Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan.dropper.bcminer keeps reinstalling


  • Please log in to reply
7 replies to this topic

#1 kkills

kkills

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 16 July 2012 - 09:15 PM

Hi - I am using a windows 7 based 64-bit system and firefox as a browser. I cannot get rid of this trojan.dropper.BCminer. I keep gettign redirected while using firefox, and I also started hearing audio through my speakers even though no applications were running (malwarebytes took care of the audio issue). MalwareBytes will find TrojanDropper.BCMiner and say it is removed, but after rebooting another scan will find it again. Please help me.

-Kkills

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:37 AM

Posted 16 July 2012 - 11:13 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 kkills

kkills
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 17 July 2012 - 01:27 AM

here are the logs you requested

TDSSkiller:

22:35:05.0028 0460 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
22:35:05.0512 0460 ============================================================
22:35:05.0512 0460 Current date / time: 2012/07/16 22:35:05.0512
22:35:05.0512 0460 SystemInfo:
22:35:05.0512 0460
22:35:05.0512 0460 OS Version: 6.1.7601 ServicePack: 1.0
22:35:05.0512 0460 Product type: Workstation
22:35:05.0512 0460 ComputerName: KPC
22:35:05.0512 0460 UserName: Kyle
22:35:05.0512 0460 Windows directory: C:\Windows
22:35:05.0512 0460 System windows directory: C:\Windows
22:35:05.0512 0460 Running under WOW64
22:35:05.0512 0460 Processor architecture: Intel x64
22:35:05.0512 0460 Number of processors: 2
22:35:05.0512 0460 Page size: 0x1000
22:35:05.0512 0460 Boot type: Normal boot
22:35:05.0512 0460 ============================================================
22:35:07.0307 0460 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:35:07.0322 0460 ============================================================
22:35:07.0322 0460 \Device\Harddisk0\DR0:
22:35:07.0322 0460 MBR partitions:
22:35:07.0322 0460 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
22:35:07.0322 0460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
22:35:07.0322 0460 ============================================================
22:35:07.0338 0460 C: <-> \Device\Harddisk0\DR0\Partition1
22:35:07.0338 0460 ============================================================
22:35:07.0338 0460 Initialize success
22:35:07.0338 0460 ============================================================
22:35:44.0476 0436 ============================================================
22:35:44.0476 0436 Scan started
22:35:44.0476 0436 Mode: Manual; TDLFS;
22:35:44.0476 0436 ============================================================
22:35:45.0677 0436 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:35:45.0693 0436 1394ohci - ok
22:35:45.0724 0436 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:35:45.0755 0436 ACPI - ok
22:35:45.0771 0436 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:35:45.0771 0436 AcpiPmi - ok
22:35:45.0849 0436 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:35:45.0849 0436 AdobeARMservice - ok
22:35:45.0974 0436 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:35:45.0989 0436 AdobeFlashPlayerUpdateSvc - ok
22:35:46.0052 0436 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
22:35:46.0083 0436 adp94xx - ok
22:35:46.0114 0436 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
22:35:46.0130 0436 adpahci - ok
22:35:46.0161 0436 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
22:35:46.0176 0436 adpu320 - ok
22:35:46.0208 0436 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:35:46.0208 0436 AeLookupSvc - ok
22:35:46.0286 0436 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:35:46.0301 0436 AFD - ok
22:35:46.0332 0436 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:35:46.0348 0436 agp440 - ok
22:35:46.0582 0436 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:35:46.0582 0436 ALG - ok
22:35:46.0613 0436 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:35:46.0613 0436 aliide - ok
22:35:46.0629 0436 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:35:46.0629 0436 amdide - ok
22:35:46.0660 0436 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
22:35:46.0660 0436 AmdK8 - ok
22:35:46.0676 0436 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
22:35:46.0691 0436 AmdPPM - ok
22:35:46.0707 0436 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:35:46.0722 0436 amdsata - ok
22:35:46.0738 0436 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
22:35:46.0754 0436 amdsbs - ok
22:35:46.0769 0436 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:35:46.0769 0436 amdxata - ok
22:35:46.0800 0436 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:35:46.0800 0436 AppID - ok
22:35:46.0832 0436 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:35:46.0832 0436 AppIDSvc - ok
22:35:46.0863 0436 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:35:46.0863 0436 Appinfo - ok
22:35:46.0956 0436 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:35:46.0956 0436 Apple Mobile Device - ok
22:35:46.0988 0436 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
22:35:46.0988 0436 arc - ok
22:35:47.0003 0436 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
22:35:47.0019 0436 arcsas - ok
22:35:47.0066 0436 aspnet_state - ok
22:35:47.0112 0436 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:35:47.0112 0436 AsyncMac - ok
22:35:47.0144 0436 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:35:47.0144 0436 atapi - ok
22:35:47.0222 0436 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:35:47.0253 0436 AudioEndpointBuilder - ok
22:35:47.0253 0436 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:35:47.0268 0436 AudioSrv - ok
22:35:47.0596 0436 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:35:47.0596 0436 AxInstSV - ok
22:35:47.0643 0436 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
22:35:47.0658 0436 b06bdrv - ok
22:35:47.0721 0436 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:35:47.0721 0436 b57nd60a - ok
22:35:47.0768 0436 b57xdbd (a424cb46a145e5aabf15621550976df2) C:\Windows\system32\DRIVERS\b57xdbd.sys
22:35:47.0768 0436 b57xdbd - ok
22:35:47.0783 0436 b57xdmp (be4e6fd5a898812b85d5817ad9754a9f) C:\Windows\system32\DRIVERS\b57xdmp.sys
22:35:47.0783 0436 b57xdmp - ok
22:35:47.0861 0436 BBSvc (87f3bcf82a63e900af896cd930bf7e05) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:35:47.0877 0436 BBSvc - ok
22:35:47.0939 0436 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:35:47.0955 0436 BBUpdate - ok
22:35:48.0220 0436 BCM43XX (11f844b46b631337395651abe9c4167b) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:35:48.0267 0436 BCM43XX - ok
22:35:48.0610 0436 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:35:48.0610 0436 BDESVC - ok
22:35:48.0657 0436 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:35:48.0657 0436 Beep - ok
22:35:48.0719 0436 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:35:48.0766 0436 BITS - ok
22:35:48.0782 0436 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
22:35:48.0782 0436 blbdrive - ok
22:35:48.0953 0436 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:35:48.0969 0436 Bonjour Service - ok
22:35:49.0031 0436 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:35:49.0031 0436 bowser - ok
22:35:49.0062 0436 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
22:35:49.0062 0436 BrFiltLo - ok
22:35:49.0078 0436 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
22:35:49.0078 0436 BrFiltUp - ok
22:35:49.0109 0436 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:35:49.0109 0436 Browser - ok
22:35:49.0156 0436 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:35:49.0156 0436 Brserid - ok
22:35:49.0187 0436 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:35:49.0187 0436 BrSerWdm - ok
22:35:49.0203 0436 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:35:49.0218 0436 BrUsbMdm - ok
22:35:49.0234 0436 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:35:49.0234 0436 BrUsbSer - ok
22:35:49.0296 0436 bScsiMSa (0970d8b7151e9113bf8d44ce2e954df7) C:\Windows\system32\DRIVERS\bScsiMSa.sys
22:35:49.0296 0436 bScsiMSa - ok
22:35:49.0328 0436 bScsiSDa (0c1eee5af32402d306874b110de237ec) C:\Windows\system32\DRIVERS\bScsiSDa.sys
22:35:49.0328 0436 bScsiSDa - ok
22:35:49.0359 0436 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
22:35:49.0374 0436 BTHMODEM - ok
22:35:49.0421 0436 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:35:49.0421 0436 bthserv - ok
22:35:49.0452 0436 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:35:49.0452 0436 cdfs - ok
22:35:49.0484 0436 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:35:49.0499 0436 cdrom - ok
22:35:49.0546 0436 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:35:49.0546 0436 CertPropSvc - ok
22:35:49.0577 0436 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
22:35:49.0577 0436 circlass - ok
22:35:49.0608 0436 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:35:49.0624 0436 CLFS - ok
22:35:49.0686 0436 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:35:49.0686 0436 clr_optimization_v2.0.50727_32 - ok
22:35:49.0718 0436 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:35:49.0733 0436 clr_optimization_v2.0.50727_64 - ok
22:35:49.0796 0436 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:35:49.0811 0436 clr_optimization_v4.0.30319_32 - ok
22:35:49.0842 0436 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:35:49.0858 0436 clr_optimization_v4.0.30319_64 - ok
22:35:49.0889 0436 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
22:35:49.0889 0436 CmBatt - ok
22:35:49.0920 0436 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:35:49.0920 0436 cmdide - ok
22:35:49.0983 0436 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
22:35:49.0998 0436 CNG - ok
22:35:50.0045 0436 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
22:35:50.0045 0436 Compbatt - ok
22:35:50.0061 0436 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:35:50.0061 0436 CompositeBus - ok
22:35:50.0076 0436 COMSysApp - ok
22:35:50.0092 0436 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
22:35:50.0092 0436 crcdisk - ok
22:35:50.0139 0436 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
22:35:50.0139 0436 CryptSvc - ok
22:35:50.0279 0436 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:35:50.0310 0436 cvhsvc - ok
22:35:50.0373 0436 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:35:50.0404 0436 DcomLaunch - ok
22:35:50.0451 0436 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:35:50.0466 0436 defragsvc - ok
22:35:50.0513 0436 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:35:50.0513 0436 DfsC - ok
22:35:50.0560 0436 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:35:50.0576 0436 Dhcp - ok
22:35:50.0700 0436 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:35:50.0700 0436 discache - ok
22:35:50.0747 0436 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
22:35:50.0747 0436 Disk - ok
22:35:50.0794 0436 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:35:50.0810 0436 Dnscache - ok
22:35:50.0825 0436 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:35:50.0841 0436 dot3svc - ok
22:35:50.0856 0436 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:35:50.0856 0436 DPS - ok
22:35:50.0888 0436 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:35:50.0903 0436 drmkaud - ok
22:35:50.0997 0436 DsiWMIService (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:35:51.0012 0436 DsiWMIService - ok
22:35:51.0090 0436 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:35:51.0106 0436 DXGKrnl - ok
22:35:51.0137 0436 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:35:51.0137 0436 EapHost - ok
22:35:51.0402 0436 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
22:35:51.0480 0436 ebdrv - ok
22:35:51.0574 0436 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:35:51.0574 0436 EFS - ok
22:35:51.0652 0436 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:35:51.0699 0436 ehRecvr - ok
22:35:51.0730 0436 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:35:51.0730 0436 ehSched - ok
22:35:51.0824 0436 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
22:35:51.0839 0436 elxstor - ok
22:35:51.0964 0436 ePowerSvc (48425c93b6f36529707206e4fa680cf3) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
22:35:51.0995 0436 ePowerSvc - ok
22:35:52.0089 0436 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:35:52.0089 0436 ErrDev - ok
22:35:52.0151 0436 ETD (dbaa0c650c9549dc5c599d1e81dedaad) C:\Windows\system32\DRIVERS\ETD.sys
22:35:52.0151 0436 ETD - ok
22:35:52.0198 0436 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:35:52.0229 0436 EventSystem - ok
22:35:52.0260 0436 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:35:52.0260 0436 exfat - ok
22:35:52.0292 0436 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:35:52.0292 0436 fastfat - ok
22:35:52.0354 0436 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:35:52.0385 0436 Fax - ok
22:35:52.0401 0436 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
22:35:52.0401 0436 fdc - ok
22:35:52.0416 0436 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:35:52.0432 0436 fdPHost - ok
22:35:52.0432 0436 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:35:52.0448 0436 FDResPub - ok
22:35:52.0463 0436 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:35:52.0463 0436 FileInfo - ok
22:35:52.0479 0436 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:35:52.0479 0436 Filetrace - ok
22:35:52.0494 0436 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
22:35:52.0510 0436 flpydisk - ok
22:35:52.0526 0436 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:35:52.0541 0436 FltMgr - ok
22:35:52.0619 0436 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:35:52.0666 0436 FontCache - ok
22:35:52.0713 0436 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:35:52.0713 0436 FontCache3.0.0.0 - ok
22:35:52.0744 0436 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:35:52.0744 0436 FsDepends - ok
22:35:52.0791 0436 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:35:52.0791 0436 Fs_Rec - ok
22:35:52.0822 0436 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:35:52.0838 0436 fvevol - ok
22:35:52.0869 0436 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
22:35:52.0869 0436 gagp30kx - ok
22:35:52.0916 0436 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:35:52.0916 0436 GEARAspiWDM - ok
22:35:52.0978 0436 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:35:53.0025 0436 gpsvc - ok
22:35:53.0119 0436 GREGService (c9b2d1d3f86fd3673ef847def73b6f9e) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
22:35:53.0119 0436 GREGService - ok
22:35:53.0134 0436 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:35:53.0134 0436 hcw85cir - ok
22:35:53.0197 0436 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:35:53.0212 0436 HdAudAddService - ok
22:35:53.0243 0436 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:35:53.0243 0436 HDAudBus - ok
22:35:53.0275 0436 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
22:35:53.0275 0436 HidBatt - ok
22:35:53.0290 0436 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
22:35:53.0290 0436 HidBth - ok
22:35:53.0306 0436 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
22:35:53.0306 0436 HidIr - ok
22:35:53.0337 0436 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:35:53.0337 0436 hidserv - ok
22:35:53.0368 0436 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:35:53.0368 0436 HidUsb - ok
22:35:53.0399 0436 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:35:53.0399 0436 hkmsvc - ok
22:35:53.0431 0436 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:35:53.0446 0436 HomeGroupListener - ok
22:35:53.0477 0436 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:35:53.0493 0436 HomeGroupProvider - ok
22:35:53.0524 0436 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:35:53.0524 0436 HpSAMD - ok
22:35:53.0587 0436 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:35:53.0618 0436 HTTP - ok
22:35:53.0633 0436 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:35:53.0633 0436 hwpolicy - ok
22:35:53.0649 0436 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:35:53.0665 0436 i8042prt - ok
22:35:53.0711 0436 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys
22:35:53.0727 0436 iaStor - ok
22:35:53.0821 0436 IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
22:35:53.0836 0436 IAStorDataMgrSvc - ok
22:35:53.0867 0436 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:35:53.0899 0436 iaStorV - ok
22:35:53.0992 0436 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:35:54.0023 0436 idsvc - ok
22:35:54.0601 0436 igfx (9937600a1584ff00565d5379eb4c9edb) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:35:54.0881 0436 igfx - ok
22:35:55.0022 0436 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
22:35:55.0022 0436 iirsp - ok
22:35:55.0100 0436 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:35:55.0162 0436 IKEEXT - ok
22:35:55.0381 0436 IntcAzAudAddService (b60accd29f8fafc4a6344cd2bd5ca3a5) C:\Windows\system32\drivers\RTKVHD64.sys
22:35:55.0412 0436 IntcAzAudAddService - ok
22:35:55.0552 0436 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
22:35:55.0583 0436 IntcDAud - ok
22:35:55.0599 0436 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:35:55.0615 0436 intelide - ok
22:35:55.0630 0436 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:35:55.0630 0436 intelppm - ok
22:35:55.0661 0436 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:35:55.0677 0436 IPBusEnum - ok
22:35:55.0693 0436 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:35:55.0708 0436 IpFilterDriver - ok
22:35:55.0724 0436 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:35:55.0724 0436 IPMIDRV - ok
22:35:55.0755 0436 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:35:55.0771 0436 IPNAT - ok
22:35:55.0880 0436 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
22:35:55.0911 0436 iPod Service - ok
22:35:55.0927 0436 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:35:55.0942 0436 IRENUM - ok
22:35:55.0958 0436 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:35:55.0958 0436 isapnp - ok
22:35:55.0973 0436 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:35:55.0989 0436 iScsiPrt - ok
22:35:56.0051 0436 k57nd60a (455b75c19bf3f1f2ee3ac10e1169826c) C:\Windows\system32\DRIVERS\k57nd60a.sys
22:35:56.0051 0436 k57nd60a - ok
22:35:56.0067 0436 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:35:56.0083 0436 kbdclass - ok
22:35:56.0114 0436 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
22:35:56.0114 0436 kbdhid - ok
22:35:56.0129 0436 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:35:56.0145 0436 KeyIso - ok
22:35:56.0176 0436 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
22:35:56.0176 0436 KSecDD - ok
22:35:56.0192 0436 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
22:35:56.0192 0436 KSecPkg - ok
22:35:56.0207 0436 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:35:56.0207 0436 ksthunk - ok
22:35:56.0270 0436 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:35:56.0285 0436 KtmRm - ok
22:35:56.0332 0436 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:35:56.0348 0436 LanmanServer - ok
22:35:56.0379 0436 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:35:56.0395 0436 LanmanWorkstation - ok
22:35:56.0457 0436 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
22:35:56.0473 0436 Live Updater Service - ok
22:35:56.0504 0436 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:35:56.0504 0436 lltdio - ok
22:35:56.0551 0436 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:35:56.0566 0436 lltdsvc - ok
22:35:56.0582 0436 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:35:56.0582 0436 lmhosts - ok
22:35:56.0675 0436 LMS (d7e0bed3ea21d7bddd410ade51708d90) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:35:56.0691 0436 LMS - ok
22:35:56.0738 0436 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
22:35:56.0738 0436 LSI_FC - ok
22:35:56.0753 0436 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
22:35:56.0753 0436 LSI_SAS - ok
22:35:56.0800 0436 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
22:35:56.0800 0436 LSI_SAS2 - ok
22:35:56.0816 0436 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
22:35:56.0816 0436 LSI_SCSI - ok
22:35:56.0847 0436 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:35:56.0863 0436 luafv - ok
22:35:56.0894 0436 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:35:56.0894 0436 Mcx2Svc - ok
22:35:56.0925 0436 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
22:35:56.0925 0436 megasas - ok
22:35:56.0956 0436 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
22:35:56.0972 0436 MegaSR - ok
22:35:56.0987 0436 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
22:35:56.0987 0436 MEIx64 - ok
22:35:57.0019 0436 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:35:57.0019 0436 MMCSS - ok
22:35:57.0034 0436 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:35:57.0034 0436 Modem - ok
22:35:57.0081 0436 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:35:57.0081 0436 monitor - ok
22:35:57.0097 0436 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:35:57.0097 0436 mouclass - ok
22:35:57.0128 0436 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:35:57.0128 0436 mouhid - ok
22:35:57.0143 0436 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:35:57.0143 0436 mountmgr - ok
22:35:57.0253 0436 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:35:57.0268 0436 MozillaMaintenance - ok
22:35:57.0315 0436 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:35:57.0315 0436 mpio - ok
22:35:57.0331 0436 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:35:57.0346 0436 mpsdrv - ok
22:35:57.0362 0436 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:35:57.0362 0436 MRxDAV - ok
22:35:57.0409 0436 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:35:57.0409 0436 mrxsmb - ok
22:35:57.0455 0436 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:35:57.0471 0436 mrxsmb10 - ok
22:35:57.0487 0436 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:35:57.0487 0436 mrxsmb20 - ok
22:35:57.0502 0436 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:35:57.0518 0436 msahci - ok
22:35:57.0533 0436 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:35:57.0549 0436 msdsm - ok
22:35:57.0580 0436 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:35:57.0580 0436 MSDTC - ok
22:35:57.0596 0436 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:35:57.0596 0436 Msfs - ok
22:35:57.0611 0436 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:35:57.0611 0436 mshidkmdf - ok
22:35:57.0627 0436 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:35:57.0627 0436 msisadrv - ok
22:35:57.0674 0436 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:35:57.0674 0436 MSiSCSI - ok
22:35:57.0674 0436 msiserver - ok
22:35:57.0705 0436 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:35:57.0705 0436 MSKSSRV - ok
22:35:57.0721 0436 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:35:57.0736 0436 MSPCLOCK - ok
22:35:57.0736 0436 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:35:57.0752 0436 MSPQM - ok
22:35:57.0783 0436 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:35:57.0799 0436 MsRPC - ok
22:35:57.0814 0436 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:35:57.0814 0436 mssmbios - ok
22:35:57.0830 0436 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:35:57.0830 0436 MSTEE - ok
22:35:57.0830 0436 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
22:35:57.0830 0436 MTConfig - ok
22:35:57.0861 0436 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:35:57.0861 0436 Mup - ok
22:35:57.0892 0436 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:35:57.0908 0436 napagent - ok
22:35:57.0955 0436 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:35:57.0955 0436 NativeWifiP - ok
22:35:58.0064 0436 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
22:35:58.0079 0436 NAUpdate - ok
22:35:58.0157 0436 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
22:35:58.0220 0436 NDIS - ok
22:35:58.0251 0436 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:35:58.0251 0436 NdisCap - ok
22:35:58.0267 0436 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:35:58.0282 0436 NdisTapi - ok
22:35:58.0298 0436 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:35:58.0298 0436 Ndisuio - ok
22:35:58.0313 0436 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:35:58.0313 0436 NdisWan - ok
22:35:58.0313 0436 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:35:58.0329 0436 NDProxy - ok
22:35:58.0345 0436 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:35:58.0345 0436 NetBIOS - ok
22:35:58.0360 0436 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:35:58.0360 0436 NetBT - ok
22:35:58.0391 0436 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:35:58.0391 0436 Netlogon - ok
22:35:58.0438 0436 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:35:58.0469 0436 Netman - ok
22:35:58.0501 0436 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:35:58.0516 0436 netprofm - ok
22:35:58.0579 0436 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:35:58.0579 0436 NetTcpPortSharing - ok
22:35:58.0610 0436 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
22:35:58.0610 0436 nfrd960 - ok
22:35:58.0657 0436 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:35:58.0672 0436 NlaSvc - ok
22:35:58.0688 0436 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:35:58.0688 0436 Npfs - ok
22:35:58.0703 0436 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:35:58.0703 0436 nsi - ok
22:35:58.0719 0436 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:35:58.0719 0436 nsiproxy - ok
22:35:58.0813 0436 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:35:58.0891 0436 Ntfs - ok
22:35:58.0969 0436 NTI IScheduleSvc (6cc09d2f0ba4a09babc3c41b8fd888f7) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
22:35:58.0984 0436 NTI IScheduleSvc - ok
22:35:59.0062 0436 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
22:35:59.0062 0436 NTIDrvr - ok
22:35:59.0078 0436 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:35:59.0078 0436 Null - ok
22:35:59.0093 0436 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:35:59.0109 0436 nvraid - ok
22:35:59.0125 0436 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:35:59.0140 0436 nvstor - ok
22:35:59.0156 0436 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:35:59.0171 0436 nv_agp - ok
22:35:59.0171 0436 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:35:59.0171 0436 ohci1394 - ok
22:35:59.0234 0436 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:35:59.0250 0436 ose - ok
22:35:59.0531 0436 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:35:59.0656 0436 osppsvc - ok
22:35:59.0765 0436 OverwolfUpdaterService (cb133dcb338002b20f95d11b12cbd42f) C:\Program Files (x86)\Overwolf\\OverwolfUpdater.exe
22:35:59.0781 0436 OverwolfUpdaterService - ok
22:35:59.0874 0436 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:35:59.0890 0436 p2pimsvc - ok
22:35:59.0937 0436 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:35:59.0952 0436 p2psvc - ok
22:35:59.0999 0436 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
22:36:00.0015 0436 Parport - ok
22:36:00.0046 0436 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:36:00.0046 0436 partmgr - ok
22:36:00.0077 0436 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:36:00.0077 0436 PcaSvc - ok
22:36:00.0093 0436 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:36:00.0093 0436 pci - ok
22:36:00.0108 0436 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:36:00.0124 0436 pciide - ok
22:36:00.0140 0436 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
22:36:00.0155 0436 pcmcia - ok
22:36:00.0171 0436 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:36:00.0171 0436 pcw - ok
22:36:00.0233 0436 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:36:00.0249 0436 PEAUTH - ok
22:36:00.0311 0436 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:36:00.0358 0436 PerfHost - ok
22:36:00.0467 0436 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:36:00.0514 0436 pla - ok
22:36:00.0561 0436 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:36:00.0592 0436 PlugPlay - ok
22:36:00.0608 0436 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:36:00.0608 0436 PNRPAutoReg - ok
22:36:00.0639 0436 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:36:00.0639 0436 PNRPsvc - ok
22:36:00.0686 0436 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:36:00.0701 0436 PolicyAgent - ok
22:36:00.0732 0436 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:36:00.0732 0436 Power - ok
22:36:00.0795 0436 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:36:00.0795 0436 PptpMiniport - ok
22:36:00.0810 0436 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
22:36:00.0810 0436 Processor - ok
22:36:00.0857 0436 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
22:36:00.0857 0436 ProfSvc - ok
22:36:00.0888 0436 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:36:00.0888 0436 ProtectedStorage - ok
22:36:00.0904 0436 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:36:00.0920 0436 Psched - ok
22:36:00.0998 0436 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
22:36:01.0060 0436 ql2300 - ok
22:36:01.0154 0436 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
22:36:01.0169 0436 ql40xx - ok
22:36:01.0200 0436 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:36:01.0216 0436 QWAVE - ok
22:36:01.0232 0436 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:36:01.0232 0436 QWAVEdrv - ok
22:36:01.0247 0436 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:36:01.0247 0436 RasAcd - ok
22:36:01.0263 0436 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:36:01.0278 0436 RasAgileVpn - ok
22:36:01.0294 0436 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:36:01.0294 0436 RasAuto - ok
22:36:01.0325 0436 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:36:01.0325 0436 Rasl2tp - ok
22:36:01.0341 0436 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:36:01.0372 0436 RasMan - ok
22:36:01.0388 0436 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:36:01.0403 0436 RasPppoe - ok
22:36:01.0622 0436 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:36:01.0622 0436 RasSstp - ok
22:36:01.0668 0436 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:36:01.0684 0436 rdbss - ok
22:36:01.0715 0436 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
22:36:01.0762 0436 rdpbus - ok
22:36:01.0856 0436 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:36:01.0856 0436 RDPCDD - ok
22:36:01.0887 0436 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:36:01.0887 0436 RDPENCDD - ok
22:36:01.0902 0436 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:36:01.0918 0436 RDPREFMP - ok
22:36:02.0309 0436 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:36:02.0325 0436 RDPWD - ok
22:36:02.0699 0436 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:36:02.0699 0436 rdyboost - ok
22:36:02.0949 0436 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:36:02.0964 0436 RemoteAccess - ok
22:36:03.0370 0436 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:36:03.0417 0436 RemoteRegistry - ok
22:36:03.0651 0436 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:36:03.0651 0436 RpcEptMapper - ok
22:36:03.0713 0436 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:36:03.0713 0436 RpcLocator - ok
22:36:03.0869 0436 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:36:03.0869 0436 RpcSs - ok
22:36:03.0916 0436 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:36:03.0916 0436 rspndr - ok
22:36:03.0947 0436 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:36:03.0947 0436 SamSs - ok
22:36:03.0963 0436 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:36:03.0978 0436 sbp2port - ok
22:36:04.0025 0436 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:36:04.0056 0436 SCardSvr - ok
22:36:04.0087 0436 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:36:04.0087 0436 scfilter - ok
22:36:04.0150 0436 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:36:04.0197 0436 Schedule - ok
22:36:04.0228 0436 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:36:04.0228 0436 SCPolicySvc - ok
22:36:04.0259 0436 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
22:36:04.0259 0436 sdbus - ok
22:36:04.0290 0436 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:36:04.0290 0436 SDRSVC - ok
22:36:04.0321 0436 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:36:04.0321 0436 secdrv - ok
22:36:04.0337 0436 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:36:04.0337 0436 seclogon - ok
22:36:04.0353 0436 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:36:04.0353 0436 SENS - ok
22:36:04.0384 0436 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:36:04.0384 0436 SensrSvc - ok
22:36:04.0399 0436 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
22:36:04.0399 0436 Serenum - ok
22:36:04.0415 0436 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
22:36:04.0415 0436 Serial - ok
22:36:04.0446 0436 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
22:36:04.0446 0436 sermouse - ok
22:36:04.0477 0436 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:36:04.0477 0436 SessionEnv - ok
22:36:04.0477 0436 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:36:04.0477 0436 sffdisk - ok
22:36:04.0493 0436 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:36:04.0493 0436 sffp_mmc - ok
22:36:04.0493 0436 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:36:04.0493 0436 sffp_sd - ok
22:36:04.0509 0436 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
22:36:04.0509 0436 sfloppy - ok
22:36:04.0587 0436 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
22:36:04.0587 0436 Sftfs - ok
22:36:04.0680 0436 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:36:04.0696 0436 sftlist - ok
22:36:04.0727 0436 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:36:04.0727 0436 Sftplay - ok
22:36:04.0743 0436 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:36:04.0743 0436 Sftredir - ok
22:36:04.0774 0436 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
22:36:04.0774 0436 Sftvol - ok
22:36:04.0821 0436 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:36:04.0836 0436 sftvsa - ok
22:36:04.0883 0436 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:36:04.0914 0436 ShellHWDetection - ok
22:36:04.0945 0436 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
22:36:04.0945 0436 SiSRaid2 - ok
22:36:04.0961 0436 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
22:36:04.0961 0436 SiSRaid4 - ok
22:36:05.0008 0436 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:36:05.0023 0436 SkypeUpdate - ok
22:36:05.0039 0436 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:36:05.0039 0436 Smb - ok
22:36:05.0086 0436 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:36:05.0086 0436 SNMPTRAP - ok
22:36:05.0101 0436 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:36:05.0101 0436 spldr - ok
22:36:05.0133 0436 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:36:05.0148 0436 Spooler - ok
22:36:05.0320 0436 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:36:05.0429 0436 sppsvc - ok
22:36:05.0538 0436 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:36:05.0538 0436 sppuinotify - ok
22:36:05.0585 0436 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:36:05.0616 0436 srv - ok
22:36:05.0632 0436 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:36:05.0647 0436 srv2 - ok
22:36:05.0663 0436 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:36:05.0663 0436 srvnet - ok
22:36:05.0710 0436 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:36:05.0710 0436 SSDPSRV - ok
22:36:05.0725 0436 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:36:05.0725 0436 SstpSvc - ok
22:36:05.0741 0436 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
22:36:05.0741 0436 stexstor - ok
22:36:05.0803 0436 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:36:05.0835 0436 stisvc - ok
22:36:05.0850 0436 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:36:05.0850 0436 swenum - ok
22:36:05.0959 0436 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:36:05.0975 0436 swprv - ok
22:36:06.0100 0436 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:36:06.0178 0436 SysMain - ok
22:36:06.0256 0436 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:36:06.0256 0436 TabletInputService - ok
22:36:06.0287 0436 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:36:06.0303 0436 TapiSrv - ok
22:36:06.0318 0436 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:36:06.0318 0436 TBS - ok
22:36:06.0459 0436 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:36:06.0505 0436 Tcpip - ok
22:36:06.0677 0436 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:36:06.0708 0436 TCPIP6 - ok
22:36:06.0786 0436 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:36:06.0786 0436 tcpipreg - ok
22:36:06.0802 0436 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:36:06.0802 0436 TDPIPE - ok
22:36:06.0833 0436 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:36:06.0849 0436 TDTCP - ok
22:36:06.0849 0436 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:36:06.0864 0436 tdx - ok
22:36:06.0864 0436 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:36:06.0864 0436 TermDD - ok
22:36:06.0927 0436 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:36:06.0958 0436 TermService - ok
22:36:06.0973 0436 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:36:06.0973 0436 Themes - ok
22:36:07.0005 0436 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:36:07.0005 0436 THREADORDER - ok
22:36:07.0020 0436 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:36:07.0020 0436 TrkWks - ok
22:36:07.0083 0436 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:36:07.0083 0436 TrustedInstaller - ok
22:36:07.0098 0436 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:36:07.0114 0436 tssecsrv - ok
22:36:07.0161 0436 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:36:07.0161 0436 TsUsbFlt - ok
22:36:07.0176 0436 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
22:36:07.0176 0436 TsUsbGD - ok
22:36:07.0207 0436 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:36:07.0207 0436 tunnel - ok
22:36:07.0223 0436 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
22:36:07.0223 0436 uagp35 - ok
22:36:07.0239 0436 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
22:36:07.0239 0436 UBHelper - ok
22:36:07.0270 0436 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:36:07.0285 0436 udfs - ok
22:36:07.0317 0436 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:36:07.0332 0436 UI0Detect - ok
22:36:07.0348 0436 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:36:07.0348 0436 uliagpkx - ok
22:36:07.0379 0436 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
22:36:07.0379 0436 umbus - ok
22:36:07.0410 0436 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
22:36:07.0410 0436 UmPass - ok
22:36:07.0629 0436 UNS (a678e5ddd974903dd71f503bdcaca218) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:36:07.0707 0436 UNS - ok
22:36:07.0800 0436 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:36:07.0831 0436 upnphost - ok
22:36:07.0878 0436 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:36:07.0878 0436 USBAAPL64 - ok
22:36:07.0925 0436 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:36:07.0925 0436 usbccgp - ok
22:36:07.0941 0436 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:36:07.0941 0436 usbcir - ok
22:36:07.0972 0436 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
22:36:07.0972 0436 usbehci - ok
22:36:08.0003 0436 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
22:36:08.0003 0436 usbhub - ok
22:36:08.0019 0436 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:36:08.0034 0436 usbohci - ok
22:36:08.0050 0436 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:36:08.0050 0436 usbprint - ok
22:36:08.0081 0436 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:36:08.0081 0436 usbscan - ok
22:36:08.0097 0436 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:36:08.0097 0436 USBSTOR - ok
22:36:08.0112 0436 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:36:08.0128 0436 usbuhci - ok
22:36:08.0159 0436 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
22:36:08.0159 0436 usbvideo - ok
22:36:08.0190 0436 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:36:08.0190 0436 UxSms - ok
22:36:08.0221 0436 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:36:08.0221 0436 VaultSvc - ok
22:36:08.0268 0436 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:36:08.0268 0436 vdrvroot - ok
22:36:08.0299 0436 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:36:08.0315 0436 vds - ok
22:36:08.0346 0436 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:36:08.0346 0436 vga - ok
22:36:08.0362 0436 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:36:08.0377 0436 VgaSave - ok
22:36:08.0393 0436 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:36:08.0393 0436 vhdmp - ok
22:36:08.0424 0436 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:36:08.0424 0436 viaide - ok
22:36:08.0440 0436 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:36:08.0440 0436 volmgr - ok
22:36:08.0471 0436 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:36:08.0487 0436 volmgrx - ok
22:36:08.0518 0436 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:36:08.0518 0436 volsnap - ok
22:36:08.0533 0436 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
22:36:08.0549 0436 vsmraid - ok
22:36:08.0627 0436 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:36:08.0721 0436 VSS - ok
22:36:08.0814 0436 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:36:08.0814 0436 vwifibus - ok
22:36:08.0830 0436 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:36:08.0830 0436 vwififlt - ok
22:36:08.0877 0436 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:36:08.0908 0436 W32Time - ok
22:36:08.0923 0436 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
22:36:08.0923 0436 WacomPen - ok
22:36:08.0970 0436 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:36:08.0970 0436 WANARP - ok
22:36:08.0970 0436 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:36:08.0970 0436 Wanarpv6 - ok
22:36:09.0079 0436 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:36:09.0126 0436 WatAdminSvc - ok
22:36:09.0220 0436 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:36:09.0267 0436 wbengine - ok
22:36:09.0376 0436 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:36:09.0391 0436 WbioSrvc - ok
22:36:09.0423 0436 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:36:09.0438 0436 wcncsvc - ok
22:36:09.0469 0436 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:36:09.0469 0436 WcsPlugInService - ok
22:36:09.0501 0436 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
22:36:09.0501 0436 Wd - ok
22:36:09.0563 0436 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:36:09.0579 0436 Wdf01000 - ok
22:36:09.0610 0436 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:36:09.0610 0436 WdiServiceHost - ok
22:36:09.0610 0436 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:36:09.0610 0436 WdiSystemHost - ok
22:36:09.0657 0436 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:36:09.0672 0436 WebClient - ok
22:36:09.0688 0436 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:36:09.0703 0436 Wecsvc - ok
22:36:09.0719 0436 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:36:09.0735 0436 wercplsupport - ok
22:36:09.0766 0436 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:36:09.0766 0436 WerSvc - ok
22:36:09.0828 0436 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:36:09.0828 0436 WfpLwf - ok
22:36:09.0844 0436 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:36:09.0844 0436 WIMMount - ok
22:36:09.0859 0436 WinHttpAutoProxySvc - ok
22:36:09.0922 0436 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:36:09.0937 0436 Winmgmt - ok
22:36:10.0062 0436 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:36:10.0125 0436 WinRM - ok
22:36:10.0249 0436 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:36:10.0249 0436 WinUsb - ok
22:36:10.0327 0436 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:36:10.0359 0436 Wlansvc - ok
22:36:10.0437 0436 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:36:10.0437 0436 wlcrasvc - ok
22:36:10.0577 0436 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:36:10.0655 0436 wlidsvc - ok
22:36:10.0749 0436 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:36:10.0749 0436 WmiAcpi - ok
22:36:10.0795 0436 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:36:10.0811 0436 wmiApSrv - ok
22:36:10.0858 0436 WMPNetworkSvc - ok
22:36:10.0889 0436 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:36:10.0905 0436 WPCSvc - ok
22:36:10.0920 0436 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:36:10.0920 0436 WPDBusEnum - ok
22:36:10.0951 0436 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:36:10.0951 0436 ws2ifsl - ok
22:36:10.0967 0436 WSearch - ok
22:36:11.0107 0436 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:36:11.0170 0436 wuauserv - ok
22:36:11.0263 0436 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:36:11.0263 0436 WudfPf - ok
22:36:11.0295 0436 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:36:11.0310 0436 WUDFRd - ok
22:36:11.0326 0436 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:36:11.0341 0436 wudfsvc - ok
22:36:11.0357 0436 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:36:11.0373 0436 WwanSvc - ok
22:36:11.0419 0436 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:36:11.0950 0436 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:36:11.0950 0436 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:36:11.0950 0436 Boot (0x1200) (797117b58bd6fb9cdf20dcb746648777) \Device\Harddisk0\DR0\Partition0
22:36:11.0965 0436 \Device\Harddisk0\DR0\Partition0 - ok
22:36:11.0997 0436 Boot (0x1200) (353e760578656b3e3c6bbde55e638336) \Device\Harddisk0\DR0\Partition1
22:36:11.0997 0436 \Device\Harddisk0\DR0\Partition1 - ok
22:36:11.0997 0436 ============================================================
22:36:11.0997 0436 Scan finished
22:36:11.0997 0436 ============================================================
22:36:12.0012 0912 Detected object count: 1
22:36:12.0012 0912 Actual detected object count: 1
22:36:16.0536 0912 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:36:16.0536 0912 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
22:36:21.0700 3828 Deinitialize success


aswMBR:

22:35:05.0028 0460 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
22:35:05.0512 0460 ============================================================
22:35:05.0512 0460 Current date / time: 2012/07/16 22:35:05.0512
22:35:05.0512 0460 SystemInfo:
22:35:05.0512 0460
22:35:05.0512 0460 OS Version: 6.1.7601 ServicePack: 1.0
22:35:05.0512 0460 Product type: Workstation
22:35:05.0512 0460 ComputerName: KPC
22:35:05.0512 0460 UserName: Kyle
22:35:05.0512 0460 Windows directory: C:\Windows
22:35:05.0512 0460 System windows directory: C:\Windows
22:35:05.0512 0460 Running under WOW64
22:35:05.0512 0460 Processor architecture: Intel x64
22:35:05.0512 0460 Number of processors: 2
22:35:05.0512 0460 Page size: 0x1000
22:35:05.0512 0460 Boot type: Normal boot
22:35:05.0512 0460 ============================================================
22:35:07.0307 0460 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:35:07.0322 0460 ============================================================
22:35:07.0322 0460 \Device\Harddisk0\DR0:
22:35:07.0322 0460 MBR partitions:
22:35:07.0322 0460 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
22:35:07.0322 0460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
22:35:07.0322 0460 ============================================================
22:35:07.0338 0460 C: <-> \Device\Harddisk0\DR0\Partition1
22:35:07.0338 0460 ============================================================
22:35:07.0338 0460 Initialize success
22:35:07.0338 0460 ============================================================
22:35:44.0476 0436 ============================================================
22:35:44.0476 0436 Scan started
22:35:44.0476 0436 Mode: Manual; TDLFS;
22:35:44.0476 0436 ============================================================
22:35:45.0677 0436 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:35:45.0693 0436 1394ohci - ok
22:35:45.0724 0436 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:35:45.0755 0436 ACPI - ok
22:35:45.0771 0436 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:35:45.0771 0436 AcpiPmi - ok
22:35:45.0849 0436 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:35:45.0849 0436 AdobeARMservice - ok
22:35:45.0974 0436 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:35:45.0989 0436 AdobeFlashPlayerUpdateSvc - ok
22:35:46.0052 0436 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
22:35:46.0083 0436 adp94xx - ok
22:35:46.0114 0436 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
22:35:46.0130 0436 adpahci - ok
22:35:46.0161 0436 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
22:35:46.0176 0436 adpu320 - ok
22:35:46.0208 0436 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:35:46.0208 0436 AeLookupSvc - ok
22:35:46.0286 0436 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
22:35:46.0301 0436 AFD - ok
22:35:46.0332 0436 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:35:46.0348 0436 agp440 - ok
22:35:46.0582 0436 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:35:46.0582 0436 ALG - ok
22:35:46.0613 0436 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:35:46.0613 0436 aliide - ok
22:35:46.0629 0436 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:35:46.0629 0436 amdide - ok
22:35:46.0660 0436 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
22:35:46.0660 0436 AmdK8 - ok
22:35:46.0676 0436 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
22:35:46.0691 0436 AmdPPM - ok
22:35:46.0707 0436 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:35:46.0722 0436 amdsata - ok
22:35:46.0738 0436 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
22:35:46.0754 0436 amdsbs - ok
22:35:46.0769 0436 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:35:46.0769 0436 amdxata - ok
22:35:46.0800 0436 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:35:46.0800 0436 AppID - ok
22:35:46.0832 0436 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:35:46.0832 0436 AppIDSvc - ok
22:35:46.0863 0436 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
22:35:46.0863 0436 Appinfo - ok
22:35:46.0956 0436 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:35:46.0956 0436 Apple Mobile Device - ok
22:35:46.0988 0436 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
22:35:46.0988 0436 arc - ok
22:35:47.0003 0436 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
22:35:47.0019 0436 arcsas - ok
22:35:47.0066 0436 aspnet_state - ok
22:35:47.0112 0436 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:35:47.0112 0436 AsyncMac - ok
22:35:47.0144 0436 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:35:47.0144 0436 atapi - ok
22:35:47.0222 0436 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:35:47.0253 0436 AudioEndpointBuilder - ok
22:35:47.0253 0436 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
22:35:47.0268 0436 AudioSrv - ok
22:35:47.0596 0436 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
22:35:47.0596 0436 AxInstSV - ok
22:35:47.0643 0436 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
22:35:47.0658 0436 b06bdrv - ok
22:35:47.0721 0436 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:35:47.0721 0436 b57nd60a - ok
22:35:47.0768 0436 b57xdbd (a424cb46a145e5aabf15621550976df2) C:\Windows\system32\DRIVERS\b57xdbd.sys
22:35:47.0768 0436 b57xdbd - ok
22:35:47.0783 0436 b57xdmp (be4e6fd5a898812b85d5817ad9754a9f) C:\Windows\system32\DRIVERS\b57xdmp.sys
22:35:47.0783 0436 b57xdmp - ok
22:35:47.0861 0436 BBSvc (87f3bcf82a63e900af896cd930bf7e05) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:35:47.0877 0436 BBSvc - ok
22:35:47.0939 0436 BBUpdate (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:35:47.0955 0436 BBUpdate - ok
22:35:48.0220 0436 BCM43XX (11f844b46b631337395651abe9c4167b) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:35:48.0267 0436 BCM43XX - ok
22:35:48.0610 0436 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:35:48.0610 0436 BDESVC - ok
22:35:48.0657 0436 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:35:48.0657 0436 Beep - ok
22:35:48.0719 0436 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
22:35:48.0766 0436 BITS - ok
22:35:48.0782 0436 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
22:35:48.0782 0436 blbdrive - ok
22:35:48.0953 0436 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:35:48.0969 0436 Bonjour Service - ok
22:35:49.0031 0436 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:35:49.0031 0436 bowser - ok
22:35:49.0062 0436 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
22:35:49.0062 0436 BrFiltLo - ok
22:35:49.0078 0436 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
22:35:49.0078 0436 BrFiltUp - ok
22:35:49.0109 0436 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
22:35:49.0109 0436 Browser - ok
22:35:49.0156 0436 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:35:49.0156 0436 Brserid - ok
22:35:49.0187 0436 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:35:49.0187 0436 BrSerWdm - ok
22:35:49.0203 0436 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:35:49.0218 0436 BrUsbMdm - ok
22:35:49.0234 0436 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:35:49.0234 0436 BrUsbSer - ok
22:35:49.0296 0436 bScsiMSa (0970d8b7151e9113bf8d44ce2e954df7) C:\Windows\system32\DRIVERS\bScsiMSa.sys
22:35:49.0296 0436 bScsiMSa - ok
22:35:49.0328 0436 bScsiSDa (0c1eee5af32402d306874b110de237ec) C:\Windows\system32\DRIVERS\bScsiSDa.sys
22:35:49.0328 0436 bScsiSDa - ok
22:35:49.0359 0436 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
22:35:49.0374 0436 BTHMODEM - ok
22:35:49.0421 0436 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:35:49.0421 0436 bthserv - ok
22:35:49.0452 0436 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:35:49.0452 0436 cdfs - ok
22:35:49.0484 0436 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:35:49.0499 0436 cdrom - ok
22:35:49.0546 0436 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:35:49.0546 0436 CertPropSvc - ok
22:35:49.0577 0436 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
22:35:49.0577 0436 circlass - ok
22:35:49.0608 0436 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:35:49.0624 0436 CLFS - ok
22:35:49.0686 0436 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:35:49.0686 0436 clr_optimization_v2.0.50727_32 - ok
22:35:49.0718 0436 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:35:49.0733 0436 clr_optimization_v2.0.50727_64 - ok
22:35:49.0796 0436 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:35:49.0811 0436 clr_optimization_v4.0.30319_32 - ok
22:35:49.0842 0436 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:35:49.0858 0436 clr_optimization_v4.0.30319_64 - ok
22:35:49.0889 0436 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
22:35:49.0889 0436 CmBatt - ok
22:35:49.0920 0436 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:35:49.0920 0436 cmdide - ok
22:35:49.0983 0436 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
22:35:49.0998 0436 CNG - ok
22:35:50.0045 0436 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
22:35:50.0045 0436 Compbatt - ok
22:35:50.0061 0436 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:35:50.0061 0436 CompositeBus - ok
22:35:50.0076 0436 COMSysApp - ok
22:35:50.0092 0436 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
22:35:50.0092 0436 crcdisk - ok
22:35:50.0139 0436 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
22:35:50.0139 0436 CryptSvc - ok
22:35:50.0279 0436 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:35:50.0310 0436 cvhsvc - ok
22:35:50.0373 0436 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:35:50.0404 0436 DcomLaunch - ok
22:35:50.0451 0436 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:35:50.0466 0436 defragsvc - ok
22:35:50.0513 0436 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:35:50.0513 0436 DfsC - ok
22:35:50.0560 0436 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
22:35:50.0576 0436 Dhcp - ok
22:35:50.0700 0436 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:35:50.0700 0436 discache - ok
22:35:50.0747 0436 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
22:35:50.0747 0436 Disk - ok
22:35:50.0794 0436 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
22:35:50.0810 0436 Dnscache - ok
22:35:50.0825 0436 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
22:35:50.0841 0436 dot3svc - ok
22:35:50.0856 0436 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
22:35:50.0856 0436 DPS - ok
22:35:50.0888 0436 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:35:50.0903 0436 drmkaud - ok
22:35:50.0997 0436 DsiWMIService (9dd3a22f804697606c2b7ff9e912ff6b) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:35:51.0012 0436 DsiWMIService - ok
22:35:51.0090 0436 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:35:51.0106 0436 DXGKrnl - ok
22:35:51.0137 0436 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:35:51.0137 0436 EapHost - ok
22:35:51.0402 0436 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
22:35:51.0480 0436 ebdrv - ok
22:35:51.0574 0436 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
22:35:51.0574 0436 EFS - ok
22:35:51.0652 0436 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
22:35:51.0699 0436 ehRecvr - ok
22:35:51.0730 0436 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:35:51.0730 0436 ehSched - ok
22:35:51.0824 0436 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
22:35:51.0839 0436 elxstor - ok
22:35:51.0964 0436 ePowerSvc (48425c93b6f36529707206e4fa680cf3) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
22:35:51.0995 0436 ePowerSvc - ok
22:35:52.0089 0436 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:35:52.0089 0436 ErrDev - ok
22:35:52.0151 0436 ETD (dbaa0c650c9549dc5c599d1e81dedaad) C:\Windows\system32\DRIVERS\ETD.sys
22:35:52.0151 0436 ETD - ok
22:35:52.0198 0436 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:35:52.0229 0436 EventSystem - ok
22:35:52.0260 0436 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:35:52.0260 0436 exfat - ok
22:35:52.0292 0436 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:35:52.0292 0436 fastfat - ok
22:35:52.0354 0436 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
22:35:52.0385 0436 Fax - ok
22:35:52.0401 0436 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
22:35:52.0401 0436 fdc - ok
22:35:52.0416 0436 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:35:52.0432 0436 fdPHost - ok
22:35:52.0432 0436 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:35:52.0448 0436 FDResPub - ok
22:35:52.0463 0436 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:35:52.0463 0436 FileInfo - ok
22:35:52.0479 0436 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:35:52.0479 0436 Filetrace - ok
22:35:52.0494 0436 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
22:35:52.0510 0436 flpydisk - ok
22:35:52.0526 0436 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:35:52.0541 0436 FltMgr - ok
22:35:52.0619 0436 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
22:35:52.0666 0436 FontCache - ok
22:35:52.0713 0436 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:35:52.0713 0436 FontCache3.0.0.0 - ok
22:35:52.0744 0436 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:35:52.0744 0436 FsDepends - ok
22:35:52.0791 0436 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
22:35:52.0791 0436 Fs_Rec - ok
22:35:52.0822 0436 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:35:52.0838 0436 fvevol - ok
22:35:52.0869 0436 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
22:35:52.0869 0436 gagp30kx - ok
22:35:52.0916 0436 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:35:52.0916 0436 GEARAspiWDM - ok
22:35:52.0978 0436 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
22:35:53.0025 0436 gpsvc - ok
22:35:53.0119 0436 GREGService (c9b2d1d3f86fd3673ef847def73b6f9e) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
22:35:53.0119 0436 GREGService - ok
22:35:53.0134 0436 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:35:53.0134 0436 hcw85cir - ok
22:35:53.0197 0436 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:35:53.0212 0436 HdAudAddService - ok
22:35:53.0243 0436 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:35:53.0243 0436 HDAudBus - ok
22:35:53.0275 0436 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
22:35:53.0275 0436 HidBatt - ok
22:35:53.0290 0436 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
22:35:53.0290 0436 HidBth - ok
22:35:53.0306 0436 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
22:35:53.0306 0436 HidIr - ok
22:35:53.0337 0436 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:35:53.0337 0436 hidserv - ok
22:35:53.0368 0436 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:35:53.0368 0436 HidUsb - ok
22:35:53.0399 0436 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
22:35:53.0399 0436 hkmsvc - ok
22:35:53.0431 0436 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
22:35:53.0446 0436 HomeGroupListener - ok
22:35:53.0477 0436 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
22:35:53.0493 0436 HomeGroupProvider - ok
22:35:53.0524 0436 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:35:53.0524 0436 HpSAMD - ok
22:35:53.0587 0436 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:35:53.0618 0436 HTTP - ok
22:35:53.0633 0436 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:35:53.0633 0436 hwpolicy - ok
22:35:53.0649 0436 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:35:53.0665 0436 i8042prt - ok
22:35:53.0711 0436 iaStor (26cf4275034214ecedd8ec17b0a18a99) C:\Windows\system32\drivers\iaStor.sys
22:35:53.0727 0436 iaStor - ok
22:35:53.0821 0436 IAStorDataMgrSvc (e79a8e33bd136d14bae1fa20eb2ef124) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
22:35:53.0836 0436 IAStorDataMgrSvc - ok
22:35:53.0867 0436 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:35:53.0899 0436 iaStorV - ok
22:35:53.0992 0436 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:35:54.0023 0436 idsvc - ok
22:35:54.0601 0436 igfx (9937600a1584ff00565d5379eb4c9edb) C:\Windows\system32\DRIVERS\igdkmd64.sys
22:35:54.0881 0436 igfx - ok
22:35:55.0022 0436 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
22:35:55.0022 0436 iirsp - ok
22:35:55.0100 0436 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
22:35:55.0162 0436 IKEEXT - ok
22:35:55.0381 0436 IntcAzAudAddService (b60accd29f8fafc4a6344cd2bd5ca3a5) C:\Windows\system32\drivers\RTKVHD64.sys
22:35:55.0412 0436 IntcAzAudAddService - ok
22:35:55.0552 0436 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
22:35:55.0583 0436 IntcDAud - ok
22:35:55.0599 0436 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:35:55.0615 0436 intelide - ok
22:35:55.0630 0436 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:35:55.0630 0436 intelppm - ok
22:35:55.0661 0436 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:35:55.0677 0436 IPBusEnum - ok
22:35:55.0693 0436 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:35:55.0708 0436 IpFilterDriver - ok
22:35:55.0724 0436 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:35:55.0724 0436 IPMIDRV - ok
22:35:55.0755 0436 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:35:55.0771 0436 IPNAT - ok
22:35:55.0880 0436 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
22:35:55.0911 0436 iPod Service - ok
22:35:55.0927 0436 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:35:55.0942 0436 IRENUM - ok
22:35:55.0958 0436 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:35:55.0958 0436 isapnp - ok
22:35:55.0973 0436 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:35:55.0989 0436 iScsiPrt - ok
22:35:56.0051 0436 k57nd60a (455b75c19bf3f1f2ee3ac10e1169826c) C:\Windows\system32\DRIVERS\k57nd60a.sys
22:35:56.0051 0436 k57nd60a - ok
22:35:56.0067 0436 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:35:56.0083 0436 kbdclass - ok
22:35:56.0114 0436 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
22:35:56.0114 0436 kbdhid - ok
22:35:56.0129 0436 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:35:56.0145 0436 KeyIso - ok
22:35:56.0176 0436 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
22:35:56.0176 0436 KSecDD - ok
22:35:56.0192 0436 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
22:35:56.0192 0436 KSecPkg - ok
22:35:56.0207 0436 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:35:56.0207 0436 ksthunk - ok
22:35:56.0270 0436 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:35:56.0285 0436 KtmRm - ok
22:35:56.0332 0436 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
22:35:56.0348 0436 LanmanServer - ok
22:35:56.0379 0436 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
22:35:56.0395 0436 LanmanWorkstation - ok
22:35:56.0457 0436 Live Updater Service (b705c7097f9a0ec941d02dce7c7d426c) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
22:35:56.0473 0436 Live Updater Service - ok
22:35:56.0504 0436 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:35:56.0504 0436 lltdio - ok
22:35:56.0551 0436 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:35:56.0566 0436 lltdsvc - ok
22:35:56.0582 0436 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:35:56.0582 0436 lmhosts - ok
22:35:56.0675 0436 LMS (d7e0bed3ea21d7bddd410ade51708d90) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:35:56.0691 0436 LMS - ok
22:35:56.0738 0436 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
22:35:56.0738 0436 LSI_FC - ok
22:35:56.0753 0436 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
22:35:56.0753 0436 LSI_SAS - ok
22:35:56.0800 0436 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
22:35:56.0800 0436 LSI_SAS2 - ok
22:35:56.0816 0436 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
22:35:56.0816 0436 LSI_SCSI - ok
22:35:56.0847 0436 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:35:56.0863 0436 luafv - ok
22:35:56.0894 0436 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
22:35:56.0894 0436 Mcx2Svc - ok
22:35:56.0925 0436 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
22:35:56.0925 0436 megasas - ok
22:35:56.0956 0436 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
22:35:56.0972 0436 MegaSR - ok
22:35:56.0987 0436 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
22:35:56.0987 0436 MEIx64 - ok
22:35:57.0019 0436 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:35:57.0019 0436 MMCSS - ok
22:35:57.0034 0436 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:35:57.0034 0436 Modem - ok
22:35:57.0081 0436 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:35:57.0081 0436 monitor - ok
22:35:57.0097 0436 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:35:57.0097 0436 mouclass - ok
22:35:57.0128 0436 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:35:57.0128 0436 mouhid - ok
22:35:57.0143 0436 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:35:57.0143 0436 mountmgr - ok
22:35:57.0253 0436 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:35:57.0268 0436 MozillaMaintenance - ok
22:35:57.0315 0436 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:35:57.0315 0436 mpio - ok
22:35:57.0331 0436 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:35:57.0346 0436 mpsdrv - ok
22:35:57.0362 0436 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:35:57.0362 0436 MRxDAV - ok
22:35:57.0409 0436 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:35:57.0409 0436 mrxsmb - ok
22:35:57.0455 0436 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:35:57.0471 0436 mrxsmb10 - ok
22:35:57.0487 0436 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:35:57.0487 0436 mrxsmb20 - ok
22:35:57.0502 0436 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:35:57.0518 0436 msahci - ok
22:35:57.0533 0436 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:35:57.0549 0436 msdsm - ok
22:35:57.0580 0436 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:35:57.0580 0436 MSDTC - ok
22:35:57.0596 0436 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:35:57.0596 0436 Msfs - ok
22:35:57.0611 0436 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:35:57.0611 0436 mshidkmdf - ok
22:35:57.0627 0436 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:35:57.0627 0436 msisadrv - ok
22:35:57.0674 0436 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:35:57.0674 0436 MSiSCSI - ok
22:35:57.0674 0436 msiserver - ok
22:35:57.0705 0436 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:35:57.0705 0436 MSKSSRV - ok
22:35:57.0721 0436 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:35:57.0736 0436 MSPCLOCK - ok
22:35:57.0736 0436 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:35:57.0752 0436 MSPQM - ok
22:35:57.0783 0436 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:35:57.0799 0436 MsRPC - ok
22:35:57.0814 0436 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:35:57.0814 0436 mssmbios - ok
22:35:57.0830 0436 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:35:57.0830 0436 MSTEE - ok
22:35:57.0830 0436 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
22:35:57.0830 0436 MTConfig - ok
22:35:57.0861 0436 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:35:57.0861 0436 Mup - ok
22:35:57.0892 0436 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
22:35:57.0908 0436 napagent - ok
22:35:57.0955 0436 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:35:57.0955 0436 NativeWifiP - ok
22:35:58.0064 0436 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
22:35:58.0079 0436 NAUpdate - ok
22:35:58.0157 0436 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
22:35:58.0220 0436 NDIS - ok
22:35:58.0251 0436 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:35:58.0251 0436 NdisCap - ok
22:35:58.0267 0436 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:35:58.0282 0436 NdisTapi - ok
22:35:58.0298 0436 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:35:58.0298 0436 Ndisuio - ok
22:35:58.0313 0436 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:35:58.0313 0436 NdisWan - ok
22:35:58.0313 0436 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:35:58.0329 0436 NDProxy - ok
22:35:58.0345 0436 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:35:58.0345 0436 NetBIOS - ok
22:35:58.0360 0436 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:35:58.0360 0436 NetBT - ok
22:35:58.0391 0436 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:35:58.0391 0436 Netlogon - ok
22:35:58.0438 0436 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:35:58.0469 0436 Netman - ok
22:35:58.0501 0436 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:35:58.0516 0436 netprofm - ok
22:35:58.0579 0436 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:35:58.0579 0436 NetTcpPortSharing - ok
22:35:58.0610 0436 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
22:35:58.0610 0436 nfrd960 - ok
22:35:58.0657 0436 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
22:35:58.0672 0436 NlaSvc - ok
22:35:58.0688 0436 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:35:58.0688 0436 Npfs - ok
22:35:58.0703 0436 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:35:58.0703 0436 nsi - ok
22:35:58.0719 0436 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:35:58.0719 0436 nsiproxy - ok
22:35:58.0813 0436 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:35:58.0891 0436 Ntfs - ok
22:35:58.0969 0436 NTI IScheduleSvc (6cc09d2f0ba4a09babc3c41b8fd888f7) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
22:35:58.0984 0436 NTI IScheduleSvc - ok
22:35:59.0062 0436 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
22:35:59.0062 0436 NTIDrvr - ok
22:35:59.0078 0436 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:35:59.0078 0436 Null - ok
22:35:59.0093 0436 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:35:59.0109 0436 nvraid - ok
22:35:59.0125 0436 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:35:59.0140 0436 nvstor - ok
22:35:59.0156 0436 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:35:59.0171 0436 nv_agp - ok
22:35:59.0171 0436 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:35:59.0171 0436 ohci1394 - ok
22:35:59.0234 0436 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:35:59.0250 0436 ose - ok
22:35:59.0531 0436 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:35:59.0656 0436 osppsvc - ok
22:35:59.0765 0436 OverwolfUpdaterService (cb133dcb338002b20f95d11b12cbd42f) C:\Program Files (x86)\Overwolf\\OverwolfUpdater.exe
22:35:59.0781 0436 OverwolfUpdaterService - ok
22:35:59.0874 0436 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:35:59.0890 0436 p2pimsvc - ok
22:35:59.0937 0436 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:35:59.0952 0436 p2psvc - ok
22:35:59.0999 0436 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
22:36:00.0015 0436 Parport - ok
22:36:00.0046 0436 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
22:36:00.0046 0436 partmgr - ok
22:36:00.0077 0436 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:36:00.0077 0436 PcaSvc - ok
22:36:00.0093 0436 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:36:00.0093 0436 pci - ok
22:36:00.0108 0436 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:36:00.0124 0436 pciide - ok
22:36:00.0140 0436 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
22:36:00.0155 0436 pcmcia - ok
22:36:00.0171 0436 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:36:00.0171 0436 pcw - ok
22:36:00.0233 0436 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:36:00.0249 0436 PEAUTH - ok
22:36:00.0311 0436 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:36:00.0358 0436 PerfHost - ok
22:36:00.0467 0436 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
22:36:00.0514 0436 pla - ok
22:36:00.0561 0436 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
22:36:00.0592 0436 PlugPlay - ok
22:36:00.0608 0436 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:36:00.0608 0436 PNRPAutoReg - ok
22:36:00.0639 0436 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:36:00.0639 0436 PNRPsvc - ok
22:36:00.0686 0436 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
22:36:00.0701 0436 PolicyAgent - ok
22:36:00.0732 0436 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:36:00.0732 0436 Power - ok
22:36:00.0795 0436 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:36:00.0795 0436 PptpMiniport - ok
22:36:00.0810 0436 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
22:36:00.0810 0436 Processor - ok
22:36:00.0857 0436 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
22:36:00.0857 0436 ProfSvc - ok
22:36:00.0888 0436 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:36:00.0888 0436 ProtectedStorage - ok
22:36:00.0904 0436 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:36:00.0920 0436 Psched - ok
22:36:00.0998 0436 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
22:36:01.0060 0436 ql2300 - ok
22:36:01.0154 0436 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
22:36:01.0169 0436 ql40xx - ok
22:36:01.0200 0436 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:36:01.0216 0436 QWAVE - ok
22:36:01.0232 0436 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:36:01.0232 0436 QWAVEdrv - ok
22:36:01.0247 0436 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:36:01.0247 0436 RasAcd - ok
22:36:01.0263 0436 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:36:01.0278 0436 RasAgileVpn - ok
22:36:01.0294 0436 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:36:01.0294 0436 RasAuto - ok
22:36:01.0325 0436 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:36:01.0325 0436 Rasl2tp - ok
22:36:01.0341 0436 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
22:36:01.0372 0436 RasMan - ok
22:36:01.0388 0436 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:36:01.0403 0436 RasPppoe - ok
22:36:01.0622 0436 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:36:01.0622 0436 RasSstp - ok
22:36:01.0668 0436 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:36:01.0684 0436 rdbss - ok
22:36:01.0715 0436 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
22:36:01.0762 0436 rdpbus - ok
22:36:01.0856 0436 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:36:01.0856 0436 RDPCDD - ok
22:36:01.0887 0436 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:36:01.0887 0436 RDPENCDD - ok
22:36:01.0902 0436 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:36:01.0918 0436 RDPREFMP - ok
22:36:02.0309 0436 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
22:36:02.0325 0436 RDPWD - ok
22:36:02.0699 0436 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:36:02.0699 0436 rdyboost - ok
22:36:02.0949 0436 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:36:02.0964 0436 RemoteAccess - ok
22:36:03.0370 0436 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:36:03.0417 0436 RemoteRegistry - ok
22:36:03.0651 0436 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:36:03.0651 0436 RpcEptMapper - ok
22:36:03.0713 0436 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:36:03.0713 0436 RpcLocator - ok
22:36:03.0869 0436 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
22:36:03.0869 0436 RpcSs - ok
22:36:03.0916 0436 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:36:03.0916 0436 rspndr - ok
22:36:03.0947 0436 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:36:03.0947 0436 SamSs - ok
22:36:03.0963 0436 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:36:03.0978 0436 sbp2port - ok
22:36:04.0025 0436 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:36:04.0056 0436 SCardSvr - ok
22:36:04.0087 0436 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:36:04.0087 0436 scfilter - ok
22:36:04.0150 0436 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
22:36:04.0197 0436 Schedule - ok
22:36:04.0228 0436 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
22:36:04.0228 0436 SCPolicySvc - ok
22:36:04.0259 0436 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
22:36:04.0259 0436 sdbus - ok
22:36:04.0290 0436 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
22:36:04.0290 0436 SDRSVC - ok
22:36:04.0321 0436 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:36:04.0321 0436 secdrv - ok
22:36:04.0337 0436 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
22:36:04.0337 0436 seclogon - ok
22:36:04.0353 0436 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:36:04.0353 0436 SENS - ok
22:36:04.0384 0436 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:36:04.0384 0436 SensrSvc - ok
22:36:04.0399 0436 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
22:36:04.0399 0436 Serenum - ok
22:36:04.0415 0436 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
22:36:04.0415 0436 Serial - ok
22:36:04.0446 0436 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
22:36:04.0446 0436 sermouse - ok
22:36:04.0477 0436 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
22:36:04.0477 0436 SessionEnv - ok
22:36:04.0477 0436 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:36:04.0477 0436 sffdisk - ok
22:36:04.0493 0436 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:36:04.0493 0436 sffp_mmc - ok
22:36:04.0493 0436 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:36:04.0493 0436 sffp_sd - ok
22:36:04.0509 0436 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
22:36:04.0509 0436 sfloppy - ok
22:36:04.0587 0436 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
22:36:04.0587 0436 Sftfs - ok
22:36:04.0680 0436 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:36:04.0696 0436 sftlist - ok
22:36:04.0727 0436 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:36:04.0727 0436 Sftplay - ok
22:36:04.0743 0436 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:36:04.0743 0436 Sftredir - ok
22:36:04.0774 0436 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
22:36:04.0774 0436 Sftvol - ok
22:36:04.0821 0436 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:36:04.0836 0436 sftvsa - ok
22:36:04.0883 0436 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
22:36:04.0914 0436 ShellHWDetection - ok
22:36:04.0945 0436 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
22:36:04.0945 0436 SiSRaid2 - ok
22:36:04.0961 0436 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
22:36:04.0961 0436 SiSRaid4 - ok
22:36:05.0008 0436 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:36:05.0023 0436 SkypeUpdate - ok
22:36:05.0039 0436 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:36:05.0039 0436 Smb - ok
22:36:05.0086 0436 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:36:05.0086 0436 SNMPTRAP - ok
22:36:05.0101 0436 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:36:05.0101 0436 spldr - ok
22:36:05.0133 0436 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
22:36:05.0148 0436 Spooler - ok
22:36:05.0320 0436 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
22:36:05.0429 0436 sppsvc - ok
22:36:05.0538 0436 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:36:05.0538 0436 sppuinotify - ok
22:36:05.0585 0436 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:36:05.0616 0436 srv - ok
22:36:05.0632 0436 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:36:05.0647 0436 srv2 - ok
22:36:05.0663 0436 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:36:05.0663 0436 srvnet - ok
22:36:05.0710 0436 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:36:05.0710 0436 SSDPSRV - ok
22:36:05.0725 0436 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:36:05.0725 0436 SstpSvc - ok
22:36:05.0741 0436 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
22:36:05.0741 0436 stexstor - ok
22:36:05.0803 0436 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
22:36:05.0835 0436 stisvc - ok
22:36:05.0850 0436 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:36:05.0850 0436 swenum - ok
22:36:05.0959 0436 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:36:05.0975 0436 swprv - ok
22:36:06.0100 0436 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
22:36:06.0178 0436 SysMain - ok
22:36:06.0256 0436 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
22:36:06.0256 0436 TabletInputService - ok
22:36:06.0287 0436 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
22:36:06.0303 0436 TapiSrv - ok
22:36:06.0318 0436 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:36:06.0318 0436 TBS - ok
22:36:06.0459 0436 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
22:36:06.0505 0436 Tcpip - ok
22:36:06.0677 0436 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
22:36:06.0708 0436 TCPIP6 - ok
22:36:06.0786 0436 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:36:06.0786 0436 tcpipreg - ok
22:36:06.0802 0436 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:36:06.0802 0436 TDPIPE - ok
22:36:06.0833 0436 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
22:36:06.0849 0436 TDTCP - ok
22:36:06.0849 0436 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:36:06.0864 0436 tdx - ok
22:36:06.0864 0436 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:36:06.0864 0436 TermDD - ok
22:36:06.0927 0436 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
22:36:06.0958 0436 TermService - ok
22:36:06.0973 0436 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:36:06.0973 0436 Themes - ok
22:36:07.0005 0436 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:36:07.0005 0436 THREADORDER - ok
22:36:07.0020 0436 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:36:07.0020 0436 TrkWks - ok
22:36:07.0083 0436 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
22:36:07.0083 0436 TrustedInstaller - ok
22:36:07.0098 0436 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:36:07.0114 0436 tssecsrv - ok
22:36:07.0161 0436 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:36:07.0161 0436 TsUsbFlt - ok
22:36:07.0176 0436 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
22:36:07.0176 0436 TsUsbGD - ok
22:36:07.0207 0436 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:36:07.0207 0436 tunnel - ok
22:36:07.0223 0436 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
22:36:07.0223 0436 uagp35 - ok
22:36:07.0239 0436 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
22:36:07.0239 0436 UBHelper - ok
22:36:07.0270 0436 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:36:07.0285 0436 udfs - ok
22:36:07.0317 0436 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:36:07.0332 0436 UI0Detect - ok
22:36:07.0348 0436 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:36:07.0348 0436 uliagpkx - ok
22:36:07.0379 0436 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
22:36:07.0379 0436 umbus - ok
22:36:07.0410 0436 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
22:36:07.0410 0436 UmPass - ok
22:36:07.0629 0436 UNS (a678e5ddd974903dd71f503bdcaca218) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:36:07.0707 0436 UNS - ok
22:36:07.0800 0436 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:36:07.0831 0436 upnphost - ok
22:36:07.0878 0436 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:36:07.0878 0436 USBAAPL64 - ok
22:36:07.0925 0436 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:36:07.0925 0436 usbccgp - ok
22:36:07.0941 0436 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:36:07.0941 0436 usbcir - ok
22:36:07.0972 0436 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
22:36:07.0972 0436 usbehci - ok
22:36:08.0003 0436 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
22:36:08.0003 0436 usbhub - ok
22:36:08.0019 0436 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:36:08.0034 0436 usbohci - ok
22:36:08.0050 0436 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:36:08.0050 0436 usbprint - ok
22:36:08.0081 0436 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:36:08.0081 0436 usbscan - ok
22:36:08.0097 0436 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:36:08.0097 0436 USBSTOR - ok
22:36:08.0112 0436 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:36:08.0128 0436 usbuhci - ok
22:36:08.0159 0436 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
22:36:08.0159 0436 usbvideo - ok
22:36:08.0190 0436 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:36:08.0190 0436 UxSms - ok
22:36:08.0221 0436 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
22:36:08.0221 0436 VaultSvc - ok
22:36:08.0268 0436 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:36:08.0268 0436 vdrvroot - ok
22:36:08.0299 0436 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
22:36:08.0315 0436 vds - ok
22:36:08.0346 0436 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:36:08.0346 0436 vga - ok
22:36:08.0362 0436 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:36:08.0377 0436 VgaSave - ok
22:36:08.0393 0436 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:36:08.0393 0436 vhdmp - ok
22:36:08.0424 0436 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:36:08.0424 0436 viaide - ok
22:36:08.0440 0436 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:36:08.0440 0436 volmgr - ok
22:36:08.0471 0436 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:36:08.0487 0436 volmgrx - ok
22:36:08.0518 0436 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:36:08.0518 0436 volsnap - ok
22:36:08.0533 0436 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
22:36:08.0549 0436 vsmraid - ok
22:36:08.0627 0436 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
22:36:08.0721 0436 VSS - ok
22:36:08.0814 0436 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:36:08.0814 0436 vwifibus - ok
22:36:08.0830 0436 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:36:08.0830 0436 vwififlt - ok
22:36:08.0877 0436 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:36:08.0908 0436 W32Time - ok
22:36:08.0923 0436 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
22:36:08.0923 0436 WacomPen - ok
22:36:08.0970 0436 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:36:08.0970 0436 WANARP - ok
22:36:08.0970 0436 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:36:08.0970 0436 Wanarpv6 - ok
22:36:09.0079 0436 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
22:36:09.0126 0436 WatAdminSvc - ok
22:36:09.0220 0436 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
22:36:09.0267 0436 wbengine - ok
22:36:09.0376 0436 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:36:09.0391 0436 WbioSrvc - ok
22:36:09.0423 0436 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
22:36:09.0438 0436 wcncsvc - ok
22:36:09.0469 0436 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:36:09.0469 0436 WcsPlugInService - ok
22:36:09.0501 0436 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
22:36:09.0501 0436 Wd - ok
22:36:09.0563 0436 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:36:09.0579 0436 Wdf01000 - ok
22:36:09.0610 0436 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:36:09.0610 0436 WdiServiceHost - ok
22:36:09.0610 0436 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:36:09.0610 0436 WdiSystemHost - ok
22:36:09.0657 0436 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
22:36:09.0672 0436 WebClient - ok
22:36:09.0688 0436 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:36:09.0703 0436 Wecsvc - ok
22:36:09.0719 0436 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:36:09.0735 0436 wercplsupport - ok
22:36:09.0766 0436 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:36:09.0766 0436 WerSvc - ok
22:36:09.0828 0436 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:36:09.0828 0436 WfpLwf - ok
22:36:09.0844 0436 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:36:09.0844 0436 WIMMount - ok
22:36:09.0859 0436 WinHttpAutoProxySvc - ok
22:36:09.0922 0436 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:36:09.0937 0436 Winmgmt - ok
22:36:10.0062 0436 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
22:36:10.0125 0436 WinRM - ok
22:36:10.0249 0436 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:36:10.0249 0436 WinUsb - ok
22:36:10.0327 0436 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:36:10.0359 0436 Wlansvc - ok
22:36:10.0437 0436 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:36:10.0437 0436 wlcrasvc - ok
22:36:10.0577 0436 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:36:10.0655 0436 wlidsvc - ok
22:36:10.0749 0436 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:36:10.0749 0436 WmiAcpi - ok
22:36:10.0795 0436 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:36:10.0811 0436 wmiApSrv - ok
22:36:10.0858 0436 WMPNetworkSvc - ok
22:36:10.0889 0436 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:36:10.0905 0436 WPCSvc - ok
22:36:10.0920 0436 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
22:36:10.0920 0436 WPDBusEnum - ok
22:36:10.0951 0436 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:36:10.0951 0436 ws2ifsl - ok
22:36:10.0967 0436 WSearch - ok
22:36:11.0107 0436 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:36:11.0170 0436 wuauserv - ok
22:36:11.0263 0436 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:36:11.0263 0436 WudfPf - ok
22:36:11.0295 0436 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:36:11.0310 0436 WUDFRd - ok
22:36:11.0326 0436 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
22:36:11.0341 0436 wudfsvc - ok
22:36:11.0357 0436 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:36:11.0373 0436 WwanSvc - ok
22:36:11.0419 0436 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:36:11.0950 0436 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:36:11.0950 0436 \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:36:11.0950 0436 Boot (0x1200) (797117b58bd6fb9cdf20dcb746648777) \Device\Harddisk0\DR0\Partition0
22:36:11.0965 0436 \Device\Harddisk0\DR0\Partition0 - ok
22:36:11.0997 0436 Boot (0x1200) (353e760578656b3e3c6bbde55e638336) \Device\Harddisk0\DR0\Partition1
22:36:11.0997 0436 \Device\Harddisk0\DR0\Partition1 - ok
22:36:11.0997 0436 ============================================================
22:36:11.0997 0436 Scan finished
22:36:11.0997 0436 ============================================================
22:36:12.0012 0912 Detected object count: 1
22:36:12.0012 0912 Actual detected object count: 1
22:36:16.0536 0912 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
22:36:16.0536 0912 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
22:36:21.0700 3828 Deinitialize success

and ESET:

C:\TDSSKiller_Quarantine\16.07.2012_20.15.25\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.15.25\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.15.25\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.15.25\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.15.25\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.15.25\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.15.25\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.21.06\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.21.06\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.21.06\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.21.06\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.21.06\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.21.06\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_20.21.06\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Windows\Installer\{86892b7c-0423-9f60-d64b-e352cdd26a05}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{86892b7c-0423-9f60-d64b-e352cdd26a05}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{86892b7c-0423-9f60-d64b-e352cdd26a05}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory multiple threats

Edited by kkills, 17 July 2012 - 01:32 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:37 AM

Posted 17 July 2012 - 01:30 AM

ASWMBR?

#5 kkills

kkills
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 17 July 2012 - 01:33 AM

oops, accidentally pasted TDSS twice. here is aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-16 22:36:29
-----------------------------
22:36:29.061 OS Version: Windows x64 6.1.7601 Service Pack 1
22:36:29.061 Number of processors: 2 586 0x2A07
22:36:29.077 ComputerName: KPC UserName:
22:36:36.674 Initialize success
22:36:47.251 AVAST engine defs: 12071601
22:36:51.432 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:36:51.447 Disk 0 Vendor: ST932031 0001 Size: 305245MB BusType: 3
22:36:51.463 Disk 0 MBR read successfully
22:36:51.463 Disk 0 MBR scan
22:36:51.463 Disk 0 Windows 7 default MBR code
22:36:51.479 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
22:36:51.494 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
22:36:51.510 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 291831 MB offset 27469824
22:36:51.541 Disk 0 scanning C:\Windows\system32\drivers
22:37:01.963 Service scanning
22:37:25.347 Modules scanning
22:37:25.347 Disk 0 trace - called modules:
22:37:25.378 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:37:25.394 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007fad6b0]
22:37:25.394 3 CLASSPNP.SYS[fffff88001d5c43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007a65050]
22:37:26.080 AVAST engine scan C:\Windows
22:37:28.420 AVAST engine scan C:\Windows\system32
22:39:30.596 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
22:39:32.363 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
22:41:03.131 AVAST engine scan C:\Windows\system32\drivers
22:41:28.707 AVAST engine scan C:\Users\Kyle
22:43:42.402 AVAST engine scan C:\ProgramData
22:44:25.167 Scan finished successfully
22:44:37.640 Disk 0 MBR has been saved successfully to "C:\Users\Kyle\Desktop\MBR.dat"
22:44:37.646 The log file has been saved successfully to "C:\Users\Kyle\Desktop\aswMBR.txt"

Edited by kkills, 17 July 2012 - 01:36 AM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:37 AM

Posted 17 July 2012 - 01:39 AM

We need advanced help

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#7 kkills

kkills
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:37 AM

Posted 17 July 2012 - 01:58 AM

Okay, thank you for your help.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:37 AM

Posted 17 July 2012 - 02:00 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users