Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Scary Problem


  • Please log in to reply
8 replies to this topic

#1 TechnicalDifficulty

TechnicalDifficulty

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:41 AM

Posted 07 April 2012 - 01:59 PM

OK, here's the situation. I was just doing some random web surfing on my Toshiba laptop yesterday when all of a sudden one of the pages(YouTube, I think) made the screen get really slow for a minute, then the taskbar and outer edges of the screen went white like Windows was resetting itself, then it went back to normal. A little bit later I left my laptop for a few minutes. When I got back the screensaver had come on but the laptop was non-responsive. It wouldn't let me shutdown so I pressed the power button to cut it off. Later I noticed I now had 3 scary problems:

----
1. All the icons on my desktop have suddenly become transparent like when you cut an icon before pasting it in another folder. The Desktop files still work sometimes and at other times nothing happens when I click them. When I go to the Start menu to explore my computer files, Desktop no longer appears in the sidebar list. I can get to the Desktop folder in other ways so it's still there, it just doesn't appear in the sidebar like it normally does. And if I right-click on a file to try to create a Desktop shortcut, the option doesn't appear and it will only allow me to "Send to" the D disk drive and not the Desktop.


2. A bunch of programs are now mysteriously gone from my Start menu. The Skype shortcut for example is gone and when I try to launch Skype directly I get a message saying "The parameter is incorrect.". Worse, ALL the programs under the "All Programs" tab in my Start menu have disappeared. When I click on the "All Programs" tab, instead of a big list of programs popping up it just says "(empty)". I've uploaded images of what I'm talking about below. Notably, I saved those images to my Desktop and these new images aren't transparent like the rest of my Desktop icons.


3. None of my programs seem to be responding except one of my media players if I click on a video file. When I click on a program to open it, my mouse cursor will activate to let me know it's been clicked, but nothing happens after that.
-----


I don't know what's going on but it's like my computer got struck by lightning all of a sudden and I can't do much of anything except web browse. Rebooting hasn't helped and it won't let me do a system restore. I'm at a loss.

Attached Files



BC AdBot (Login to Remove)

 


#2 balkrish999

balkrish999

  • Members
  • 146 posts
  • OFFLINE
  •  
  • Local time:11:41 AM

Posted 07 April 2012 - 02:02 PM

Im Sorry for that, It must be a big problem when something like that happens all of a sudden

Can you go to Safemode? from the boot menu?

If you can go safemode run a Full Scan on your computer and check for any virus or malware (You might be infected but not 100% sure) Still wait for some more expert advice

All the best

Edited by balkrish999, 07 April 2012 - 02:03 PM.


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 07 April 2012 - 04:07 PM

Hello, you were moved from Win 7 to the Am I Infected forum.

If you can do this in normal mode do so, If not boot into Safe with Networking and do it with all the steps below.

This infection family will also hide all the files on your computer from being seen. To make your files visible again, please download the following program to your desktop:

Unhide.exe

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run.


Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode



Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

>>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.


Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now reboot to Normal and run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 TechnicalDifficulty

TechnicalDifficulty
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:41 AM

Posted 10 April 2012 - 02:33 PM

Sorry for the slow response. OK, Unhide worked great and I can now see my files, though a handful of my URLs in my Favorites list are still gone. Since starting this thread and downloading these programs I've been hit(or re-hit) with a Google redirect virus that makes my browser redirect to "vipsearchs." when I click on a Google search result. This was before I performed the scans and after running the scans I used HiJackThis and deleted the Host files for Google. I don't know whether the virus is gone but the redirect is, and right now my computer seems to be running normally. I've run all these scans except for SuperAntiSpyware which makes my computer lock up. Here are the logs:

-----
TDSSKiller log


18:28:21.0437 5000 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
18:28:22.0242 5000 ============================================================
18:28:22.0242 5000 Current date / time: 2012/04/07 18:28:22.0242
18:28:22.0242 5000 SystemInfo:
18:28:22.0242 5000
18:28:22.0242 5000 OS Version: 6.1.7601 ServicePack: 1.0
18:28:22.0242 5000 Product type: Workstation
18:28:22.0242 5000 ComputerName: -PC
18:28:22.0242 5000 UserName: PC
18:28:22.0242 5000 Windows directory: C:\Windows
18:28:22.0242 5000 System windows directory: C:\Windows
18:28:22.0242 5000 Processor architecture: Intel x86
18:28:22.0242 5000 Number of processors: 1
18:28:22.0242 5000 Page size: 0x1000
18:28:22.0242 5000 Boot type: Normal boot
18:28:22.0242 5000 ============================================================
18:28:32.0703 5000 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:28:33.0015 5000 \Device\Harddisk0\DR0:
18:28:33.0015 5000 MBR used
18:28:33.0015 5000 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xDCA6000
18:28:33.0466 5000 Initialize success
18:28:33.0466 5000 ============================================================
18:28:57.0070 4828 ============================================================
18:28:57.0070 4828 Scan started
18:28:57.0070 4828 Mode: Manual;
18:28:57.0070 4828 ============================================================
18:29:03.0605 4828 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:29:03.0609 4828 1394ohci - ok
18:29:04.0061 4828 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:29:04.0066 4828 ACPI - ok
18:29:04.0658 4828 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:29:04.0659 4828 AcpiPmi - ok
18:29:05.0313 4828 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:29:05.0322 4828 adp94xx - ok
18:29:06.0883 4828 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:29:06.0942 4828 adpahci - ok
18:29:07.0870 4828 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:29:07.0873 4828 adpu320 - ok
18:29:08.0319 4828 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:29:08.0320 4828 AeLookupSvc - ok
18:29:09.0317 4828 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:29:09.0347 4828 AFD - ok
18:29:09.0975 4828 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
18:29:10.0161 4828 AgereSoftModem - ok
18:29:10.0372 4828 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:29:10.0374 4828 agp440 - ok
18:29:10.0626 4828 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:29:10.0628 4828 aic78xx - ok
18:29:10.0907 4828 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:29:10.0909 4828 ALG - ok
18:29:10.0995 4828 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:29:10.0997 4828 aliide - ok
18:29:11.0566 4828 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:29:11.0568 4828 amdagp - ok
18:29:12.0539 4828 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:29:12.0540 4828 amdide - ok
18:29:12.0748 4828 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:29:12.0751 4828 AmdK8 - ok
18:29:12.0885 4828 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:29:12.0887 4828 AmdPPM - ok
18:29:13.0203 4828 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:29:13.0205 4828 amdsata - ok
18:29:13.0647 4828 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:29:13.0650 4828 amdsbs - ok
18:29:13.0731 4828 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:29:13.0732 4828 amdxata - ok
18:29:14.0371 4828 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:29:14.0586 4828 AppID - ok
18:29:15.0048 4828 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:29:15.0571 4828 AppIDSvc - ok
18:29:16.0195 4828 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
18:29:16.0299 4828 Appinfo - ok
18:29:16.0640 4828 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
18:29:16.0742 4828 AppMgmt - ok
18:29:17.0232 4828 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:29:18.0115 4828 arc - ok
18:29:18.0585 4828 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:29:18.0649 4828 arcsas - ok
18:29:19.0339 4828 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:29:20.0062 4828 aspnet_state - ok
18:29:20.0418 4828 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:29:20.0470 4828 AsyncMac - ok
18:29:20.0928 4828 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:29:21.0040 4828 atapi - ok
18:29:21.0810 4828 athr (ac4adac154563ab41cc79b0257bc685a) C:\Windows\system32\DRIVERS\athr.sys
18:29:21.0993 4828 athr - ok
18:29:22.0218 4828 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:29:22.0241 4828 AudioEndpointBuilder - ok
18:29:22.0264 4828 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:29:22.0319 4828 Audiosrv - ok
18:29:22.0602 4828 AVG Security Toolbar Service (d45b7995761253a92ab071d576114f28) C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
18:29:22.0620 4828 AVG Security Toolbar Service - ok
18:29:23.0042 4828 AVGIDSAgent (7a0f6a3e0e41425b9ba54616b482668a) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
18:29:23.0308 4828 AVGIDSAgent - ok
18:29:23.0543 4828 AVGIDSDriver (b9acb889ba1e0561868c025f95d63e25) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
18:29:23.0653 4828 AVGIDSDriver - ok
18:29:23.0765 4828 AVGIDSEH (13256fc72fa5b3f6d6e8c5957e579b7c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
18:29:23.0853 4828 AVGIDSEH - ok
18:29:24.0024 4828 AVGIDSFilter (fa0685cc51de5cfd804e7deaa6488e0e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
18:29:24.0109 4828 AVGIDSFilter - ok
18:29:24.0939 4828 AVGIDSShim (f788b51100d0f40ea176798cce954a1a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
18:29:25.0025 4828 AVGIDSShim - ok
18:29:25.0946 4828 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
18:29:26.0304 4828 Avgldx86 - ok
18:29:27.0090 4828 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
18:29:27.0558 4828 Avgmfx86 - ok
18:29:28.0246 4828 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys
18:29:28.0522 4828 Avgrkx86 - ok
18:29:29.0129 4828 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys
18:29:29.0174 4828 Avgtdix - ok
18:29:29.0526 4828 avgwd (fc2bc51120a945f7c70376495e4e7737) C:\Program Files\AVG\AVG10\avgwdsvc.exe
18:29:29.0530 4828 avgwd - ok
18:29:29.0709 4828 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
18:29:29.0787 4828 AxInstSV - ok
18:29:30.0080 4828 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:29:30.0136 4828 b06bdrv - ok
18:29:30.0205 4828 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:29:30.0285 4828 b57nd60x - ok
18:29:30.0571 4828 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:29:30.0649 4828 BDESVC - ok
18:29:30.0991 4828 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:29:31.0008 4828 Beep - ok
18:29:32.0157 4828 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
18:29:32.0166 4828 BFE - ok
18:29:32.0616 4828 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
18:29:32.0639 4828 BITS - ok
18:29:32.0855 4828 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:29:33.0025 4828 blbdrive - ok
18:29:33.0341 4828 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:29:33.0358 4828 bowser - ok
18:29:33.0621 4828 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:29:33.0697 4828 BrFiltLo - ok
18:29:33.0729 4828 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:29:33.0932 4828 BrFiltUp - ok
18:29:34.0193 4828 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
18:29:34.0196 4828 Browser - ok
18:29:34.0539 4828 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:29:34.0605 4828 Brserid - ok
18:29:35.0069 4828 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:29:35.0322 4828 BrSerWdm - ok
18:29:35.0527 4828 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:29:35.0678 4828 BrUsbMdm - ok
18:29:36.0028 4828 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:29:36.0203 4828 BrUsbSer - ok
18:29:36.0603 4828 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:29:36.0672 4828 BTHMODEM - ok
18:29:36.0998 4828 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:29:37.0038 4828 bthserv - ok
18:29:37.0731 4828 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:29:37.0874 4828 cdfs - ok
18:29:38.0268 4828 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
18:29:38.0501 4828 cdrom - ok
18:29:38.0912 4828 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:29:38.0956 4828 CertPropSvc - ok
18:29:39.0664 4828 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:29:39.0757 4828 circlass - ok
18:29:40.0185 4828 CISVC (3e2afafa158c9ed670c106842bdcc81e) C:\Windows\system32\CISVC.EXE
18:29:40.0187 4828 CISVC - ok
18:29:40.0466 4828 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:29:40.0476 4828 CLFS - ok
18:29:40.0810 4828 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:40.0885 4828 clr_optimization_v2.0.50727_32 - ok
18:29:41.0548 4828 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:29:41.0654 4828 clr_optimization_v4.0.30319_32 - ok
18:29:42.0120 4828 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:29:42.0136 4828 CmBatt - ok
18:29:42.0431 4828 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:29:42.0560 4828 cmdide - ok
18:29:43.0136 4828 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
18:29:43.0205 4828 CNG - ok
18:29:43.0797 4828 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:29:43.0865 4828 Compbatt - ok
18:29:44.0205 4828 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:29:44.0223 4828 CompositeBus - ok
18:29:44.0395 4828 COMSysApp - ok
18:29:44.0599 4828 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:29:44.0896 4828 crcdisk - ok
18:29:45.0505 4828 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
18:29:45.0509 4828 CryptSvc - ok
18:29:45.0729 4828 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
18:29:45.0906 4828 CSC - ok
18:29:46.0095 4828 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
18:29:46.0112 4828 CscService - ok
18:29:46.0595 4828 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:29:46.0607 4828 cvhsvc - ok
18:29:46.0895 4828 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:29:46.0905 4828 DcomLaunch - ok
18:29:47.0294 4828 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:29:47.0455 4828 defragsvc - ok
18:29:47.0775 4828 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:29:47.0788 4828 DfsC - ok
18:29:48.0357 4828 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
18:29:48.0363 4828 Dhcp - ok
18:29:48.0677 4828 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:29:48.0760 4828 discache - ok
18:29:49.0206 4828 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:29:49.0232 4828 Disk - ok
18:29:49.0592 4828 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
18:29:49.0627 4828 Dnscache - ok
18:29:49.0863 4828 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
18:29:49.0912 4828 dot3svc - ok
18:29:50.0181 4828 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
18:29:50.0315 4828 Dot4 - ok
18:29:50.0768 4828 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys
18:29:50.0783 4828 Dot4Print - ok
18:29:52.0934 4828 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
18:29:53.0006 4828 dot4usb - ok
18:29:58.0894 4828 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
18:29:58.0898 4828 DPS - ok
18:29:59.0845 4828 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:29:59.0877 4828 drmkaud - ok
18:30:01.0350 4828 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:30:01.0487 4828 DXGKrnl - ok
18:30:02.0390 4828 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:30:02.0397 4828 EapHost - ok
18:30:04.0802 4828 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:30:05.0017 4828 ebdrv - ok
18:30:05.0816 4828 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
18:30:05.0819 4828 EFS - ok
18:30:06.0517 4828 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
18:30:06.0648 4828 ehRecvr - ok
18:30:07.0208 4828 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
18:30:07.0222 4828 ehSched - ok
18:30:08.0252 4828 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:30:08.0306 4828 elxstor - ok
18:30:09.0771 4828 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:30:09.0781 4828 ErrDev - ok
18:30:10.0695 4828 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:30:10.0703 4828 EventSystem - ok
18:30:11.0557 4828 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:30:11.0563 4828 exfat - ok
18:30:12.0696 4828 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:30:12.0704 4828 fastfat - ok
18:30:13.0872 4828 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
18:30:14.0008 4828 Fax - ok
18:30:14.0921 4828 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:30:14.0991 4828 fdc - ok
18:30:15.0942 4828 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:30:16.0032 4828 fdPHost - ok
18:30:16.0653 4828 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:30:16.0692 4828 FDResPub - ok
18:30:17.0652 4828 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:30:17.0681 4828 FileInfo - ok
18:30:18.0806 4828 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:30:18.0903 4828 Filetrace - ok
18:30:20.0733 4828 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:30:21.0800 4828 FLEXnet Licensing Service - ok
18:30:22.0480 4828 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:30:22.0727 4828 flpydisk - ok
18:30:23.0649 4828 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:30:23.0724 4828 FltMgr - ok
18:30:25.0407 4828 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
18:30:25.0504 4828 FontCache - ok
18:30:26.0317 4828 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:30:26.0417 4828 FontCache3.0.0.0 - ok
18:30:27.0448 4828 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:30:27.0453 4828 FsDepends - ok
18:30:28.0336 4828 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
18:30:28.0342 4828 Fs_Rec - ok
18:30:29.0210 4828 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:30:29.0263 4828 fvevol - ok
18:30:30.0103 4828 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:30:30.0177 4828 gagp30kx - ok
18:30:31.0112 4828 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
18:30:31.0139 4828 gpsvc - ok
18:30:31.0732 4828 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:30:31.0893 4828 gupdate - ok
18:30:31.0955 4828 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:30:31.0957 4828 gupdatem - ok
18:30:32.0884 4828 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:30:32.0922 4828 hcw85cir - ok
18:30:34.0114 4828 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:30:34.0240 4828 HdAudAddService - ok
18:30:36.0517 4828 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:30:36.0587 4828 HDAudBus - ok
18:30:37.0595 4828 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:30:37.0619 4828 HidBatt - ok
18:30:38.0506 4828 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:30:38.0541 4828 HidBth - ok
18:30:39.0483 4828 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:30:39.0559 4828 HidIr - ok
18:30:40.0285 4828 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
18:30:40.0348 4828 hidserv - ok
18:30:41.0273 4828 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
18:30:41.0323 4828 HidUsb - ok
18:30:42.0047 4828 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
18:30:42.0055 4828 hkmsvc - ok
18:30:43.0280 4828 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
18:30:43.0407 4828 HomeGroupListener - ok
18:30:43.0976 4828 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
18:30:44.0057 4828 HomeGroupProvider - ok
18:30:44.0672 4828 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:30:44.0677 4828 hpqcxs08 - ok
18:30:45.0812 4828 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:30:45.0970 4828 hpqddsvc - ok
18:30:46.0658 4828 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:30:46.0757 4828 HpSAMD - ok
18:30:47.0895 4828 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
18:30:47.0923 4828 HPSLPSVC - ok
18:30:50.0022 4828 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:30:50.0049 4828 HTTP - ok
18:30:50.0962 4828 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:30:50.0965 4828 hwpolicy - ok
18:30:52.0163 4828 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:30:52.0259 4828 i8042prt - ok
18:30:52.0958 4828 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
18:30:53.0091 4828 iaStorV - ok
18:30:54.0721 4828 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:30:54.0883 4828 idsvc - ok
18:30:57.0484 4828 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:30:57.0948 4828 igfx - ok
18:30:58.0832 4828 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:30:58.0874 4828 iirsp - ok
18:30:59.0778 4828 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
18:30:59.0858 4828 IKEEXT - ok
18:31:00.0868 4828 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:31:01.0013 4828 intelide - ok
18:31:02.0463 4828 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:31:02.0552 4828 intelppm - ok
18:31:03.0871 4828 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:31:03.0984 4828 IPBusEnum - ok
18:31:05.0347 4828 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:31:05.0420 4828 IpFilterDriver - ok
18:31:07.0282 4828 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
18:31:07.0427 4828 iphlpsvc - ok
18:31:10.0081 4828 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:31:10.0417 4828 IPMIDRV - ok
18:31:12.0955 4828 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:31:13.0111 4828 IPNAT - ok
18:31:14.0471 4828 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:31:14.0634 4828 IRENUM - ok
18:31:16.0070 4828 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:31:16.0073 4828 isapnp - ok
18:31:17.0143 4828 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:31:17.0149 4828 iScsiPrt - ok
18:31:17.0368 4828 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
18:31:17.0545 4828 kbdclass - ok
18:31:18.0072 4828 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
18:31:18.0076 4828 kbdhid - ok
18:31:18.0267 4828 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:31:18.0269 4828 KeyIso - ok
18:31:18.0388 4828 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
18:31:18.0536 4828 KSecDD - ok
18:31:19.0067 4828 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
18:31:19.0108 4828 KSecPkg - ok
18:31:20.0337 4828 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:31:20.0373 4828 KtmRm - ok
18:31:20.0873 4828 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
18:31:20.0882 4828 LanmanServer - ok
18:31:21.0361 4828 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
18:31:21.0367 4828 LanmanWorkstation - ok
18:31:22.0169 4828 Lavasoft Ad-Aware Service (ea38136981c61c571d52c380daad46ef) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
18:31:22.0189 4828 Lavasoft Ad-Aware Service - ok
18:31:22.0565 4828 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
18:31:22.0589 4828 Lavasoft Kernexplorer - ok
18:31:23.0401 4828 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
18:31:23.0446 4828 Lbd - ok
18:31:23.0967 4828 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:31:24.0110 4828 lltdio - ok
18:31:24.0554 4828 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:31:24.0570 4828 lltdsvc - ok
18:31:24.0780 4828 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:31:24.0783 4828 lmhosts - ok
18:31:25.0147 4828 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:31:25.0636 4828 LSI_FC - ok
18:31:26.0149 4828 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:31:26.0172 4828 LSI_SAS - ok
18:31:26.0666 4828 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:31:26.0816 4828 LSI_SAS2 - ok
18:31:27.0402 4828 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:31:27.0422 4828 LSI_SCSI - ok
18:31:27.0895 4828 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:31:27.0899 4828 luafv - ok
18:31:28.0257 4828 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
18:31:28.0272 4828 Mcx2Svc - ok
18:31:28.0885 4828 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:31:28.0907 4828 megasas - ok
18:31:29.0446 4828 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:31:29.0471 4828 MegaSR - ok
18:31:29.0895 4828 mi-raysat_3dsmax2010_32 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
18:31:29.0897 4828 mi-raysat_3dsmax2010_32 - ok
18:31:30.0090 4828 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:31:30.0095 4828 MMCSS - ok
18:31:30.0380 4828 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:31:30.0380 4828 Modem - ok
18:31:30.0651 4828 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:31:30.0654 4828 monitor - ok
18:31:31.0476 4828 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
18:31:31.0598 4828 mouclass - ok
18:31:31.0795 4828 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:31:31.0816 4828 mouhid - ok
18:31:31.0972 4828 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:31:31.0976 4828 mountmgr - ok
18:31:32.0189 4828 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:31:32.0194 4828 mpio - ok
18:31:32.0319 4828 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:31:32.0333 4828 mpsdrv - ok
18:31:32.0592 4828 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
18:31:32.0609 4828 MpsSvc - ok
18:31:33.0073 4828 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:31:33.0263 4828 MRxDAV - ok
18:31:33.0484 4828 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:31:33.0490 4828 mrxsmb - ok
18:31:33.0529 4828 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:31:33.0539 4828 mrxsmb10 - ok
18:31:33.0579 4828 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:31:33.0584 4828 mrxsmb20 - ok
18:31:33.0912 4828 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:31:33.0936 4828 msahci - ok
18:31:34.0040 4828 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:31:34.0045 4828 msdsm - ok
18:31:34.0194 4828 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:31:34.0207 4828 MSDTC - ok
18:31:34.0610 4828 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:31:34.0614 4828 Msfs - ok
18:31:35.0058 4828 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:31:35.0062 4828 mshidkmdf - ok
18:31:35.0173 4828 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:31:35.0194 4828 msisadrv - ok
18:31:35.0629 4828 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:31:35.0651 4828 MSiSCSI - ok
18:31:35.0789 4828 msiserver - ok
18:31:35.0897 4828 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:31:35.0905 4828 MSKSSRV - ok
18:31:35.0941 4828 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:31:35.0944 4828 MSPCLOCK - ok
18:31:36.0233 4828 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:31:36.0311 4828 MSPQM - ok
18:31:36.0809 4828 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:31:36.0828 4828 MsRPC - ok
18:31:36.0960 4828 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:31:36.0963 4828 mssmbios - ok
18:31:37.0503 4828 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:31:37.0507 4828 MSTEE - ok
18:31:37.0623 4828 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:31:37.0665 4828 MTConfig - ok
18:31:37.0865 4828 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:31:37.0869 4828 Mup - ok
18:31:38.0222 4828 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
18:31:38.0246 4828 napagent - ok
18:31:38.0668 4828 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:31:38.0675 4828 NativeWifiP - ok
18:31:39.0406 4828 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:31:39.0477 4828 NDIS - ok
18:31:39.0965 4828 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:31:39.0969 4828 NdisCap - ok
18:31:40.0353 4828 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:31:40.0356 4828 NdisTapi - ok
18:31:41.0205 4828 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:31:41.0272 4828 Ndisuio - ok
18:31:41.0802 4828 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:31:41.0807 4828 NdisWan - ok
18:31:42.0289 4828 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:31:42.0355 4828 NDProxy - ok
18:31:42.0647 4828 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
18:31:42.0650 4828 Net Driver HPZ12 - ok
18:31:43.0003 4828 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:31:43.0003 4828 NetBIOS - ok
18:31:43.0772 4828 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:31:43.0862 4828 NetBT - ok
18:31:44.0145 4828 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:31:44.0148 4828 Netlogon - ok
18:31:44.0669 4828 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:31:44.0675 4828 Netman - ok
18:31:45.0445 4828 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:31:45.0764 4828 NetMsmqActivator - ok
18:31:46.0426 4828 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:31:46.0491 4828 NetPipeActivator - ok
18:31:46.0927 4828 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:31:47.0010 4828 netprofm - ok
18:31:47.0472 4828 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:31:47.0475 4828 NetTcpActivator - ok
18:31:47.0490 4828 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:31:47.0493 4828 NetTcpPortSharing - ok
18:31:48.0709 4828 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:31:48.0775 4828 nfrd960 - ok
18:31:49.0864 4828 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
18:31:49.0884 4828 NlaSvc - ok
18:31:50.0772 4828 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:31:50.0785 4828 Npfs - ok
18:31:52.0173 4828 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:31:52.0177 4828 nsi - ok
18:31:53.0684 4828 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:31:53.0687 4828 nsiproxy - ok
18:31:55.0037 4828 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:31:55.0061 4828 Ntfs - ok
18:31:56.0648 4828 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:31:56.0930 4828 Null - ok
18:31:58.0478 4828 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:31:58.0559 4828 nvraid - ok
18:32:00.0929 4828 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:32:01.0058 4828 nvstor - ok
18:32:01.0935 4828 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:32:01.0982 4828 nv_agp - ok
18:32:02.0599 4828 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:32:02.0697 4828 ohci1394 - ok
18:32:03.0534 4828 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:32:03.0804 4828 ose - ok
18:32:08.0482 4828 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:32:09.0661 4828 osppsvc - ok
18:32:11.0110 4828 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:32:11.0157 4828 p2pimsvc - ok
18:32:11.0989 4828 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:32:12.0007 4828 p2psvc - ok
18:32:12.0865 4828 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:32:12.0893 4828 Parport - ok
18:32:13.0514 4828 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:32:13.0639 4828 partmgr - ok
18:32:14.0526 4828 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:32:14.0574 4828 Parvdm - ok
18:32:15.0550 4828 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:32:15.0560 4828 PcaSvc - ok
18:32:16.0936 4828 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:32:17.0045 4828 pci - ok
18:32:18.0103 4828 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:32:18.0108 4828 pciide - ok
18:32:18.0997 4828 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:32:19.0026 4828 pcmcia - ok
18:32:20.0329 4828 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:32:20.0379 4828 pcw - ok
18:32:22.0504 4828 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:32:22.0706 4828 PEAUTH - ok
18:32:24.0570 4828 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
18:32:24.0657 4828 PeerDistSvc - ok
18:32:26.0612 4828 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
18:32:26.0724 4828 pla - ok
18:32:27.0825 4828 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
18:32:27.0850 4828 PlugPlay - ok
18:32:28.0878 4828 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
18:32:29.0028 4828 Pml Driver HPZ12 - ok
18:32:30.0047 4828 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:32:30.0390 4828 PNRPAutoReg - ok
18:32:31.0512 4828 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:32:31.0595 4828 PNRPsvc - ok
18:32:33.0111 4828 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
18:32:33.0213 4828 PolicyAgent - ok
18:32:34.0430 4828 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
18:32:34.0445 4828 Power - ok
18:32:37.0091 4828 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:32:37.0565 4828 PptpMiniport - ok
18:32:43.0719 4828 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:32:44.0196 4828 Processor - ok
18:32:45.0709 4828 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
18:32:45.0724 4828 ProfSvc - ok
18:32:46.0800 4828 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:32:46.0806 4828 ProtectedStorage - ok
18:32:48.0801 4828 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:32:48.0808 4828 Psched - ok
18:32:50.0434 4828 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:32:50.0689 4828 ql2300 - ok
18:32:51.0798 4828 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:32:51.0879 4828 ql40xx - ok
18:32:52.0535 4828 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:32:52.0638 4828 QWAVE - ok
18:32:52.0930 4828 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:32:52.0974 4828 QWAVEdrv - ok
18:32:53.0981 4828 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:32:53.0986 4828 RasAcd - ok
18:32:54.0533 4828 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:32:54.0538 4828 RasAgileVpn - ok
18:32:54.0870 4828 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:32:54.0875 4828 RasAuto - ok
18:32:56.0017 4828 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:32:56.0115 4828 Rasl2tp - ok
18:32:56.0670 4828 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
18:32:56.0684 4828 RasMan - ok
18:32:57.0183 4828 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:32:57.0203 4828 RasPppoe - ok
18:32:57.0824 4828 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:32:57.0918 4828 RasSstp - ok
18:32:59.0411 4828 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:32:59.0473 4828 rdbss - ok
18:33:00.0308 4828 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:33:00.0370 4828 rdpbus - ok
18:33:01.0435 4828 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:33:01.0512 4828 RDPCDD - ok
18:33:02.0385 4828 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
18:33:02.0508 4828 RDPDR - ok
18:33:03.0755 4828 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:33:03.0819 4828 RDPENCDD - ok
18:33:04.0727 4828 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:33:04.0751 4828 RDPREFMP - ok
18:33:06.0059 4828 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
18:33:06.0181 4828 RdpVideoMiniport - ok
18:33:06.0857 4828 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
18:33:06.0865 4828 RDPWD - ok
18:33:07.0979 4828 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:33:08.0055 4828 rdyboost - ok
18:33:09.0431 4828 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:33:09.0469 4828 RemoteAccess - ok
18:33:09.0966 4828 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:33:10.0061 4828 RemoteRegistry - ok
18:33:10.0693 4828 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:33:10.0698 4828 RpcEptMapper - ok
18:33:11.0825 4828 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:33:11.0839 4828 RpcLocator - ok
18:33:12.0724 4828 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:33:12.0732 4828 RpcSs - ok
18:33:13.0826 4828 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:33:13.0831 4828 rspndr - ok
18:33:15.0360 4828 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
18:33:15.0441 4828 RTL8167 - ok
18:33:16.0657 4828 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
18:33:16.0736 4828 s3cap - ok
18:33:17.0823 4828 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:33:17.0874 4828 SamSs - ok
18:33:18.0709 4828 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:33:18.0741 4828 sbp2port - ok
18:33:19.0238 4828 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:33:19.0295 4828 SCardSvr - ok
18:33:20.0411 4828 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:33:20.0469 4828 scfilter - ok
18:33:21.0845 4828 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
18:33:21.0860 4828 Schedule - ok
18:33:22.0623 4828 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:33:22.0625 4828 SCPolicySvc - ok
18:33:23.0916 4828 SCREAMINGBDRIVER (a643d6df1b7546256b11fb5d6b5d1375) C:\Windows\system32\drivers\ScreamingBAudio.sys
18:33:24.0009 4828 SCREAMINGBDRIVER - ok
18:33:25.0106 4828 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
18:33:25.0397 4828 sdbus - ok
18:33:25.0971 4828 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
18:33:25.0983 4828 SDRSVC - ok
18:33:26.0903 4828 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:33:26.0913 4828 secdrv - ok
18:33:28.0470 4828 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:33:28.0848 4828 seclogon - ok
18:33:30.0300 4828 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
18:33:30.0305 4828 SENS - ok
18:33:31.0133 4828 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:33:31.0188 4828 SensrSvc - ok
18:33:31.0966 4828 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:33:32.0044 4828 Serenum - ok
18:33:32.0841 4828 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:33:32.0869 4828 Serial - ok
18:33:34.0456 4828 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:33:34.0523 4828 sermouse - ok
18:33:35.0321 4828 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
18:33:35.0386 4828 SessionEnv - ok
18:33:36.0793 4828 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:33:37.0274 4828 sffdisk - ok
18:33:38.0513 4828 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:33:38.0517 4828 sffp_mmc - ok
18:33:39.0604 4828 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:33:39.0609 4828 sffp_sd - ok
18:33:40.0375 4828 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:33:40.0390 4828 sfloppy - ok
18:33:42.0366 4828 Sftfs (74744f4d9eb18ddd0eb45e03cfdd648e) C:\Windows\system32\DRIVERS\Sftfslh.sys
18:33:42.0758 4828 Sftfs - ok
18:33:45.0217 4828 sftlist (baf282373e79d08ce9510ac8b5a1f41d) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
18:33:45.0222 4828 sftlist - ok
18:33:46.0322 4828 Sftplay (cbc5be6f81e86cc73656e61767002da9) C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:33:46.0349 4828 Sftplay - ok
18:33:47.0115 4828 Sftredir (961e50666e6d6949328b1ffbc33adf43) C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:33:47.0130 4828 Sftredir - ok
18:33:48.0472 4828 Sftvol (c8c02c8fe267751ec62b7e7d8d214c63) C:\Windows\system32\DRIVERS\Sftvollh.sys
18:33:48.0492 4828 Sftvol - ok
18:33:48.0854 4828 sftvsa (ee28aeb3889a9cca894626ecd1fb1c8b) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
18:33:48.0859 4828 sftvsa - ok
18:33:49.0832 4828 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:33:49.0926 4828 SharedAccess - ok
18:33:50.0675 4828 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
18:33:50.0689 4828 ShellHWDetection - ok
18:33:50.0900 4828 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:33:51.0202 4828 sisagp - ok
18:33:52.0034 4828 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:33:52.0059 4828 SiSRaid2 - ok
18:33:53.0188 4828 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:33:53.0700 4828 SiSRaid4 - ok
18:33:54.0499 4828 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:33:54.0511 4828 Smb - ok
18:33:54.0868 4828 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:33:54.0895 4828 SNMPTRAP - ok
18:33:55.0424 4828 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:33:55.0429 4828 spldr - ok
18:33:56.0280 4828 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
18:33:56.0290 4828 Spooler - ok
18:33:57.0498 4828 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
18:33:57.0728 4828 sppsvc - ok
18:33:58.0381 4828 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
18:33:58.0391 4828 sppuinotify - ok
18:34:00.0149 4828 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:34:00.0165 4828 srv - ok
18:34:00.0927 4828 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:34:00.0937 4828 srv2 - ok
18:34:01.0874 4828 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:34:01.0879 4828 srvnet - ok
18:34:02.0875 4828 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:34:02.0936 4828 SSDPSRV - ok
18:34:03.0854 4828 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:34:03.0953 4828 SstpSvc - ok
18:34:04.0930 4828 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:34:04.0970 4828 stexstor - ok
18:34:05.0707 4828 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
18:34:05.0747 4828 StiSvc - ok
18:34:06.0493 4828 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
18:34:06.0542 4828 storflt - ok
18:34:07.0945 4828 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
18:34:08.0340 4828 storvsc - ok
18:34:09.0551 4828 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:34:09.0781 4828 swenum - ok
18:34:10.0475 4828 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:34:10.0500 4828 swprv - ok
18:34:11.0289 4828 Synth3dVsc - ok
18:34:12.0179 4828 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
18:34:12.0194 4828 SysMain - ok
18:34:12.0681 4828 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
18:34:12.0781 4828 TabletInputService - ok
18:34:14.0108 4828 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
18:34:14.0118 4828 TapiSrv - ok
18:34:14.0575 4828 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:34:14.0695 4828 TBS - ok
18:34:16.0345 4828 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
18:34:16.0517 4828 Tcpip - ok
18:34:18.0231 4828 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
18:34:18.0251 4828 TCPIP6 - ok
18:34:19.0608 4828 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:34:19.0639 4828 tcpipreg - ok
18:34:21.0573 4828 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:34:21.0589 4828 TDPIPE - ok
18:34:22.0253 4828 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
18:34:22.0332 4828 TDTCP - ok
18:34:23.0553 4828 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:34:23.0605 4828 tdx - ok
18:34:24.0193 4828 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:34:24.0323 4828 TermDD - ok
18:34:24.0691 4828 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
18:34:24.0706 4828 TermService - ok
18:34:25.0155 4828 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:34:25.0159 4828 Themes - ok
18:34:25.0864 4828 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:34:25.0867 4828 THREADORDER - ok
18:34:26.0032 4828 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:34:26.0037 4828 TrkWks - ok
18:34:26.0329 4828 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
18:34:26.0399 4828 TrustedInstaller - ok
18:34:27.0609 4828 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:34:27.0644 4828 tssecsrv - ok
18:34:28.0038 4828 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:34:28.0109 4828 TsUsbFlt - ok
18:34:28.0233 4828 tsusbhub - ok
18:34:28.0664 4828 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:34:28.0716 4828 tunnel - ok
18:34:29.0057 4828 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
18:34:29.0142 4828 TVALZ - ok
18:34:29.0957 4828 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:34:30.0109 4828 uagp35 - ok
18:34:30.0318 4828 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:34:30.0475 4828 udfs - ok
18:34:30.0842 4828 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:34:30.0900 4828 UI0Detect - ok
18:34:31.0364 4828 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:34:31.0387 4828 uliagpkx - ok
18:34:31.0900 4828 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:34:32.0159 4828 umbus - ok
18:34:32.0697 4828 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:34:32.0731 4828 UmPass - ok
18:34:33.0659 4828 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
18:34:33.0771 4828 UmRdpService - ok
18:34:34.0337 4828 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:34:34.0749 4828 upnphost - ok
18:34:35.0214 4828 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
18:34:35.0547 4828 usbccgp - ok
18:34:35.0753 4828 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:34:35.0908 4828 usbcir - ok
18:34:36.0545 4828 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
18:34:36.0568 4828 usbehci - ok
18:34:36.0870 4828 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:34:36.0932 4828 usbhub - ok
18:34:37.0216 4828 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
18:34:37.0228 4828 usbohci - ok
18:34:37.0973 4828 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:34:38.0005 4828 usbprint - ok
18:34:38.0459 4828 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
18:34:38.0689 4828 usbscan - ok
18:34:39.0487 4828 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
18:34:39.0569 4828 USBSTOR - ok
18:34:40.0130 4828 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:34:40.0296 4828 usbuhci - ok
18:34:40.0711 4828 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:34:40.0715 4828 UxSms - ok
18:34:40.0997 4828 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:34:41.0000 4828 VaultSvc - ok
18:34:41.0219 4828 VCSVADHWSer (b2abab4ca46bad182e27763dc19c780f) C:\Windows\system32\DRIVERS\vcsvad.sys
18:34:41.0324 4828 VCSVADHWSer - ok
18:34:41.0881 4828 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:34:42.0029 4828 vdrvroot - ok
18:34:42.0429 4828 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
18:34:42.0471 4828 vds - ok
18:34:42.0811 4828 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:34:42.0912 4828 vga - ok
18:34:43.0008 4828 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:34:43.0079 4828 VgaSave - ok
18:34:43.0214 4828 VGPU - ok
18:34:43.0618 4828 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:34:43.0759 4828 vhdmp - ok
18:34:43.0998 4828 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:34:44.0339 4828 viaagp - ok
18:34:44.0576 4828 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:34:44.0615 4828 ViaC7 - ok
18:34:44.0707 4828 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:34:44.0980 4828 viaide - ok
18:34:45.0183 4828 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
18:34:45.0249 4828 vmbus - ok
18:34:45.0305 4828 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
18:34:45.0458 4828 VMBusHID - ok
18:34:45.0954 4828 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:34:45.0961 4828 volmgr - ok
18:34:46.0252 4828 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:34:46.0308 4828 volmgrx - ok
18:34:46.0466 4828 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:34:46.0497 4828 volsnap - ok
18:34:46.0738 4828 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:34:46.0794 4828 vsmraid - ok
18:34:47.0186 4828 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
18:34:47.0282 4828 VSS - ok
18:34:47.0510 4828 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
18:34:47.0519 4828 vToolbarUpdater10.2.0 - ok
18:34:47.0960 4828 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
18:34:48.0031 4828 vwifibus - ok
18:34:48.0359 4828 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
18:34:48.0412 4828 vwififlt - ok
18:34:48.0585 4828 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:34:48.0682 4828 W32Time - ok
18:34:48.0885 4828 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:34:48.0967 4828 WacomPen - ok
18:34:49.0168 4828 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:34:49.0218 4828 WANARP - ok
18:34:49.0232 4828 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:34:49.0233 4828 Wanarpv6 - ok
18:34:49.0582 4828 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
18:34:49.0620 4828 WatAdminSvc - ok
18:34:49.0925 4828 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
18:34:50.0019 4828 wbengine - ok
18:34:50.0220 4828 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:34:50.0232 4828 WbioSrvc - ok
18:34:50.0519 4828 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
18:34:50.0552 4828 wcncsvc - ok
18:34:50.0772 4828 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:34:50.0822 4828 WcsPlugInService - ok
18:34:51.0037 4828 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:34:51.0358 4828 Wd - ok
18:34:51.0989 4828 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:34:52.0214 4828 Wdf01000 - ok
18:34:52.0426 4828 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:34:52.0433 4828 WdiServiceHost - ok
18:34:52.0452 4828 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:34:52.0457 4828 WdiSystemHost - ok
18:34:52.0538 4828 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
18:34:52.0570 4828 WebClient - ok
18:34:52.0947 4828 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:34:53.0014 4828 Wecsvc - ok
18:34:53.0681 4828 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:34:53.0686 4828 wercplsupport - ok
18:34:53.0838 4828 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:34:53.0894 4828 WerSvc - ok
18:34:54.0021 4828 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:34:54.0110 4828 WfpLwf - ok
18:34:54.0387 4828 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:34:54.0460 4828 WIMMount - ok
18:34:54.0881 4828 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:34:55.0034 4828 WinDefend - ok
18:34:55.0062 4828 WinHttpAutoProxySvc - ok
18:34:55.0655 4828 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:34:55.0675 4828 Winmgmt - ok
18:34:56.0364 4828 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
18:34:56.0595 4828 WinRM - ok
18:34:57.0471 4828 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:34:57.0482 4828 Wlansvc - ok
18:34:58.0227 4828 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:34:58.0256 4828 WmiAcpi - ok
18:34:58.0871 4828 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:34:59.0027 4828 wmiApSrv - ok
18:34:59.0258 4828 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:34:59.0281 4828 WMPNetworkSvc - ok
18:34:59.0717 4828 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:34:59.0762 4828 WPCSvc - ok
18:35:00.0019 4828 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
18:35:00.0199 4828 WPDBusEnum - ok
18:35:00.0620 4828 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:35:00.0757 4828 ws2ifsl - ok
18:35:01.0154 4828 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
18:35:01.0159 4828 wscsvc - ok
18:35:01.0556 4828 WSearch - ok
18:35:01.0983 4828 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
18:35:02.0004 4828 wuauserv - ok
18:35:02.0509 4828 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:35:02.0617 4828 WudfPf - ok
18:35:03.0161 4828 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:03.0185 4828 WUDFRd - ok
18:35:03.0755 4828 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
18:35:03.0773 4828 wudfsvc - ok
18:35:04.0158 4828 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:35:04.0311 4828 WwanSvc - ok
18:35:04.0395 4828 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0
18:35:04.0426 4828 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
18:35:04.0427 4828 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
18:35:04.0489 4828 Boot (0x1200) (a7fe3dfe3947f584645ffc32ebcc88d8) \Device\Harddisk0\DR0\Partition0
18:35:04.0583 4828 \Device\Harddisk0\DR0\Partition0 - ok
18:35:04.0590 4828 ============================================================
18:35:04.0590 4828 Scan finished
18:35:04.0590 4828 ============================================================
18:35:04.0655 3612 Detected object count: 1
18:35:04.0655 3612 Actual detected object count: 1
18:39:33.0786 3612 \Device\Harddisk0\DR0\# - copied to quarantine
18:39:33.0789 3612 \Device\Harddisk0\DR0 - copied to quarantine
18:39:33.0817 3612 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
18:39:33.0827 3612 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
18:39:33.0832 3612 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
18:39:33.0835 3612 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
18:39:33.0842 3612 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
18:39:33.0852 3612 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
18:39:33.0854 3612 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
18:39:33.0877 3612 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
18:39:33.0879 3612 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
18:39:33.0881 3612 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
18:39:33.0884 3612 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
18:39:33.0887 3612 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
18:39:33.0913 3612 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
18:39:33.0913 3612 \Device\Harddisk0\DR0 - ok
18:39:34.0820 3612 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
18:41:12.0621 3756 Deinitialize success

-----

MalwareBytes log


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.09.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
LEE :: LEE-PC [administrator]

4/9/2012 8:38:44 PM
mbam-log-2012-04-09 (20-38-44).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 425340
Time elapsed: 5 hour(s), 5 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\PC\Desktop\jumble\3DS Max dowloads\XFORCE keygen for 3DS Max 2010\AAC2010_Keygen-64bits.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Windows\Temp\ch8l2.exe (Trojan.Ransom) -> Quarantined and deleted successfully.

(end)
-----

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 10 April 2012 - 06:39 PM

OK, no problem.. Your infection is thru this XFORCE keygen and will keep infecting you.
If you are still missing items DO NOT run a Temp file or Registry cleaners...
Is this a 32 or 64 bit system?


IMPORTANT NOTE: The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Before we can continue, I need you to remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so we need to ensure they have been removed.

Using these types of programs or the websites you visited to get them is almost a guaranteed way to get yourself infected!!


Now to continue cleaning. Reboot/restart the Computer.
Try SAS once more please.
RE-run TDSS like this....

  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 TechnicalDifficulty

TechnicalDifficulty
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:41 AM

Posted 10 April 2012 - 10:25 PM

OK, no problem.. Your infection is thru this XFORCE keygen and will keep infecting you.
If you are still missing items DO NOT run a Temp file or Registry cleaners...
Is this a 32 or 64 bit system?


32-bit. I don't know what a keygen is but I did a system search and just deleted whatever had that in the file name. SuperAnti-Spyware locked my comp up again. Certain processes will cause this to happen ever since I dropped my laptop awhile back. I don't know why. Apparently I won't be able to run a SAS scan until I get that fixed, but here is my TDSSKiller log.

---
20:31:07.0931 4724 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
20:31:12.0916 4724 ============================================================
20:31:12.0916 4724 Current date / time: 2012/04/10 20:31:12.0916
20:31:12.0916 4724 SystemInfo:
20:31:12.0916 4724
20:31:12.0916 4724 OS Version: 6.1.7601 ServicePack: 1.0
20:31:12.0916 4724 Product type: Workstation
20:31:12.0916 4724 ComputerName: -PC
20:31:12.0920 4724 UserName: PC
20:31:12.0920 4724 Windows directory: C:\Windows
20:31:12.0920 4724 System windows directory: C:\Windows
20:31:12.0920 4724 Processor architecture: Intel x86
20:31:12.0920 4724 Number of processors: 1
20:31:12.0920 4724 Page size: 0x1000
20:31:12.0920 4724 Boot type: Normal boot
20:31:12.0920 4724 ============================================================
20:31:18.0405 4724 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:31:18.0476 4724 \Device\Harddisk0\DR0:
20:31:18.0478 4724 MBR used
20:31:18.0478 4724 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xDCA6000
20:31:18.0536 4724 Initialize success
20:31:18.0536 4724 ============================================================
20:33:28.0166 0196 ============================================================
20:33:28.0166 0196 Scan started
20:33:28.0166 0196 Mode: Manual; TDLFS;
20:33:28.0166 0196 ============================================================
20:33:31.0624 0196 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:33:31.0627 0196 !SASCORE - ok
20:33:31.0945 0196 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
20:33:31.0951 0196 1394ohci - ok
20:33:32.0193 0196 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
20:33:32.0218 0196 ACPI - ok
20:33:32.0390 0196 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
20:33:32.0456 0196 AcpiPmi - ok
20:33:32.0889 0196 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
20:33:32.0911 0196 adp94xx - ok
20:33:33.0359 0196 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
20:33:33.0368 0196 adpahci - ok
20:33:33.0587 0196 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
20:33:33.0666 0196 adpu320 - ok
20:33:33.0839 0196 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
20:33:33.0840 0196 AeLookupSvc - ok
20:33:34.0092 0196 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
20:33:34.0099 0196 AFD - ok
20:33:34.0415 0196 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
20:33:34.0438 0196 AgereSoftModem - ok
20:33:34.0741 0196 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
20:33:34.0746 0196 agp440 - ok
20:33:35.0046 0196 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
20:33:35.0050 0196 aic78xx - ok
20:33:35.0418 0196 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
20:33:35.0421 0196 ALG - ok
20:33:35.0742 0196 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
20:33:35.0745 0196 aliide - ok
20:33:35.0843 0196 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
20:33:35.0846 0196 amdagp - ok
20:33:36.0049 0196 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
20:33:36.0051 0196 amdide - ok
20:33:36.0270 0196 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
20:33:36.0339 0196 AmdK8 - ok
20:33:36.0883 0196 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
20:33:36.0887 0196 AmdPPM - ok
20:33:37.0212 0196 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
20:33:37.0216 0196 amdsata - ok
20:33:37.0476 0196 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
20:33:37.0483 0196 amdsbs - ok
20:33:37.0745 0196 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
20:33:37.0748 0196 amdxata - ok
20:33:38.0069 0196 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
20:33:38.0072 0196 AppID - ok
20:33:38.0246 0196 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
20:33:38.0302 0196 AppIDSvc - ok
20:33:38.0515 0196 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
20:33:38.0518 0196 Appinfo - ok
20:33:38.0793 0196 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
20:33:38.0798 0196 AppMgmt - ok
20:33:38.0952 0196 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
20:33:38.0955 0196 arc - ok
20:33:39.0259 0196 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
20:33:39.0263 0196 arcsas - ok
20:33:39.0558 0196 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:33:39.0597 0196 aspnet_state - ok
20:33:39.0913 0196 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
20:33:39.0917 0196 AsyncMac - ok
20:33:40.0081 0196 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
20:33:40.0082 0196 atapi - ok
20:33:40.0410 0196 athr (ac4adac154563ab41cc79b0257bc685a) C:\Windows\system32\DRIVERS\athr.sys
20:33:40.0455 0196 athr - ok
20:33:40.0760 0196 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
20:33:40.0768 0196 AudioEndpointBuilder - ok
20:33:40.0793 0196 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
20:33:40.0797 0196 Audiosrv - ok
20:33:41.0056 0196 AVG Security Toolbar Service (d45b7995761253a92ab071d576114f28) C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
20:33:41.0061 0196 AVG Security Toolbar Service - ok
20:33:42.0079 0196 AVGIDSAgent (7a0f6a3e0e41425b9ba54616b482668a) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
20:33:42.0299 0196 AVGIDSAgent - ok
20:33:42.0541 0196 AVGIDSDriver (b9acb889ba1e0561868c025f95d63e25) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
20:33:42.0550 0196 AVGIDSDriver - ok
20:33:42.0741 0196 AVGIDSEH (13256fc72fa5b3f6d6e8c5957e579b7c) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
20:33:42.0750 0196 AVGIDSEH - ok
20:33:42.0888 0196 AVGIDSFilter (fa0685cc51de5cfd804e7deaa6488e0e) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
20:33:42.0891 0196 AVGIDSFilter - ok
20:33:43.0149 0196 AVGIDSShim (f788b51100d0f40ea176798cce954a1a) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
20:33:43.0152 0196 AVGIDSShim - ok
20:33:43.0387 0196 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\Windows\system32\DRIVERS\avgldx86.sys
20:33:43.0394 0196 Avgldx86 - ok
20:33:43.0565 0196 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\Windows\system32\DRIVERS\avgmfx86.sys
20:33:43.0622 0196 Avgmfx86 - ok
20:33:43.0810 0196 Avgrkx86 (d1baf652eda0ae70896276a1fb32c2d4) C:\Windows\system32\DRIVERS\avgrkx86.sys
20:33:43.0821 0196 Avgrkx86 - ok
20:33:43.0992 0196 Avgtdix (aaf0ebcad95f2164cffb544e00392498) C:\Windows\system32\DRIVERS\avgtdix.sys
20:33:44.0017 0196 Avgtdix - ok
20:33:44.0150 0196 avgwd (fc2bc51120a945f7c70376495e4e7737) C:\Program Files\AVG\AVG10\avgwdsvc.exe
20:33:44.0153 0196 avgwd - ok
20:33:44.0427 0196 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
20:33:44.0431 0196 AxInstSV - ok
20:33:44.0699 0196 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
20:33:44.0709 0196 b06bdrv - ok
20:33:44.0936 0196 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:33:44.0997 0196 b57nd60x - ok
20:33:45.0423 0196 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
20:33:45.0427 0196 BDESVC - ok
20:33:45.0728 0196 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
20:33:45.0731 0196 Beep - ok
20:33:46.0030 0196 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
20:33:46.0055 0196 BFE - ok
20:33:46.0213 0196 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
20:33:46.0417 0196 BITS - ok
20:33:46.0741 0196 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
20:33:46.0744 0196 blbdrive - ok
20:33:46.0993 0196 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
20:33:46.0998 0196 bowser - ok
20:33:47.0320 0196 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:33:47.0324 0196 BrFiltLo - ok
20:33:47.0471 0196 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:33:47.0526 0196 BrFiltUp - ok
20:33:47.0734 0196 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
20:33:47.0737 0196 Browser - ok
20:33:47.0935 0196 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
20:33:47.0943 0196 Brserid - ok
20:33:48.0331 0196 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
20:33:48.0335 0196 BrSerWdm - ok
20:33:48.0601 0196 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:33:48.0603 0196 BrUsbMdm - ok
20:33:48.0691 0196 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
20:33:48.0695 0196 BrUsbSer - ok
20:33:48.0888 0196 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
20:33:48.0892 0196 BTHMODEM - ok
20:33:49.0228 0196 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
20:33:49.0231 0196 bthserv - ok
20:33:49.0538 0196 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
20:33:49.0541 0196 cdfs - ok
20:33:49.0833 0196 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
20:33:49.0844 0196 cdrom - ok
20:33:50.0189 0196 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
20:33:50.0192 0196 CertPropSvc - ok
20:33:50.0504 0196 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
20:33:50.0507 0196 circlass - ok
20:33:50.0837 0196 CISVC (3e2afafa158c9ed670c106842bdcc81e) C:\Windows\system32\CISVC.EXE
20:33:50.0838 0196 CISVC - ok
20:33:51.0228 0196 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
20:33:51.0234 0196 CLFS - ok
20:33:51.0557 0196 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:33:51.0610 0196 clr_optimization_v2.0.50727_32 - ok
20:33:51.0899 0196 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:33:51.0977 0196 clr_optimization_v4.0.30319_32 - ok
20:33:52.0282 0196 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
20:33:52.0285 0196 CmBatt - ok
20:33:52.0405 0196 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
20:33:52.0438 0196 cmdide - ok
20:33:52.0621 0196 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
20:33:52.0709 0196 CNG - ok
20:33:52.0937 0196 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
20:33:52.0942 0196 Compbatt - ok
20:33:53.0246 0196 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
20:33:53.0249 0196 CompositeBus - ok
20:33:53.0468 0196 COMSysApp - ok
20:33:53.0761 0196 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
20:33:53.0764 0196 crcdisk - ok
20:33:54.0080 0196 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
20:33:54.0083 0196 CryptSvc - ok
20:33:54.0401 0196 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
20:33:54.0410 0196 CSC - ok
20:33:54.0724 0196 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
20:33:54.0735 0196 CscService - ok
20:33:54.0983 0196 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:33:55.0019 0196 cvhsvc - ok
20:33:55.0335 0196 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
20:33:55.0346 0196 DcomLaunch - ok
20:33:55.0684 0196 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
20:33:55.0691 0196 defragsvc - ok
20:33:56.0038 0196 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
20:33:56.0042 0196 DfsC - ok
20:33:56.0409 0196 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
20:33:56.0415 0196 Dhcp - ok
20:33:56.0762 0196 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
20:33:56.0765 0196 discache - ok
20:33:56.0932 0196 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
20:33:56.0981 0196 Disk - ok
20:33:57.0190 0196 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
20:33:57.0199 0196 Dnscache - ok
20:33:57.0330 0196 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
20:33:57.0382 0196 dot3svc - ok
20:33:57.0555 0196 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
20:33:57.0559 0196 Dot4 - ok
20:33:57.0809 0196 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys
20:33:57.0812 0196 Dot4Print - ok
20:33:57.0916 0196 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
20:33:57.0971 0196 dot4usb - ok
20:33:58.0169 0196 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
20:33:58.0173 0196 DPS - ok
20:33:58.0432 0196 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
20:33:58.0435 0196 drmkaud - ok
20:33:58.0714 0196 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
20:33:58.0737 0196 DXGKrnl - ok
20:33:58.0906 0196 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
20:33:58.0951 0196 EapHost - ok
20:33:59.0442 0196 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
20:33:59.0551 0196 ebdrv - ok
20:33:59.0774 0196 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
20:33:59.0777 0196 EFS - ok
20:34:00.0070 0196 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
20:34:00.0090 0196 ehRecvr - ok
20:34:00.0224 0196 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
20:34:00.0257 0196 ehSched - ok
20:34:00.0617 0196 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
20:34:00.0643 0196 elxstor - ok
20:34:00.0792 0196 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
20:34:00.0800 0196 ErrDev - ok
20:34:01.0089 0196 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
20:34:01.0096 0196 EventSystem - ok
20:34:01.0285 0196 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
20:34:01.0291 0196 exfat - ok
20:34:01.0492 0196 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
20:34:01.0560 0196 fastfat - ok
20:34:01.0745 0196 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
20:34:01.0802 0196 Fax - ok
20:34:02.0017 0196 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
20:34:02.0022 0196 fdc - ok
20:34:02.0103 0196 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
20:34:02.0148 0196 fdPHost - ok
20:34:02.0352 0196 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
20:34:02.0355 0196 FDResPub - ok
20:34:02.0585 0196 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
20:34:02.0590 0196 FileInfo - ok
20:34:02.0738 0196 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
20:34:02.0743 0196 Filetrace - ok
20:34:03.0005 0196 FLEXnet Licensing Service (73081cf28f0ae20a52ca4f67cee6e6b0) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:34:03.0030 0196 FLEXnet Licensing Service - ok
20:34:03.0306 0196 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
20:34:03.0310 0196 flpydisk - ok
20:34:03.0595 0196 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
20:34:03.0601 0196 FltMgr - ok
20:34:03.0823 0196 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
20:34:03.0848 0196 FontCache - ok
20:34:04.0180 0196 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:34:04.0184 0196 FontCache3.0.0.0 - ok
20:34:04.0535 0196 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
20:34:04.0539 0196 FsDepends - ok
20:34:04.0670 0196 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
20:34:04.0679 0196 Fs_Rec - ok
20:34:04.0910 0196 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
20:34:04.0918 0196 fvevol - ok
20:34:05.0312 0196 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:34:05.0316 0196 gagp30kx - ok
20:34:05.0556 0196 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
20:34:05.0567 0196 gpsvc - ok
20:34:05.0804 0196 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:34:05.0807 0196 gupdate - ok
20:34:05.0839 0196 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:34:05.0841 0196 gupdatem - ok
20:34:06.0242 0196 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
20:34:06.0276 0196 hcw85cir - ok
20:34:06.0751 0196 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
20:34:06.0759 0196 HdAudAddService - ok
20:34:07.0069 0196 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
20:34:07.0080 0196 HDAudBus - ok
20:34:07.0387 0196 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
20:34:07.0390 0196 HidBatt - ok
20:34:07.0489 0196 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
20:34:07.0545 0196 HidBth - ok
20:34:07.0764 0196 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
20:34:07.0769 0196 HidIr - ok
20:34:07.0962 0196 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
20:34:07.0966 0196 hidserv - ok
20:34:08.0235 0196 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
20:34:08.0244 0196 HidUsb - ok
20:34:08.0418 0196 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
20:34:08.0485 0196 hkmsvc - ok
20:34:08.0715 0196 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
20:34:08.0723 0196 HomeGroupListener - ok
20:34:08.0960 0196 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
20:34:08.0970 0196 HomeGroupProvider - ok
20:34:09.0257 0196 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:34:09.0262 0196 hpqcxs08 - ok
20:34:09.0427 0196 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:34:09.0431 0196 hpqddsvc - ok
20:34:09.0703 0196 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
20:34:09.0712 0196 HpSAMD - ok
20:34:10.0016 0196 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
20:34:10.0032 0196 HPSLPSVC - ok
20:34:10.0346 0196 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
20:34:10.0358 0196 HTTP - ok
20:34:10.0675 0196 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
20:34:10.0679 0196 hwpolicy - ok
20:34:10.0999 0196 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
20:34:11.0003 0196 i8042prt - ok
20:34:11.0302 0196 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
20:34:11.0310 0196 iaStorV - ok
20:34:11.0734 0196 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:34:11.0847 0196 idsvc - ok
20:34:12.0463 0196 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:34:12.0607 0196 igfx - ok
20:34:12.0841 0196 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
20:34:12.0848 0196 iirsp - ok
20:34:13.0065 0196 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
20:34:13.0079 0196 IKEEXT - ok
20:34:13.0307 0196 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
20:34:13.0329 0196 intelide - ok
20:34:13.0522 0196 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
20:34:13.0529 0196 intelppm - ok
20:34:13.0752 0196 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
20:34:13.0756 0196 IPBusEnum - ok
20:34:14.0026 0196 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:34:14.0030 0196 IpFilterDriver - ok
20:34:14.0369 0196 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
20:34:14.0385 0196 iphlpsvc - ok
20:34:14.0613 0196 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
20:34:14.0644 0196 IPMIDRV - ok
20:34:14.0819 0196 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
20:34:14.0824 0196 IPNAT - ok
20:34:15.0090 0196 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
20:34:15.0093 0196 IRENUM - ok
20:34:15.0455 0196 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
20:34:15.0458 0196 isapnp - ok
20:34:15.0622 0196 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
20:34:15.0664 0196 iScsiPrt - ok
20:34:15.0846 0196 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
20:34:15.0856 0196 kbdclass - ok
20:34:16.0093 0196 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
20:34:16.0096 0196 kbdhid - ok
20:34:16.0176 0196 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:34:16.0178 0196 KeyIso - ok
20:34:16.0416 0196 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
20:34:16.0422 0196 KSecDD - ok
20:34:16.0569 0196 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
20:34:16.0603 0196 KSecPkg - ok
20:34:16.0782 0196 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
20:34:16.0794 0196 KtmRm - ok
20:34:17.0096 0196 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
20:34:17.0103 0196 LanmanServer - ok
20:34:17.0350 0196 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
20:34:17.0355 0196 LanmanWorkstation - ok
20:34:17.0613 0196 Lavasoft Ad-Aware Service (ea38136981c61c571d52c380daad46ef) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
20:34:17.0650 0196 Lavasoft Ad-Aware Service - ok
20:34:17.0862 0196 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
20:34:17.0866 0196 Lavasoft Kernexplorer - ok
20:34:18.0155 0196 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
20:34:18.0159 0196 Lbd - ok
20:34:18.0533 0196 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
20:34:18.0536 0196 lltdio - ok
20:34:18.0818 0196 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
20:34:18.0873 0196 lltdsvc - ok
20:34:19.0059 0196 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
20:34:19.0062 0196 lmhosts - ok
20:34:19.0392 0196 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:34:19.0405 0196 LSI_FC - ok
20:34:19.0679 0196 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:34:19.0697 0196 LSI_SAS - ok
20:34:20.0047 0196 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:34:20.0061 0196 LSI_SAS2 - ok
20:34:20.0346 0196 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:34:20.0355 0196 LSI_SCSI - ok
20:34:20.0495 0196 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
20:34:20.0513 0196 luafv - ok
20:34:20.0668 0196 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
20:34:20.0673 0196 Mcx2Svc - ok
20:34:21.0028 0196 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
20:34:21.0032 0196 megasas - ok
20:34:21.0358 0196 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
20:34:21.0365 0196 MegaSR - ok
20:34:21.0694 0196 mi-raysat_3dsmax2010_32 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
20:34:21.0696 0196 mi-raysat_3dsmax2010_32 - ok
20:34:21.0978 0196 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:34:21.0982 0196 MMCSS - ok
20:34:22.0302 0196 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
20:34:22.0306 0196 Modem - ok
20:34:22.0494 0196 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
20:34:22.0616 0196 monitor - ok
20:34:22.0819 0196 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
20:34:22.0827 0196 mouclass - ok
20:34:23.0105 0196 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
20:34:23.0107 0196 mouhid - ok
20:34:23.0426 0196 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
20:34:23.0430 0196 mountmgr - ok
20:34:23.0590 0196 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
20:34:23.0655 0196 mpio - ok
20:34:23.0895 0196 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
20:34:23.0929 0196 mpsdrv - ok
20:34:24.0148 0196 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
20:34:24.0161 0196 MpsSvc - ok
20:34:24.0360 0196 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
20:34:24.0364 0196 MRxDAV - ok
20:34:24.0549 0196 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:34:24.0583 0196 mrxsmb - ok
20:34:24.0784 0196 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:34:24.0795 0196 mrxsmb10 - ok
20:34:24.0833 0196 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:34:24.0878 0196 mrxsmb20 - ok
20:34:25.0111 0196 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
20:34:25.0114 0196 msahci - ok
20:34:25.0317 0196 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
20:34:25.0331 0196 msdsm - ok
20:34:25.0693 0196 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
20:34:25.0729 0196 MSDTC - ok
20:34:26.0129 0196 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
20:34:26.0132 0196 Msfs - ok
20:34:26.0413 0196 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
20:34:26.0416 0196 mshidkmdf - ok
20:34:26.0650 0196 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
20:34:26.0652 0196 msisadrv - ok
20:34:26.0961 0196 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
20:34:26.0967 0196 MSiSCSI - ok
20:34:27.0137 0196 msiserver - ok
20:34:27.0395 0196 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
20:34:27.0407 0196 MSKSSRV - ok
20:34:27.0685 0196 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
20:34:27.0688 0196 MSPCLOCK - ok
20:34:27.0924 0196 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
20:34:27.0927 0196 MSPQM - ok
20:34:27.0963 0196 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
20:34:28.0019 0196 MsRPC - ok
20:34:28.0215 0196 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
20:34:28.0221 0196 mssmbios - ok
20:34:28.0313 0196 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
20:34:28.0358 0196 MSTEE - ok
20:34:28.0577 0196 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
20:34:28.0580 0196 MTConfig - ok
20:34:28.0643 0196 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
20:34:28.0700 0196 Mup - ok
20:34:28.0919 0196 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
20:34:28.0946 0196 napagent - ok
20:34:29.0299 0196 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
20:34:29.0306 0196 NativeWifiP - ok
20:34:29.0526 0196 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
20:34:29.0546 0196 NDIS - ok
20:34:29.0798 0196 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
20:34:29.0801 0196 NdisCap - ok
20:34:29.0897 0196 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
20:34:29.0901 0196 NdisTapi - ok
20:34:30.0109 0196 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
20:34:30.0113 0196 Ndisuio - ok
20:34:30.0379 0196 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
20:34:30.0384 0196 NdisWan - ok
20:34:30.0677 0196 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
20:34:30.0681 0196 NDProxy - ok
20:34:31.0058 0196 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
20:34:31.0067 0196 Net Driver HPZ12 - ok
20:34:31.0370 0196 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
20:34:31.0374 0196 NetBIOS - ok
20:34:31.0667 0196 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
20:34:31.0673 0196 NetBT - ok
20:34:31.0822 0196 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:34:31.0825 0196 Netlogon - ok
20:34:32.0101 0196 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
20:34:32.0109 0196 Netman - ok
20:34:32.0380 0196 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:34:32.0387 0196 NetMsmqActivator - ok
20:34:32.0434 0196 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:34:32.0438 0196 NetPipeActivator - ok
20:34:32.0673 0196 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
20:34:32.0679 0196 netprofm - ok
20:34:32.0991 0196 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:34:32.0993 0196 NetTcpActivator - ok
20:34:33.0022 0196 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:34:33.0024 0196 NetTcpPortSharing - ok
20:34:33.0325 0196 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
20:34:33.0334 0196 nfrd960 - ok
20:34:33.0584 0196 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
20:34:33.0591 0196 NlaSvc - ok
20:34:33.0935 0196 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
20:34:33.0938 0196 Npfs - ok
20:34:34.0303 0196 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
20:34:34.0307 0196 nsi - ok
20:34:34.0593 0196 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
20:34:34.0602 0196 nsiproxy - ok
20:34:34.0943 0196 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
20:34:34.0993 0196 Ntfs - ok
20:34:35.0335 0196 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
20:34:35.0339 0196 Null - ok
20:34:35.0659 0196 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
20:34:35.0688 0196 nvraid - ok
20:34:36.0003 0196 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
20:34:36.0008 0196 nvstor - ok
20:34:36.0377 0196 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
20:34:36.0383 0196 nv_agp - ok
20:34:36.0561 0196 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
20:34:36.0570 0196 ohci1394 - ok
20:34:36.0675 0196 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:34:36.0680 0196 ose - ok
20:34:37.0095 0196 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:34:37.0287 0196 osppsvc - ok
20:34:37.0507 0196 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:34:37.0516 0196 p2pimsvc - ok
20:34:37.0678 0196 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
20:34:37.0695 0196 p2psvc - ok
20:34:37.0883 0196 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
20:34:37.0950 0196 Parport - ok
20:34:38.0157 0196 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
20:34:38.0160 0196 partmgr - ok
20:34:38.0365 0196 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
20:34:38.0373 0196 Parvdm - ok
20:34:38.0712 0196 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
20:34:38.0717 0196 PcaSvc - ok
20:34:38.0917 0196 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
20:34:38.0963 0196 pci - ok
20:34:39.0232 0196 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
20:34:39.0236 0196 pciide - ok
20:34:39.0532 0196 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
20:34:39.0537 0196 pcmcia - ok
20:34:39.0774 0196 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
20:34:39.0777 0196 pcw - ok
20:34:40.0024 0196 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
20:34:40.0047 0196 PEAUTH - ok
20:34:40.0340 0196 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
20:34:40.0374 0196 PeerDistSvc - ok
20:34:40.0729 0196 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
20:34:40.0758 0196 pla - ok
20:34:41.0000 0196 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
20:34:41.0012 0196 PlugPlay - ok
20:34:41.0328 0196 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
20:34:41.0331 0196 Pml Driver HPZ12 - ok
20:34:41.0527 0196 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
20:34:41.0549 0196 PNRPAutoReg - ok
20:34:41.0750 0196 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:34:41.0756 0196 PNRPsvc - ok
20:34:41.0926 0196 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
20:34:41.0934 0196 PolicyAgent - ok
20:34:42.0215 0196 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
20:34:42.0229 0196 Power - ok
20:34:42.0791 0196 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
20:34:42.0795 0196 PptpMiniport - ok
20:34:42.0957 0196 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
20:34:43.0047 0196 Processor - ok
20:34:44.0631 0196 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
20:34:44.0644 0196 ProfSvc - ok
20:34:45.0376 0196 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:34:45.0379 0196 ProtectedStorage - ok
20:34:45.0717 0196 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
20:34:45.0721 0196 Psched - ok
20:34:46.0738 0196 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
20:34:46.0791 0196 ql2300 - ok
20:34:47.0157 0196 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
20:34:47.0165 0196 ql40xx - ok
20:34:47.0496 0196 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
20:34:47.0505 0196 QWAVE - ok
20:34:47.0791 0196 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
20:34:47.0794 0196 QWAVEdrv - ok
20:34:48.0108 0196 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
20:34:48.0116 0196 RasAcd - ok
20:34:48.0433 0196 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:34:48.0436 0196 RasAgileVpn - ok
20:34:48.0610 0196 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
20:34:48.0665 0196 RasAuto - ok
20:34:48.0867 0196 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:34:48.0871 0196 Rasl2tp - ok
20:34:49.0099 0196 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
20:34:49.0108 0196 RasMan - ok
20:34:49.0397 0196 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
20:34:49.0400 0196 RasPppoe - ok
20:34:49.0501 0196 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
20:34:49.0600 0196 RasSstp - ok
20:34:50.0288 0196 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
20:34:50.0333 0196 rdbss - ok
20:34:50.0551 0196 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
20:34:50.0554 0196 rdpbus - ok
20:34:50.0632 0196 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:34:50.0665 0196 RDPCDD - ok
20:34:50.0889 0196 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
20:34:50.0893 0196 RDPDR - ok
20:34:51.0193 0196 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
20:34:51.0196 0196 RDPENCDD - ok
20:34:51.0280 0196 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
20:34:51.0290 0196 RDPREFMP - ok
20:34:51.0584 0196 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
20:34:51.0588 0196 RdpVideoMiniport - ok
20:34:51.0775 0196 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
20:34:51.0782 0196 RDPWD - ok
20:34:52.0124 0196 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
20:34:52.0129 0196 rdyboost - ok
20:34:52.0371 0196 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
20:34:52.0377 0196 RemoteAccess - ok
20:34:52.0542 0196 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
20:34:52.0575 0196 RemoteRegistry - ok
20:34:52.0796 0196 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
20:34:52.0800 0196 RpcEptMapper - ok
20:34:53.0019 0196 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
20:34:53.0025 0196 RpcLocator - ok
20:34:53.0341 0196 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
20:34:53.0347 0196 RpcSs - ok
20:34:53.0675 0196 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
20:34:53.0679 0196 rspndr - ok
20:34:54.0035 0196 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
20:34:54.0040 0196 RTL8167 - ok
20:34:54.0287 0196 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
20:34:54.0290 0196 s3cap - ok
20:34:54.0435 0196 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:34:54.0438 0196 SamSs - ok
20:34:54.0728 0196 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:34:54.0756 0196 SASDIFSV - ok
20:34:55.0073 0196 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:34:55.0124 0196 SASKUTIL - ok
20:34:55.0574 0196 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
20:34:55.0577 0196 sbp2port - ok
20:34:55.0764 0196 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
20:34:55.0809 0196 SCardSvr - ok
20:34:55.0987 0196 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
20:34:55.0990 0196 scfilter - ok
20:34:56.0166 0196 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
20:34:56.0181 0196 Schedule - ok
20:34:56.0461 0196 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
20:34:56.0463 0196 SCPolicySvc - ok
20:34:56.0827 0196 SCREAMINGBDRIVER (a643d6df1b7546256b11fb5d6b5d1375) C:\Windows\system32\drivers\ScreamingBAudio.sys
20:34:56.0832 0196 SCREAMINGBDRIVER - ok
20:34:57.0378 0196 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
20:34:57.0491 0196 sdbus - ok
20:34:57.0694 0196 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
20:34:57.0702 0196 SDRSVC - ok
20:34:57.0895 0196 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:34:57.0898 0196 secdrv - ok
20:34:58.0071 0196 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
20:34:58.0138 0196 seclogon - ok
20:34:58.0346 0196 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
20:34:58.0350 0196 SENS - ok
20:34:58.0578 0196 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
20:34:58.0584 0196 SensrSvc - ok
20:34:58.0892 0196 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
20:34:58.0895 0196 Serenum - ok
20:34:59.0076 0196 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
20:34:59.0142 0196 Serial - ok
20:34:59.0313 0196 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
20:34:59.0316 0196 sermouse - ok
20:34:59.0538 0196 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
20:34:59.0551 0196 SessionEnv - ok
20:34:59.0848 0196 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
20:34:59.0851 0196 sffdisk - ok
20:34:59.0999 0196 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
20:35:00.0002 0196 sffp_mmc - ok
20:35:00.0027 0196 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
20:35:00.0032 0196 sffp_sd - ok
20:35:00.0204 0196 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
20:35:00.0207 0196 sfloppy - ok
20:35:00.0324 0196 Sftfs (74744f4d9eb18ddd0eb45e03cfdd648e) C:\Windows\system32\DRIVERS\Sftfslh.sys
20:35:00.0380 0196 Sftfs - ok
20:35:00.0575 0196 sftlist (baf282373e79d08ce9510ac8b5a1f41d) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
20:35:00.0584 0196 sftlist - ok
20:35:00.0877 0196 Sftplay (cbc5be6f81e86cc73656e61767002da9) C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:35:00.0883 0196 Sftplay - ok
20:35:00.0993 0196 Sftredir (961e50666e6d6949328b1ffbc33adf43) C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:35:01.0038 0196 Sftredir - ok
20:35:01.0218 0196 Sftvol (c8c02c8fe267751ec62b7e7d8d214c63) C:\Windows\system32\DRIVERS\Sftvollh.sys
20:35:01.0220 0196 Sftvol - ok
20:35:01.0413 0196 sftvsa (ee28aeb3889a9cca894626ecd1fb1c8b) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
20:35:01.0418 0196 sftvsa - ok
20:35:01.0678 0196 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
20:35:01.0702 0196 SharedAccess - ok
20:35:01.0992 0196 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
20:35:02.0015 0196 ShellHWDetection - ok
20:35:02.0169 0196 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
20:35:02.0177 0196 sisagp - ok
20:35:02.0402 0196 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:35:02.0406 0196 SiSRaid2 - ok
20:35:02.0499 0196 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
20:35:02.0555 0196 SiSRaid4 - ok
20:35:02.0747 0196 SkypeUpdate (8c5477eb1c03ca76cd8eb66a610a9e90) C:\Program Files\Skype\Updater\Updater.exe
20:35:02.0752 0196 SkypeUpdate - ok
20:35:03.0066 0196 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
20:35:03.0070 0196 Smb - ok
20:35:03.0334 0196 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
20:35:03.0341 0196 SNMPTRAP - ok
20:35:03.0638 0196 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
20:35:03.0641 0196 spldr - ok
20:35:03.0962 0196 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
20:35:03.0984 0196 Spooler - ok
20:35:04.0343 0196 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
20:35:04.0452 0196 sppsvc - ok
20:35:04.0700 0196 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
20:35:04.0707 0196 sppuinotify - ok
20:35:04.0985 0196 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
20:35:04.0997 0196 srv - ok
20:35:05.0351 0196 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
20:35:05.0358 0196 srv2 - ok
20:35:05.0566 0196 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
20:35:05.0572 0196 srvnet - ok
20:35:05.0811 0196 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
20:35:05.0868 0196 SSDPSRV - ok
20:35:06.0031 0196 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
20:35:06.0040 0196 SstpSvc - ok
20:35:06.0239 0196 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
20:35:06.0242 0196 stexstor - ok
20:35:06.0552 0196 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
20:35:06.0574 0196 StiSvc - ok
20:35:06.0741 0196 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
20:35:06.0807 0196 storflt - ok
20:35:07.0024 0196 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
20:35:07.0027 0196 storvsc - ok
20:35:07.0067 0196 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
20:35:07.0134 0196 swenum - ok
20:35:07.0341 0196 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
20:35:07.0351 0196 swprv - ok
20:35:07.0554 0196 Synth3dVsc - ok
20:35:07.0796 0196 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
20:35:07.0849 0196 SysMain - ok
20:35:08.0186 0196 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
20:35:08.0193 0196 TabletInputService - ok
20:35:08.0441 0196 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
20:35:08.0485 0196 TapiSrv - ok
20:35:08.0660 0196 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
20:35:08.0672 0196 TBS - ok
20:35:08.0876 0196 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
20:35:08.0887 0196 Tcpip - ok
20:35:09.0450 0196 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
20:35:09.0462 0196 TCPIP6 - ok
20:35:09.0717 0196 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
20:35:09.0722 0196 tcpipreg - ok
20:35:10.0078 0196 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
20:35:10.0081 0196 TDPIPE - ok
20:35:10.0420 0196 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
20:35:10.0423 0196 TDTCP - ok
20:35:10.0603 0196 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
20:35:10.0670 0196 tdx - ok
20:35:10.0848 0196 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
20:35:10.0852 0196 TermDD - ok
20:35:11.0076 0196 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
20:35:11.0099 0196 TermService - ok
20:35:11.0274 0196 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
20:35:11.0341 0196 Themes - ok
20:35:11.0529 0196 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:35:11.0532 0196 THREADORDER - ok
20:35:11.0730 0196 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
20:35:11.0735 0196 TrkWks - ok
20:35:11.0928 0196 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
20:35:11.0984 0196 TrustedInstaller - ok
20:35:12.0168 0196 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:35:12.0174 0196 tssecsrv - ok
20:35:12.0471 0196 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
20:35:12.0474 0196 TsUsbFlt - ok
20:35:12.0534 0196 tsusbhub - ok
20:35:12.0808 0196 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
20:35:12.0812 0196 tunnel - ok
20:35:13.0043 0196 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
20:35:13.0048 0196 TVALZ - ok
20:35:13.0332 0196 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
20:35:13.0342 0196 uagp35 - ok
20:35:13.0649 0196 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
20:35:13.0657 0196 udfs - ok
20:35:13.0983 0196 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
20:35:13.0989 0196 UI0Detect - ok
20:35:14.0149 0196 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
20:35:14.0216 0196 uliagpkx - ok
20:35:14.0412 0196 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
20:35:14.0415 0196 umbus - ok
20:35:14.0642 0196 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
20:35:14.0645 0196 UmPass - ok
20:35:15.0003 0196 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
20:35:15.0021 0196 UmRdpService - ok
20:35:15.0465 0196 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
20:35:15.0481 0196 upnphost - ok
20:35:15.0732 0196 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
20:35:15.0735 0196 usbccgp - ok
20:35:15.0893 0196 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
20:35:15.0898 0196 usbcir - ok
20:35:15.0941 0196 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
20:35:15.0983 0196 usbehci - ok
20:35:16.0198 0196 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
20:35:16.0206 0196 usbhub - ok
20:35:16.0245 0196 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
20:35:16.0301 0196 usbohci - ok
20:35:16.0547 0196 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
20:35:16.0550 0196 usbprint - ok
20:35:16.0769 0196 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
20:35:16.0777 0196 usbscan - ok
20:35:16.0881 0196 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
20:35:16.0937 0196 USBSTOR - ok
20:35:17.0169 0196 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
20:35:17.0178 0196 usbuhci - ok
20:35:17.0394 0196 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
20:35:17.0399 0196 UxSms - ok
20:35:17.0548 0196 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:35:17.0553 0196 VaultSvc - ok
20:35:17.0814 0196 VCSVADHWSer (b2abab4ca46bad182e27763dc19c780f) C:\Windows\system32\DRIVERS\vcsvad.sys
20:35:17.0818 0196 VCSVADHWSer - ok
20:35:17.0899 0196 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
20:35:17.0932 0196 vdrvroot - ok
20:35:18.0147 0196 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
20:35:18.0160 0196 vds - ok
20:35:18.0375 0196 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
20:35:18.0378 0196 vga - ok
20:35:18.0470 0196 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
20:35:18.0473 0196 VgaSave - ok
20:35:18.0698 0196 VGPU - ok
20:35:18.0794 0196 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
20:35:18.0799 0196 vhdmp - ok
20:35:19.0038 0196 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
20:35:19.0048 0196 viaagp - ok
20:35:19.0360 0196 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
20:35:19.0364 0196 ViaC7 - ok
20:35:19.0525 0196 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
20:35:19.0592 0196 viaide - ok
20:35:19.0778 0196 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
20:35:19.0784 0196 vmbus - ok
20:35:19.0821 0196 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
20:35:19.0823 0196 VMBusHID - ok
20:35:20.0028 0196 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
20:35:20.0031 0196 volmgr - ok
20:35:20.0315 0196 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
20:35:20.0324 0196 volmgrx - ok
20:35:20.0625 0196 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
20:35:20.0647 0196 volsnap - ok
20:35:21.0011 0196 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
20:35:21.0021 0196 vsmraid - ok
20:35:21.0359 0196 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
20:35:21.0380 0196 VSS - ok
20:35:21.0660 0196 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
20:35:21.0675 0196 vToolbarUpdater10.2.0 - ok
20:35:22.0023 0196 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
20:35:22.0026 0196 vwifibus - ok
20:35:22.0178 0196 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
20:35:22.0223 0196 vwififlt - ok
20:35:22.0436 0196 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
20:35:22.0446 0196 W32Time - ok
20:35:22.0635 0196 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
20:35:22.0639 0196 WacomPen - ok
20:35:22.0853 0196 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
20:35:22.0920 0196 WANARP - ok
20:35:22.0954 0196 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
20:35:22.0956 0196 Wanarpv6 - ok
20:35:23.0331 0196 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
20:35:23.0360 0196 WatAdminSvc - ok
20:35:23.0657 0196 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
20:35:23.0682 0196 wbengine - ok
20:35:23.0950 0196 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
20:35:23.0959 0196 WbioSrvc - ok
20:35:24.0291 0196 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
20:35:24.0300 0196 wcncsvc - ok
20:35:24.0490 0196 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
20:35:24.0546 0196 WcsPlugInService - ok
20:35:24.0724 0196 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
20:35:24.0730 0196 Wd - ok
20:35:24.0923 0196 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:35:24.0933 0196 Wdf01000 - ok
20:35:25.0200 0196 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:35:25.0205 0196 WdiServiceHost - ok
20:35:25.0220 0196 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:35:25.0225 0196 WdiSystemHost - ok
20:35:25.0527 0196 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
20:35:25.0536 0196 WebClient - ok
20:35:25.0882 0196 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
20:35:25.0895 0196 Wecsvc - ok
20:35:26.0032 0196 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
20:35:26.0099 0196 wercplsupport - ok
20:35:26.0311 0196 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
20:35:26.0325 0196 WerSvc - ok
20:35:26.0550 0196 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
20:35:26.0557 0196 WfpLwf - ok
20:35:26.0770 0196 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
20:35:26.0773 0196 WIMMount - ok
20:35:26.0932 0196 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
20:35:26.0947 0196 WinDefend - ok
20:35:27.0018 0196 WinHttpAutoProxySvc - ok
20:35:27.0293 0196 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
20:35:27.0297 0196 Winmgmt - ok
20:35:27.0594 0196 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
20:35:27.0618 0196 WinRM - ok
20:35:27.0910 0196 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
20:35:27.0935 0196 Wlansvc - ok
20:35:28.0233 0196 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
20:35:28.0236 0196 WmiAcpi - ok
20:35:28.0499 0196 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
20:35:28.0505 0196 wmiApSrv - ok
20:35:28.0797 0196 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:35:28.0832 0196 WMPNetworkSvc - ok
20:35:29.0212 0196 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
20:35:29.0225 0196 WPCSvc - ok
20:35:29.0570 0196 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
20:35:29.0577 0196 WPDBusEnum - ok
20:35:29.0890 0196 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
20:35:29.0892 0196 ws2ifsl - ok
20:35:30.0056 0196 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
20:35:30.0125 0196 wscsvc - ok
20:35:30.0261 0196 WSearch - ok
20:35:30.0498 0196 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
20:35:30.0555 0196 wuauserv - ok
20:35:30.0915 0196 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
20:35:30.0927 0196 WudfPf - ok
20:35:31.0267 0196 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:35:31.0271 0196 WUDFRd - ok
20:35:31.0474 0196 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
20:35:31.0480 0196 wudfsvc - ok
20:35:31.0708 0196 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
20:35:31.0810 0196 WwanSvc - ok
20:35:31.0877 0196 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:35:33.0262 0196 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:35:33.0262 0196 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:35:33.0304 0196 Boot (0x1200) (a7fe3dfe3947f584645ffc32ebcc88d8) \Device\Harddisk0\DR0\Partition0
20:35:33.0305 0196 \Device\Harddisk0\DR0\Partition0 - ok
20:35:33.0310 0196 ============================================================
20:35:33.0310 0196 Scan finished
20:35:33.0310 0196 ============================================================
20:35:33.0331 5012 Detected object count: 1
20:35:33.0332 5012 Actual detected object count: 1
20:36:12.0798 5012 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:36:12.0798 5012 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

----

TDSSKiller did not need me to reboot after scanning.

Edited by TechnicalDifficulty, 10 April 2012 - 10:25 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 11 April 2012 - 10:06 AM

Hello, please rerun TDSS and see if there is an option to Cure or Delete these. TDSS File System
I know the Skip will be there by default,but I want to see if you can remove them.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 TechnicalDifficulty

TechnicalDifficulty
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:41 AM

Posted 13 April 2012 - 03:00 PM

Hello, please rerun TDSS and see if there is an option to Cure or Delete these. TDSS File System
I know the Skip will be there by default,but I want to see if you can remove them.




Yes, it deleted it without any trouble. I've been trying to run the Eset scan but between it stalling my computer like SAS did and taking so long to complete I haven't been able to get a full scan yet. But in partial scans it's found and deleted 21 items so far. I will try it again tonight.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:41 AM

Posted 13 April 2012 - 09:37 PM

Ok, make sure nothing else is running ,it may help.
these last few may solve the rest.

Perhaps Rebooting into Safe Mode with Networking
How to start Windows 7 in Safe Mode will help as only minimal items are loaded on boot.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users