Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop Starts Up but Blue Screens.


  • This topic is locked This topic is locked
12 replies to this topic

#1 SuperstarSal

SuperstarSal

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 17 May 2012 - 05:44 PM

Hi, I have a laptop that's been booting up and will run for a bit and then blue screen. The process is expedited when I run any sort of anti-virus. Please help.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:20 AM

Posted 17 May 2012 - 07:22 PM

Same issue in safe mode?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 SuperstarSal

SuperstarSal
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 17 May 2012 - 08:22 PM

Same issue in safe mode?


Yes. I was wondering if there was anything I could run to confirm my laptop is infected?

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:20 AM

Posted 17 May 2012 - 08:55 PM

I'll report this topic to appropriate helpers.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:20 PM

Posted 18 May 2012 - 02:55 AM

Hi

We Need to Diagnose Your BlueScreen

  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:

    Posted Image
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:

    Posted Image

Please post me the error(s).

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:20 AM

Posted 18 May 2012 - 03:57 PM

Hello, just letting you know I moved this topic to Here in the Virus, Trojan, Spyware, and Malware Removal Logs forum where it will stay.

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies now that you were moved.


Mod Edit... After further consideration..
This belongs where it was in Am I Infected..
Sorry for the shuffle..

Edited by boopme, 18 May 2012 - 07:04 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 SuperstarSal

SuperstarSal
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 19 May 2012 - 09:05 PM

Hi

We Need to Diagnose Your BlueScreen

  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:

    Posted Image
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:

    Posted Image

Please post me the error(s).


Hey I ran TDSKiller and I no longer get BSoD'd BUT I still cannot run Malware Bytes so I think I'm still infected. Please advise next step.

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:20 PM

Posted 20 May 2012 - 06:09 AM

Hi

Since you say you have been able to run TDSSkiller:

  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 SuperstarSal

SuperstarSal
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 20 May 2012 - 01:49 PM

19:03:37.0887 3296 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
19:03:38.0292 3296 ============================================================
19:03:38.0292 3296 Current date / time: 2012/05/19 19:03:38.0292
19:03:38.0292 3296 SystemInfo:
19:03:38.0292 3296
19:03:38.0292 3296 OS Version: 6.1.7600 ServicePack: 0.0
19:03:38.0292 3296 Product type: Workstation
19:03:38.0292 3296 ComputerName: OWNER-PC
19:03:38.0292 3296 UserName: Owner
19:03:38.0292 3296 Windows directory: C:\Windows
19:03:38.0292 3296 System windows directory: C:\Windows
19:03:38.0292 3296 Processor architecture: Intel x86
19:03:38.0292 3296 Number of processors: 2
19:03:38.0292 3296 Page size: 0x1000
19:03:38.0292 3296 Boot type: Normal boot
19:03:38.0292 3296 ============================================================
19:03:41.0443 3296 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:03:41.0506 3296 Drive \Device\Harddisk3\DR3 - Size: 0x1DE000000 (7.47 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:03:41.0506 3296 ============================================================
19:03:41.0506 3296 \Device\Harddisk0\DR0:
19:03:41.0568 3296 MBR partitions:
19:03:41.0568 3296 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:03:41.0568 3296 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
19:03:41.0568 3296 \Device\Harddisk3\DR3:
19:03:41.0568 3296 MBR partitions:
19:03:41.0568 3296 \Device\Harddisk3\DR3\Partition0: MBR, Type 0xC, StartLBA 0x50, BlocksNum 0xEEFFB0
19:03:41.0568 3296 ============================================================
19:03:41.0599 3296 C: <-> \Device\Harddisk0\DR0\Partition1
19:03:41.0599 3296 ============================================================
19:03:41.0599 3296 Initialize success
19:03:41.0599 3296 ============================================================
19:03:46.0420 2624 ============================================================
19:03:46.0420 2624 Scan started
19:03:46.0420 2624 Mode: Manual; SigCheck; TDLFS;
19:03:46.0420 2624 ============================================================
19:03:49.0961 2624 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
19:03:50.0179 2624 1394ohci - ok
19:03:50.0304 2624 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
19:03:50.0335 2624 ACPI - ok
19:03:50.0413 2624 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
19:03:50.0538 2624 AcpiPmi - ok
19:03:51.0037 2624 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:03:51.0069 2624 AdobeFlashPlayerUpdateSvc - ok
19:03:51.0256 2624 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:03:51.0271 2624 adp94xx - ok
19:03:51.0303 2624 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:03:51.0334 2624 adpahci - ok
19:03:51.0443 2624 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:03:51.0459 2624 adpu320 - ok
19:03:51.0537 2624 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:03:51.0568 2624 AeLookupSvc - ok
19:03:51.0677 2624 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
19:03:51.0771 2624 AFD - ok
19:03:51.0833 2624 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
19:03:51.0864 2624 agp440 - ok
19:03:51.0911 2624 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:03:51.0927 2624 aic78xx - ok
19:03:52.0005 2624 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:03:52.0051 2624 ALG - ok
19:03:52.0098 2624 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
19:03:52.0145 2624 aliide - ok
19:03:52.0239 2624 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
19:03:52.0426 2624 amdagp - ok
19:03:52.0473 2624 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
19:03:52.0504 2624 amdide - ok
19:03:52.0582 2624 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:03:52.0613 2624 AmdK8 - ok
19:03:52.0660 2624 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:03:52.0691 2624 AmdPPM - ok
19:03:52.0816 2624 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
19:03:52.0831 2624 amdsata - ok
19:03:52.0925 2624 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:03:52.0956 2624 amdsbs - ok
19:03:52.0987 2624 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
19:03:53.0003 2624 amdxata - ok
19:03:53.0050 2624 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
19:03:53.0097 2624 AppID - ok
19:03:53.0143 2624 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:03:53.0221 2624 AppIDSvc - ok
19:03:53.0253 2624 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
19:03:53.0268 2624 Appinfo - ok
19:03:53.0331 2624 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:03:53.0346 2624 arc - ok
19:03:53.0377 2624 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:03:53.0377 2624 arcsas - ok
19:03:53.0409 2624 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:03:53.0440 2624 AsyncMac - ok
19:03:53.0487 2624 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
19:03:53.0518 2624 atapi - ok
19:03:53.0658 2624 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
19:03:53.0705 2624 AudioEndpointBuilder - ok
19:03:53.0705 2624 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
19:03:53.0752 2624 Audiosrv - ok
19:03:53.0892 2624 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
19:03:53.0939 2624 AxInstSV - ok
19:03:54.0079 2624 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:03:54.0126 2624 b06bdrv - ok
19:03:54.0376 2624 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:03:54.0454 2624 b57nd60x - ok
19:03:54.0563 2624 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:03:54.0594 2624 BDESVC - ok
19:03:54.0657 2624 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:03:54.0703 2624 Beep - ok
19:03:54.0797 2624 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
19:03:54.0891 2624 BFE - ok
19:03:55.0000 2624 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\System32\qmgr.dll
19:03:55.0093 2624 BITS - ok
19:03:55.0265 2624 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:03:55.0327 2624 blbdrive - ok
19:03:55.0686 2624 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
19:03:55.0733 2624 bowser - ok
19:03:55.0764 2624 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:03:55.0795 2624 BrFiltLo - ok
19:03:55.0827 2624 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:03:55.0858 2624 BrFiltUp - ok
19:03:55.0905 2624 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
19:03:55.0951 2624 Browser - ok
19:03:55.0983 2624 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:03:55.0998 2624 Brserid - ok
19:03:56.0014 2624 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:03:56.0061 2624 BrSerWdm - ok
19:03:56.0076 2624 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:03:56.0092 2624 BrUsbMdm - ok
19:03:56.0123 2624 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:03:56.0139 2624 BrUsbSer - ok
19:03:56.0279 2624 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
19:03:56.0310 2624 BthEnum - ok
19:03:56.0326 2624 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:03:56.0357 2624 BTHMODEM - ok
19:03:56.0388 2624 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
19:03:56.0419 2624 BthPan - ok
19:03:56.0482 2624 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\Windows\System32\Drivers\BTHport.sys
19:03:56.0544 2624 BTHPORT - ok
19:03:56.0607 2624 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:03:56.0794 2624 bthserv - ok
19:03:56.0841 2624 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\Windows\System32\Drivers\BTHUSB.sys
19:03:56.0887 2624 BTHUSB - ok
19:03:56.0965 2624 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:03:57.0012 2624 cdfs - ok
19:03:57.0121 2624 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
19:03:57.0168 2624 cdrom - ok
19:03:57.0262 2624 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
19:03:57.0309 2624 CertPropSvc - ok
19:03:57.0340 2624 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:03:57.0371 2624 circlass - ok
19:03:57.0433 2624 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:03:57.0449 2624 CLFS - ok
19:03:57.0589 2624 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:03:57.0605 2624 clr_optimization_v2.0.50727_32 - ok
19:03:57.0667 2624 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:03:57.0683 2624 clr_optimization_v4.0.30319_32 - ok
19:03:57.0699 2624 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:03:57.0730 2624 CmBatt - ok
19:03:57.0730 2624 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
19:03:57.0745 2624 cmdide - ok
19:03:57.0901 2624 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
19:03:57.0933 2624 CNG - ok
19:03:57.0995 2624 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:03:58.0026 2624 Compbatt - ok
19:03:58.0089 2624 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:03:58.0151 2624 CompositeBus - ok
19:03:58.0167 2624 COMSysApp - ok
19:03:58.0198 2624 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:03:58.0213 2624 crcdisk - ok
19:03:58.0307 2624 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
19:03:58.0354 2624 CryptSvc - ok
19:03:58.0494 2624 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
19:03:58.0557 2624 DcomLaunch - ok
19:03:58.0635 2624 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:03:58.0681 2624 defragsvc - ok
19:03:58.0822 2624 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
19:03:58.0869 2624 DfsC - ok
19:03:58.0962 2624 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
19:03:59.0009 2624 Dhcp - ok
19:03:59.0025 2624 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:03:59.0071 2624 discache - ok
19:03:59.0196 2624 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:03:59.0212 2624 Disk - ok
19:03:59.0274 2624 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
19:03:59.0321 2624 Dnscache - ok
19:03:59.0399 2624 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
19:03:59.0430 2624 dot3svc - ok
19:03:59.0461 2624 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
19:03:59.0508 2624 DPS - ok
19:03:59.0555 2624 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:03:59.0586 2624 drmkaud - ok
19:03:59.0929 2624 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
19:03:59.0976 2624 DXGKrnl - ok
19:04:00.0007 2624 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:04:00.0054 2624 EapHost - ok
19:04:01.0006 2624 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:04:01.0131 2624 ebdrv - ok
19:04:02.0145 2624 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
19:04:02.0176 2624 EFS - ok
19:04:02.0425 2624 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe
19:04:02.0644 2624 ehRecvr - ok
19:04:02.0691 2624 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
19:04:02.0737 2624 ehSched - ok
19:04:02.0956 2624 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:04:02.0971 2624 elxstor - ok
19:04:03.0003 2624 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
19:04:03.0049 2624 ErrDev - ok
19:04:03.0127 2624 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:04:03.0174 2624 EventSystem - ok
19:04:03.0237 2624 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:04:03.0268 2624 exfat - ok
19:04:03.0315 2624 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:04:03.0346 2624 fastfat - ok
19:04:03.0642 2624 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
19:04:03.0720 2624 Fax - ok
19:04:03.0783 2624 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:04:03.0814 2624 fdc - ok
19:04:03.0861 2624 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:04:03.0939 2624 fdPHost - ok
19:04:03.0970 2624 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:04:04.0001 2624 FDResPub - ok
19:04:04.0048 2624 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:04:04.0063 2624 FileInfo - ok
19:04:04.0141 2624 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:04:04.0188 2624 Filetrace - ok
19:04:04.0219 2624 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:04:04.0235 2624 flpydisk - ok
19:04:04.0297 2624 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:04:04.0313 2624 FltMgr - ok
19:04:04.0438 2624 FontCache (7fe4995528a7529a761875151ee3d512) C:\Windows\system32\FntCache.dll
19:04:04.0485 2624 FontCache - ok
19:04:04.0594 2624 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:04:04.0594 2624 FontCache3.0.0.0 - ok
19:04:04.0625 2624 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:04:04.0641 2624 FsDepends - ok
19:04:04.0687 2624 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys
19:04:04.0687 2624 Fs_Rec - ok
19:04:04.0734 2624 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
19:04:04.0765 2624 fvevol - ok
19:04:04.0843 2624 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:04:04.0859 2624 gagp30kx - ok
19:04:05.0031 2624 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
19:04:05.0077 2624 gpsvc - ok
19:04:05.0140 2624 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:04:05.0171 2624 hcw85cir - ok
19:04:05.0389 2624 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
19:04:05.0436 2624 HdAudAddService - ok
19:04:05.0499 2624 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:04:05.0530 2624 HDAudBus - ok
19:04:05.0561 2624 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:04:05.0592 2624 HidBatt - ok
19:04:05.0623 2624 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:04:05.0639 2624 HidBth - ok
19:04:05.0670 2624 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:04:05.0701 2624 HidIr - ok
19:04:05.0748 2624 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
19:04:05.0826 2624 hidserv - ok
19:04:05.0920 2624 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
19:04:05.0967 2624 HidUsb - ok
19:04:05.0998 2624 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
19:04:06.0107 2624 hkmsvc - ok
19:04:06.0185 2624 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
19:04:06.0247 2624 HomeGroupListener - ok
19:04:06.0341 2624 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
19:04:06.0372 2624 HomeGroupProvider - ok
19:04:06.0435 2624 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
19:04:06.0450 2624 HpSAMD - ok
19:04:06.0559 2624 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
19:04:06.0622 2624 HTTP - ok
19:04:06.0637 2624 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
19:04:06.0653 2624 hwpolicy - ok
19:04:06.0715 2624 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
19:04:06.0747 2624 i8042prt - ok
19:04:06.0825 2624 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
19:04:06.0840 2624 iaStorV - ok
19:04:07.0168 2624 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:04:07.0215 2624 idsvc - ok
19:04:07.0870 2624 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
19:04:08.0073 2624 igfx - ok
19:04:08.0244 2624 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:04:08.0260 2624 iirsp - ok
19:04:08.0463 2624 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
19:04:08.0556 2624 IKEEXT - ok
19:04:08.0603 2624 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
19:04:08.0619 2624 intelide - ok
19:04:08.0634 2624 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:04:08.0681 2624 intelppm - ok
19:04:08.0728 2624 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:04:08.0806 2624 IPBusEnum - ok
19:04:08.0837 2624 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:04:08.0868 2624 IpFilterDriver - ok
19:04:08.0946 2624 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
19:04:08.0993 2624 iphlpsvc - ok
19:04:09.0024 2624 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:04:09.0055 2624 IPMIDRV - ok
19:04:09.0118 2624 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:04:09.0180 2624 IPNAT - ok
19:04:09.0211 2624 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:04:09.0258 2624 IRENUM - ok
19:04:09.0289 2624 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
19:04:09.0305 2624 isapnp - ok
19:04:09.0321 2624 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
19:04:09.0336 2624 iScsiPrt - ok
19:04:09.0383 2624 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:04:09.0399 2624 kbdclass - ok
19:04:09.0414 2624 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
19:04:09.0430 2624 kbdhid - ok
19:04:09.0477 2624 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:04:09.0508 2624 KeyIso - ok
19:04:09.0539 2624 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
19:04:09.0555 2624 KSecDD - ok
19:04:09.0570 2624 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
19:04:09.0586 2624 KSecPkg - ok
19:04:09.0633 2624 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:04:09.0695 2624 KtmRm - ok
19:04:09.0742 2624 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\system32\srvsvc.dll
19:04:09.0773 2624 LanmanServer - ok
19:04:09.0835 2624 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
19:04:09.0898 2624 LanmanWorkstation - ok
19:04:09.0991 2624 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:04:10.0038 2624 lltdio - ok
19:04:10.0163 2624 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:04:10.0210 2624 lltdsvc - ok
19:04:10.0225 2624 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:04:10.0272 2624 lmhosts - ok
19:04:10.0350 2624 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:04:10.0381 2624 LSI_FC - ok
19:04:10.0397 2624 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:04:10.0413 2624 LSI_SAS - ok
19:04:10.0444 2624 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:04:10.0459 2624 LSI_SAS2 - ok
19:04:10.0475 2624 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:04:10.0491 2624 LSI_SCSI - ok
19:04:10.0506 2624 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:04:10.0553 2624 luafv - ok
19:04:10.0631 2624 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
19:04:11.0021 2624 MBAMProtector - ok
19:04:11.0224 2624 MBAMService (de199f3aa9c541a349af95a5c72a71af) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:04:11.0411 2624 MBAMService - ok
19:04:11.0567 2624 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
19:04:11.0567 2624 MBAMSwissArmy - ok
19:04:11.0598 2624 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
19:04:11.0629 2624 Mcx2Svc - ok
19:04:11.0676 2624 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:04:11.0692 2624 megasas - ok
19:04:11.0723 2624 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:04:11.0739 2624 MegaSR - ok
19:04:11.0785 2624 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:04:11.0832 2624 MMCSS - ok
19:04:11.0848 2624 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:04:11.0895 2624 Modem - ok
19:04:11.0957 2624 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:04:11.0988 2624 monitor - ok
19:04:12.0004 2624 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
19:04:12.0019 2624 mouclass - ok
19:04:12.0082 2624 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:04:12.0113 2624 mouhid - ok
19:04:12.0316 2624 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
19:04:12.0331 2624 mountmgr - ok
19:04:12.0394 2624 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
19:04:12.0409 2624 mpio - ok
19:04:12.0441 2624 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:04:12.0503 2624 mpsdrv - ok
19:04:13.0486 2624 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
19:04:13.0564 2624 MpsSvc - ok
19:04:13.0611 2624 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
19:04:13.0626 2624 MRxDAV - ok
19:04:13.0657 2624 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:04:13.0673 2624 mrxsmb - ok
19:04:13.0704 2624 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:04:13.0720 2624 mrxsmb10 - ok
19:04:13.0813 2624 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:04:13.0845 2624 mrxsmb20 - ok
19:04:13.0845 2624 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
19:04:13.0860 2624 msahci - ok
19:04:13.0891 2624 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
19:04:13.0907 2624 msdsm - ok
19:04:13.0938 2624 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:04:13.0969 2624 MSDTC - ok
19:04:14.0001 2624 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:04:14.0047 2624 Msfs - ok
19:04:14.0063 2624 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:04:14.0157 2624 mshidkmdf - ok
19:04:14.0172 2624 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
19:04:14.0172 2624 msisadrv - ok
19:04:14.0375 2624 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:04:14.0562 2624 MSiSCSI - ok
19:04:14.0562 2624 msiserver - ok
19:04:14.0796 2624 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:04:14.0859 2624 MSKSSRV - ok
19:04:14.0983 2624 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:04:15.0077 2624 MSPCLOCK - ok
19:04:15.0093 2624 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:04:15.0124 2624 MSPQM - ok
19:04:15.0186 2624 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:04:15.0202 2624 MsRPC - ok
19:04:15.0233 2624 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
19:04:15.0249 2624 mssmbios - ok
19:04:15.0311 2624 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:04:15.0374 2624 MSTEE - ok
19:04:15.0390 2624 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:04:15.0468 2624 MTConfig - ok
19:04:15.0515 2624 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:04:15.0515 2624 Mup - ok
19:04:15.0562 2624 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
19:04:15.0608 2624 napagent - ok
19:04:15.0671 2624 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:04:15.0811 2624 NativeWifiP - ok
19:04:15.0874 2624 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
19:04:15.0905 2624 NDIS - ok
19:04:15.0967 2624 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:04:16.0061 2624 NdisCap - ok
19:04:16.0076 2624 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:04:16.0123 2624 NdisTapi - ok
19:04:16.0201 2624 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
19:04:16.0264 2624 Ndisuio - ok
19:04:16.0357 2624 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
19:04:16.0435 2624 NdisWan - ok
19:04:16.0529 2624 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
19:04:16.0560 2624 NDProxy - ok
19:04:16.0607 2624 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:04:16.0638 2624 NetBIOS - ok
19:04:16.0685 2624 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
19:04:16.0794 2624 NetBT - ok
19:04:16.0825 2624 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:04:16.0841 2624 Netlogon - ok
19:04:16.0903 2624 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:04:16.0934 2624 Netman - ok
19:04:16.0981 2624 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:04:17.0106 2624 netprofm - ok
19:04:17.0278 2624 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:04:17.0293 2624 NetTcpPortSharing - ok
19:04:18.0214 2624 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
19:04:18.0401 2624 netw5v32 - ok
19:04:18.0978 2624 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:04:18.0994 2624 nfrd960 - ok
19:04:19.0056 2624 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
19:04:19.0118 2624 NlaSvc - ok
19:04:19.0150 2624 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:04:19.0181 2624 Npfs - ok
19:04:19.0196 2624 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:04:19.0228 2624 nsi - ok
19:04:19.0259 2624 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:04:19.0306 2624 nsiproxy - ok
19:04:19.0524 2624 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
19:04:19.0836 2624 Ntfs - ok
19:04:19.0898 2624 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:04:19.0945 2624 Null - ok
19:04:19.0961 2624 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
19:04:19.0976 2624 nvraid - ok
19:04:20.0008 2624 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
19:04:20.0023 2624 nvstor - ok
19:04:20.0039 2624 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
19:04:20.0054 2624 nv_agp - ok
19:04:20.0101 2624 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
19:04:20.0195 2624 ohci1394 - ok
19:04:20.0257 2624 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:04:20.0429 2624 p2pimsvc - ok
19:04:20.0476 2624 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:04:20.0522 2624 p2psvc - ok
19:04:20.0600 2624 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:04:20.0632 2624 Parport - ok
19:04:20.0678 2624 partmgr (66d3415c159741ade7038a277efff99f) C:\Windows\system32\drivers\partmgr.sys
19:04:20.0694 2624 partmgr - ok
19:04:20.0710 2624 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:04:20.0772 2624 Parvdm - ok
19:04:20.0803 2624 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:04:20.0850 2624 PcaSvc - ok
19:04:20.0881 2624 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
19:04:20.0897 2624 pci - ok
19:04:20.0912 2624 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
19:04:20.0928 2624 pciide - ok
19:04:20.0959 2624 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:04:20.0975 2624 pcmcia - ok
19:04:21.0022 2624 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:04:21.0037 2624 pcw - ok
19:04:21.0100 2624 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:04:21.0162 2624 PEAUTH - ok
19:04:21.0271 2624 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
19:04:21.0365 2624 pla - ok
19:04:21.0614 2624 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
19:04:21.0646 2624 PlugPlay - ok
19:04:21.0677 2624 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:04:21.0739 2624 PNRPAutoReg - ok
19:04:21.0802 2624 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:04:21.0817 2624 PNRPsvc - ok
19:04:21.0895 2624 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
19:04:21.0942 2624 PolicyAgent - ok
19:04:21.0989 2624 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
19:04:22.0020 2624 Power - ok
19:04:22.0114 2624 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:04:22.0160 2624 PptpMiniport - ok
19:04:22.0254 2624 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:04:22.0270 2624 Processor - ok
19:04:22.0379 2624 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
19:04:22.0426 2624 ProfSvc - ok
19:04:22.0488 2624 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:04:22.0566 2624 ProtectedStorage - ok
19:04:22.0628 2624 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:04:22.0706 2624 Psched - ok
19:04:22.0862 2624 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:04:22.0940 2624 ql2300 - ok
19:04:23.0252 2624 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:04:23.0284 2624 ql40xx - ok
19:04:23.0362 2624 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:04:23.0408 2624 QWAVE - ok
19:04:23.0424 2624 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:04:23.0440 2624 QWAVEdrv - ok
19:04:23.0502 2624 R5U870FLx86 (68e04f3944e6f82c64b53f8a8f13fb3a) C:\Windows\system32\Drivers\R5U870FLx86.sys
19:04:23.0549 2624 R5U870FLx86 - ok
19:04:23.0596 2624 R5U870FUx86 (7f1356060d1894b46554a0d8e6f13958) C:\Windows\system32\Drivers\R5U870FUx86.sys
19:04:23.0627 2624 R5U870FUx86 - ok
19:04:23.0642 2624 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:04:23.0674 2624 RasAcd - ok
19:04:23.0720 2624 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:04:23.0767 2624 RasAgileVpn - ok
19:04:23.0783 2624 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:04:23.0814 2624 RasAuto - ok
19:04:23.0939 2624 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:04:24.0048 2624 Rasl2tp - ok
19:04:24.0095 2624 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
19:04:24.0157 2624 RasMan - ok
19:04:24.0220 2624 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:04:24.0251 2624 RasPppoe - ok
19:04:24.0298 2624 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:04:24.0391 2624 RasSstp - ok
19:04:24.0500 2624 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
19:04:24.0547 2624 rdbss - ok
19:04:24.0594 2624 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:04:24.0641 2624 rdpbus - ok
19:04:24.0672 2624 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:04:24.0719 2624 RDPCDD - ok
19:04:24.0781 2624 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:04:24.0812 2624 RDPENCDD - ok
19:04:24.0844 2624 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:04:24.0875 2624 RDPREFMP - ok
19:04:25.0015 2624 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys
19:04:25.0062 2624 RDPWD - ok
19:04:25.0171 2624 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
19:04:25.0202 2624 rdyboost - ok
19:04:25.0280 2624 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:04:25.0327 2624 RemoteAccess - ok
19:04:25.0374 2624 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:04:25.0452 2624 RemoteRegistry - ok
19:04:25.0577 2624 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
19:04:25.0608 2624 RFCOMM - ok
19:04:25.0655 2624 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:04:25.0686 2624 RpcEptMapper - ok
19:04:25.0717 2624 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:04:25.0733 2624 RpcLocator - ok
19:04:25.0780 2624 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
19:04:25.0842 2624 RpcSs - ok
19:04:25.0904 2624 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:04:25.0936 2624 rspndr - ok
19:04:25.0982 2624 RTL8167 (bcebd5d1aabce4efb7597635e347c44b) C:\Windows\system32\DRIVERS\Rt86win7.sys
19:04:26.0045 2624 RTL8167 - ok
19:04:26.0060 2624 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:04:26.0076 2624 SamSs - ok
19:04:26.0138 2624 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
19:04:26.0154 2624 sbp2port - ok
19:04:26.0653 2624 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:04:26.0716 2624 SCardSvr - ok
19:04:26.0778 2624 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
19:04:26.0825 2624 scfilter - ok
19:04:27.0059 2624 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
19:04:27.0215 2624 Schedule - ok
19:04:27.0262 2624 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
19:04:27.0293 2624 SCPolicySvc - ok
19:04:27.0324 2624 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
19:04:27.0371 2624 SDRSVC - ok
19:04:27.0418 2624 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:04:27.0449 2624 secdrv - ok
19:04:27.0480 2624 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:04:27.0527 2624 seclogon - ok
19:04:27.0558 2624 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
19:04:27.0605 2624 SENS - ok
19:04:27.0652 2624 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
19:04:27.0699 2624 SensrSvc - ok
19:04:27.0730 2624 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:04:27.0745 2624 Serenum - ok
19:04:27.0792 2624 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:04:27.0808 2624 Serial - ok
19:04:27.0823 2624 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:04:27.0855 2624 sermouse - ok
19:04:27.0886 2624 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
19:04:27.0933 2624 SessionEnv - ok
19:04:27.0948 2624 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
19:04:27.0979 2624 SFEP - ok
19:04:27.0995 2624 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
19:04:28.0026 2624 sffdisk - ok
19:04:28.0042 2624 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:04:28.0057 2624 sffp_mmc - ok
19:04:28.0089 2624 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:04:28.0120 2624 sffp_sd - ok
19:04:28.0151 2624 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:04:28.0167 2624 sfloppy - ok
19:04:28.0385 2624 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:04:28.0432 2624 SharedAccess - ok
19:04:28.0494 2624 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
19:04:28.0557 2624 ShellHWDetection - ok
19:04:28.0588 2624 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
19:04:28.0603 2624 sisagp - ok
19:04:28.0666 2624 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:04:28.0681 2624 SiSRaid2 - ok
19:04:28.0728 2624 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:04:28.0744 2624 SiSRaid4 - ok
19:04:28.0775 2624 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:04:28.0822 2624 Smb - ok
19:04:28.0915 2624 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:04:28.0962 2624 SNMPTRAP - ok
19:04:29.0134 2624 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:04:29.0149 2624 spldr - ok
19:04:29.0196 2624 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
19:04:29.0290 2624 Spooler - ok
19:04:29.0539 2624 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
19:04:29.0695 2624 sppsvc - ok
19:04:29.0836 2624 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
19:04:29.0867 2624 sppuinotify - ok
19:04:29.0929 2624 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
19:04:29.0961 2624 srv - ok
19:04:29.0992 2624 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
19:04:30.0007 2624 srv2 - ok
19:04:30.0054 2624 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:04:30.0085 2624 SrvHsfHDA - ok
19:04:30.0148 2624 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:04:30.0210 2624 SrvHsfV92 - ok
19:04:30.0304 2624 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:04:30.0351 2624 SrvHsfWinac - ok
19:04:30.0397 2624 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
19:04:30.0413 2624 srvnet - ok
19:04:30.0460 2624 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:04:30.0491 2624 SSDPSRV - ok
19:04:30.0538 2624 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:04:30.0600 2624 SstpSvc - ok
19:04:30.0631 2624 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:04:30.0647 2624 stexstor - ok
19:04:30.0709 2624 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
19:04:30.0756 2624 StiSvc - ok
19:04:30.0803 2624 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
19:04:30.0834 2624 swenum - ok
19:04:30.0881 2624 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:04:30.0928 2624 swprv - ok
19:04:31.0006 2624 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
19:04:31.0068 2624 SysMain - ok
19:04:31.0255 2624 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
19:04:31.0271 2624 TabletInputService - ok
19:04:31.0318 2624 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
19:04:31.0365 2624 TapiSrv - ok
19:04:31.0380 2624 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:04:31.0427 2624 TBS - ok
19:04:32.0145 2624 Tcpip (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\drivers\tcpip.sys
19:04:32.0223 2624 Tcpip - ok
19:04:32.0254 2624 TCPIP6 (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\DRIVERS\tcpip.sys
19:04:32.0285 2624 TCPIP6 - ok
19:04:32.0332 2624 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
19:04:32.0363 2624 tcpipreg - ok
19:04:32.0394 2624 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
19:04:32.0425 2624 TDPIPE - ok
19:04:32.0457 2624 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys
19:04:32.0503 2624 TDTCP - ok
19:04:32.0519 2624 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
19:04:32.0550 2624 tdx - ok
19:04:32.0566 2624 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
19:04:32.0581 2624 TermDD - ok
19:04:32.0659 2624 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
19:04:32.0737 2624 TermService - ok
19:04:32.0784 2624 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:04:32.0815 2624 Themes - ok
19:04:32.0847 2624 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:04:32.0893 2624 THREADORDER - ok
19:04:33.0003 2624 ti21sony (030f439ac1ccda7ac6ce01cc02102045) C:\Windows\system32\drivers\ti21sony.sys
19:04:33.0081 2624 ti21sony - ok
19:04:33.0127 2624 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:04:33.0252 2624 TrkWks - ok
19:04:33.0330 2624 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
19:04:33.0377 2624 TrustedInstaller - ok
19:04:33.0439 2624 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:04:33.0471 2624 tssecsrv - ok
19:04:33.0517 2624 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
19:04:33.0549 2624 tunnel - ok
19:04:33.0580 2624 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:04:33.0595 2624 uagp35 - ok
19:04:33.0658 2624 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
19:04:33.0689 2624 udfs - ok
19:04:33.0736 2624 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:04:33.0767 2624 UI0Detect - ok
19:04:33.0798 2624 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
19:04:33.0814 2624 uliagpkx - ok
19:04:33.0876 2624 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
19:04:33.0892 2624 umbus - ok
19:04:33.0923 2624 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:04:33.0954 2624 UmPass - ok
19:04:34.0001 2624 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:04:34.0063 2624 upnphost - ok
19:04:34.0344 2624 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
19:04:34.0375 2624 usbaudio - ok
19:04:34.0578 2624 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
19:04:34.0672 2624 usbccgp - ok
19:04:35.0286 2624 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
19:04:35.0467 2624 usbcir - ok
19:04:35.0740 2624 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
19:04:35.0767 2624 usbehci - ok
19:04:35.0804 2624 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
19:04:35.0928 2624 usbhub - ok
19:04:35.0988 2624 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
19:04:36.0014 2624 usbohci - ok
19:04:36.0042 2624 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:04:36.0071 2624 usbprint - ok
19:04:36.0100 2624 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\drivers\USBSTOR.SYS
19:04:36.0130 2624 USBSTOR - ok
19:04:36.0155 2624 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys
19:04:36.0178 2624 usbuhci - ok
19:04:36.0692 2624 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
19:04:36.0708 2624 usbvideo - ok
19:04:36.0855 2624 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:04:36.0892 2624 UxSms - ok
19:04:37.0170 2624 VAIO Event Service (8a9f18adad471402236ca931553bf79b) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
19:04:37.0192 2624 VAIO Event Service - ok
19:04:37.0229 2624 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
19:04:37.0273 2624 VaultSvc - ok
19:04:37.0306 2624 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
19:04:37.0320 2624 vdrvroot - ok
19:04:37.0553 2624 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
19:04:37.0614 2624 vds - ok
19:04:37.0640 2624 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:04:37.0668 2624 vga - ok
19:04:37.0680 2624 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:04:37.0711 2624 VgaSave - ok
19:04:37.0862 2624 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
19:04:37.0880 2624 vhdmp - ok
19:04:37.0910 2624 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
19:04:37.0928 2624 viaagp - ok
19:04:37.0944 2624 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:04:38.0003 2624 ViaC7 - ok
19:04:38.0017 2624 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
19:04:38.0066 2624 viaide - ok
19:04:38.0111 2624 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
19:04:38.0130 2624 volmgr - ok
19:04:38.0164 2624 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:04:38.0189 2624 volmgrx - ok
19:04:38.0242 2624 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
19:04:38.0261 2624 volsnap - ok
19:04:38.0308 2624 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:04:38.0325 2624 vsmraid - ok
19:04:38.0412 2624 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
19:04:38.0447 2624 VSS - ok
19:04:38.0471 2624 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:04:38.0496 2624 vwifibus - ok
19:04:38.0522 2624 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:04:38.0570 2624 W32Time - ok
19:04:38.0597 2624 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:04:38.0617 2624 WacomPen - ok
19:04:38.0642 2624 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:04:38.0675 2624 WANARP - ok
19:04:38.0679 2624 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
19:04:38.0710 2624 Wanarpv6 - ok
19:04:38.0848 2624 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
19:04:38.0919 2624 WatAdminSvc - ok
19:04:38.0999 2624 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
19:04:39.0069 2624 wbengine - ok
19:04:39.0088 2624 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:04:39.0133 2624 WbioSrvc - ok
19:04:39.0179 2624 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll
19:04:39.0221 2624 wcncsvc - ok
19:04:39.0233 2624 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:04:39.0266 2624 WcsPlugInService - ok
19:04:39.0303 2624 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:04:39.0318 2624 Wd - ok
19:04:39.0350 2624 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:04:39.0388 2624 Wdf01000 - ok
19:04:39.0432 2624 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:04:39.0452 2624 WdiServiceHost - ok
19:04:39.0462 2624 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:04:39.0482 2624 WdiSystemHost - ok
19:04:39.0529 2624 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll
19:04:39.0549 2624 WebClient - ok
19:04:39.0585 2624 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:04:39.0620 2624 Wecsvc - ok
19:04:39.0644 2624 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:04:39.0681 2624 wercplsupport - ok
19:04:39.0705 2624 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:04:39.0738 2624 WerSvc - ok
19:04:39.0767 2624 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:04:39.0798 2624 WfpLwf - ok
19:04:39.0811 2624 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:04:39.0825 2624 WIMMount - ok
19:04:39.0915 2624 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:04:39.0960 2624 WinDefend - ok
19:04:39.0968 2624 WinHttpAutoProxySvc - ok
19:04:40.0038 2624 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:04:40.0068 2624 Winmgmt - ok
19:04:40.0147 2624 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
19:04:40.0219 2624 WinRM - ok
19:04:40.0335 2624 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:04:40.0413 2624 Wlansvc - ok
19:04:40.0476 2624 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:04:40.0514 2624 WmiAcpi - ok
19:04:40.0579 2624 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:04:40.0604 2624 wmiApSrv - ok
19:04:40.0995 2624 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:04:41.0074 2624 WMPNetworkSvc - ok
19:04:41.0102 2624 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:04:41.0135 2624 WPCSvc - ok
19:04:41.0152 2624 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
19:04:41.0169 2624 WPDBusEnum - ok
19:04:41.0214 2624 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:04:41.0258 2624 ws2ifsl - ok
19:04:41.0285 2624 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\System32\wscsvc.dll
19:04:41.0310 2624 wscsvc - ok
19:04:41.0314 2624 WSearch - ok
19:04:41.0428 2624 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
19:04:41.0483 2624 wuauserv - ok
19:04:41.0564 2624 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
19:04:41.0595 2624 WudfPf - ok
19:04:41.0632 2624 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:04:41.0664 2624 WUDFRd - ok
19:04:41.0706 2624 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
19:04:41.0739 2624 wudfsvc - ok
19:04:41.0769 2624 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:04:41.0800 2624 WwanSvc - ok
19:04:41.0834 2624 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:04:42.0121 2624 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
19:04:42.0121 2624 \Device\Harddisk0\DR0 - detected TDSS File System (1)
19:04:42.0131 2624 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
19:04:44.0996 2624 \Device\Harddisk3\DR3 - ok
19:04:45.0007 2624 Boot (0x1200) (9c0743fb52727fc4022bbf8189d4e3c8) \Device\Harddisk0\DR0\Partition0
19:04:45.0009 2624 \Device\Harddisk0\DR0\Partition0 - ok
19:04:45.0016 2624 Boot (0x1200) (d88ad6a5bd2f4e1cddb5a3282fca9f04) \Device\Harddisk0\DR0\Partition1
19:04:45.0017 2624 \Device\Harddisk0\DR0\Partition1 - ok
19:04:45.0022 2624 Boot (0x1200) (159501e237a19e9530e471ff79c1b5ce) \Device\Harddisk3\DR3\Partition0
19:04:45.0023 2624 \Device\Harddisk3\DR3\Partition0 - ok
19:04:45.0026 2624 ============================================================
19:04:45.0026 2624 Scan finished
19:04:45.0026 2624 ============================================================
19:04:45.0047 2748 Detected object count: 1
19:04:45.0048 2748 Actual detected object count: 1
19:04:51.0638 2748 \Device\Harddisk0\DR0\TDLFS - deleted
19:04:51.0638 2748 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
19:04:53.0834 3364 Deinitialize success

ran it twice.
15:47:53.0933 3224 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
15:47:53.0980 3224 ============================================================
15:47:53.0980 3224 Current date / time: 2012/05/17 15:47:53.0980
15:47:53.0980 3224 SystemInfo:
15:47:53.0980 3224
15:47:53.0980 3224 OS Version: 6.1.7600 ServicePack: 0.0
15:47:53.0980 3224 Product type: Workstation
15:47:53.0980 3224 ComputerName: OWNER-PC
15:47:53.0980 3224 UserName: Owner
15:47:53.0980 3224 Windows directory: C:\Windows
15:47:53.0980 3224 System windows directory: C:\Windows
15:47:53.0980 3224 Processor architecture: Intel x86
15:47:53.0980 3224 Number of processors: 2
15:47:53.0980 3224 Page size: 0x1000
15:47:53.0980 3224 Boot type: Normal boot
15:47:53.0980 3224 ============================================================
15:47:56.0351 3224 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:47:56.0367 3224 Drive \Device\Harddisk3\DR3 - Size: 0x1DE000000 (7.47 Gb), SectorSize: 0x200, Cylinders: 0x3CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:47:56.0367 3224 \Device\Harddisk0\DR0:
15:47:56.0367 3224 MBR used
15:47:56.0367 3224 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:47:56.0367 3224 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
15:47:56.0367 3224 \Device\Harddisk3\DR3:
15:47:56.0367 3224 MBR used
15:47:56.0367 3224 \Device\Harddisk3\DR3\Partition0: MBR, Type 0xC, StartLBA 0x50, BlocksNum 0xEEFFB0
15:47:56.0383 3224 Initialize success
15:47:56.0383 3224 ============================================================
15:47:58.0457 3316 ============================================================
15:47:58.0457 3316 Scan started
15:47:58.0457 3316 Mode: Manual;
15:47:58.0457 3316 ============================================================
15:47:59.0768 3316 Scan interrupted by user!
15:47:59.0768 3316 Scan interrupted by user!
15:47:59.0768 3316 Scan interrupted by user!
15:47:59.0768 3316 ============================================================
15:47:59.0768 3316 Scan finished
15:47:59.0768 3316 ============================================================
15:47:59.0799 3304 Detected object count: 0
15:47:59.0799 3304 Actual detected object count: 0
15:48:03.0574 3344 ============================================================
15:48:03.0574 3344 Scan started
15:48:03.0574 3344 Mode: Manual; SigCheck; TDLFS;
15:48:03.0574 3344 ============================================================
15:48:03.0839 3344 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
15:48:03.0980 3344 1394ohci - ok
15:48:04.0042 3344 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
15:48:04.0073 3344 ACPI - ok
15:48:04.0167 3344 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
15:48:04.0245 3344 AcpiPmi - ok
15:48:04.0307 3344 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:48:04.0354 3344 adp94xx - ok
15:48:04.0495 3344 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:48:04.0541 3344 adpahci - ok
15:48:04.0713 3344 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:48:04.0744 3344 adpu320 - ok
15:48:04.0791 3344 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:48:04.0853 3344 AeLookupSvc - ok
15:48:04.0963 3344 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
15:48:05.0025 3344 AFD - ok
15:48:05.0087 3344 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
15:48:05.0103 3344 agp440 - ok
15:48:05.0275 3344 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:48:05.0353 3344 aic78xx - ok
15:48:05.0680 3344 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:48:05.0774 3344 ALG - ok
15:48:05.0883 3344 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
15:48:05.0899 3344 aliide - ok
15:48:05.0914 3344 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
15:48:05.0930 3344 amdagp - ok
15:48:05.0945 3344 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
15:48:05.0961 3344 amdide - ok
15:48:06.0008 3344 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:48:06.0039 3344 AmdK8 - ok
15:48:06.0055 3344 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:48:06.0086 3344 AmdPPM - ok
15:48:06.0242 3344 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys
15:48:06.0273 3344 amdsata - ok
15:48:06.0335 3344 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:48:06.0367 3344 amdsbs - ok
15:48:06.0398 3344 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys
15:48:06.0413 3344 amdxata - ok
15:48:06.0507 3344 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
15:48:06.0538 3344 AppID - ok
15:48:06.0616 3344 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:48:06.0679 3344 AppIDSvc - ok
15:48:06.0725 3344 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
15:48:06.0757 3344 Appinfo - ok
15:48:06.0866 3344 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:48:06.0897 3344 arc - ok
15:48:06.0944 3344 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:48:06.0975 3344 arcsas - ok
15:48:07.0022 3344 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:48:07.0147 3344 AsyncMac - ok
15:48:07.0240 3344 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
15:48:07.0256 3344 atapi - ok
15:48:07.0349 3344 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
15:48:07.0427 3344 AudioEndpointBuilder - ok
15:48:07.0459 3344 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
15:48:07.0490 3344 Audiosrv - ok
15:48:07.0583 3344 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
15:48:07.0661 3344 AxInstSV - ok
15:48:07.0755 3344 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:48:07.0817 3344 b06bdrv - ok
15:48:07.0942 3344 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:48:07.0989 3344 b57nd60x - ok
15:48:08.0067 3344 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:48:08.0129 3344 BDESVC - ok
15:48:08.0301 3344 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:48:08.0348 3344 Beep - ok
15:48:08.0519 3344 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
15:48:08.0629 3344 BFE - ok
15:48:08.0691 3344 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\System32\qmgr.dll
15:48:08.0769 3344 BITS - ok
15:48:08.0831 3344 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:48:08.0863 3344 blbdrive - ok
15:48:08.0972 3344 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
15:48:09.0003 3344 bowser - ok
15:48:09.0050 3344 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:48:09.0081 3344 BrFiltLo - ok
15:48:09.0159 3344 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:48:09.0206 3344 BrFiltUp - ok
15:48:09.0299 3344 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
15:48:09.0362 3344 Browser - ok
15:48:09.0409 3344 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:48:09.0471 3344 Brserid - ok
15:48:09.0518 3344 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:48:09.0565 3344 BrSerWdm - ok
15:48:09.0643 3344 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:48:09.0705 3344 BrUsbMdm - ok
15:48:09.0736 3344 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:48:09.0767 3344 BrUsbSer - ok
15:48:09.0861 3344 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
15:48:09.0908 3344 BthEnum - ok
15:48:09.0986 3344 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:48:10.0048 3344 BTHMODEM - ok
15:48:10.0111 3344 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
15:48:10.0157 3344 BthPan - ok
15:48:10.0235 3344 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\Windows\System32\Drivers\BTHport.sys
15:48:10.0282 3344 BTHPORT - ok
15:48:10.0391 3344 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:48:10.0469 3344 bthserv - ok
15:48:10.0563 3344 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\Windows\System32\Drivers\BTHUSB.sys
15:48:10.0594 3344 BTHUSB - ok
15:48:10.0657 3344 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:48:10.0719 3344 cdfs - ok
15:48:10.0813 3344 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
15:48:10.0859 3344 cdrom - ok
15:48:10.0937 3344 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
15:48:11.0000 3344 CertPropSvc - ok
15:48:11.0062 3344 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:48:11.0093 3344 circlass - ok
15:48:11.0171 3344 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:48:11.0218 3344 CLFS - ok
15:48:11.0312 3344 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:48:11.0343 3344 clr_optimization_v2.0.50727_32 - ok
15:48:11.0405 3344 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:48:11.0452 3344 clr_optimization_v4.0.30319_32 - ok
15:48:11.0530 3344 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:48:11.0577 3344 CmBatt - ok
15:48:11.0624 3344 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
15:48:11.0655 3344 cmdide - ok
15:48:11.0733 3344 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
15:48:11.0780 3344 CNG - ok
15:48:11.0889 3344 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:48:11.0905 3344 Compbatt - ok
15:48:11.0967 3344 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:48:12.0014 3344 CompositeBus - ok
15:48:12.0045 3344 COMSysApp - ok
15:48:12.0092 3344 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:48:12.0107 3344 crcdisk - ok
15:48:12.0201 3344 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
15:48:12.0263 3344 CryptSvc - ok
15:48:12.0341 3344 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
15:48:12.0404 3344 DcomLaunch - ok
15:48:12.0451 3344 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:48:12.0497 3344 defragsvc - ok
15:48:12.0607 3344 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
15:48:12.0653 3344 DfsC - ok
15:48:12.0747 3344 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
15:48:12.0841 3344 Dhcp - ok
15:48:12.0919 3344 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:48:13.0012 3344 discache - ok
15:48:13.0090 3344 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:48:13.0106 3344 Disk - ok
15:48:13.0168 3344 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
15:48:13.0199 3344 Dnscache - ok
15:48:13.0293 3344 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
15:48:13.0355 3344 dot3svc - ok
15:48:13.0402 3344 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
15:48:13.0433 3344 DPS - ok
15:48:13.0527 3344 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:48:13.0558 3344 drmkaud - ok
15:48:13.0667 3344 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys
15:48:13.0699 3344 DXGKrnl - ok
15:48:13.0761 3344 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:48:13.0808 3344 EapHost - ok
15:48:13.0995 3344 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:48:14.0135 3344 ebdrv - ok
15:48:14.0213 3344 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
15:48:14.0229 3344 EFS - ok
15:48:14.0307 3344 ehRecvr (1697c39978cd69f6fbc15302edcece1f) C:\Windows\ehome\ehRecvr.exe
15:48:14.0354 3344 ehRecvr - ok
15:48:14.0385 3344 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:48:14.0416 3344 ehSched - ok
15:48:14.0541 3344 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:48:14.0603 3344 elxstor - ok
15:48:14.0635 3344 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
15:48:14.0681 3344 ErrDev - ok
15:48:14.0759 3344 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:48:14.0822 3344 EventSystem - ok
15:48:14.0915 3344 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:48:14.0962 3344 exfat - ok
15:48:15.0009 3344 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:48:15.0056 3344 fastfat - ok
15:48:15.0134 3344 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
15:48:15.0212 3344 Fax - ok
15:48:15.0305 3344 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:48:15.0352 3344 fdc - ok
15:48:15.0383 3344 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:48:15.0446 3344 fdPHost - ok
15:48:15.0508 3344 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:48:15.0571 3344 FDResPub - ok
15:48:15.0680 3344 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:48:15.0695 3344 FileInfo - ok
15:48:15.0742 3344 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:48:15.0789 3344 Filetrace - ok
15:48:15.0851 3344 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:48:15.0898 3344 flpydisk - ok
15:48:15.0992 3344 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:48:16.0023 3344 FltMgr - ok
15:48:16.0101 3344 FontCache (7fe4995528a7529a761875151ee3d512) C:\Windows\system32\FntCache.dll
15:48:16.0163 3344 FontCache - ok
15:48:16.0257 3344 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:48:16.0288 3344 FontCache3.0.0.0 - ok
15:48:16.0351 3344 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:48:16.0366 3344 FsDepends - ok
15:48:16.0397 3344 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
15:48:16.0413 3344 Fs_Rec - ok
15:48:16.0475 3344 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
15:48:16.0507 3344 fvevol - ok
15:48:16.0569 3344 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:48:16.0600 3344 gagp30kx - ok
15:48:16.0663 3344 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
15:48:16.0741 3344 gpsvc - ok
15:48:16.0803 3344 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:48:16.0834 3344 hcw85cir - ok
15:48:16.0928 3344 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
15:48:16.0959 3344 HdAudAddService - ok
15:48:17.0053 3344 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:48:17.0084 3344 HDAudBus - ok
15:48:17.0162 3344 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:48:17.0193 3344 HidBatt - ok
15:48:17.0240 3344 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:48:17.0287 3344 HidBth - ok
15:48:17.0365 3344 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:48:17.0427 3344 HidIr - ok
15:48:17.0489 3344 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
15:48:17.0536 3344 hidserv - ok
15:48:17.0614 3344 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
15:48:17.0645 3344 HidUsb - ok
15:48:17.0708 3344 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
15:48:17.0770 3344 hkmsvc - ok
15:48:17.0833 3344 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
15:48:17.0864 3344 HomeGroupListener - ok
15:48:17.0911 3344 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
15:48:17.0942 3344 HomeGroupProvider - ok
15:48:18.0020 3344 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
15:48:18.0051 3344 HpSAMD - ok
15:48:18.0176 3344 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
15:48:18.0254 3344 HTTP - ok
15:48:18.0301 3344 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
15:48:18.0332 3344 hwpolicy - ok
15:48:18.0410 3344 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
15:48:18.0457 3344 i8042prt - ok
15:48:18.0535 3344 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys
15:48:18.0581 3344 iaStorV - ok
15:48:18.0691 3344 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:48:18.0737 3344 idsvc - ok
15:48:19.0003 3344 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:48:19.0205 3344 igfx - ok
15:48:19.0268 3344 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:48:19.0299 3344 iirsp - ok
15:48:19.0424 3344 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
15:48:19.0517 3344 IKEEXT - ok
15:48:19.0564 3344 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
15:48:19.0564 3344 intelide - ok
15:48:19.0611 3344 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:48:19.0658 3344 intelppm - ok
15:48:19.0705 3344 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:48:19.0767 3344 IPBusEnum - ok
15:48:19.0829 3344 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:48:19.0892 3344 IpFilterDriver - ok
15:48:19.0985 3344 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
15:48:20.0079 3344 iphlpsvc - ok
15:48:20.0173 3344 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:48:20.0219 3344 IPMIDRV - ok
15:48:20.0251 3344 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:48:20.0313 3344 IPNAT - ok
15:48:20.0360 3344 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:48:20.0407 3344 IRENUM - ok
15:48:20.0516 3344 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
15:48:20.0531 3344 isapnp - ok
15:48:20.0578 3344 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
15:48:20.0609 3344 iScsiPrt - ok
15:48:20.0656 3344 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:48:20.0687 3344 kbdclass - ok
15:48:20.0719 3344 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
15:48:20.0734 3344 kbdhid - ok
15:48:20.0843 3344 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:48:20.0859 3344 KeyIso - ok
15:48:20.0921 3344 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
15:48:20.0953 3344 KSecDD - ok
15:48:20.0984 3344 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
15:48:20.0999 3344 KSecPkg - ok
15:48:21.0109 3344 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:48:21.0249 3344 KtmRm - ok
15:48:21.0327 3344 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\system32\srvsvc.dll
15:48:21.0374 3344 LanmanServer - ok
15:48:21.0467 3344 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
15:48:21.0499 3344 LanmanWorkstation - ok
15:48:21.0592 3344 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:48:21.0655 3344 lltdio - ok
15:48:21.0717 3344 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:48:21.0779 3344 lltdsvc - ok
15:48:21.0857 3344 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:48:21.0889 3344 lmhosts - ok
15:48:21.0982 3344 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:48:22.0013 3344 LSI_FC - ok
15:48:22.0060 3344 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:48:22.0091 3344 LSI_SAS - ok
15:48:22.0138 3344 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:48:22.0154 3344 LSI_SAS2 - ok
15:48:22.0232 3344 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:48:22.0263 3344 LSI_SCSI - ok
15:48:22.0325 3344 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:48:22.0388 3344 luafv - ok
15:48:22.0466 3344 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
15:48:22.0513 3344 MBAMProtector - ok
15:48:22.0622 3344 MBAMService (de199f3aa9c541a349af95a5c72a71af) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:48:22.0669 3344 MBAMService - ok
15:48:22.0793 3344 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
15:48:22.0840 3344 MBAMSwissArmy - ok
15:48:22.0887 3344 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
15:48:22.0918 3344 Mcx2Svc - ok
15:48:22.0965 3344 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:48:22.0981 3344 megasas - ok
15:48:23.0074 3344 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:48:23.0105 3344 MegaSR - ok
15:48:23.0152 3344 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:48:23.0230 3344 MMCSS - ok
15:48:23.0308 3344 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:48:23.0371 3344 Modem - ok
15:48:23.0449 3344 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:48:23.0480 3344 monitor - ok
15:48:23.0527 3344 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:48:23.0558 3344 mouclass - ok
15:48:23.0636 3344 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:48:23.0667 3344 mouhid - ok
15:48:23.0761 3344 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
15:48:23.0776 3344 mountmgr - ok
15:48:23.0807 3344 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
15:48:23.0823 3344 mpio - ok
15:48:23.0870 3344 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:48:23.0917 3344 mpsdrv - ok
15:48:23.0963 3344 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
15:48:24.0041 3344 MpsSvc - ok
15:48:24.0135 3344 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
15:48:24.0166 3344 MRxDAV - ok
15:48:24.0229 3344 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:48:24.0275 3344 mrxsmb - ok
15:48:24.0307 3344 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:48:24.0338 3344 mrxsmb10 - ok
15:48:24.0416 3344 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:48:24.0447 3344 mrxsmb20 - ok
15:48:24.0494 3344 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
15:48:24.0509 3344 msahci - ok
15:48:24.0541 3344 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
15:48:24.0556 3344 msdsm - ok
15:48:24.0587 3344 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:48:24.0619 3344 MSDTC - ok
15:48:24.0728 3344 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:48:24.0759 3344 Msfs - ok
15:48:24.0821 3344 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:48:24.0884 3344 mshidkmdf - ok
15:48:24.0915 3344 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
15:48:24.0946 3344 msisadrv - ok
15:48:25.0009 3344 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:48:25.0055 3344 MSiSCSI - ok
15:48:25.0118 3344 msiserver - ok
15:48:25.0196 3344 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:48:25.0243 3344 MSKSSRV - ok
15:48:25.0289 3344 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:48:25.0321 3344 MSPCLOCK - ok
15:48:25.0352 3344 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:48:25.0383 3344 MSPQM - ok
15:48:25.0461 3344 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:48:25.0477 3344 MsRPC - ok
15:48:25.0523 3344 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
15:48:25.0555 3344 mssmbios - ok
15:48:25.0601 3344 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:48:25.0633 3344 MSTEE - ok
15:48:25.0679 3344 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:48:25.0711 3344 MTConfig - ok
15:48:25.0789 3344 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:48:25.0820 3344 Mup - ok
15:48:25.0867 3344 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
15:48:25.0913 3344 napagent - ok
15:48:26.0023 3344 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:48:26.0069 3344 NativeWifiP - ok
15:48:26.0163 3344 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
15:48:26.0194 3344 NDIS - ok
15:48:26.0241 3344 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:48:26.0303 3344 NdisCap - ok
15:48:26.0413 3344 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:48:26.0475 3344 NdisTapi - ok
15:48:26.0569 3344 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
15:48:26.0615 3344 Ndisuio - ok
15:48:26.0647 3344 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
15:48:26.0678 3344 NdisWan - ok
15:48:26.0725 3344 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
15:48:26.0740 3344 NDProxy - ok
15:48:26.0818 3344 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\Windows\system32\HPZinw12.dll
15:48:26.0849 3344 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:48:26.0849 3344 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:48:26.0959 3344 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:48:27.0021 3344 NetBIOS - ok
15:48:27.0068 3344 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
15:48:27.0130 3344 NetBT - ok
15:48:27.0177 3344 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:48:27.0193 3344 Netlogon - ok
15:48:27.0302 3344 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:48:27.0349 3344 Netman - ok
15:48:27.0427 3344 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:48:27.0489 3344 netprofm - ok
15:48:27.0551 3344 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:48:27.0583 3344 NetTcpPortSharing - ok
15:48:27.0817 3344 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
15:48:27.0988 3344 netw5v32 - ok
15:48:28.0051 3344 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:48:28.0066 3344 nfrd960 - ok
15:48:28.0129 3344 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
15:48:28.0207 3344 NlaSvc - ok
15:48:28.0285 3344 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:48:28.0331 3344 Npfs - ok
15:48:28.0378 3344 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:48:28.0425 3344 nsi - ok
15:48:28.0487 3344 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:48:28.0534 3344 nsiproxy - ok
15:48:28.0628 3344 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys
15:48:28.0690 3344 Ntfs - ok
15:48:28.0768 3344 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:48:28.0815 3344 Null - ok
15:48:28.0862 3344 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys
15:48:28.0893 3344 nvraid - ok
15:48:28.0940 3344 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys
15:48:28.0955 3344 nvstor - ok
15:48:29.0018 3344 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
15:48:29.0049 3344 nv_agp - ok
15:48:29.0127 3344 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
15:48:29.0174 3344 ohci1394 - ok
15:48:29.0252 3344 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:48:29.0299 3344 p2pimsvc - ok
15:48:29.0345 3344 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:48:29.0392 3344 p2psvc - ok
15:48:29.0486 3344 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:48:29.0533 3344 Parport - ok
15:48:29.0579 3344 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
15:48:29.0595 3344 partmgr - ok
15:48:29.0642 3344 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:48:29.0673 3344 Parvdm - ok
15:48:29.0735 3344 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:48:29.0751 3344 PcaSvc - ok
15:48:29.0860 3344 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
15:48:29.0891 3344 pci - ok
15:48:29.0938 3344 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
15:48:29.0954 3344 pciide - ok
15:48:30.0001 3344 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:48:30.0016 3344 pcmcia - ok
15:48:30.0047 3344 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:48:30.0063 3344 pcw - ok
15:48:30.0188 3344 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:48:30.0250 3344 PEAUTH - ok
15:48:30.0375 3344 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
15:48:30.0484 3344 pla - ok
15:48:30.0562 3344 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
15:48:30.0609 3344 PlugPlay - ok
15:48:30.0718 3344 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\Windows\system32\HPZipm12.dll
15:48:30.0734 3344 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:48:30.0734 3344 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:48:30.0781 3344 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:48:30.0827 3344 PNRPAutoReg - ok
15:48:30.0874 3344 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:48:30.0890 3344 PNRPsvc - ok
15:48:30.0952 3344 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
15:48:31.0030 3344 PolicyAgent - ok
15:48:31.0139 3344 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
15:48:31.0202 3344 Power - ok
15:48:31.0264 3344 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:48:31.0327 3344 PptpMiniport - ok
15:48:31.0358 3344 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:48:31.0373 3344 Processor - ok
15:48:31.0498 3344 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
15:48:31.0561 3344 ProfSvc - ok
15:48:31.0623 3344 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:48:31.0654 3344 ProtectedStorage - ok
15:48:31.0717 3344 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:48:31.0763 3344 Psched - ok
15:48:31.0919 3344 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:48:32.0013 3344 ql2300 - ok
15:48:32.0060 3344 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:48:32.0075 3344 ql40xx - ok
15:48:32.0138 3344 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:48:32.0185 3344 QWAVE - ok
15:48:32.0231 3344 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:48:32.0263 3344 QWAVEdrv - ok
15:48:32.0372 3344 R5U870FLx86 (68e04f3944e6f82c64b53f8a8f13fb3a) C:\Windows\system32\Drivers\R5U870FLx86.sys
15:48:32.0419 3344 R5U870FLx86 - ok
15:48:32.0497 3344 R5U870FUx86 (7f1356060d1894b46554a0d8e6f13958) C:\Windows\system32\Drivers\R5U870FUx86.sys
15:48:32.0528 3344 R5U870FUx86 - ok
15:48:32.0575 3344 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:48:32.0621 3344 RasAcd - ok
15:48:32.0699 3344 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:48:32.0762 3344 RasAgileVpn - ok
15:48:32.0793 3344 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:48:32.0840 3344 RasAuto - ok
15:48:32.0887 3344 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:48:32.0949 3344 Rasl2tp - ok
15:48:32.0996 3344 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
15:48:33.0058 3344 RasMan - ok
15:48:33.0152 3344 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:48:33.0214 3344 RasPppoe - ok
15:48:33.0277 3344 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:48:33.0323 3344 RasSstp - ok
15:48:33.0386 3344 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
15:48:33.0417 3344 rdbss - ok
15:48:33.0448 3344 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:48:33.0479 3344 rdpbus - ok
15:48:33.0573 3344 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:48:33.0620 3344 RDPCDD - ok
15:48:33.0667 3344 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:48:33.0713 3344 RDPENCDD - ok
15:48:33.0760 3344 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:48:33.0823 3344 RDPREFMP - ok
15:48:33.0869 3344 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
15:48:33.0901 3344 RDPWD - ok
15:48:33.0994 3344 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
15:48:34.0010 3344 rdyboost - ok
15:48:34.0072 3344 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:48:34.0119 3344 RemoteAccess - ok
15:48:34.0181 3344 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:48:34.0244 3344 RemoteRegistry - ok
15:48:34.0384 3344 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
15:48:34.0431 3344 RFCOMM - ok
15:48:34.0478 3344 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:48:34.0525 3344 RpcEptMapper - ok
15:48:34.0649 3344 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:48:34.0727 3344 RpcLocator - ok
15:48:34.0977 3344 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
15:48:35.0039 3344 RpcSs - ok
15:48:35.0164 3344 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:48:35.0211 3344 rspndr - ok
15:48:35.0273 3344 RTL8167 (bcebd5d1aabce4efb7597635e347c44b) C:\Windows\system32\DRIVERS\Rt86win7.sys
15:48:35.0351 3344 RTL8167 - ok
15:48:35.0398 3344 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:48:35.0414 3344 SamSs - ok
15:48:35.0570 3344 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
15:48:35.0585 3344 sbp2port - ok
15:48:35.0617 3344 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:48:35.0648 3344 SCardSvr - ok
15:48:35.0679 3344 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
15:48:35.0710 3344 scfilter - ok
15:48:35.0960 3344 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
15:48:36.0038 3344 Schedule - ok
15:48:36.0241 3344 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
15:48:36.0272 3344 SCPolicySvc - ok
15:48:38.0627 3344 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
15:48:38.0705 3344 SDRSVC - ok
15:48:38.0893 3344 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:48:38.0955 3344 secdrv - ok
15:48:39.0017 3344 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:48:39.0080 3344 seclogon - ok
15:48:39.0517 3344 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
15:48:39.0579 3344 SENS - ok
15:48:39.0797 3344 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:48:39.0891 3344 SensrSvc - ok
15:48:39.0938 3344 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:48:39.0985 3344 Serenum - ok
15:48:40.0031 3344 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:48:40.0125 3344 Serial - ok
15:48:40.0172 3344 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:48:40.0343 3344 sermouse - ok
15:48:40.0437 3344 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
15:48:40.0531 3344 SessionEnv - ok
15:48:40.0609 3344 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
15:48:40.0624 3344 SFEP - ok
15:48:40.0749 3344 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
15:48:40.0765 3344 sffdisk - ok
15:48:40.0796 3344 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:48:40.0811 3344 sffp_mmc - ok
15:48:40.0874 3344 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\Windows\system32\DRIVERS\sffp_sd.sys
15:48:40.0905 3344 sffp_sd - ok
15:48:41.0014 3344 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:48:41.0045 3344 sfloppy - ok
15:48:41.0108 3344 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:48:41.0155 3344 SharedAccess - ok
15:48:41.0279 3344 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
15:48:41.0311 3344 ShellHWDetection - ok
15:48:41.0389 3344 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
15:48:41.0404 3344 sisagp - ok
15:48:41.0482 3344 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:48:41.0498 3344 SiSRaid2 - ok
15:48:41.0545 3344 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:48:41.0560 3344 SiSRaid4 - ok
15:48:41.0669 3344 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:48:41.0794 3344 Smb - ok
15:48:42.0013 3344 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:48:42.0106 3344 SNMPTRAP - ok
15:48:42.0309 3344 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:48:42.0325 3344 spldr - ok
15:48:42.0449 3344 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
15:48:42.0481 3344 Spooler - ok
15:48:42.0995 3344 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
15:48:43.0198 3344 sppsvc - ok
15:48:43.0370 3344 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
15:48:43.0463 3344 sppuinotify - ok
15:48:43.0838 3344 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
15:48:43.0963 3344 srv - ok
15:48:44.0150 3344 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
15:48:44.0165 3344 srv2 - ok
15:48:44.0321 3344 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
15:48:44.0384 3344 SrvHsfHDA - ok
15:48:44.0477 3344 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
15:48:44.0524 3344 SrvHsfV92 - ok
15:48:44.0774 3344 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
15:48:44.0821 3344 SrvHsfWinac - ok
15:48:45.0023 3344 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
15:48:45.0070 3344 srvnet - ok
15:48:45.0273 3344 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:48:45.0304 3344 SSDPSRV - ok
15:48:45.0382 3344 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:48:45.0460 3344 SstpSvc - ok
15:48:45.0772 3344 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:48:45.0850 3344 stexstor - ok
15:48:46.0022 3344 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
15:48:46.0084 3344 StiSvc - ok
15:48:46.0131 3344 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
15:48:46.0147 3344 swenum - ok
15:48:46.0365 3344 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:48:46.0396 3344 swprv - ok
15:48:46.0537 3344 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
15:48:46.0646 3344 SysMain - ok
15:48:46.0755 3344 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
15:48:46.0802 3344 TabletInputService - ok
15:48:47.0098 3344 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
15:48:47.0145 3344 TapiSrv - ok
15:48:47.0207 3344 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:48:47.0270 3344 TBS - ok
15:48:47.0753 3344 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys
15:48:47.0847 3344 Tcpip - ok
15:48:48.0237 3344 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys
15:48:48.0299 3344 TCPIP6 - ok
15:48:48.0440 3344 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
15:48:48.0487 3344 tcpipreg - ok
15:48:48.0596 3344 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
15:48:48.0643 3344 TDPIPE - ok
15:48:49.0329 3344 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
15:48:49.0407 3344 TDTCP - ok
15:48:49.0454 3344 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
15:48:49.0485 3344 tdx - ok
15:48:49.0547 3344 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
15:48:49.0563 3344 TermDD - ok
15:48:49.0750 3344 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
15:48:49.0813 3344 TermService - ok
15:48:49.0937 3344 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:48:49.0953 3344 Themes - ok
15:48:50.0047 3344 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:48:50.0078 3344 THREADORDER - ok
15:48:50.0234 3344 ti21sony (030f439ac1ccda7ac6ce01cc02102045) C:\Windows\system32\drivers\ti21sony.sys
15:48:50.0281 3344 ti21sony - ok
15:48:50.0452 3344 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:48:50.0546 3344 TrkWks - ok
15:48:50.0717 3344 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
15:48:50.0780 3344 TrustedInstaller - ok
15:48:50.0967 3344 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:48:50.0998 3344 tssecsrv - ok
15:48:51.0076 3344 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
15:48:51.0107 3344 tunnel - ok
15:48:51.0232 3344 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:48:51.0248 3344 uagp35 - ok
15:48:51.0373 3344 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
15:48:51.0404 3344 udfs - ok
15:48:51.0544 3344 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:48:51.0575 3344 UI0Detect - ok
15:48:51.0669 3344 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
15:48:51.0700 3344 uliagpkx - ok
15:48:51.0825 3344 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
15:48:51.0872 3344 umbus - ok
15:48:51.0903 3344 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:48:51.0934 3344 UmPass - ok
15:48:51.0997 3344 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:48:52.0043 3344 upnphost - ok
15:48:52.0168 3344 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\Windows\system32\Drivers\usbaapl.sys
15:48:52.0184 3344 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
15:48:52.0184 3344 USBAAPL - detected UnsignedFile.Multi.Generic (1)
15:48:52.0293 3344 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys
15:48:52.0324 3344 usbaudio - ok
15:48:52.0465 3344 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys
15:48:52.0496 3344 usbccgp - ok
15:48:52.0683 3344 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
15:48:52.0699 3344 usbcir - ok
15:48:52.0823 3344 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys
15:48:52.0855 3344 usbehci - ok
15:48:52.0917 3344 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys
15:48:52.0933 3344 usbhub - ok
15:48:52.0964 3344 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\drivers\usbohci.sys
15:48:52.0995 3344 usbohci - ok
15:48:53.0323 3344 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:48:53.0369 3344 usbprint - ok
15:48:53.0525 3344 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\drivers\USBSTOR.SYS
15:48:53.0557 3344 USBSTOR - ok
15:48:53.0588 3344 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\DRIVERS\usbuhci.sys
15:48:53.0603 3344 usbuhci - ok
15:48:53.0759 3344 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\Windows\System32\Drivers\usbvideo.sys
15:48:53.0775 3344 usbvideo - ok
15:48:53.0869 3344 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:48:53.0900 3344 UxSms - ok
15:48:54.0025 3344 VAIO Event Service (8a9f18adad471402236ca931553bf79b) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
15:48:54.0040 3344 VAIO Event Service - ok
15:48:54.0134 3344 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
15:48:54.0149 3344 VaultSvc - ok
15:48:54.0212 3344 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
15:48:54.0227 3344 vdrvroot - ok
15:48:54.0305 3344 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
15:48:54.0352 3344 vds - ok
15:48:54.0446 3344 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:48:54.0461 3344 vga - ok
15:48:54.0555 3344 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:48:54.0586 3344 VgaSave - ok
15:48:54.0649 3344 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
15:48:54.0664 3344 vhdmp - ok
15:48:54.0758 3344 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
15:48:54.0773 3344 viaagp - ok
15:48:54.0820 3344 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:48:54.0836 3344 ViaC7 - ok
15:48:54.0898 3344 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
15:48:54.0898 3344 viaide - ok
15:48:54.0945 3344 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
15:48:54.0961 3344 volmgr - ok
15:48:55.0070 3344 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:48:55.0085 3344 volmgrx - ok
15:48:55.0132 3344 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
15:48:55.0148 3344 volsnap - ok
15:48:55.0210 3344 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:48:55.0226 3344 vsmraid - ok
15:48:55.0397 3344 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
15:48:55.0444 3344 VSS - ok
15:48:55.0522 3344 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
15:48:55.0538 3344 vwifibus - ok
15:48:55.0694 3344 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:48:55.0865 3344 W32Time - ok
15:48:55.0943 3344 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:48:55.0959 3344 WacomPen - ok
15:48:56.0146 3344 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
15:48:56.0193 3344 WANARP - ok
15:48:56.0193 3344 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
15:48:56.0224 3344 Wanarpv6 - ok
15:48:56.0567 3344 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
15:48:56.0677 3344 WatAdminSvc - ok
15:48:56.0864 3344 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
15:48:56.0926 3344 wbengine - ok
15:48:56.0957 3344 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:48:57.0004 3344 WbioSrvc - ok
15:48:57.0098 3344 wcncsvc (6d9b75275c3e3a5f51aef81affadb2b6) C:\Windows\System32\wcncsvc.dll
15:48:57.0129 3344 wcncsvc - ok
15:48:57.0176 3344 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:48:57.0207 3344 WcsPlugInService - ok
15:48:57.0254 3344 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:48:57.0269 3344 Wd - ok
15:48:57.0332 3344 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:48:57.0347 3344 Wdf01000 - ok
15:48:57.0441 3344 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:48:57.0472 3344 WdiServiceHost - ok
15:48:57.0488 3344 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:48:57.0503 3344 WdiSystemHost - ok
15:48:57.0581 3344 WebClient (bb5ec38f8d4600119b4720bc5d4211f1) C:\Windows\System32\webclnt.dll
15:48:57.0613 3344 WebClient - ok
15:48:57.0644 3344 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:48:57.0691 3344 Wecsvc - ok
15:48:57.0878 3344 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:48:57.0909 3344 wercplsupport - ok
15:48:57.0956 3344 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:48:57.0987 3344 WerSvc - ok
15:48:58.0096 3344 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:48:58.0143 3344 WfpLwf - ok
15:48:58.0190 3344 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:48:58.0205 3344 WIMMount - ok
15:48:58.0268 3344 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:48:58.0299 3344 WinDefend - ok
15:48:58.0299 3344 WinHttpAutoProxySvc - ok
15:48:58.0486 3344 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:48:58.0517 3344 Winmgmt - ok
15:48:58.0627 3344 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
15:48:58.0736 3344 WinRM - ok
15:48:58.0923 3344 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:48:58.0970 3344 Wlansvc - ok
15:48:59.0032 3344 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:48:59.0063 3344 WmiAcpi - ok
15:48:59.0204 3344 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:48:59.0235 3344 wmiApSrv - ok
15:48:59.0344 3344 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:48:59.0375 3344 WMPNetworkSvc - ok
15:48:59.0531 3344 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:48:59.0563 3344 WPCSvc - ok
15:48:59.0609 3344 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
15:48:59.0641 3344 WPDBusEnum - ok
15:48:59.0719 3344 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:48:59.0765 3344 ws2ifsl - ok
15:48:59.0812 3344 wscsvc (a661a76333057b383a06e65f0073222f) C:\Windows\System32\wscsvc.dll
15:48:59.0843 3344 wscsvc - ok
15:48:59.0890 3344 WSearch - ok
15:49:00.0031 3344 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
15:49:00.0093 3344 wuauserv - ok
15:49:00.0218 3344 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
15:49:00.0249 3344 WudfPf - ok
15:49:00.0561 3344 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:49:00.0592 3344 WUDFRd - ok
15:49:00.0717 3344 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
15:49:00.0764 3344 wudfsvc - ok
15:49:00.0779 3344 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:49:00.0826 3344 WwanSvc - ok
15:49:00.0857 3344 MBR (0x1B8) (c0dcf0ac171db02db8b0014c5d767cf1) \Device\Harddisk0\DR0
15:49:00.0889 3344 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
15:49:00.0889 3344 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
15:49:00.0935 3344 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:49:00.0935 3344 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:49:00.0935 3344 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
15:49:03.0806 3344 \Device\Harddisk3\DR3 - ok
15:49:03.0821 3344 Boot (0x1200) (9c0743fb52727fc4022bbf8189d4e3c8) \Device\Harddisk0\DR0\Partition0
15:49:03.0821 3344 \Device\Harddisk0\DR0\Partition0 - ok
15:49:03.0837 3344 Boot (0x1200) (d88ad6a5bd2f4e1cddb5a3282fca9f04) \Device\Harddisk0\DR0\Partition1
15:49:03.0931 3344 \Device\Harddisk0\DR0\Partition1 - ok
15:49:03.0931 3344 Boot (0x1200) (159501e237a19e9530e471ff79c1b5ce) \Device\Harddisk3\DR3\Partition0
15:49:03.0931 3344 \Device\Harddisk3\DR3\Partition0 - ok
15:49:03.0931 3344 ============================================================
15:49:03.0931 3344 Scan finished
15:49:03.0931 3344 ============================================================
15:49:03.0946 3336 Detected object count: 5
15:49:03.0946 3336 Actual detected object count: 5

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:20 PM

Posted 20 May 2012 - 02:07 PM

Hi

IMPORTANT NOTE: One or more of the identified infections is a backdoor Trojan.

Backdoor Trojans, Botnets, and IRCBots are very dangerous because they compromise system integrity by making changes that allow it to be used by the attacker for malicious purposes.
They can disable your anti-virus and security tools to prevent detection and removal. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms.
This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is then sent back to the hacker.
Read Danger: Remote Access Trojans.

You should disconnect the computer from the Internet and from any networked computers until it is cleaned. If your computer was used for online banking, paying bills, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for taxes, email, eBay, paypal and any other online activities.
You should consider them to be compromised and change passwords from a clean computer, not the infected one. If not, an attacker may get the new passwords and transaction information.
Banking and credit card institutions should be notified immediately of the possible security breach. Failure to notify your financial institution and local law enforcement can result in refusal to reimburse funds lost due to fraud or similar criminal activity.
If using a router, you need to reset it with a strong logon/password before connecting again.

Although the infection has been identified and may be removed, your machine has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if the malware appears to have been removed.
In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them.
Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:
Reimaging the system
Restoring the entire system using a full system backup from before the backdoor infection
Reformatting and reinstalling the system

Backdoors and What They Mean to You

This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say:

The only way to clean a compromised system is to flatten and rebuild. That's right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).

Help: I Got Hacked. Now What Do I Do?.

We will do our best to clean the computer of any infections seen on the log.
However, because of the nature of this Trojan, I cannot offer a total
guarantee that there are no remnants left in the system, or that the
computer will be trustworthy.

Many security experts believe that once infected with this type of Trojan,
the best course of action is to reformat and reinstall the Operating System.
Making this decision is based on what the computer is used for, and what
information can be accessed from it.

Knowing the above, do you wish to proceed with cleaning the malware from the computer?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 SuperstarSal

SuperstarSal
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:20 AM

Posted 20 May 2012 - 04:01 PM

Yes I do.

#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:20 PM

Posted 20 May 2012 - 04:28 PM

Hi

Ok we will need a deeper look:

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:20 PM

Posted 21 May 2012 - 05:01 PM

Malware topic here: http://www.bleepingcomputer.com/forums/topic454408.html

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MR Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users