RISOLTO log COMBOFIX

Pubblicità
intel9

intel9

Utente Attivo
Messaggi
54
Reazioni
0
Punteggio
26
Mi potreste controllare il log di COMBOFIX?


ComboFix 12-12-02.01 - Mirko 03/12/2012 15:53:14.5.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.39.1040.18.2959.1720 [GMT 1:00]
Eseguito da: c:\users\Mirko\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mirko\AppData\Local\Savings Sidekick
c:\users\Mirko\AppData\Local\Vid-Saver
c:\users\Mirko\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
.
.
((((((((((((((((((((((((( Files Creati Da 2012-11-03 al 2012-12-03 )))))))))))))))))))))))))))))))))))
.
.
2012-12-03 15:01 . 2012-12-03 15:03 -------- d-----w- c:\users\Mirko\AppData\Local\temp
2012-12-03 15:01 . 2012-12-03 15:01 -------- d-----w- c:\users\Utente\AppData\Local\temp
2012-12-03 15:01 . 2012-12-03 15:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-03 15:01 . 2012-12-03 15:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-30 13:24 . 2012-11-30 13:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-30 13:24 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-26 14:22 . 2012-11-26 14:23 -------- d-----w- c:\users\Mirko\AppData\Roaming\.minecraft
2012-11-24 14:51 . 2012-11-24 15:05 -------- d-----w- c:\users\Mirko\AppData\Local\Temporary Projects
2012-11-22 15:02 . 2012-11-22 15:03 -------- d-----w- c:\users\Mirko\AppData\Roaming\PerformerSoft
2012-11-22 15:02 . 2012-03-14 14:47 17464 ----a-w- c:\windows\system32\roboot.exe
2012-11-22 15:02 . 2012-11-22 15:04 -------- d-----w- c:\users\Mirko\AppData\Roaming\eType
2012-11-19 15:04 . 2012-11-19 15:04 -------- d-----w- c:\programdata\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
2012-11-16 13:00 . 2012-11-16 13:00 -------- d-----w- c:\program files\Eraser
2012-11-14 15:52 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 15:52 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 15:52 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 15:52 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 15:52 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 15:52 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 15:52 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 15:52 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 15:52 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 15:52 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 15:48 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-14 15:48 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-14 15:48 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-14 15:48 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-14 15:48 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-14 15:48 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-14 15:48 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-14 15:48 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-14 15:48 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-14 15:48 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 15:48 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-14 15:48 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-12 15:42 . 2012-11-17 14:53 -------- d-----w- c:\users\Mirko\AppData\Roaming\vlc
2012-11-11 11:32 . 2012-11-11 11:32 -------- d-----w- c:\users\Mirko\AppData\Local\PunkBuster
2012-11-11 10:57 . 2012-05-31 12:56 489048 ----a-w- c:\windows\system32\drivers\1718702drv.sys
2012-11-06 14:15 . 2012-11-06 14:16 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2012-11-06 14:15 . 2012-11-06 14:15 -------- d-----w- c:\program files\Microsoft SDKs
2012-11-06 13:36 . 2012-11-06 13:38 -------- d-----w- c:\program files\Notepad++
2012-11-06 13:36 . 2012-11-06 13:37 -------- d-----w- c:\users\Mirko\AppData\Roaming\Notepad++
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-03 15:02 . 2012-02-03 15:52 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2012-12-03 14:47 . 2012-12-03 14:47 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5088A485-4128-4E53-B0A8-C548F33A50E9}\offreg.dll
2012-11-13 16:26 . 2012-06-08 10:38 43608 ----a-w- c:\windows\system32\drivers\kltdi.sys
2012-11-11 11:32 . 2011-12-09 16:53 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-11-11 11:32 . 2011-12-09 16:53 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-11-09 17:11 . 2012-03-31 14:27 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-09 17:11 . 2012-01-30 12:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-08 18:00 . 2012-11-30 10:17 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5088A485-4128-4E53-B0A8-C548F33A50E9}\mpengine.dll
2012-10-31 16:12 . 2012-07-25 13:53 25944 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2012-10-31 16:12 . 2012-05-25 18:38 25944 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2012-10-29 10:16 . 2012-10-29 10:16 0 ----a-w- c:\windows\system32\sho5938.tmp
2012-10-27 09:24 . 2012-10-27 09:24 0 ----a-w- c:\windows\system32\sho893D.tmp
2012-10-25 09:37 . 2012-10-25 09:37 0 ----a-w- c:\windows\system32\shoB6B1.tmp
2012-10-24 09:23 . 2012-10-24 09:23 0 ----a-w- c:\windows\system32\shoCF5F.tmp
2012-10-21 16:55 . 2012-10-21 16:55 0 ----a-w- c:\windows\system32\sho5CFE.tmp
2012-10-17 13:17 . 2012-10-17 13:17 0 ----a-w- c:\windows\system32\sho8DDD.tmp
2012-10-16 07:39 . 2012-11-28 09:53 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 08:18 . 2012-10-10 08:18 0 ----a-w- c:\windows\system32\sho55BD.tmp
2012-10-06 12:10 . 2012-10-06 12:10 0 ----a-w- c:\windows\system32\shoB9AE.tmp
2012-10-04 13:30 . 2012-10-04 13:30 0 ----a-w- c:\windows\system32\shoF824.tmp
2012-09-28 16:45 . 2012-09-28 16:45 0 ----a-w- c:\windows\system32\sho4672.tmp
2012-09-25 08:24 . 2012-09-25 08:24 0 ----a-w- c:\windows\system32\sho56C.tmp
2012-09-24 21:16 . 2012-10-18 12:55 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-18 13:21 . 2012-09-18 13:21 0 ----a-w- c:\windows\system32\sho48B4.tmp
2012-09-15 18:32 . 2012-09-15 18:32 0 ----a-w- c:\windows\system32\shoD2AB.tmp
2012-09-15 06:17 . 2012-09-15 06:17 0 ----a-w- c:\windows\system32\sho6FB3.tmp
2012-09-14 18:28 . 2012-10-10 08:11 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 16:47 . 2012-09-14 16:47 0 ----a-w- c:\windows\system32\shoFEE8.tmp
2012-09-12 14:07 . 2012-09-12 14:07 58368 ----a-w- c:\windows\system32\sirenacm.dll
2012-09-12 13:57 . 2012-09-12 13:57 322048 ----a-w- c:\windows\WLXPGSS.SCR
2012-09-07 14:57 . 2012-09-07 14:57 0 ----a-w- c:\windows\system32\shoB828.tmp
2012-09-07 09:32 . 2012-09-07 09:32 12872 ----a-w- c:\windows\system32\bootdelete.exe
2012-12-01 19:36 . 2012-12-01 19:36 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-20 10:42 220632 ----a-w- c:\users\Mirko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-20 10:42 220632 ----a-w- c:\users\Mirko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-20 10:42 220632 ----a-w- c:\users\Mirko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 142616]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 177432]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 177944]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 3921552]
"FUFAXSTM"="c:\program files\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-02 847872]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-11-13 356376]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2012-05-22 980920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Ashampoo MouseTracer.lnk - c:\program files\Ashampoo\Ashampoo MouseTracer\MouseTracer.exe [2012-1-22 737184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKLM\~\startupfolder\C:^Users^Mirko^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ritaglio schermata e avvio di OneNote 2010.lnk]
path=c:\users\Mirko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2010.lnk
backup=c:\windows\pss\Ritaglio schermata e avvio di OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
2010-01-19 12:24 2499584 ----a-w- c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2012-09-12 14:07 4272640 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-05-18 17:34 880496 ------w- c:\program files\uTorrent\uTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Microsoft Default Manager"=c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 1718702drv;1718702drv;c:\windows\system32\DRIVERS\1718702drv.sys [x]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]
R3 DCamUSBET;ET USB 2760 Camera;c:\windows\system32\DRIVERS\etDevice.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS.exe [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 FiltUSBET;ET USB Device Lower Filter;c:\windows\system32\DRIVERS\etFilter.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [x]
R3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtVlan60.sys [x]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [x]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [x]
R3 ScanUSBET;ET USB Still Image Capture Device;c:\windows\system32\DRIVERS\etScan.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [x]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [x]
S1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [x]
S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [x]
S3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
GPSvcGroup REG_MULTI_SZ GPSvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-12-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 17:11]
.
2012-12-03 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2011-12-03 19:59]
.
2012-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-26 11:41]
.
2012-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-26 11:41]
.
2012-12-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233758680-2168297670-2217245264-1004Core.job
- c:\users\Mirko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-31 15:26]
.
2012-12-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2233758680-2168297670-2217245264-1004UA.job
- c:\users\Mirko\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-31 15:26]
.
2012-12-03 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files\SlimDrivers\SlimDrivers.exe [2012-02-01 12:42]
.
.
------- Scansione supplementare -------
.
ustart page = hxxp://www.google.it/
mstart page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Aggiungi ad Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: I&nvia a OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 85.37.17.40 85.38.28.85
TCP: Interfaces\{73009644-E0EF-4FD2-8F27-8FBA08E3004E}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Mirko\AppData\Roaming\Mozilla\Firefox\Profiles\0nj0z84d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045718&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ZoneAlarm IT Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3045718&SearchSource=2&q=
FF - ExtSQL: 2012-10-31 17:03; anti_banner@kaspersky.com; c:\program files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF - ExtSQL: 2012-10-31 17:03; content_blocker@kaspersky.com; c:\program files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF - ExtSQL: 2012-10-31 17:03; online_banking@kaspersky.com; c:\program files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF - ExtSQL: 2012-10-31 17:04; url_advisor@kaspersky.com; c:\program files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF - ExtSQL: 2012-10-31 17:04; virtual_keyboard@kaspersky.com; c:\program files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=15775
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - def
FF - user.js: extensions.BabylonToolbar_i.id - 1800a99300000000000020cf30bf6544
FF - user.js: extensions.BabylonToolbar_i.hardId - 1800a99300000000000020cf30bf6544
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15375
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1714:08
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babclient
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.instlRef - std
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
WebBrowser-{59506042-42A8-4EF6-82C9-35177BFB7F6F} - (no file)
HKLM-Run-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe
HKLM-Run-etMonitor - c:\windows\etMon.exe
MSConfigStartUp-Babylon Client - c:\program files\babylon\babylon-pro\babylon.exe
MSConfigStartUp-ZoneAlarm Installer - c:\program files\CheckPoint\Install\Launcher.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @DenieD: (2) (LocalSystem)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
"{0FB6A909-6086-458F-BD92-1F8EE10042A0}"=hex:51,66,7a,6c,4c,1d,38,12,67,aa,a5,
0b,b4,2e,e1,00,c2,84,5c,ce,e4,5e,06,b4
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}"=hex:51,66,7a,6c,4c,1d,38,12,da,39,34,
5d,e1,a9,97,05,de,be,2c,e9,c9,ff,c2,38
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{7B523E7C-F096-4E36-A0CB-7EFEB5C675C1}"=hex:51,66,7a,6c,4c,1d,38,12,12,3d,41,
7f,a4,be,58,0b,df,dd,3d,be,b0,98,31,d5
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E33CF602-D945-461A-83F0-819F76A199F8}"=hex:51,66,7a,6c,4c,1d,38,12,6c,f5,2f,
e7,77,97,74,03,fc,e6,c2,df,73,ff,dd,ec
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,
51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}"=hex:51,66,7a,6c,4c,1d,38,12,26,bd,a8,
0a,e6,f4,22,0e,f1,4c,12,2a,bb,94,a4,70
"{B164E929-A1B6-4A06-B104-2CD0E90A88FF}"=hex:51,66,7a,6c,4c,1d,38,12,47,ea,77,
b5,84,ef,68,0f,ce,12,6f,90,ec,54,cc,eb
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @DenieD: (2) (LocalSystem)
"Timestamp"=hex:0d,e0,db,c5,94,06,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @DenieD: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,01,1f,82,00,b9,e4,85,4a,a2,e7,b0,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,01,1f,82,00,b9,e4,85,4a,a2,e7,b0,\
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.partial\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.PARTIAL"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.SVG"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.website\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.WEBSITE"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.XHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="IE.AssocFile.XHT"
.
[HKEY_USERS\S-1-5-21-2233758680-2168297670-2217245264-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @DenieD: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2233758680-2168297670-2217245264-1004\Software\SecuROM\License information*]
"datasecu"=hex:8a,2d,f5,c6,70,7b,59,21,45,96,64,d4,89,ad,77,6a,bd,aa,71,9b,33,
45,6d,9e,ed,ad,f4,32,19,70,49,a8,74,42,98,c4,68,2b,28,cf,42,4d,61,de,82,0a,\
"rkeysecu"=hex:bc,99,c8,57,06,d1,1d,a5,76,b8,ff,76,de,29,f1,0e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @DenieD: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @DenieD: (Full) (Everyone)
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(6888)
c:\program files\Epson Software\Easy Photo Print\EPTBL.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Eraser\Eraser.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Ora fine scansione: 2012-12-03 16:08:14 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-12-03 15:08
.
Pre-Run: 398.761.103.360 byte disponibili
Post-Run: 398.482.931.712 byte disponibili
.
- - End Of File - - 8B668541C32C01BCF2FBF8D362CD703F


grazie anticipatamente
 
Combofix è un tool molto aggressivo e va usato solo in casi strettamente necessari.

Quali problemi riscontri?
 
grazie per avermi risposto!

non riuscivo più ad accedere ai social network e alla mia mail!

ci sono dei problemi nel pc?
 
ecco il log:

7:38:25.0588 6240 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:38:25.0893 6240 ============================================================
17:38:25.0893 6240 Current date / time: 2012/12/03 17:38:25.0893
17:38:25.0893 6240 SystemInfo:
17:38:25.0893 6240
17:38:25.0893 6240 OS Version: 6.1.7601 ServicePack: 1.0
17:38:25.0893 6240 Product type: Workstation
17:38:25.0893 6240 ComputerName: UTENTE-PC
17:38:25.0893 6240 UserName: Mirko
17:38:25.0894 6240 Windows directory: C:\Windows
17:38:25.0894 6240 System windows directory: C:\Windows
17:38:25.0894 6240 Processor architecture: Intel x86
17:38:25.0894 6240 Number of processors: 4
17:38:25.0894 6240 Page size: 0x1000
17:38:25.0894 6240 Boot type: Normal boot
17:38:25.0894 6240 ============================================================
17:38:26.0651 6240 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:38:26.0662 6240 ============================================================
17:38:26.0662 6240 \Device\Harddisk0\DR0:
17:38:26.0663 6240 MBR partitions:
17:38:26.0663 6240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xB2000
17:38:26.0663 6240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xB2800, BlocksNum 0x3A2D3030
17:38:26.0663 6240 ============================================================
17:38:26.0692 6240 C: <-> \Device\Harddisk0\DR0\Partition2
17:38:26.0693 6240 ============================================================
17:38:26.0693 6240 Initialize success
17:38:26.0693 6240 ============================================================
17:38:31.0997 5248 ============================================================
17:38:31.0997 5248 Scan started
17:38:31.0997 5248 Mode: Manual;
17:38:31.0997 5248 ============================================================
17:38:33.0173 5248 ================ Scan system memory ========================
17:38:33.0173 5248 System memory - ok
17:38:33.0174 5248 ================ Scan services =============================
17:38:33.0532 5248 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:38:33.0536 5248 1394ohci - ok
17:38:33.0583 5248 [ EA2913195BD6850B632B94A9282B7ACD ] 1718702drv C:\Windows\system32\DRIVERS\1718702drv.sys
17:38:33.0586 5248 Suspicious file (Forged): C:\Windows\system32\DRIVERS\1718702drv.sys. Real md5: EA2913195BD6850B632B94A9282B7ACD, Fake md5: 052C22DCAA739A6C6A414E7D491D4F29
17:38:33.0588 5248 1718702drv ( ForgedFile.Multi.Generic ) - warning
17:38:33.0588 5248 1718702drv - detected ForgedFile.Multi.Generic (1)
17:38:33.0624 5248 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:38:33.0626 5248 ACPI - ok
17:38:33.0649 5248 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:38:33.0651 5248 AcpiPmi - ok
17:38:33.0741 5248 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:38:33.0756 5248 AdobeARMservice - ok
17:38:33.0816 5248 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:38:33.0821 5248 AdobeFlashPlayerUpdateSvc - ok
17:38:33.0853 5248 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:38:33.0861 5248 adp94xx - ok
17:38:33.0879 5248 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:38:33.0884 5248 adpahci - ok
17:38:33.0897 5248 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:38:33.0900 5248 adpu320 - ok
17:38:33.0926 5248 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:38:33.0928 5248 AeLookupSvc - ok
17:38:33.0948 5248 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
17:38:33.0952 5248 AFD - ok
17:38:33.0978 5248 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:38:33.0980 5248 agp440 - ok
17:38:33.0989 5248 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
17:38:33.0991 5248 aic78xx - ok
17:38:34.0007 5248 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
17:38:34.0009 5248 ALG - ok
17:38:34.0026 5248 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
17:38:34.0027 5248 aliide - ok
17:38:34.0053 5248 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:38:34.0055 5248 amdagp - ok
17:38:34.0067 5248 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
17:38:34.0069 5248 amdide - ok
17:38:34.0078 5248 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:38:34.0080 5248 AmdK8 - ok
17:38:34.0092 5248 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:38:34.0094 5248 AmdPPM - ok
17:38:34.0102 5248 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:38:34.0104 5248 amdsata - ok
17:38:34.0117 5248 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:38:34.0120 5248 amdsbs - ok
17:38:34.0133 5248 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:38:34.0134 5248 amdxata - ok
17:38:34.0159 5248 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
17:38:34.0174 5248 AppID - ok
17:38:34.0194 5248 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:38:34.0195 5248 AppIDSvc - ok
17:38:34.0217 5248 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
17:38:34.0218 5248 Appinfo - ok
17:38:34.0234 5248 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
17:38:34.0236 5248 AppMgmt - ok
17:38:34.0247 5248 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:38:34.0249 5248 arc - ok
17:38:34.0261 5248 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:38:34.0263 5248 arcsas - ok
17:38:34.0280 5248 [ 9D8CB58B9A9E177DDD599791A58A654D ] AsIO C:\Windows\system32\drivers\AsIO.sys
17:38:34.0281 5248 AsIO - ok
17:38:34.0368 5248 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:38:34.0372 5248 aspnet_state - ok
17:38:34.0387 5248 [ E67493490466B5F04B58C22D2590E8CA ] AsUpIO C:\Windows\system32\drivers\AsUpIO.sys
17:38:34.0389 5248 AsUpIO - ok
17:38:34.0400 5248 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:38:34.0402 5248 AsyncMac - ok
17:38:34.0421 5248 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
17:38:34.0421 5248 atapi - ok
17:38:34.0446 5248 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:38:34.0451 5248 AudioEndpointBuilder - ok
17:38:34.0459 5248 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:38:34.0462 5248 Audiosrv - ok
17:38:34.0482 5248 avgwd - ok
17:38:34.0545 5248 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
17:38:34.0547 5248 AVP - ok
17:38:34.0555 5248 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:38:34.0557 5248 AxInstSV - ok
17:38:34.0586 5248 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
17:38:34.0594 5248 b06bdrv - ok
17:38:34.0615 5248 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:38:34.0619 5248 b57nd60x - ok
17:38:34.0676 5248 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
17:38:34.0678 5248 BBSvc - ok
17:38:34.0691 5248 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
17:38:34.0694 5248 BBUpdate - ok
17:38:34.0717 5248 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
17:38:34.0720 5248 BDESVC - ok
17:38:34.0722 5248 BDFsDrv - ok
17:38:34.0726 5248 BDRsDrv - ok
17:38:34.0739 5248 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
17:38:34.0741 5248 Beep - ok
17:38:34.0767 5248 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
17:38:34.0788 5248 BFE - ok
17:38:34.0818 5248 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
17:38:34.0827 5248 BITS - ok
17:38:34.0841 5248 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:38:34.0843 5248 blbdrive - ok
17:38:34.0871 5248 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:38:34.0875 5248 Bonjour Service - ok
17:38:34.0898 5248 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:38:34.0900 5248 bowser - ok
17:38:34.0919 5248 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:38:34.0921 5248 BrFiltLo - ok
17:38:34.0936 5248 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:38:34.0937 5248 BrFiltUp - ok
17:38:34.0948 5248 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:38:34.0951 5248 BridgeMP - ok
17:38:34.0976 5248 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
17:38:34.0978 5248 Browser - ok
17:38:34.0993 5248 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:38:34.0996 5248 Brserid - ok
17:38:35.0008 5248 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:38:35.0011 5248 BrSerWdm - ok
17:38:35.0021 5248 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:38:35.0023 5248 BrUsbMdm - ok
17:38:35.0036 5248 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:38:35.0038 5248 BrUsbSer - ok
17:38:35.0053 5248 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:38:35.0055 5248 BTHMODEM - ok
17:38:35.0080 5248 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
17:38:35.0082 5248 bthserv - ok
17:38:35.0281 5248 catchme - ok
17:38:35.0291 5248 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:38:35.0293 5248 cdfs - ok
17:38:35.0321 5248 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:38:35.0323 5248 cdrom - ok
17:38:35.0361 5248 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
17:38:35.0363 5248 CertPropSvc - ok
17:38:35.0382 5248 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:38:35.0384 5248 circlass - ok
17:38:35.0415 5248 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
17:38:35.0418 5248 CLFS - ok
17:38:35.0454 5248 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:35.0480 5248 clr_optimization_v2.0.50727_32 - ok
17:38:35.0517 5248 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:38:35.0520 5248 clr_optimization_v4.0.30319_32 - ok
17:38:35.0535 5248 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:38:35.0536 5248 CmBatt - ok
17:38:35.0548 5248 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:38:35.0550 5248 cmdide - ok
17:38:35.0578 5248 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
17:38:35.0582 5248 CNG - ok
17:38:35.0599 5248 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:38:35.0601 5248 Compbatt - ok
17:38:35.0626 5248 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:38:35.0628 5248 CompositeBus - ok
17:38:35.0632 5248 COMSysApp - ok
17:38:35.0649 5248 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:38:35.0651 5248 crcdisk - ok
17:38:35.0673 5248 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:38:35.0675 5248 CryptSvc - ok
17:38:35.0700 5248 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
17:38:35.0705 5248 CSC - ok
17:38:35.0746 5248 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
17:38:35.0752 5248 CscService - ok
17:38:35.0858 5248 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:38:35.0872 5248 cvhsvc - ok
17:38:35.0899 5248 [ 619F52E53E20E839CDB2A83B7EC8E5EF ] DCamUSBET C:\Windows\system32\DRIVERS\etDevice.sys
17:38:35.0904 5248 DCamUSBET - ok
17:38:35.0931 5248 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:38:35.0935 5248 DcomLaunch - ok
17:38:35.0956 5248 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
17:38:35.0958 5248 defragsvc - ok
17:38:35.0980 5248 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:38:35.0982 5248 DfsC - ok
17:38:36.0063 5248 [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C ] DfSdkS C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS.exe
17:38:36.0071 5248 DfSdkS - ok
17:38:36.0088 5248 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:38:36.0093 5248 Dhcp - ok
17:38:36.0108 5248 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
17:38:36.0109 5248 discache - ok
17:38:36.0116 5248 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:38:36.0118 5248 Disk - ok
17:38:36.0147 5248 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:38:36.0150 5248 Dnscache - ok
17:38:36.0167 5248 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
17:38:36.0171 5248 dot3svc - ok
17:38:36.0194 5248 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:38:36.0197 5248 Dot4 - ok
17:38:36.0220 5248 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:38:36.0222 5248 Dot4Print - ok
17:38:36.0232 5248 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:38:36.0234 5248 dot4usb - ok
17:38:36.0253 5248 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
17:38:36.0255 5248 DPS - ok
17:38:36.0276 5248 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:38:36.0277 5248 drmkaud - ok
17:38:36.0309 5248 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:38:36.0316 5248 DXGKrnl - ok
17:38:36.0340 5248 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
17:38:36.0342 5248 EapHost - ok
17:38:36.0475 5248 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
17:38:36.0523 5248 ebdrv - ok
17:38:36.0555 5248 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
17:38:36.0556 5248 EFS - ok
17:38:36.0657 5248 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:38:36.0667 5248 ehRecvr - ok
17:38:36.0689 5248 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
17:38:36.0691 5248 ehSched - ok
17:38:36.0715 5248 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:38:36.0720 5248 elxstor - ok
17:38:36.0739 5248 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:38:36.0741 5248 ErrDev - ok
17:38:36.0769 5248 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
17:38:36.0772 5248 EventSystem - ok
17:38:36.0776 5248 ewusbnet - ok
17:38:36.0790 5248 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
17:38:36.0792 5248 exfat - ok
17:38:36.0808 5248 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:38:36.0810 5248 fastfat - ok
17:38:36.0833 5248 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
17:38:36.0838 5248 Fax - ok
17:38:36.0852 5248 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:38:36.0854 5248 fdc - ok
17:38:36.0859 5248 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
17:38:36.0861 5248 fdPHost - ok
17:38:36.0872 5248 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
17:38:36.0874 5248 FDResPub - ok
17:38:36.0879 5248 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:38:36.0880 5248 FileInfo - ok
17:38:36.0887 5248 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:38:36.0889 5248 Filetrace - ok
17:38:36.0904 5248 [ 9C185169E998942DF28A760AE231F9B7 ] FiltUSBET C:\Windows\system32\DRIVERS\etFilter.sys
17:38:36.0907 5248 FiltUSBET - ok
17:38:36.0924 5248 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:38:36.0925 5248 flpydisk - ok
17:38:36.0937 5248 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:38:36.0940 5248 FltMgr - ok
17:38:36.0969 5248 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
17:38:36.0977 5248 FontCache - ok
17:38:37.0026 5248 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:38:37.0035 5248 FontCache3.0.0.0 - ok
17:38:37.0053 5248 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:38:37.0055 5248 FsDepends - ok
17:38:37.0072 5248 [ BB05E1C467029D7EA275FAF5E9108A5D ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:38:37.0074 5248 fssfltr - ok
17:38:37.0151 5248 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:38:37.0188 5248 fsssvc - ok
17:38:37.0199 5248 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:38:37.0200 5248 Fs_Rec - ok
17:38:37.0220 5248 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:38:37.0222 5248 fvevol - ok
17:38:37.0240 5248 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:38:37.0241 5248 gagp30kx - ok
17:38:37.0275 5248 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
17:38:37.0281 5248 gpsvc - ok
17:38:37.0352 5248 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:38:37.0354 5248 gupdate - ok
17:38:37.0360 5248 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:38:37.0362 5248 gupdatem - ok
17:38:37.0393 5248 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:38:37.0397 5248 gusvc - ok
17:38:37.0405 5248 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:38:37.0406 5248 hcw85cir - ok
17:38:37.0427 5248 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:38:37.0430 5248 HdAudAddService - ok
17:38:37.0461 5248 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:38:37.0463 5248 HDAudBus - ok
17:38:37.0482 5248 [ A88485DC6A7136C10D9A6C7E38FDFE3C ] HECI C:\Windows\system32\DRIVERS\HECI.sys
17:38:37.0484 5248 HECI - ok
17:38:37.0502 5248 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:38:37.0503 5248 HidBatt - ok
17:38:37.0520 5248 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:38:37.0522 5248 HidBth - ok
17:38:37.0530 5248 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:38:37.0532 5248 HidIr - ok
17:38:37.0555 5248 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
17:38:37.0557 5248 hidserv - ok
17:38:37.0570 5248 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:38:37.0571 5248 HidUsb - ok
17:38:37.0597 5248 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:38:37.0599 5248 hkmsvc - ok
17:38:37.0626 5248 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:38:37.0629 5248 HomeGroupListener - ok
17:38:37.0642 5248 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:38:37.0646 5248 HomeGroupProvider - ok
17:38:37.0660 5248 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:38:37.0662 5248 HpSAMD - ok
17:38:37.0679 5248 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:38:37.0684 5248 HTTP - ok
17:38:37.0687 5248 hwdatacard - ok
17:38:37.0706 5248 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:38:37.0706 5248 hwpolicy - ok
17:38:37.0711 5248 hwusbfake - ok
17:38:37.0752 5248 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:38:37.0760 5248 i8042prt - ok
17:38:37.0791 5248 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:38:37.0795 5248 iaStorV - ok
17:38:37.0837 5248 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:38:37.0840 5248 IDriverT - ok
17:38:37.0891 5248 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:38:37.0908 5248 idsvc - ok
17:38:38.0085 5248 [ 40F8A0F85BCE94F766808AEEE8F96FA8 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
17:38:38.0264 5248 igfx - ok
17:38:38.0295 5248 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:38:38.0297 5248 iirsp - ok
17:38:38.0323 5248 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
17:38:38.0330 5248 IKEEXT - ok
17:38:38.0351 5248 [ C4FA261B9B5C9822D26020949605AC43 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:38:38.0355 5248 IntcDAud - ok
17:38:38.0371 5248 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
17:38:38.0372 5248 intelide - ok
17:38:38.0380 5248 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:38:38.0382 5248 intelppm - ok
17:38:38.0401 5248 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:38:38.0404 5248 IPBusEnum - ok
17:38:38.0413 5248 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:38:38.0415 5248 IpFilterDriver - ok
17:38:38.0525 5248 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:38:38.0547 5248 iphlpsvc - ok
17:38:38.0561 5248 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:38:38.0563 5248 IPMIDRV - ok
17:38:38.0576 5248 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:38:38.0578 5248 IPNAT - ok
17:38:38.0587 5248 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:38:38.0589 5248 IRENUM - ok
17:38:38.0601 5248 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:38:38.0603 5248 isapnp - ok
17:38:38.0620 5248 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:38:38.0623 5248 iScsiPrt - ok
17:38:38.0639 5248 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:38:38.0641 5248 kbdclass - ok
17:38:38.0663 5248 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:38:38.0664 5248 kbdhid - ok
17:38:38.0677 5248 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
17:38:38.0679 5248 KeyIso - ok
17:38:38.0715 5248 [ EA26CB00F83686856F2C79673C00C686 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
17:38:38.0717 5248 kl1 - ok
17:38:38.0767 5248 [ FBC7F840F1118D358D2AFB8C1714B384 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
17:38:38.0770 5248 KLIF - ok
17:38:38.0783 5248 [ AF127FE7DD5ED2BBC9049FD8A00DEFC2 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
17:38:38.0792 5248 KLIM6 - ok
17:38:38.0804 5248 [ 24AEBAD59D1DE8A7CC36E8F09F999362 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
17:38:38.0804 5248 klkbdflt - ok
17:38:38.0827 5248 [ A58507C2827C3AE1D4CCB2746AAB349F ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
17:38:38.0827 5248 klmouflt - ok
17:38:38.0833 5248 [ 53C0DF6C5139CB78A631E7AFCD893730 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
17:38:38.0833 5248 kltdi - ok
17:38:38.0841 5248 [ 71A38C123600172511C26BFABD0EF579 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
17:38:38.0844 5248 kneps - ok
17:38:38.0868 5248 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:38:38.0870 5248 KSecDD - ok
17:38:38.0892 5248 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:38:38.0895 5248 KSecPkg - ok
17:38:38.0919 5248 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
17:38:38.0925 5248 KtmRm - ok
17:38:38.0943 5248 [ 0C6E346CDE730CF1356DD69AD6E9BC42 ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
17:38:38.0945 5248 L8042Kbd - ok
17:38:38.0974 5248 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
17:38:38.0979 5248 LanmanServer - ok
17:38:38.0988 5248 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:38:38.0992 5248 LanmanWorkstation - ok
17:38:39.0017 5248 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:38:39.0019 5248 lltdio - ok
17:38:39.0039 5248 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:38:39.0043 5248 lltdsvc - ok
17:38:39.0057 5248 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
17:38:39.0060 5248 lmhosts - ok
17:38:39.0141 5248 [ 73A1F958FCAC3438046DBB829DC92FE6 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:38:39.0147 5248 LMS - ok
17:38:39.0170 5248 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:38:39.0172 5248 LSI_FC - ok
17:38:39.0183 5248 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:38:39.0185 5248 LSI_SAS - ok
17:38:39.0197 5248 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:38:39.0200 5248 LSI_SAS2 - ok
17:38:39.0209 5248 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:38:39.0211 5248 LSI_SCSI - ok
17:38:39.0227 5248 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
17:38:39.0229 5248 luafv - ok
17:38:39.0250 5248 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:38:39.0253 5248 Mcx2Svc - ok
17:38:39.0262 5248 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:38:39.0264 5248 megasas - ok
17:38:39.0280 5248 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:38:39.0284 5248 MegaSR - ok
17:38:39.0309 5248 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
17:38:39.0312 5248 MMCSS - ok
17:38:39.0324 5248 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
17:38:39.0326 5248 Modem - ok
17:38:39.0338 5248 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:38:39.0339 5248 monitor - ok
17:38:39.0352 5248 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:38:39.0354 5248 mouclass - ok
17:38:39.0366 5248 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:38:39.0368 5248 mouhid - ok
17:38:39.0391 5248 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:38:39.0393 5248 mountmgr - ok
17:38:39.0420 5248 [ C709F62A153EEB9A6F2D0E2F11EAAAC6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:38:39.0423 5248 MozillaMaintenance - ok
17:38:39.0436 5248 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
17:38:39.0439 5248 mpio - ok
17:38:39.0457 5248 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:38:39.0459 5248 mpsdrv - ok
17:38:39.0485 5248 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:38:39.0492 5248 MpsSvc - ok
17:38:39.0520 5248 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:38:39.0522 5248 MRxDAV - ok
17:38:39.0544 5248 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:38:39.0546 5248 mrxsmb - ok
17:38:39.0572 5248 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:38:39.0575 5248 mrxsmb10 - ok
17:38:39.0582 5248 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:38:39.0584 5248 mrxsmb20 - ok
17:38:39.0604 5248 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
17:38:39.0607 5248 msahci - ok
17:38:39.0649 5248 [ B03E3F64B70F8031E65EB26DA23DE91A ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe
17:38:39.0651 5248 MSCamSvc - ok
17:38:39.0681 5248 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:38:39.0693 5248 msdsm - ok
17:38:39.0726 5248 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
17:38:39.0730 5248 MSDTC - ok
17:38:39.0756 5248 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:38:39.0756 5248 Msfs - ok
17:38:39.0780 5248 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:38:39.0781 5248 mshidkmdf - ok
17:38:39.0805 5248 [ 7A0F9CBDBDB135113B9A3C138E20C85D ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
17:38:39.0807 5248 MSHUSBVideo - ok
17:38:39.0831 5248 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:38:39.0831 5248 msisadrv - ok
17:38:39.0868 5248 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:38:39.0872 5248 MSiSCSI - ok
17:38:39.0876 5248 msiserver - ok
17:38:39.0889 5248 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:38:39.0890 5248 MSKSSRV - ok
17:38:39.0899 5248 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:38:39.0901 5248 MSPCLOCK - ok
17:38:39.0908 5248 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:38:39.0909 5248 MSPQM - ok
17:38:39.0924 5248 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:38:39.0927 5248 MsRPC - ok
17:38:39.0936 5248 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:38:39.0937 5248 mssmbios - ok
17:38:39.0949 5248 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:38:39.0951 5248 MSTEE - ok
17:38:39.0963 5248 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:38:39.0965 5248 MTConfig - ok
17:38:39.0982 5248 [ CBE71C122434805CB73FFB6619F60598 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
17:38:39.0983 5248 MTsensor - ok
17:38:39.0995 5248 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
17:38:39.0997 5248 Mup - ok
17:38:40.0026 5248 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
17:38:40.0031 5248 napagent - ok
17:38:40.0046 5248 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:38:40.0050 5248 NativeWifiP - ok
17:38:40.0075 5248 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:38:40.0081 5248 NDIS - ok
17:38:40.0090 5248 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:38:40.0092 5248 NdisCap - ok
17:38:40.0108 5248 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:38:40.0110 5248 NdisTapi - ok
17:38:40.0123 5248 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:38:40.0125 5248 Ndisuio - ok
17:38:40.0153 5248 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:38:40.0155 5248 NdisWan - ok
17:38:40.0165 5248 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:38:40.0167 5248 NDProxy - ok
17:38:40.0266 5248 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
17:38:40.0283 5248 Nero BackItUp Scheduler 4.0 - ok
17:38:40.0300 5248 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:38:40.0302 5248 Net Driver HPZ12 - ok
17:38:40.0323 5248 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:38:40.0323 5248 NetBIOS - ok
17:38:40.0336 5248 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:38:40.0339 5248 NetBT - ok
17:38:40.0376 5248 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
17:38:40.0377 5248 Netlogon - ok
17:38:40.0443 5248 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
17:38:40.0465 5248 Netman - ok
17:38:40.0489 5248 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:38:40.0495 5248 NetMsmqActivator - ok
17:38:40.0512 5248 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:38:40.0515 5248 NetPipeActivator - ok
17:38:40.0531 5248 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
17:38:40.0536 5248 netprofm - ok
17:38:40.0541 5248 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:38:40.0542 5248 NetTcpActivator - ok
17:38:40.0545 5248 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:38:40.0547 5248 NetTcpPortSharing - ok
17:38:40.0563 5248 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:38:40.0565 5248 nfrd960 - ok
17:38:40.0584 5248 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:38:40.0588 5248 NlaSvc - ok
17:38:40.0607 5248 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\Windows\system32\drivers\npf.sys
17:38:40.0609 5248 NPF - ok
17:38:40.0619 5248 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:38:40.0621 5248 Npfs - ok
17:38:40.0633 5248 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
17:38:40.0636 5248 nsi - ok
17:38:40.0643 5248 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:38:40.0645 5248 nsiproxy - ok
17:38:40.0742 5248 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:38:40.0788 5248 Ntfs - ok
17:38:40.0797 5248 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
17:38:40.0799 5248 Null - ok
17:38:40.0819 5248 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:38:40.0822 5248 nvraid - ok
17:38:40.0832 5248 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:38:40.0835 5248 nvstor - ok
17:38:40.0852 5248 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:38:40.0855 5248 nv_agp - ok
17:38:40.0866 5248 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:38:40.0868 5248 ohci1394 - ok
17:38:40.0887 5248 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:38:40.0889 5248 ose - ok
17:38:41.0025 5248 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:38:41.0107 5248 osppsvc - ok
17:38:41.0156 5248 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:38:41.0166 5248 p2pimsvc - ok
17:38:41.0186 5248 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
17:38:41.0191 5248 p2psvc - ok
17:38:41.0217 5248 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:38:41.0219 5248 Parport - ok
17:38:41.0243 5248 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:38:41.0244 5248 partmgr - ok
17:38:41.0254 5248 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:38:41.0255 5248 Parvdm - ok
17:38:41.0270 5248 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:38:41.0273 5248 PcaSvc - ok
17:38:41.0294 5248 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
17:38:41.0296 5248 pci - ok
17:38:41.0316 5248 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
17:38:41.0317 5248 pciide - ok
17:38:41.0342 5248 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:38:41.0353 5248 pcmcia - ok
17:38:41.0366 5248 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
17:38:41.0367 5248 pcw - ok
17:38:41.0389 5248 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:38:41.0395 5248 PEAUTH - ok
17:38:41.0448 5248 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:38:41.0459 5248 PeerDistSvc - ok
17:38:41.0507 5248 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
17:38:41.0541 5248 pla - ok
17:38:41.0572 5248 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:38:41.0577 5248 PlugPlay - ok
17:38:41.0606 5248 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:38:41.0608 5248 Pml Driver HPZ12 - ok
17:38:41.0627 5248 [ 19E83B09AB8EE1D837665DA941E2AC44 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
17:38:41.0635 5248 PnkBstrA - ok
17:38:41.0690 5248 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:38:41.0702 5248 PNRPAutoReg - ok
17:38:41.0730 5248 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:38:41.0736 5248 PNRPsvc - ok
17:38:41.0761 5248 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:38:41.0765 5248 PolicyAgent - ok
17:38:41.0783 5248 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
17:38:41.0786 5248 Power - ok
17:38:41.0804 5248 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:38:41.0806 5248 PptpMiniport - ok
17:38:41.0822 5248 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:38:41.0824 5248 Processor - ok
17:38:41.0828 5248 Profos - ok
17:38:41.0855 5248 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
17:38:41.0859 5248 ProfSvc - ok
17:38:41.0866 5248 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:38:41.0867 5248 ProtectedStorage - ok
17:38:41.0882 5248 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:38:41.0883 5248 Psched - ok
17:38:41.0908 5248 [ C8EB36910D3BD582891977E80925E21E ] PSSDK42 C:\Windows\system32\Drivers\pssdk42.sys
17:38:41.0917 5248 PSSDK42 - ok
17:38:41.0950 5248 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:38:41.0976 5248 ql2300 - ok
17:38:41.0985 5248 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:38:41.0987 5248 ql40xx - ok
17:38:42.0012 5248 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
17:38:42.0017 5248 QWAVE - ok
17:38:42.0026 5248 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:38:42.0028 5248 QWAVEdrv - ok
17:38:42.0040 5248 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:38:42.0042 5248 RasAcd - ok
17:38:42.0057 5248 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:38:42.0058 5248 RasAgileVpn - ok
17:38:42.0067 5248 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
17:38:42.0070 5248 RasAuto - ok
17:38:42.0079 5248 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:38:42.0082 5248 Rasl2tp - ok
17:38:42.0152 5248 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
17:38:42.0160 5248 RasMan - ok
17:38:42.0180 5248 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:38:42.0182 5248 RasPppoe - ok
17:38:42.0194 5248 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:38:42.0196 5248 RasSstp - ok
17:38:42.0213 5248 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:38:42.0216 5248 rdbss - ok
17:38:42.0232 5248 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:38:42.0234 5248 rdpbus - ok
17:38:42.0243 5248 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:38:42.0244 5248 RDPCDD - ok
17:38:42.0259 5248 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:38:42.0262 5248 RDPDR - ok
17:38:42.0276 5248 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:38:42.0278 5248 RDPENCDD - ok
17:38:42.0287 5248 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:38:42.0289 5248 RDPREFMP - ok
17:38:42.0313 5248 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:38:42.0315 5248 RdpVideoMiniport - ok
17:38:42.0333 5248 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:38:42.0336 5248 RDPWD - ok
17:38:42.0347 5248 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:38:42.0349 5248 rdyboost - ok
17:38:42.0376 5248 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
17:38:42.0379 5248 RemoteAccess - ok
17:38:42.0398 5248 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:38:42.0401 5248 RemoteRegistry - ok
17:38:42.0422 5248 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
17:38:42.0425 5248 rpcapd - ok
17:38:42.0436 5248 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:38:42.0439 5248 RpcEptMapper - ok
17:38:42.0445 5248 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
17:38:42.0447 5248 RpcLocator - ok
17:38:42.0466 5248 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
17:38:42.0469 5248 RpcSs - ok
17:38:42.0497 5248 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:38:42.0499 5248 rspndr - ok
17:38:42.0521 5248 [ F1ED9FFA59C369E72BC53A7631346F61 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
17:38:42.0523 5248 RSUSBSTOR - ok
17:38:42.0554 5248 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
17:38:42.0559 5248 RTL8167 - ok
17:38:42.0580 5248 [ 7F8D15EE000577BE703537849D4F9397 ] RtNdPt60 C:\Windows\system32\DRIVERS\RtNdPt60.sys
17:38:42.0582 5248 RtNdPt60 - ok
17:38:42.0597 5248 [ D78D74C6ED83339910CCCA7E68534222 ] RTTEAMPT C:\Windows\system32\DRIVERS\RtTeam60.sys
17:38:42.0599 5248 RTTEAMPT - ok
17:38:42.0608 5248 [ E6472A4007FB17D27D4091ABD657A291 ] RTVLANPT C:\Windows\system32\DRIVERS\RtVlan60.sys
17:38:42.0609 5248 RTVLANPT - ok
17:38:42.0636 5248 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:38:42.0637 5248 s3cap - ok
17:38:42.0648 5248 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
17:38:42.0650 5248 SamSs - ok
17:38:42.0709 5248 [ 9C9BCC79AEF0AA97F16766C498002D36 ] SbFw C:\Windows\system32\drivers\SbFw.sys
17:38:42.0718 5248 SbFw - ok
17:38:42.0730 5248 [ F27B38D70B7621378161D6F48BE04D2C ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys
17:38:42.0732 5248 SBFWIMCL - ok
17:38:42.0737 5248 [ F27B38D70B7621378161D6F48BE04D2C ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys
17:38:42.0738 5248 SBFWIMCLMP - ok
17:38:42.0759 5248 [ 53E5E7DC26BB920B97F258BBD52ABFDC ] sbhips C:\Windows\system32\drivers\sbhips.sys
17:38:42.0761 5248 sbhips - ok
17:38:42.0784 5248 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:38:42.0786 5248 sbp2port - ok
17:38:42.0790 5248 SBRE - ok
17:38:42.0811 5248 [ 6468E2973E04525DECC105947DDD0D34 ] SbTis C:\Windows\system32\drivers\sbtis.sys
17:38:42.0814 5248 SbTis - ok
17:38:42.0822 5248 [ F6B34D346E907D7A07A573F19088491A ] ScanUSBET C:\Windows\system32\DRIVERS\etScan.sys
17:38:42.0824 5248 ScanUSBET - ok
17:38:42.0843 5248 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:38:42.0847 5248 SCardSvr - ok
17:38:42.0867 5248 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:38:42.0869 5248 scfilter - ok
17:38:42.0903 5248 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
17:38:42.0910 5248 Schedule - ok
17:38:42.0920 5248 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:38:42.0920 5248 SCPolicySvc - ok
17:38:42.0935 5248 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:38:42.0939 5248 SDRSVC - ok
17:38:42.0963 5248 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:38:42.0965 5248 secdrv - ok
17:38:42.0977 5248 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
17:38:42.0981 5248 seclogon - ok
17:38:42.0989 5248 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
17:38:42.0992 5248 SENS - ok
17:38:43.0013 5248 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:38:43.0017 5248 SensrSvc - ok
17:38:43.0027 5248 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:38:43.0029 5248 Serenum - ok
17:38:43.0044 5248 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:38:43.0046 5248 Serial - ok
17:38:43.0070 5248 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:38:43.0072 5248 sermouse - ok
17:38:43.0105 5248 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
17:38:43.0109 5248 SessionEnv - ok
17:38:43.0134 5248 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:38:43.0136 5248 sffdisk - ok
17:38:43.0144 5248 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:38:43.0146 5248 sffp_mmc - ok
17:38:43.0153 5248 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:38:43.0155 5248 sffp_sd - ok
17:38:43.0172 5248 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:38:43.0174 5248 sfloppy - ok
17:38:43.0202 5248 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:38:43.0209 5248 Sftfs - ok
17:38:43.0287 5248 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
17:38:43.0295 5248 sftlist - ok
17:38:43.0316 5248 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:38:43.0318 5248 Sftplay - ok
17:38:43.0339 5248 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:38:43.0341 5248 Sftredir - ok
17:38:43.0349 5248 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:38:43.0351 5248 Sftvol - ok
17:38:43.0370 5248 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
17:38:43.0372 5248 sftvsa - ok
17:38:43.0405 5248 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:38:43.0412 5248 SharedAccess - ok
17:38:43.0454 5248 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:38:43.0460 5248 ShellHWDetection - ok
17:38:43.0487 5248 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:38:43.0489 5248 sisagp - ok
17:38:43.0514 5248 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:38:43.0516 5248 SiSRaid2 - ok
17:38:43.0576 5248 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:38:43.0591 5248 SiSRaid4 - ok
17:38:43.0617 5248 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:38:43.0635 5248 Smb - ok
17:38:43.0727 5248 SNMPTRAP - ok
17:38:43.0756 5248 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
17:38:43.0758 5248 spldr - ok
17:38:43.0789 5248 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
17:38:43.0795 5248 Spooler - ok
17:38:43.0858 5248 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
17:38:43.0912 5248 sppsvc - ok
17:38:43.0923 5248 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:38:43.0927 5248 sppuinotify - ok
17:38:43.0945 5248 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:38:43.0949 5248 srv - ok
17:38:43.0964 5248 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:38:43.0967 5248 srv2 - ok
17:38:43.0979 5248 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:38:43.0981 5248 srvnet - ok
17:38:44.0000 5248 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:38:44.0003 5248 SSDPSRV - ok
17:38:44.0012 5248 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:38:44.0025 5248 SstpSvc - ok
17:38:44.0056 5248 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:38:44.0057 5248 stexstor - ok
17:38:44.0096 5248 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
17:38:44.0110 5248 StiSvc - ok
17:38:44.0131 5248 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:38:44.0132 5248 storflt - ok
17:38:44.0151 5248 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
17:38:44.0154 5248 StorSvc - ok
17:38:44.0167 5248 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:38:44.0169 5248 storvsc - ok
17:38:44.0192 5248 [ 6ED7ABF6CB1E6EC0DEBB53E0F104ED64 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
17:38:44.0194 5248 SWDUMon - ok
17:38:44.0213 5248 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
17:38:44.0216 5248 swenum - ok
17:38:44.0238 5248 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
17:38:44.0244 5248 swprv - ok
17:38:44.0276 5248 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
17:38:44.0302 5248 SysMain - ok
17:38:44.0322 5248 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:38:44.0326 5248 TabletInputService - ok
17:38:44.0342 5248 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
17:38:44.0345 5248 TapiSrv - ok
17:38:44.0354 5248 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
17:38:44.0357 5248 TBS - ok
17:38:44.0393 5248 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:38:44.0413 5248 Tcpip - ok
17:38:44.0434 5248 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:38:44.0440 5248 TCPIP6 - ok
17:38:44.0468 5248 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:38:44.0474 5248 tcpipreg - ok
17:38:44.0499 5248 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:38:44.0501 5248 TDPIPE - ok
17:38:44.0529 5248 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:38:44.0530 5248 TDTCP - ok
17:38:44.0545 5248 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:38:44.0547 5248 tdx - ok
17:38:44.0561 5248 [ D78D74C6ED83339910CCCA7E68534222 ] TEAM C:\Windows\system32\DRIVERS\RtTeam60.sys
17:38:44.0562 5248 TEAM - ok
17:38:44.0583 5248 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:38:44.0585 5248 TermDD - ok
17:38:44.0606 5248 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
17:38:44.0613 5248 TermService - ok
17:38:44.0634 5248 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
17:38:44.0637 5248 Themes - ok
17:38:44.0645 5248 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
17:38:44.0647 5248 THREADORDER - ok
17:38:44.0662 5248 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
17:38:44.0665 5248 TrkWks - ok
17:38:44.0701 5248 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:38:44.0704 5248 TrustedInstaller - ok
17:38:44.0734 5248 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:38:44.0749 5248 tssecsrv - ok
17:38:44.0778 5248 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:38:44.0780 5248 TsUsbFlt - ok
17:38:44.0795 5248 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:38:44.0798 5248 tunnel - ok
17:38:44.0820 5248 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:38:44.0822 5248 uagp35 - ok
17:38:44.0840 5248 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:38:44.0844 5248 udfs - ok
17:38:44.0873 5248 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:38:44.0876 5248 UI0Detect - ok
17:38:44.0898 5248 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:38:44.0900 5248 uliagpkx - ok
17:38:44.0926 5248 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
17:38:44.0928 5248 umbus - ok
17:38:44.0942 5248 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:38:44.0943 5248 UmPass - ok
17:38:44.0967 5248 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
17:38:44.0972 5248 UmRdpService - ok
17:38:45.0090 5248 [ F51C224B79D338BDE125FD8035D2418B ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:38:45.0153 5248 UNS - ok
17:38:45.0190 5248 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
17:38:45.0195 5248 upnphost - ok
17:38:45.0218 5248 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:38:45.0220 5248 usbaudio - ok
17:38:45.0247 5248 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:38:45.0249 5248 usbccgp - ok
17:38:45.0267 5248 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:38:45.0269 5248 usbcir - ok
17:38:45.0282 5248 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:38:45.0284 5248 usbehci - ok
17:38:45.0307 5248 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:38:45.0310 5248 usbhub - ok
17:38:45.0325 5248 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:38:45.0327 5248 usbohci - ok
17:38:45.0349 5248 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:38:45.0350 5248 usbprint - ok
17:38:45.0379 5248 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:38:45.0391 5248 usbscan - ok
17:38:45.0416 5248 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:38:45.0418 5248 USBSTOR - ok
17:38:45.0442 5248 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:38:45.0443 5248 usbuhci - ok
17:38:45.0470 5248 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:38:45.0473 5248 usbvideo - ok
17:38:45.0494 5248 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
17:38:45.0498 5248 UxSms - ok
17:38:45.0512 5248 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
17:38:45.0513 5248 VaultSvc - ok
17:38:45.0558 5248 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:38:45.0559 5248 vdrvroot - ok
17:38:45.0600 5248 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
17:38:45.0607 5248 vds - ok
17:38:45.0631 5248 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:38:45.0633 5248 vga - ok
17:38:45.0648 5248 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:38:45.0650 5248 VgaSave - ok
17:38:45.0678 5248 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:38:45.0681 5248 vhdmp - ok
17:38:45.0699 5248 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:38:45.0701 5248 viaagp - ok
17:38:45.0713 5248 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
17:38:45.0715 5248 ViaC7 - ok
17:38:45.0755 5248 [ 0F0C96A570AB2B0164E04AB22CC8676A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:38:45.0783 5248 VIAHdAudAddService - ok
17:38:45.0808 5248 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
17:38:45.0810 5248 viaide - ok
17:38:45.0833 5248 [ B9FAFB1A036913B493F1E9D0C6324D2D ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
17:38:45.0836 5248 VIAKaraokeService - ok
17:38:45.0859 5248 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:38:45.0862 5248 vmbus - ok
17:38:45.0880 5248 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:38:45.0882 5248 VMBusHID - ok
17:38:45.0932 5248 [ 0A4605BA46C73B50E3F4A2F0D4BB4210 ] VMCService C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
17:38:45.0934 5248 VMCService - ok
17:38:45.0963 5248 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:38:45.0965 5248 volmgr - ok
17:38:45.0992 5248 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:38:45.0996 5248 volmgrx - ok
17:38:46.0028 5248 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:38:46.0032 5248 volsnap - ok
17:38:46.0058 5248 [ 63EF70B7BFB875436D5983E3C77F0681 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
17:38:46.0062 5248 vpcbus - ok
17:38:46.0079 5248 [ 2559494DC74877AFCE97C6F75E4B7020 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
17:38:46.0081 5248 vpcnfltr - ok
17:38:46.0095 5248 [ AC0ADAD2AD5A166100CF59FB9A7880B7 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
17:38:46.0097 5248 vpcusb - ok
17:38:46.0111 5248 [ 7A806CC4416FE9B1B9C091E31BC638BC ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
17:38:46.0114 5248 vpcvmm - ok
17:38:46.0142 5248 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:38:46.0144 5248 vsmraid - ok
17:38:46.0178 5248 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
17:38:46.0190 5248 VSS - ok
17:38:46.0201 5248 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:38:46.0203 5248 vwifibus - ok
17:38:46.0232 5248 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
17:38:46.0237 5248 W32Time - ok
17:38:46.0254 5248 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:38:46.0256 5248 WacomPen - ok
17:38:46.0270 5248 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:38:46.0271 5248 WANARP - ok
17:38:46.0276 5248 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:38:46.0277 5248 Wanarpv6 - ok
17:38:46.0353 5248 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:38:46.0460 5248 WatAdminSvc - ok
17:38:46.0502 5248 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
17:38:46.0528 5248 wbengine - ok
17:38:46.0551 5248 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:38:46.0555 5248 WbioSrvc - ok
17:38:46.0582 5248 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:38:46.0588 5248 wcncsvc - ok
17:38:46.0602 5248 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:38:46.0605 5248 WcsPlugInService - ok
17:38:46.0632 5248 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:38:46.0634 5248 Wd - ok
17:38:46.0664 5248 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:38:46.0669 5248 Wdf01000 - ok
17:38:46.0684 5248 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:38:46.0687 5248 WdiServiceHost - ok
17:38:46.0693 5248 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:38:46.0696 5248 WdiSystemHost - ok
17:38:46.0713 5248 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
17:38:46.0718 5248 WebClient - ok
17:38:46.0730 5248 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:38:46.0734 5248 Wecsvc - ok
17:38:46.0749 5248 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:38:46.0752 5248 wercplsupport - ok
17:38:46.0767 5248 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
17:38:46.0771 5248 WerSvc - ok
17:38:46.0779 5248 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:38:46.0781 5248 WfpLwf - ok
17:38:46.0797 5248 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:38:46.0798 5248 WIMMount - ok
17:38:46.0896 5248 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:38:46.0913 5248 WinDefend - ok
17:38:46.0925 5248 WinHttpAutoProxySvc - ok
17:38:47.0000 5248 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:38:47.0003 5248 Winmgmt - ok
17:38:47.0045 5248 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
17:38:47.0071 5248 WinRM - ok
17:38:47.0107 5248 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:38:47.0109 5248 WinUsb - ok
17:38:47.0143 5248 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:38:47.0153 5248 Wlansvc - ok
17:38:47.0209 5248 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:38:47.0235 5248 wlidsvc - ok
17:38:47.0259 5248 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:38:47.0261 5248 WmiAcpi - ok
17:38:47.0288 5248 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:38:47.0291 5248 wmiApSrv - ok
17:38:47.0336 5248 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:38:47.0354 5248 WMPNetworkSvc - ok
17:38:47.0374 5248 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:38:47.0377 5248 WPCSvc - ok
17:38:47.0389 5248 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:38:47.0393 5248 WPDBusEnum - ok
17:38:47.0417 5248 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:38:47.0419 5248 ws2ifsl - ok
17:38:47.0431 5248 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
17:38:47.0435 5248 wscsvc - ok
17:38:47.0440 5248 WSearch - ok
17:38:47.0506 5248 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
17:38:47.0541 5248 wuauserv - ok
17:38:47.0565 5248 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:38:47.0566 5248 WudfPf - ok
17:38:47.0584 5248 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:38:47.0586 5248 WUDFRd - ok
17:38:47.0614 5248 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:38:47.0618 5248 wudfsvc - ok
17:38:47.0631 5248 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:38:47.0636 5248 WwanSvc - ok
17:38:47.0649 5248 ================ Scan global ===============================
17:38:47.0680 5248 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:38:47.0707 5248 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
17:38:47.0722 5248 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
17:38:47.0737 5248 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:38:47.0766 5248 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:38:47.0771 5248 [Global] - ok
17:38:47.0772 5248 ================ Scan MBR ==================================
17:38:47.0780 5248 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:38:48.0014 5248 \Device\Harddisk0\DR0 - ok
17:38:48.0014 5248 ================ Scan VBR ==================================
17:38:48.0017 5248 [ 5BC4C21357BF344F763291A47EED0D7D ] \Device\Harddisk0\DR0\Partition1
17:38:48.0018 5248 \Device\Harddisk0\DR0\Partition1 - ok
17:38:48.0029 5248 [ 60E599327FE6DD5197B0B7720FEDE00B ] \Device\Harddisk0\DR0\Partition2
17:38:48.0031 5248 \Device\Harddisk0\DR0\Partition2 - ok
17:38:48.0031 5248 ============================================================
17:38:48.0031 5248 Scan finished
17:38:48.0031 5248 ============================================================
17:38:48.0043 4940 Detected object count: 1
17:38:48.0043 4940 Actual detected object count: 1
17:39:06.0830 4940 C:\Windows\system32\DRIVERS\1718702drv.sys - copied to quarantine
17:39:06.0842 4940 HKLM\SYSTEM\ControlSet001\services\1718702drv - will be deleted on reboot
17:39:06.0856 4940 HKLM\SYSTEM\ControlSet002\services\1718702drv - will be deleted on reboot
17:39:06.0943 4940 C:\Windows\system32\DRIVERS\1718702drv.sys - will be deleted on reboot
17:39:06.0943 4940 1718702drv ( ForgedFile.Multi.Generic ) - User select action: Delete
17:39:47.0945 5992 Deinitialize success


ho eliminato l'infezione!
Ora è tutto risolto?
 
Pubblicità
Pubblicità
Indietro
Top