
15:52:59.0775 0764  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:52:59.0775 0764  msahci - ok
15:52:59.0791 0764  [ DB801A638D011B9633829EB6F663C900 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
15:52:59.0806 0764  msdsm - ok
15:52:59.0822 0764  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC          C:\Windows\System32\msdtc.exe
15:52:59.0822 0764  MSDTC - ok
15:52:59.0837 0764  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:52:59.0837 0764  Msfs - ok
15:52:59.0853 0764  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
15:52:59.0853 0764  mshidkmdf - ok
15:52:59.0853 0764  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:52:59.0853 0764  msisadrv - ok
15:52:59.0884 0764  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
15:52:59.0884 0764  MSiSCSI - ok
15:52:59.0884 0764  msiserver - ok
15:52:59.0900 0764  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
15:52:59.0900 0764  MSKSSRV - ok
15:52:59.0900 0764  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:52:59.0900 0764  MSPCLOCK - ok
15:52:59.0915 0764  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
15:52:59.0915 0764  MSPQM - ok
15:52:59.0931 0764  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
15:52:59.0947 0764  MsRPC - ok
15:52:59.0947 0764  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:52:59.0947 0764  mssmbios - ok
15:52:59.0962 0764  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
15:52:59.0978 0764  MSTEE - ok
15:52:59.0978 0764  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:52:59.0978 0764  MTConfig - ok
15:53:00.0009 0764  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup            C:\Windows\system32\Drivers\mup.sys
15:53:00.0009 0764  Mup - ok
15:53:00.0040 0764  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:53:00.0040 0764  napagent - ok
15:53:00.0056 0764  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
15:53:00.0071 0764  NativeWifiP - ok
15:53:00.0118 0764  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:53:00.0134 0764  NDIS - ok
15:53:00.0149 0764  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
15:53:00.0149 0764  NdisCap - ok
15:53:00.0149 0764  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:53:00.0165 0764  NdisTapi - ok
15:53:00.0181 0764  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
15:53:00.0196 0764  Ndisuio - ok
15:53:00.0212 0764  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
15:53:00.0212 0764  NdisWan - ok
15:53:00.0243 0764  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
15:53:00.0243 0764  NDProxy - ok
15:53:00.0259 0764  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
15:53:00.0259 0764  NetBIOS - ok
15:53:00.0274 0764  [ 09594D1089C523423B32A4229263F068 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
15:53:00.0274 0764  NetBT - ok
15:53:00.0290 0764  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:53:00.0290 0764  Netlogon - ok
15:53:00.0337 0764  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:53:00.0383 0764  Netman - ok
15:53:00.0399 0764  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0399 0764  NetMsmqActivator - ok
15:53:00.0399 0764  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0399 0764  NetPipeActivator - ok
15:53:00.0415 0764  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:53:00.0415 0764  netprofm - ok
15:53:00.0430 0764  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0430 0764  NetTcpActivator - ok
15:53:00.0430 0764  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:53:00.0430 0764  NetTcpPortSharing - ok
15:53:00.0446 0764  [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
15:53:00.0461 0764  netvsc - ok
15:53:00.0477 0764  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
15:53:00.0477 0764  nfrd960 - ok
15:53:00.0493 0764  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:53:00.0493 0764  NlaSvc - ok
15:53:00.0524 0764  [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd          C:\Windows\system32\drivers\ccdcmbx64.sys
15:53:00.0524 0764  nmwcd - ok
15:53:00.0539 0764  [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
15:53:00.0539 0764  nmwcdc - ok
15:53:00.0555 0764  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:53:00.0555 0764  Npfs - ok
15:53:00.0586 0764  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi            C:\Windows\system32\nsisvc.dll
15:53:00.0586 0764  nsi - ok
15:53:00.0586 0764  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:53:00.0586 0764  nsiproxy - ok
15:53:00.0649 0764  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:53:00.0680 0764  Ntfs - ok
15:53:00.0695 0764  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:53:00.0695 0764  Null - ok
15:53:00.0711 0764  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:53:00.0711 0764  nvraid - ok
15:53:00.0727 0764  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:53:00.0727 0764  nvstor - ok
15:53:00.0742 0764  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:53:00.0742 0764  nv_agp - ok
15:53:00.0758 0764  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:53:00.0773 0764  ohci1394 - ok
15:53:00.0836 0764  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:53:00.0836 0764  ose - ok
15:53:00.0961 0764  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:53:00.0976 0764  osppsvc - ok
15:53:01.0007 0764  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:53:01.0023 0764  p2pimsvc - ok
15:53:01.0039 0764  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:53:01.0039 0764  p2psvc - ok
15:53:01.0054 0764  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport        C:\Windows\system32\drivers\parport.sys
15:53:01.0054 0764  Parport - ok
15:53:01.0085 0764  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
15:53:01.0085 0764  partmgr - ok
15:53:01.0117 0764  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:53:01.0117 0764  PcaSvc - ok
15:53:01.0226 0764  [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
15:53:01.0226 0764  PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
15:53:01.0257 0764  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci            C:\Windows\system32\drivers\pci.sys
15:53:01.0257 0764  pci - ok
15:53:01.0273 0764  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:53:01.0273 0764  pciide - ok
15:53:01.0288 0764  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:53:01.0288 0764  pcmcia - ok
15:53:01.0304 0764  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw            C:\Windows\system32\drivers\pcw.sys
15:53:01.0304 0764  pcw - ok
15:53:01.0319 0764  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:53:01.0335 0764  PEAUTH - ok
15:53:01.0382 0764  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
15:53:01.0397 0764  PeerDistSvc - ok
15:53:01.0460 0764  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:53:01.0460 0764  PerfHost - ok
15:53:01.0491 0764  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla            C:\Windows\system32\pla.dll
15:53:01.0507 0764  pla - ok
15:53:01.0538 0764  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:53:01.0538 0764  PlugPlay - ok
15:53:01.0553 0764  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
15:53:01.0553 0764  PNRPAutoReg - ok
15:53:01.0569 0764  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
15:53:01.0569 0764  PNRPsvc - ok
15:53:01.0600 0764  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
15:53:01.0616 0764  PolicyAgent - ok
15:53:01.0631 0764  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power          C:\Windows\system32\umpo.dll
15:53:01.0631 0764  Power - ok
15:53:01.0647 0764  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:53:01.0647 0764  PptpMiniport - ok
15:53:01.0663 0764  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor      C:\Windows\system32\drivers\processr.sys
15:53:01.0663 0764  Processor - ok
15:53:01.0694 0764  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc        C:\Windows\system32\profsvc.dll
15:53:01.0694 0764  ProfSvc - ok
15:53:01.0709 0764  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:53:01.0709 0764  ProtectedStorage - ok
15:53:01.0725 0764  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:53:01.0725 0764  Psched - ok
15:53:01.0741 0764  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:53:01.0741 0764  PxHlpa64 - ok
15:53:01.0788 0764  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:53:01.0803 0764  ql2300 - ok
15:53:01.0803 0764  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:53:01.0803 0764  ql40xx - ok
15:53:01.0819 0764  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE          C:\Windows\system32\qwave.dll
15:53:01.0834 0764  QWAVE - ok
15:53:01.0834 0764  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:53:01.0834 0764  QWAVEdrv - ok
15:53:01.0866 0764  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:53:01.0866 0764  RasAcd - ok
15:53:01.0881 0764  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
15:53:01.0881 0764  RasAgileVpn - ok
15:53:01.0897 0764  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto        C:\Windows\System32\rasauto.dll
15:53:01.0912 0764  RasAuto - ok
15:53:01.0912 0764  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
15:53:01.0928 0764  Rasl2tp - ok
15:53:01.0928 0764  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:53:01.0944 0764  RasMan - ok
15:53:01.0944 0764  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:53:01.0944 0764  RasPppoe - ok
15:53:01.0959 0764  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
15:53:01.0959 0764  RasSstp - ok
15:53:01.0975 0764  [ 77F665941019A1594D887A74F301FA2F ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
15:53:01.0975 0764  rdbss - ok
15:53:01.0990 0764  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:53:01.0990 0764  rdpbus - ok
15:53:01.0990 0764  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:53:01.0990 0764  RDPCDD - ok
15:53:02.0022 0764  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
15:53:02.0022 0764  RDPDR - ok
15:53:02.0037 0764  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:53:02.0037 0764  RDPENCDD - ok
15:53:02.0053 0764  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:53:02.0053 0764  RDPREFMP - ok
15:53:02.0084 0764  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
15:53:02.0084 0764  RDPWD - ok
15:53:02.0100 0764  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:53:02.0100 0764  rdyboost - ok
15:53:02.0115 0764  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:53:02.0115 0764  RemoteAccess - ok
15:53:02.0146 0764  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:53:02.0146 0764  RemoteRegistry - ok
15:53:02.0271 0764  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:53:02.0287 0764  RoxMediaDB12OEM - ok
15:53:02.0318 0764  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:53:02.0318 0764  RoxWatch12 - ok
15:53:02.0334 0764  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:53:02.0334 0764  RpcEptMapper - ok
15:53:02.0349 0764  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:53:02.0349 0764  RpcLocator - ok
15:53:02.0380 0764  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs          C:\Windows\system32\rpcss.dll
15:53:02.0380 0764  RpcSs - ok
15:53:02.0396 0764  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:53:02.0396 0764  rspndr - ok
15:53:02.0412 0764  [ E60C0A09F997826C7627B244195AB581 ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
15:53:02.0412 0764  s3cap - ok
15:53:02.0443 0764  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs          C:\Windows\system32\lsass.exe
15:53:02.0443 0764  SamSs - ok
15:53:02.0458 0764  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:53:02.0474 0764  sbp2port - ok
15:53:02.0490 0764  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:53:02.0490 0764  SCardSvr - ok
15:53:02.0505 0764  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:53:02.0505 0764  scfilter - ok
15:53:02.0521 0764  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:53:02.0536 0764  Schedule - ok
15:53:02.0552 0764  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc    C:\Windows\System32\certprop.dll
15:53:02.0552 0764  SCPolicySvc - ok
15:53:02.0552 0764  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:53:02.0568 0764  SDRSVC - ok
15:53:02.0568 0764  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:53:02.0568 0764  secdrv - ok
15:53:02.0568 0764  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:53:02.0568 0764  seclogon - ok
15:53:02.0583 0764  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:53:02.0583 0764  SENS - ok
15:53:02.0583 0764  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:53:02.0599 0764  SensrSvc - ok
15:53:02.0599 0764  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum        C:\Windows\system32\drivers\serenum.sys
15:53:02.0614 0764  Serenum - ok
15:53:02.0614 0764  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
15:53:02.0614 0764  Serial - ok
15:53:02.0630 0764  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:53:02.0630 0764  sermouse - ok
15:53:02.0661 0764  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:53:02.0661 0764  SessionEnv - ok
15:53:02.0661 0764  [ A554811BCD09279536440C964AE35BBF ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
15:53:02.0661 0764  sffdisk - ok
15:53:02.0661 0764  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:53:02.0661 0764  sffp_mmc - ok
15:53:02.0677 0764  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
15:53:02.0677 0764  sffp_sd - ok
15:53:02.0677 0764  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
15:53:02.0677 0764  sfloppy - ok
15:53:02.0739 0764  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:53:02.0755 0764  SftService - ok
15:53:02.0770 0764  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:53:02.0786 0764  SharedAccess - ok
15:53:02.0802 0764  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:53:02.0802 0764  ShellHWDetection - ok
15:53:02.0817 0764  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:53:02.0817 0764  SiSRaid2 - ok
15:53:02.0833 0764  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:53:02.0833 0764  SiSRaid4 - ok
15:53:02.0848 0764  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
15:53:02.0848 0764  Smb - ok
15:53:02.0864 0764  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:53:02.0880 0764  SNMPTRAP - ok
15:53:02.0880 0764  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr          C:\Windows\system32\drivers\spldr.sys
15:53:02.0880 0764  spldr - ok
15:53:02.0942 0764  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler        C:\Windows\System32\spoolsv.exe
15:53:02.0942 0764  Spooler - ok
15:53:03.0004 0764  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:53:03.0067 0764  sppsvc - ok
15:53:03.0082 0764  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
15:53:03.0082 0764  sppuinotify - ok
15:53:03.0114 0764  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv            C:\Windows\system32\DRIVERS\srv.sys
15:53:03.0114 0764  srv - ok
15:53:03.0129 0764  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:53:03.0145 0764  srv2 - ok
15:53:03.0145 0764  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:53:03.0160 0764  srvnet - ok
15:53:03.0160 0764  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
15:53:03.0176 0764  SSDPSRV - ok
15:53:03.0176 0764  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc        C:\Windows\system32\sstpsvc.dll
15:53:03.0176 0764  SstpSvc - ok
15:53:03.0207 0764  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:53:03.0207 0764  stexstor - ok
15:53:03.0238 0764  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:53:03.0238 0764  stisvc - ok
15:53:03.0301 0764  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:53:03.0301 0764  stllssvr - ok
15:53:03.0332 0764  [ C40841817EF57D491F22EB103DA587CC ] StorSvc        C:\Windows\system32\storsvc.dll
15:53:03.0332 0764  StorSvc - ok
15:53:03.0348 0764  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc        C:\Windows\system32\drivers\storvsc.sys
15:53:03.0348 0764  storvsc - ok
15:53:03.0348 0764  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:53:03.0348 0764  swenum - ok
15:53:03.0426 0764  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard    C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:53:03.0426 0764  SwitchBoard - ok
15:53:03.0441 0764  [ E08E46FDD841B7184194011CA1955A0B ] swprv          C:\Windows\System32\swprv.dll
15:53:03.0457 0764  swprv - ok
15:53:03.0457 0764  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
15:53:03.0472 0764  SynthVid - ok
15:53:03.0535 0764  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain        C:\Windows\system32\sysmain.dll
15:53:03.0566 0764  SysMain - ok
15:53:03.0582 0764  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:53:03.0582 0764  TabletInputService - ok
15:53:03.0597 0764  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv        C:\Windows\System32\tapisrv.dll
15:53:03.0597 0764  TapiSrv - ok
15:53:03.0613 0764  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS            C:\Windows\System32\tbssvc.dll
15:53:03.0613 0764  TBS - ok
15:53:03.0675 0764  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
15:53:03.0706 0764  Tcpip - ok
15:53:03.0753 0764  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:53:03.0753 0764  TCPIP6 - ok
15:53:03.0784 0764  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:53:03.0784 0764  tcpipreg - ok
15:53:03.0800 0764  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:53:03.0800 0764  TDPIPE - ok
15:53:03.0816 0764  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
15:53:03.0831 0764  TDTCP - ok
15:53:03.0847 0764  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
15:53:03.0847 0764  tdx - ok
15:53:03.0847 0764  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:53:03.0847 0764  TermDD - ok
15:53:03.0878 0764  [ 2E648163254233755035B46DD7B89123 ] TermService    C:\Windows\System32\termsrv.dll
15:53:03.0878 0764  TermService - ok
15:53:03.0894 0764  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:53:03.0894 0764  Themes - ok
15:53:03.0909 0764  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER    C:\Windows\system32\mmcss.dll
15:53:03.0909 0764  THREADORDER - ok
15:53:03.0925 0764  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:53:03.0925 0764  TrkWks - ok
15:53:03.0972 0764  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:53:03.0972 0764  TrustedInstaller - ok
15:53:03.0987 0764  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:53:03.0987 0764  tssecsrv - ok
15:53:04.0003 0764  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:53:04.0003 0764  TsUsbFlt - ok
15:53:04.0018 0764  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
15:53:04.0018 0764  TsUsbGD - ok
15:53:04.0034 0764  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:53:04.0034 0764  tunnel - ok
15:53:04.0050 0764  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:53:04.0050 0764  uagp35 - ok
15:53:04.0065 0764  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:53:04.0065 0764  udfs - ok
15:53:04.0081 0764  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
15:53:04.0096 0764  UI0Detect - ok
15:53:04.0096 0764  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:53:04.0112 0764  uliagpkx - ok
15:53:04.0112 0764  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
15:53:04.0112 0764  umbus - ok
15:53:04.0128 0764  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:53:04.0143 0764  UmPass - ok
15:53:04.0159 0764  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
15:53:04.0159 0764  UmRdpService - ok
15:53:04.0174 0764  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:53:04.0190 0764  upnphost - ok
15:53:04.0206 0764  [ 4E93C8496359E97830C75AC36393654D ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:53:04.0206 0764  upperdev - ok
15:53:04.0237 0764  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
15:53:04.0237 0764  usbccgp - ok
15:53:04.0252 0764  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:53:04.0252 0764  usbcir - ok
15:53:04.0268 0764  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
15:53:04.0268 0764  usbehci - ok
15:53:04.0299 0764  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:53:04.0299 0764  usbhub - ok
15:53:04.0315 0764  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
15:53:04.0315 0764  usbohci - ok
15:53:04.0330 0764  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:53:04.0330 0764  usbprint - ok
15:53:04.0346 0764  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\drivers\usbser.sys
15:53:04.0346 0764  usbser - ok
15:53:04.0346 0764  [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:53:04.0346 0764  UsbserFilt - ok
15:53:04.0362 0764  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:53:04.0362 0764  USBSTOR - ok
15:53:04.0393 0764  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
15:53:04.0393 0764  usbuhci - ok
15:53:04.0440 0764  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms          C:\Windows\System32\uxsms.dll
15:53:04.0440 0764  UxSms - ok
15:53:04.0440 0764  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:53:04.0455 0764  VaultSvc - ok
15:53:04.0455 0764  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:53:04.0455 0764  vdrvroot - ok
15:53:04.0471 0764  [ 8D6B481601D01A456E75C3210F1830BE ] vds            C:\Windows\System32\vds.exe
15:53:04.0471 0764  vds - ok
15:53:04.0518 0764  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
15:53:04.0533 0764  vga - ok
15:53:04.0549 0764  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave        C:\Windows\System32\drivers\vga.sys
15:53:04.0549 0764  VgaSave - ok
15:53:04.0564 0764  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
15:53:04.0564 0764  vhdmp - ok
15:53:04.0580 0764  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:53:04.0580 0764  viaide - ok
15:53:04.0596 0764  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:53:04.0596 0764  VMBusHID - ok
15:53:04.0611 0764  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:53:04.0611 0764  volmgr - ok
15:53:04.0627 0764  [ A255814907C89BE58B79EF2F189B843B ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
15:53:04.0627 0764  volmgrx - ok
15:53:04.0642 0764  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
15:53:04.0658 0764  volsnap - ok
15:53:04.0674 0764  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
15:53:04.0674 0764  vsmraid - ok
15:53:04.0705 0764  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS            C:\Windows\system32\vssvc.exe
15:53:04.0752 0764  VSS - ok
15:53:04.0767 0764  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:53:04.0767 0764  vwifibus - ok
15:53:04.0783 0764  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time        C:\Windows\system32\w32time.dll
15:53:04.0798 0764  W32Time - ok
15:53:04.0814 0764  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:53:04.0814 0764  WacomPen - ok
15:53:04.0830 0764  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:53:04.0830 0764  WANARP - ok
15:53:04.0830 0764  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:53:04.0830 0764  Wanarpv6 - ok
15:53:04.0876 0764  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
15:53:04.0892 0764  WatAdminSvc - ok
15:53:04.0908 0764  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:53:04.0923 0764  wbengine - ok
15:53:04.0939 0764  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:53:04.0939 0764  WbioSrvc - ok
15:53:04.0954 0764  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc        C:\Windows\System32\wcncsvc.dll
15:53:04.0954 0764  wcncsvc - ok
15:53:04.0954 0764  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:53:04.0954 0764  WcsPlugInService - ok
15:53:04.0970 0764  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
15:53:04.0970 0764  Wd - ok
15:53:05.0001 0764  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:53:05.0001 0764  Wdf01000 - ok
15:53:05.0017 0764  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:53:05.0017 0764  WdiServiceHost - ok
15:53:05.0017 0764  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost  C:\Windows\system32\wdi.dll
15:53:05.0017 0764  WdiSystemHost - ok
15:53:05.0032 0764  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient      C:\Windows\System32\webclnt.dll
15:53:05.0032 0764  WebClient - ok
15:53:05.0048 0764  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:53:05.0048 0764  Wecsvc - ok
15:53:05.0064 0764  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
15:53:05.0079 0764  wercplsupport - ok
15:53:05.0079 0764  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:53:05.0079 0764  WerSvc - ok
15:53:05.0095 0764  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:53:05.0095 0764  WfpLwf - ok
15:53:05.0110 0764  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr        C:\Windows\system32\DRIVERS\wimfltr.sys
15:53:05.0126 0764  WimFltr - ok
15:53:05.0142 0764  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:53:05.0142 0764  WIMMount - ok
15:53:05.0142 0764  WinDefend - ok
15:53:05.0142 0764  WinHttpAutoProxySvc - ok
15:53:05.0188 0764  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
15:53:05.0188 0764  Winmgmt - ok
15:53:05.0235 0764  [ BCB1310604AA415C4508708975B3931E ] WinRM          C:\Windows\system32\WsmSvc.dll
15:53:05.0235 0764  WinRM - ok
15:53:05.0282 0764  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:53:05.0282 0764  WinUsb - ok
15:53:05.0298 0764  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc        C:\Windows\System32\wlansvc.dll
15:53:05.0313 0764  Wlansvc - ok
15:53:05.0391 0764  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:53:05.0391 0764  wlcrasvc - ok
15:53:05.0516 0764  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:53:05.0532 0764  wlidsvc - ok
15:53:05.0563 0764  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
15:53:05.0578 0764  WmiAcpi - ok
15:53:05.0610 0764  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:53:05.0610 0764  wmiApSrv - ok
15:53:05.0625 0764  WMPNetworkSvc - ok
15:53:05.0641 0764  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:53:05.0641 0764  WPCSvc - ok
15:53:05.0641 0764  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:53:05.0656 0764  WPDBusEnum - ok
15:53:05.0672 0764  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
15:53:05.0672 0764  ws2ifsl - ok
15:53:05.0688 0764  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:53:05.0688 0764  wscsvc - ok
15:53:05.0688 0764  WSearch - ok
15:53:05.0766 0764  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:53:05.0797 0764  wuauserv - ok
15:53:05.0828 0764  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:53:05.0844 0764  WudfPf - ok
15:53:05.0844 0764  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:53:05.0859 0764  WUDFRd - ok
15:53:05.0859 0764  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
15:53:05.0859 0764  wudfsvc - ok
15:53:05.0875 0764  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc        C:\Windows\System32\wwansvc.dll
15:53:05.0875 0764  WwanSvc - ok
15:53:05.0890 0764  ================ Scan global ===============================
15:53:05.0906 0764  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:53:05.0953 0764  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:05.0953 0764  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:53:05.0968 0764  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:53:06.0000 0764  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:53:06.0000 0764  [Global] - ok
15:53:06.0000 0764  ================ Scan MBR ==================================
15:53:06.0015 0764  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:53:06.0280 0764  Suspicious mbr (NoAccess): \Device\Harddisk0\DR0
15:53:06.0343 0764  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
15:53:06.0343 0764  \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
15:53:06.0343 0764  ================ Scan VBR ==================================
15:53:06.0374 0764  [ 53975848382FC36F3CB5D792F2563280 ] \Device\Harddisk0\DR0\Partition1
15:53:06.0374 0764  \Device\Harddisk0\DR0\Partition1 - ok
15:53:06.0390 0764  [ 21028167BC9C48551F4E7105EA9D9599 ] \Device\Harddisk0\DR0\Partition2
15:53:06.0390 0764  \Device\Harddisk0\DR0\Partition2 - ok
15:53:06.0390 0764  ============================================================
15:53:06.0390 0764  Scan finished
15:53:06.0390 0764  ============================================================
15:53:06.0405 7100  Detected object count: 1
15:53:06.0405 7100  Actual detected object count: 1
15:53:42.0753 7100  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
15:53:42.0753 7100  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
15:53:47.0464 4724  Deinitialize success


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:08 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19