Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

2x winrscmde in audio mixer


  • Please log in to reply
7 replies to this topic

#1 Frobond

Frobond

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 29 November 2012 - 06:55 PM

I recently had been able to remove(i thought successfully) the "fbi Money" virus about a month ago. however it would appear i was not so successful. avg will about twice daily tell me it has blocked something or other. I dont notice a huge slow down in my computer but my specs are rather high so it would take a lot to bog it down. However today i noticed that i have 2 instances of winrscmde in my volume mixer on windows 7.

i ran mailware bites right before i posted here the logs where be attached...

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.29.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Nathan :: NATHAN-PC [limited]

11/29/2012 5:24:09 PM
mbam-log-2012-11-29 (17-24-09).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 919657
Time elapsed: 29 minute(s), 7 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 5864 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Nathan\AppData\Roaming\hellomoto (Trojan.Ransom.FGen) -> Quarantined and deleted successfully.

Files Detected: 3
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.
C:\Users\Nathan\AppData\Roaming\hellomoto\TujP.dat (Trojan.Ransom.FGen) -> Quarantined and deleted successfully.
C:\Users\Nathan\AppData\Roaming\hellomoto\BukF.dat (Trojan.Ransom.FGen) -> Quarantined and deleted successfully.

(end)

let me know what else is needed

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:19 AM

Posted 29 November 2012 - 07:10 PM

Hello Frobond, this can be stuborn so please do these.

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.



Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.


>>>
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>
ESET ONLINE


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Frobond

Frobond
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 29 November 2012 - 07:16 PM

ran rkill
and reran mbam

will posts logs now. will do rest after restart
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/29/2012 06:11:55 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Nathan\Desktop\PCMeter\PCMeter.exe (PID: 2032) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Nathan\Desktop\rkill\rkill-11-29-2012-06-12-29.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

 * ALERT: ZEROACCESS rootkit symptoms found!

     * HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
     * HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
     * C:\$Recycle.Bin\S-1-5-18\$9fb28edd9881cc960b732eb6646115df\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-18\$9fb28edd9881cc960b732eb6646115df\L\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-18\$9fb28edd9881cc960b732eb6646115df\L\00000004.@ [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$9fb28edd9881cc960b732eb6646115df\L\201d3dde [ZA File]
     * C:\$Recycle.Bin\S-1-5-18\$9fb28edd9881cc960b732eb6646115df\U\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-21-3074089406-2749748473-1463020382-1000\$9fb28edd9881cc960b732eb6646115df\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-21-3074089406-2749748473-1463020382-1000\$9fb28edd9881cc960b732eb6646115df\L\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-21-3074089406-2749748473-1463020382-1000\$9fb28edd9881cc960b732eb6646115df\U\ [ZA Dir]

Checking Windows Service Integrity: 

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * iphlpsvc [Missing Service]

 * WinDefend => %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 11/29/2012 06:12:33 PM
Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.29.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Nathan :: NATHAN-PC [administrator]

11/29/2012 6:13:41 PM
mbam-log-2012-11-29 (18-13-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 228474
Time elapsed: 37 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 6904 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)


#4 Frobond

Frobond
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 29 November 2012 - 08:37 PM

there where 3 tdsskiller logs
as well as the eset log


22:40:50.0559 0196  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
22:40:50.0949 0196  ============================================================
22:40:50.0949 0196  Current date / time: 2012/09/18 22:40:50.0949
22:40:50.0949 0196  SystemInfo:
22:40:50.0949 0196  
22:40:50.0949 0196  OS Version: 6.1.7601 ServicePack: 1.0
22:40:50.0949 0196  Product type: Workstation
22:40:50.0949 0196  ComputerName: NATHAN-PC
22:40:50.0949 0196  UserName: Nathan
22:40:50.0949 0196  Windows directory: C:\Windows
22:40:50.0949 0196  System windows directory: C:\Windows
22:40:50.0949 0196  Running under WOW64
22:40:50.0949 0196  Processor architecture: Intel x64
22:40:50.0949 0196  Number of processors: 8
22:40:50.0949 0196  Page size: 0x1000
22:40:50.0949 0196  Boot type: Safe boot with network
22:40:50.0949 0196  ============================================================
22:40:51.0167 0196  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:40:51.0167 0196  Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:40:51.0167 0196  ============================================================
22:40:51.0167 0196  \Device\Harddisk0\DR0:
22:40:51.0167 0196  MBR partitions:
22:40:51.0167 0196  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
22:40:51.0167 0196  \Device\Harddisk1\DR1:
22:40:51.0167 0196  MBR partitions:
22:40:51.0167 0196  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:40:51.0167 0196  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0000
22:40:51.0167 0196  ============================================================
22:40:51.0167 0196  C: <-> \Device\Harddisk1\DR1\Partition2
22:40:51.0198 0196  D: <-> \Device\Harddisk0\DR0\Partition1
22:40:51.0198 0196  ============================================================
22:40:51.0198 0196  Initialize success
22:40:51.0198 0196  ============================================================
22:40:52.0868 1224  ============================================================
22:40:52.0868 1224  Scan started
22:40:52.0868 1224  Mode: Manual; 
22:40:52.0868 1224  ============================================================
22:40:52.0914 1224  ================ Scan system memory ========================
22:40:52.0914 1224  System memory - ok
22:40:52.0914 1224  ================ Scan services =============================
22:40:52.0946 1224  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:40:52.0946 1224  1394ohci - ok
22:40:52.0961 1224  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:40:52.0961 1224  ACPI - ok
22:40:52.0961 1224  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:40:52.0961 1224  AcpiPmi - ok
22:40:52.0961 1224  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:40:52.0961 1224  AdobeARMservice - ok
22:40:52.0977 1224  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:40:52.0992 1224  AdobeFlashPlayerUpdateSvc - ok
22:40:52.0992 1224  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:40:52.0992 1224  adp94xx - ok
22:40:52.0992 1224  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:40:53.0008 1224  adpahci - ok
22:40:53.0008 1224  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:40:53.0008 1224  adpu320 - ok
22:40:53.0008 1224  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:40:53.0008 1224  AeLookupSvc - ok
22:40:53.0024 1224  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
22:40:53.0024 1224  AFD - ok
22:40:53.0024 1224  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:40:53.0024 1224  agp440 - ok
22:40:53.0024 1224  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:40:53.0024 1224  ALG - ok
22:40:53.0024 1224  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:40:53.0024 1224  aliide - ok
22:40:53.0024 1224  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
22:40:53.0024 1224  amdide - ok
22:40:53.0039 1224  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:40:53.0039 1224  AmdK8 - ok
22:40:53.0039 1224  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:40:53.0039 1224  AmdPPM - ok
22:40:53.0039 1224  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:40:53.0039 1224  amdsata - ok
22:40:53.0039 1224  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:40:53.0039 1224  amdsbs - ok
22:40:53.0039 1224  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:40:53.0039 1224  amdxata - ok
22:40:53.0039 1224  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
22:40:53.0055 1224  AppID - ok
22:40:53.0055 1224  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:40:53.0055 1224  AppIDSvc - ok
22:40:53.0055 1224  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
22:40:53.0055 1224  Appinfo - ok
22:40:53.0055 1224  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:40:53.0055 1224  Apple Mobile Device - ok
22:40:53.0055 1224  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:40:53.0055 1224  arc - ok
22:40:53.0055 1224  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:40:53.0055 1224  arcsas - ok
22:40:53.0070 1224  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:40:53.0070 1224  aspnet_state - ok
22:40:53.0086 1224  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:40:53.0086 1224  AsyncMac - ok
22:40:53.0086 1224  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
22:40:53.0086 1224  atapi - ok
22:40:53.0086 1224  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:40:53.0086 1224  AudioEndpointBuilder - ok
22:40:53.0102 1224  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:40:53.0102 1224  AudioSrv - ok
22:40:53.0102 1224  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:40:53.0102 1224  AxInstSV - ok
22:40:53.0102 1224  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:40:53.0117 1224  b06bdrv - ok
22:40:53.0117 1224  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:40:53.0117 1224  b57nd60a - ok
22:40:53.0117 1224  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:40:53.0117 1224  BDESVC - ok
22:40:53.0117 1224  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:40:53.0117 1224  Beep - ok
22:40:53.0117 1224  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:40:53.0117 1224  blbdrive - ok
22:40:53.0133 1224  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:40:53.0133 1224  Bonjour Service - ok
22:40:53.0133 1224  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:40:53.0133 1224  bowser - ok
22:40:53.0133 1224  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:40:53.0133 1224  BrFiltLo - ok
22:40:53.0133 1224  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:40:53.0133 1224  BrFiltUp - ok
22:40:53.0148 1224  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
22:40:53.0148 1224  Browser - ok
22:40:53.0148 1224  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:40:53.0148 1224  Brserid - ok
22:40:53.0148 1224  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:40:53.0148 1224  BrSerWdm - ok
22:40:53.0148 1224  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:40:53.0148 1224  BrUsbMdm - ok
22:40:53.0148 1224  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:40:53.0148 1224  BrUsbSer - ok
22:40:53.0148 1224  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:40:53.0148 1224  BTHMODEM - ok
22:40:53.0164 1224  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:40:53.0164 1224  bthserv - ok
22:40:53.0164 1224  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:40:53.0164 1224  cdfs - ok
22:40:53.0164 1224  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:40:53.0164 1224  cdrom - ok
22:40:53.0164 1224  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:40:53.0164 1224  CertPropSvc - ok
22:40:53.0164 1224  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:40:53.0164 1224  circlass - ok
22:40:53.0180 1224  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:40:53.0180 1224  CLFS - ok
22:40:53.0180 1224  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:40:53.0180 1224  clr_optimization_v2.0.50727_32 - ok
22:40:53.0195 1224  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:40:53.0195 1224  clr_optimization_v2.0.50727_64 - ok
22:40:53.0195 1224  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:40:53.0211 1224  clr_optimization_v4.0.30319_32 - ok
22:40:53.0211 1224  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:40:53.0211 1224  clr_optimization_v4.0.30319_64 - ok
22:40:53.0211 1224  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:40:53.0211 1224  CmBatt - ok
22:40:53.0226 1224  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:40:53.0226 1224  cmdide - ok
22:40:53.0226 1224  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
22:40:53.0226 1224  CNG - ok
22:40:53.0226 1224  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:40:53.0226 1224  Compbatt - ok
22:40:53.0242 1224  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:40:53.0242 1224  CompositeBus - ok
22:40:53.0242 1224  COMSysApp - ok
22:40:53.0242 1224  [ C08063F052308B6F5882482615387F30 ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
22:40:53.0242 1224  cpuz135 - ok
22:40:53.0242 1224  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:40:53.0242 1224  crcdisk - ok
22:40:53.0242 1224  [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
22:40:53.0242 1224  Creative ALchemy AL6 Licensing Service - ok
22:40:53.0242 1224  [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
22:40:53.0242 1224  Creative Audio Engine Licensing Service - ok
22:40:53.0258 1224  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:40:53.0258 1224  CryptSvc - ok
22:40:53.0258 1224  [ 7DAA33AAEE034AE62EF631A3F13A027B ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
22:40:53.0258 1224  CTAudSvcService - ok
22:40:53.0273 1224  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:40:53.0273 1224  DcomLaunch - ok
22:40:53.0273 1224  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:40:53.0289 1224  defragsvc - ok
22:40:53.0289 1224  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:40:53.0289 1224  DfsC - ok
22:40:53.0289 1224  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:40:53.0289 1224  Dhcp - ok
22:40:53.0289 1224  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:40:53.0289 1224  discache - ok
22:40:53.0289 1224  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:40:53.0289 1224  Disk - ok
22:40:53.0304 1224  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:40:53.0304 1224  Dnscache - ok
22:40:53.0304 1224  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:40:53.0304 1224  dot3svc - ok
22:40:53.0304 1224  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
22:40:53.0304 1224  DPS - ok
22:40:53.0304 1224  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:40:53.0304 1224  drmkaud - ok
22:40:53.0320 1224  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:40:53.0320 1224  DXGKrnl - ok
22:40:53.0320 1224  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:40:53.0336 1224  EapHost - ok
22:40:53.0351 1224  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:40:53.0367 1224  ebdrv - ok
22:40:53.0382 1224  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
22:40:53.0382 1224  EFS - ok
22:40:53.0382 1224  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:40:53.0398 1224  ehRecvr - ok
22:40:53.0398 1224  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
22:40:53.0398 1224  ehSched - ok
22:40:53.0398 1224  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:40:53.0398 1224  elxstor - ok
22:40:53.0414 1224  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:40:53.0414 1224  ErrDev - ok
22:40:53.0414 1224  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:40:53.0414 1224  EventSystem - ok
22:40:53.0414 1224  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:40:53.0414 1224  exfat - ok
22:40:53.0429 1224  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:40:53.0429 1224  fastfat - ok
22:40:53.0429 1224  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
22:40:53.0429 1224  Fax - ok
22:40:53.0429 1224  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:40:53.0445 1224  fdc - ok
22:40:53.0445 1224  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:40:53.0445 1224  fdPHost - ok
22:40:53.0445 1224  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:40:53.0445 1224  FDResPub - ok
22:40:53.0445 1224  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:40:53.0445 1224  FileInfo - ok
22:40:53.0445 1224  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:40:53.0445 1224  Filetrace - ok
22:40:53.0445 1224  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:40:53.0445 1224  flpydisk - ok
22:40:53.0460 1224  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:40:53.0460 1224  FltMgr - ok
22:40:53.0460 1224  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
22:40:53.0476 1224  FontCache - ok
22:40:53.0476 1224  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:40:53.0476 1224  FontCache3.0.0.0 - ok
22:40:53.0476 1224  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:40:53.0476 1224  FsDepends - ok
22:40:53.0476 1224  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:40:53.0476 1224  Fs_Rec - ok
22:40:53.0492 1224  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:40:53.0492 1224  fvevol - ok
22:40:53.0492 1224  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:40:53.0492 1224  gagp30kx - ok
22:40:53.0492 1224  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:40:53.0492 1224  GEARAspiWDM - ok
22:40:53.0492 1224  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
22:40:53.0507 1224  gpsvc - ok
22:40:53.0507 1224  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:40:53.0507 1224  hcw85cir - ok
22:40:53.0507 1224  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:40:53.0507 1224  HdAudAddService - ok
22:40:53.0523 1224  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:40:53.0523 1224  HDAudBus - ok
22:40:53.0523 1224  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:40:53.0523 1224  HidBatt - ok
22:40:53.0523 1224  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:40:53.0523 1224  HidBth - ok
22:40:53.0523 1224  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:40:53.0523 1224  HidIr - ok
22:40:53.0523 1224  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
22:40:53.0523 1224  hidserv - ok
22:40:53.0523 1224  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:40:53.0523 1224  HidUsb - ok
22:40:53.0523 1224  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:40:53.0538 1224  hkmsvc - ok
22:40:53.0538 1224  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:40:53.0538 1224  HomeGroupListener - ok
22:40:53.0538 1224  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:40:53.0538 1224  HomeGroupProvider - ok
22:40:53.0538 1224  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:40:53.0538 1224  HpSAMD - ok
22:40:53.0554 1224  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:40:53.0554 1224  HTTP - ok
22:40:53.0554 1224  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:40:53.0554 1224  hwpolicy - ok
22:40:53.0554 1224  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:40:53.0554 1224  i8042prt - ok
22:40:53.0570 1224  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:40:53.0570 1224  iaStorV - ok
22:40:53.0570 1224  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:40:53.0585 1224  idsvc - ok
22:40:53.0585 1224  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:40:53.0585 1224  iirsp - ok
22:40:53.0585 1224  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:40:53.0601 1224  IKEEXT - ok
22:40:53.0601 1224  [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:40:53.0601 1224  Intel(R) Capability Licensing Service Interface - ok
22:40:53.0601 1224  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
22:40:53.0601 1224  intelide - ok
22:40:53.0616 1224  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:40:53.0616 1224  intelppm - ok
22:40:53.0616 1224  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:40:53.0616 1224  IPBusEnum - ok
22:40:53.0616 1224  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:40:53.0616 1224  IpFilterDriver - ok
22:40:53.0616 1224  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:40:53.0616 1224  IPMIDRV - ok
22:40:53.0616 1224  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:40:53.0616 1224  IPNAT - ok
22:40:53.0632 1224  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:40:53.0632 1224  iPod Service - ok
22:40:53.0632 1224  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:40:53.0632 1224  IRENUM - ok
22:40:53.0632 1224  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:40:53.0632 1224  isapnp - ok
22:40:53.0648 1224  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:40:53.0648 1224  iScsiPrt - ok
22:40:53.0648 1224  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
22:40:53.0648 1224  iusb3hcs - ok
22:40:53.0648 1224  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
22:40:53.0648 1224  iusb3hub - ok
22:40:53.0663 1224  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
22:40:53.0663 1224  iusb3xhc - ok
22:40:53.0663 1224  [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:40:53.0663 1224  jhi_service - ok
22:40:53.0663 1224  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:40:53.0663 1224  kbdclass - ok
22:40:53.0679 1224  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:40:53.0679 1224  kbdhid - ok
22:40:53.0679 1224  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
22:40:53.0679 1224  KeyIso - ok
22:40:53.0679 1224  [ 64801398A9EA492548703CC5F0109F87 ] ksaud           C:\Windows\system32\drivers\ksaud.sys
22:40:53.0694 1224  ksaud - ok
22:40:53.0694 1224  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:40:53.0694 1224  KSecDD - ok
22:40:53.0694 1224  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:40:53.0694 1224  KSecPkg - ok
22:40:53.0694 1224  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:40:53.0694 1224  ksthunk - ok
22:40:53.0710 1224  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:40:53.0710 1224  KtmRm - ok
22:40:53.0710 1224  [ B8040D3B97B16B89701E31A17353856C ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
22:40:53.0710 1224  L1C - ok
22:40:53.0710 1224  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:40:53.0710 1224  LanmanServer - ok
22:40:53.0710 1224  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:40:53.0726 1224  LanmanWorkstation - ok
22:40:53.0726 1224  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:40:53.0726 1224  lltdio - ok
22:40:53.0726 1224  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:40:53.0726 1224  lltdsvc - ok
22:40:53.0726 1224  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:40:53.0726 1224  lmhosts - ok
22:40:53.0726 1224  [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:40:53.0741 1224  LMS - ok
22:40:53.0741 1224  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:40:53.0741 1224  LSI_FC - ok
22:40:53.0741 1224  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:40:53.0741 1224  LSI_SAS - ok
22:40:53.0741 1224  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:40:53.0741 1224  LSI_SAS2 - ok
22:40:53.0741 1224  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:40:53.0741 1224  LSI_SCSI - ok
22:40:53.0757 1224  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:40:53.0757 1224  luafv - ok
22:40:53.0757 1224  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:40:53.0757 1224  MBAMProtector - ok
22:40:53.0772 1224  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:40:53.0772 1224  MBAMScheduler - ok
22:40:53.0772 1224  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:40:53.0788 1224  MBAMService - ok
22:40:53.0788 1224  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
22:40:53.0788 1224  mcdbus - ok
22:40:53.0788 1224  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:40:53.0788 1224  Mcx2Svc - ok
22:40:53.0788 1224  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:40:53.0788 1224  megasas - ok
22:40:53.0788 1224  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:40:53.0804 1224  MegaSR - ok
22:40:53.0804 1224  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:40:53.0804 1224  MEIx64 - ok
22:40:53.0804 1224  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:40:53.0804 1224  MMCSS - ok
22:40:53.0804 1224  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:40:53.0804 1224  Modem - ok
22:40:53.0804 1224  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:40:53.0804 1224  monitor - ok
22:40:53.0804 1224  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:40:53.0804 1224  mouclass - ok
22:40:53.0804 1224  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:40:53.0804 1224  mouhid - ok
22:40:53.0819 1224  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:40:53.0819 1224  mountmgr - ok
22:40:53.0819 1224  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:40:53.0819 1224  MozillaMaintenance - ok
22:40:53.0819 1224  [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
22:40:53.0819 1224  MpFilter - ok
22:40:53.0819 1224  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:40:53.0819 1224  mpio - ok
22:40:53.0835 1224  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:40:53.0835 1224  mpsdrv - ok
22:40:53.0835 1224  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:40:53.0835 1224  MRxDAV - ok
22:40:53.0835 1224  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:40:53.0835 1224  mrxsmb - ok
22:40:53.0835 1224  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:40:53.0850 1224  mrxsmb10 - ok
22:40:53.0850 1224  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:40:53.0850 1224  mrxsmb20 - ok
22:40:53.0850 1224  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:40:53.0850 1224  msahci - ok
22:40:53.0850 1224  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:40:53.0850 1224  msdsm - ok
22:40:53.0850 1224  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:40:53.0850 1224  MSDTC - ok
22:40:53.0866 1224  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:40:53.0866 1224  Msfs - ok
22:40:53.0866 1224  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:40:53.0866 1224  mshidkmdf - ok
22:40:53.0866 1224  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:40:53.0866 1224  msisadrv - ok
22:40:53.0866 1224  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:40:53.0866 1224  MSiSCSI - ok
22:40:53.0866 1224  msiserver - ok
22:40:53.0866 1224  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:40:53.0866 1224  MSKSSRV - ok
22:40:53.0866 1224  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:40:53.0866 1224  MSPCLOCK - ok
22:40:53.0866 1224  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:40:53.0866 1224  MSPQM - ok
22:40:53.0882 1224  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:40:53.0882 1224  MsRPC - ok
22:40:53.0897 1224  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:40:53.0897 1224  mssmbios - ok
22:40:53.0897 1224  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:40:53.0897 1224  MSTEE - ok
22:40:53.0897 1224  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:40:53.0897 1224  MTConfig - ok
22:40:53.0897 1224  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:40:53.0897 1224  Mup - ok
22:40:53.0897 1224  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
22:40:53.0913 1224  napagent - ok
22:40:53.0913 1224  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:40:53.0913 1224  NativeWifiP - ok
22:40:53.0913 1224  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:40:53.0928 1224  NDIS - ok
22:40:53.0928 1224  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:40:53.0928 1224  NdisCap - ok
22:40:53.0928 1224  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:40:53.0928 1224  NdisTapi - ok
22:40:53.0928 1224  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:40:53.0928 1224  Ndisuio - ok
22:40:53.0928 1224  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:40:53.0928 1224  NdisWan - ok
22:40:53.0944 1224  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:40:53.0944 1224  NDProxy - ok
22:40:53.0944 1224  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:40:53.0944 1224  NetBIOS - ok
22:40:53.0944 1224  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:40:53.0944 1224  NetBT - ok
22:40:53.0944 1224  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:40:53.0944 1224  Netlogon - ok
22:40:53.0960 1224  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:40:53.0960 1224  Netman - ok
22:40:53.0960 1224  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:40:53.0960 1224  NetMsmqActivator - ok
22:40:53.0960 1224  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:40:53.0960 1224  NetPipeActivator - ok
22:40:53.0975 1224  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:40:53.0975 1224  netprofm - ok
22:40:53.0975 1224  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:40:53.0975 1224  NetTcpActivator - ok
22:40:53.0975 1224  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:40:53.0975 1224  NetTcpPortSharing - ok
22:40:53.0975 1224  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:40:53.0975 1224  nfrd960 - ok
22:40:53.0975 1224  [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:40:53.0991 1224  NisDrv - ok
22:40:53.0991 1224  [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
22:40:53.0991 1224  NisSrv - ok
22:40:53.0991 1224  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:40:53.0991 1224  NlaSvc - ok
22:40:53.0991 1224  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:40:53.0991 1224  Npfs - ok
22:40:54.0006 1224  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:40:54.0006 1224  nsi - ok
22:40:54.0006 1224  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:40:54.0006 1224  nsiproxy - ok
22:40:54.0022 1224  [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:40:54.0038 1224  Ntfs - ok
22:40:54.0038 1224  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:40:54.0038 1224  Null - ok
22:40:54.0038 1224  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
22:40:54.0038 1224  NVHDA - ok
22:40:54.0116 1224  [ 79060E6631DC2C91DA8E601E2584A623 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:40:54.0194 1224  nvlddmkm - ok
22:40:54.0194 1224  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:40:54.0194 1224  nvraid - ok
22:40:54.0194 1224  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:40:54.0194 1224  nvstor - ok
22:40:54.0209 1224  [ BDBC8E51FF2F3B800FF7B90DCDA31B48 ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:40:54.0209 1224  nvsvc - ok
22:40:54.0225 1224  [ 55F03866A969A50CD1574B0F61ACEC1D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:40:54.0225 1224  nvUpdatusService - ok
22:40:54.0225 1224  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:40:54.0225 1224  nv_agp - ok
22:40:54.0225 1224  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:40:54.0240 1224  ohci1394 - ok
22:40:54.0240 1224  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:40:54.0240 1224  p2pimsvc - ok
22:40:54.0240 1224  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:40:54.0240 1224  p2psvc - ok
22:40:54.0256 1224  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:40:54.0256 1224  Parport - ok
22:40:54.0256 1224  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:40:54.0256 1224  partmgr - ok
22:40:54.0256 1224  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:40:54.0256 1224  PcaSvc - ok
22:40:54.0272 1224  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
22:40:54.0272 1224  pci - ok
22:40:54.0272 1224  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:40:54.0272 1224  pciide - ok
22:40:54.0272 1224  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:40:54.0272 1224  pcmcia - ok
22:40:54.0272 1224  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:40:54.0272 1224  pcw - ok
22:40:54.0287 1224  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:40:54.0287 1224  PEAUTH - ok
22:40:54.0303 1224  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:40:54.0318 1224  PerfHost - ok
22:40:54.0318 1224  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
22:40:54.0334 1224  pla - ok
22:40:54.0334 1224  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:40:54.0334 1224  PlugPlay - ok
22:40:54.0334 1224  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:40:54.0350 1224  PNRPAutoReg - ok
22:40:54.0350 1224  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:40:54.0350 1224  PNRPsvc - ok
22:40:54.0350 1224  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:40:54.0350 1224  PolicyAgent - ok
22:40:54.0365 1224  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:40:54.0365 1224  Power - ok
22:40:54.0365 1224  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:40:54.0365 1224  PptpMiniport - ok
22:40:54.0365 1224  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:40:54.0365 1224  Processor - ok
22:40:54.0365 1224  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
22:40:54.0381 1224  ProfSvc - ok
22:40:54.0381 1224  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:40:54.0381 1224  ProtectedStorage - ok
22:40:54.0381 1224  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:40:54.0381 1224  Psched - ok
22:40:54.0396 1224  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:40:54.0396 1224  ql2300 - ok
22:40:54.0412 1224  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:40:54.0412 1224  ql40xx - ok
22:40:54.0412 1224  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:40:54.0412 1224  QWAVE - ok
22:40:54.0412 1224  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:40:54.0412 1224  QWAVEdrv - ok
22:40:54.0412 1224  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:40:54.0412 1224  RasAcd - ok
22:40:54.0412 1224  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:40:54.0412 1224  RasAgileVpn - ok
22:40:54.0412 1224  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:40:54.0428 1224  RasAuto - ok
22:40:54.0428 1224  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:40:54.0428 1224  Rasl2tp - ok
22:40:54.0428 1224  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:40:54.0443 1224  RasMan - ok
22:40:54.0443 1224  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:40:54.0443 1224  RasPppoe - ok
22:40:54.0443 1224  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:40:54.0443 1224  RasSstp - ok
22:40:54.0443 1224  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:40:54.0443 1224  rdbss - ok
22:40:54.0459 1224  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:40:54.0459 1224  rdpbus - ok
22:40:54.0459 1224  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:40:54.0459 1224  RDPCDD - ok
22:40:54.0459 1224  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:40:54.0459 1224  RDPENCDD - ok
22:40:54.0459 1224  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:40:54.0459 1224  RDPREFMP - ok
22:40:54.0459 1224  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:40:54.0459 1224  RDPWD - ok
22:40:54.0474 1224  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:40:54.0474 1224  rdyboost - ok
22:40:54.0474 1224  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:40:54.0474 1224  RemoteAccess - ok
22:40:54.0474 1224  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:40:54.0474 1224  RemoteRegistry - ok
22:40:54.0474 1224  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:40:54.0474 1224  RpcEptMapper - ok
22:40:54.0474 1224  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:40:54.0474 1224  RpcLocator - ok
22:40:54.0490 1224  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
22:40:54.0490 1224  RpcSs - ok
22:40:54.0490 1224  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:40:54.0490 1224  rspndr - ok
22:40:54.0490 1224  [ 87D5781DFF8AC2EF9BD41B60023BAC50 ] RTCore64        C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
22:40:54.0490 1224  RTCore64 - ok
22:40:54.0490 1224  [ 602FCF9D91BD47721B248B81F816C267 ] rzendpt         C:\Windows\system32\DRIVERS\rzendpt.sys
22:40:54.0490 1224  rzendpt - ok
22:40:54.0506 1224  [ 672CA863751E96F0A800215C11FD496F ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
22:40:54.0506 1224  rzudd - ok
22:40:54.0506 1224  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
22:40:54.0506 1224  SamSs - ok
22:40:54.0506 1224  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:40:54.0506 1224  sbp2port - ok
22:40:54.0506 1224  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:40:54.0506 1224  SCardSvr - ok
22:40:54.0521 1224  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:40:54.0521 1224  scfilter - ok
22:40:54.0521 1224  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
22:40:54.0537 1224  Schedule - ok
22:40:54.0537 1224  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:40:54.0537 1224  SCPolicySvc - ok
22:40:54.0537 1224  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:40:54.0537 1224  SDRSVC - ok
22:40:54.0537 1224  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:40:54.0537 1224  secdrv - ok
22:40:54.0537 1224  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:40:54.0537 1224  seclogon - ok
22:40:54.0537 1224  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:40:54.0537 1224  SENS - ok
22:40:54.0552 1224  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:40:54.0552 1224  SensrSvc - ok
22:40:54.0552 1224  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:40:54.0552 1224  Serenum - ok
22:40:54.0552 1224  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:40:54.0552 1224  Serial - ok
22:40:54.0568 1224  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:40:54.0568 1224  sermouse - ok
22:40:54.0568 1224  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:40:54.0568 1224  SessionEnv - ok
22:40:54.0568 1224  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:40:54.0568 1224  sffdisk - ok
22:40:54.0584 1224  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:40:54.0584 1224  sffp_mmc - ok
22:40:54.0584 1224  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:40:54.0584 1224  sffp_sd - ok
22:40:54.0584 1224  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:40:54.0584 1224  sfloppy - ok
22:40:54.0584 1224  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:40:54.0584 1224  ShellHWDetection - ok
22:40:54.0584 1224  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:40:54.0584 1224  SiSRaid2 - ok
22:40:54.0599 1224  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:40:54.0599 1224  SiSRaid4 - ok
22:40:54.0615 1224  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:40:54.0630 1224  Skype C2C Service - ok
22:40:54.0630 1224  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:40:54.0630 1224  SkypeUpdate - ok
22:40:54.0630 1224  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:40:54.0630 1224  Smb - ok
22:40:54.0646 1224  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:40:54.0646 1224  SNMPTRAP - ok
22:40:54.0646 1224  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:40:54.0646 1224  spldr - ok
22:40:54.0646 1224  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
22:40:54.0646 1224  Spooler - ok
22:40:54.0677 1224  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:40:54.0693 1224  sppsvc - ok
22:40:54.0693 1224  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:40:54.0693 1224  sppuinotify - ok
22:40:54.0708 1224  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:40:54.0708 1224  srv - ok
22:40:54.0708 1224  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:40:54.0708 1224  srv2 - ok
22:40:54.0708 1224  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:40:54.0708 1224  srvnet - ok
22:40:54.0724 1224  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:40:54.0724 1224  SSDPSRV - ok
22:40:54.0724 1224  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:40:54.0724 1224  SstpSvc - ok
22:40:54.0724 1224  Steam Client Service - ok
22:40:54.0740 1224  [ 4A566EB1ABCD229B3F8D67F3C4224897 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:40:54.0740 1224  Stereo Service - ok
22:40:54.0740 1224  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:40:54.0740 1224  stexstor - ok
22:40:54.0740 1224  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:40:54.0740 1224  stisvc - ok
22:40:54.0755 1224  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:40:54.0755 1224  swenum - ok
22:40:54.0755 1224  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:40:54.0755 1224  swprv - ok
22:40:54.0771 1224  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
22:40:54.0786 1224  SysMain - ok
22:40:54.0786 1224  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:40:54.0786 1224  TabletInputService - ok
22:40:54.0786 1224  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:40:54.0786 1224  TapiSrv - ok
22:40:54.0802 1224  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:40:54.0802 1224  TBS - ok
22:40:54.0818 1224  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:40:54.0833 1224  Tcpip - ok
22:40:54.0833 1224  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:40:54.0849 1224  TCPIP6 - ok
22:40:54.0849 1224  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:40:54.0849 1224  tcpipreg - ok
22:40:54.0849 1224  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:40:54.0849 1224  TDPIPE - ok
22:40:54.0849 1224  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:40:54.0849 1224  TDTCP - ok
22:40:54.0849 1224  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:40:54.0849 1224  tdx - ok
22:40:54.0864 1224  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:40:54.0864 1224  TermDD - ok
22:40:54.0864 1224  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
22:40:54.0864 1224  TermService - ok
22:40:54.0864 1224  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:40:54.0880 1224  Themes - ok
22:40:54.0880 1224  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:40:54.0880 1224  THREADORDER - ok
22:40:54.0880 1224  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:40:54.0880 1224  TrkWks - ok
22:40:54.0880 1224  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:40:54.0880 1224  TrustedInstaller - ok
22:40:54.0896 1224  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:40:54.0896 1224  tssecsrv - ok
22:40:54.0896 1224  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:40:54.0896 1224  TsUsbFlt - ok
22:40:54.0896 1224  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:40:54.0896 1224  tunnel - ok
22:40:54.0896 1224  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:40:54.0896 1224  uagp35 - ok
22:40:54.0896 1224  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:40:54.0911 1224  udfs - ok
22:40:54.0911 1224  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:40:54.0911 1224  UI0Detect - ok
22:40:54.0911 1224  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:40:54.0911 1224  uliagpkx - ok
22:40:54.0911 1224  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
22:40:54.0911 1224  umbus - ok
22:40:54.0911 1224  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:40:54.0911 1224  UmPass - ok
22:40:54.0927 1224  [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:40:54.0927 1224  UNS - ok
22:40:54.0927 1224  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:40:54.0927 1224  upnphost - ok
22:40:54.0927 1224  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:40:54.0927 1224  usbaudio - ok
22:40:54.0942 1224  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:40:54.0942 1224  usbccgp - ok
22:40:54.0942 1224  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:40:54.0942 1224  usbcir - ok
22:40:54.0942 1224  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:40:54.0942 1224  usbehci - ok
22:40:54.0942 1224  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
22:40:54.0958 1224  usbhub - ok
22:40:54.0958 1224  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
22:40:54.0958 1224  usbohci - ok
22:40:54.0958 1224  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:40:54.0958 1224  usbprint - ok
22:40:54.0958 1224  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
22:40:54.0958 1224  USBSTOR - ok
22:40:54.0974 1224  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:40:54.0974 1224  usbuhci - ok
22:40:54.0974 1224  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:40:54.0974 1224  UxSms - ok
22:40:54.0974 1224  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:40:54.0974 1224  VaultSvc - ok
22:40:54.0974 1224  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
22:40:54.0974 1224  VClone - ok
22:40:54.0974 1224  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:40:54.0974 1224  vdrvroot - ok
22:40:54.0989 1224  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
22:40:54.0989 1224  vds - ok
22:40:54.0989 1224  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:40:54.0989 1224  vga - ok
22:40:54.0989 1224  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:40:54.0989 1224  VgaSave - ok
22:40:54.0989 1224  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:40:54.0989 1224  vhdmp - ok
22:40:54.0989 1224  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:40:54.0989 1224  viaide - ok
22:40:55.0005 1224  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:40:55.0005 1224  volmgr - ok
22:40:55.0005 1224  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:40:55.0005 1224  volmgrx - ok
22:40:55.0020 1224  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:40:55.0020 1224  volsnap - ok
22:40:55.0020 1224  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:40:55.0020 1224  vsmraid - ok
22:40:55.0036 1224  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
22:40:55.0036 1224  VSS - ok
22:40:55.0036 1224  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:40:55.0036 1224  vwifibus - ok
22:40:55.0052 1224  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:40:55.0052 1224  W32Time - ok
22:40:55.0052 1224  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:40:55.0052 1224  WacomPen - ok
22:40:55.0052 1224  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:40:55.0052 1224  WANARP - ok
22:40:55.0052 1224  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:40:55.0052 1224  Wanarpv6 - ok
22:40:55.0067 1224  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:40:55.0067 1224  WatAdminSvc - ok
22:40:55.0083 1224  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:40:55.0098 1224  wbengine - ok
22:40:55.0098 1224  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:40:55.0098 1224  WbioSrvc - ok
22:40:55.0098 1224  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:40:55.0114 1224  wcncsvc - ok
22:40:55.0114 1224  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:40:55.0114 1224  WcsPlugInService - ok
22:40:55.0114 1224  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:40:55.0114 1224  Wd - ok
22:40:55.0114 1224  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:40:55.0130 1224  Wdf01000 - ok
22:40:55.0130 1224  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:40:55.0130 1224  WdiServiceHost - ok
22:40:55.0130 1224  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:40:55.0130 1224  WdiSystemHost - ok
22:40:55.0130 1224  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
22:40:55.0130 1224  WebClient - ok
22:40:55.0145 1224  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:40:55.0145 1224  Wecsvc - ok
22:40:55.0145 1224  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:40:55.0145 1224  wercplsupport - ok
22:40:55.0145 1224  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:40:55.0145 1224  WerSvc - ok
22:40:55.0145 1224  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:40:55.0145 1224  WfpLwf - ok
22:40:55.0145 1224  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:40:55.0145 1224  WIMMount - ok
22:40:55.0161 1224  WinHttpAutoProxySvc - ok
22:40:55.0161 1224  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:40:55.0161 1224  Winmgmt - ok
22:40:55.0176 1224  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
22:40:55.0192 1224  WinRM - ok
22:40:55.0192 1224  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:40:55.0208 1224  Wlansvc - ok
22:40:55.0208 1224  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:40:55.0208 1224  WmiAcpi - ok
22:40:55.0208 1224  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:40:55.0208 1224  wmiApSrv - ok
22:40:55.0208 1224  WMPNetworkSvc - ok
22:40:55.0208 1224  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:40:55.0208 1224  WPCSvc - ok
22:40:55.0223 1224  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:40:55.0223 1224  WPDBusEnum - ok
22:40:55.0223 1224  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:40:55.0223 1224  ws2ifsl - ok
22:40:55.0223 1224  WSearch - ok
22:40:55.0223 1224  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:40:55.0223 1224  WudfPf - ok
22:40:55.0223 1224  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:40:55.0223 1224  wudfsvc - ok
22:40:55.0239 1224  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:40:55.0239 1224  WwanSvc - ok
22:40:55.0239 1224  ================ Scan global ===============================
22:40:55.0239 1224  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:40:55.0239 1224  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:40:55.0254 1224  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:40:55.0254 1224  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:40:55.0254 1224  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:40:55.0254 1224  [Global] - ok
22:40:55.0254 1224  ================ Scan MBR ==================================
22:40:55.0270 1224  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:40:55.0442 1224  \Device\Harddisk0\DR0 - ok
22:40:55.0442 1224  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:40:55.0488 1224  \Device\Harddisk1\DR1 - ok
22:40:55.0488 1224  ================ Scan VBR ==================================
22:40:55.0488 1224  [ B915A1D0325698CD1E8BC8471C2E9D4B ] \Device\Harddisk0\DR0\Partition1
22:40:55.0504 1224  \Device\Harddisk0\DR0\Partition1 - ok
22:40:55.0504 1224  [ 6DE8B0AE870EB4E1465532559B296B1C ] \Device\Harddisk1\DR1\Partition1
22:40:55.0504 1224  \Device\Harddisk1\DR1\Partition1 - ok
22:40:55.0504 1224  [ 3CBE8891BB687280C9F9856F1DF925C3 ] \Device\Harddisk1\DR1\Partition2
22:40:55.0504 1224  \Device\Harddisk1\DR1\Partition2 - ok
22:40:55.0504 1224  ============================================================
22:40:55.0504 1224  Scan finished
22:40:55.0504 1224  ============================================================
22:40:55.0504 1176  Detected object count: 0
22:40:55.0504 1176  Actual detected object count: 0
22:40:59.0825 2044  Deinitialize success

18:19:50.0477 6404  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:19:51.0015 6404  ============================================================
18:19:51.0015 6404  Current date / time: 2012/11/29 18:19:51.0015
18:19:51.0015 6404  SystemInfo:
18:19:51.0015 6404  
18:19:51.0015 6404  OS Version: 6.1.7601 ServicePack: 1.0
18:19:51.0015 6404  Product type: Workstation
18:19:51.0015 6404  ComputerName: NATHAN-PC
18:19:51.0015 6404  UserName: Nathan
18:19:51.0015 6404  Windows directory: C:\Windows
18:19:51.0015 6404  System windows directory: C:\Windows
18:19:51.0015 6404  Running under WOW64
18:19:51.0015 6404  Processor architecture: Intel x64
18:19:51.0015 6404  Number of processors: 8
18:19:51.0015 6404  Page size: 0x1000
18:19:51.0015 6404  Boot type: Normal boot
18:19:51.0015 6404  ============================================================
18:19:51.0758 6404  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:19:51.0758 6404  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:19:51.0761 6404  ============================================================
18:19:51.0761 6404  \Device\Harddisk1\DR1:
18:19:51.0761 6404  MBR partitions:
18:19:51.0761 6404  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
18:19:51.0761 6404  \Device\Harddisk0\DR0:
18:19:51.0761 6404  MBR partitions:
18:19:51.0761 6404  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:19:51.0761 6404  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0000
18:19:51.0761 6404  ============================================================
18:19:51.0762 6404  C: <-> \Device\Harddisk0\DR0\Partition2
18:19:51.0784 6404  D: <-> \Device\Harddisk1\DR1\Partition1
18:19:51.0784 6404  ============================================================
18:19:51.0784 6404  Initialize success
18:19:51.0784 6404  ============================================================
18:20:22.0963 6612  ============================================================
18:20:22.0963 6612  Scan started
18:20:22.0963 6612  Mode: Manual; TDLFS; 
18:20:22.0963 6612  ============================================================
18:20:23.0722 6612  ================ Scan system memory ========================
18:20:23.0722 6612  System memory - ok
18:20:23.0722 6612  ================ Scan services =============================
18:20:23.0759 6612  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:20:23.0761 6612  1394ohci - ok
18:20:23.0765 6612  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:20:23.0767 6612  ACPI - ok
18:20:23.0769 6612  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:20:23.0770 6612  AcpiPmi - ok
18:20:23.0773 6612  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:20:23.0774 6612  AdobeARMservice - ok
18:20:23.0797 6612  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:20:23.0798 6612  AdobeFlashPlayerUpdateSvc - ok
18:20:23.0805 6612  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:20:23.0808 6612  adp94xx - ok
18:20:23.0812 6612  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:20:23.0814 6612  adpahci - ok
18:20:23.0818 6612  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:20:23.0819 6612  adpu320 - ok
18:20:23.0822 6612  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:20:23.0823 6612  AeLookupSvc - ok
18:20:23.0828 6612  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:20:23.0831 6612  AFD - ok
18:20:23.0833 6612  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:20:23.0834 6612  agp440 - ok
18:20:23.0836 6612  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:20:23.0837 6612  ALG - ok
18:20:23.0839 6612  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:20:23.0840 6612  aliide - ok
18:20:23.0842 6612  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:20:23.0842 6612  amdide - ok
18:20:23.0845 6612  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:20:23.0845 6612  AmdK8 - ok
18:20:23.0847 6612  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:20:23.0848 6612  AmdPPM - ok
18:20:23.0850 6612  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:20:23.0851 6612  amdsata - ok
18:20:23.0855 6612  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:20:23.0857 6612  amdsbs - ok
18:20:23.0859 6612  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:20:23.0859 6612  amdxata - ok
18:20:23.0861 6612  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:20:23.0862 6612  AppID - ok
18:20:23.0864 6612  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:20:23.0865 6612  AppIDSvc - ok
18:20:23.0867 6612  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
18:20:23.0868 6612  Appinfo - ok
18:20:23.0871 6612  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:20:23.0872 6612  Apple Mobile Device - ok
18:20:23.0875 6612  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:20:23.0876 6612  arc - ok
18:20:23.0878 6612  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:20:23.0879 6612  arcsas - ok
18:20:23.0888 6612  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:20:23.0890 6612  aspnet_state - ok
18:20:23.0892 6612  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:20:23.0892 6612  AsyncMac - ok
18:20:23.0894 6612  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:20:23.0894 6612  atapi - ok
18:20:23.0902 6612  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:20:23.0905 6612  AudioEndpointBuilder - ok
18:20:23.0910 6612  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:20:23.0913 6612  AudioSrv - ok
18:20:23.0916 6612  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
18:20:23.0916 6612  Avgfwfd - ok
18:20:23.0929 6612  [ 733D86815BEB34E2982BC7F561C35AE3 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
18:20:23.0936 6612  avgfws - ok
18:20:23.0973 6612  [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
18:20:24.0004 6612  AVGIDSAgent - ok
18:20:24.0009 6612  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:20:24.0010 6612  AVGIDSDriver - ok
18:20:24.0012 6612  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
18:20:24.0012 6612  AVGIDSHA - ok
18:20:24.0016 6612  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
18:20:24.0017 6612  Avgldx64 - ok
18:20:24.0021 6612  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
18:20:24.0022 6612  Avgloga - ok
18:20:24.0026 6612  [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
18:20:24.0027 6612  Avgmfx64 - ok
18:20:24.0029 6612  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
18:20:24.0029 6612  Avgrkx64 - ok
18:20:24.0033 6612  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
18:20:24.0034 6612  Avgtdia - ok
18:20:24.0037 6612  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
18:20:24.0038 6612  avgwd - ok
18:20:24.0041 6612  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:20:24.0042 6612  AxInstSV - ok
18:20:24.0047 6612  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:20:24.0050 6612  b06bdrv - ok
18:20:24.0054 6612  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:20:24.0056 6612  b57nd60a - ok
18:20:24.0059 6612  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:20:24.0060 6612  BDESVC - ok
18:20:24.0062 6612  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:20:24.0062 6612  Beep - ok
18:20:24.0069 6612  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:20:24.0073 6612  BFE - ok
18:20:24.0083 6612  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:20:24.0087 6612  BITS - ok
18:20:24.0089 6612  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:20:24.0090 6612  blbdrive - ok
18:20:24.0096 6612  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:20:24.0098 6612  Bonjour Service - ok
18:20:24.0101 6612  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:20:24.0102 6612  bowser - ok
18:20:24.0103 6612  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:20:24.0104 6612  BrFiltLo - ok
18:20:24.0106 6612  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:20:24.0107 6612  BrFiltUp - ok
18:20:24.0109 6612  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:20:24.0110 6612  Browser - ok
18:20:24.0114 6612  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:20:24.0116 6612  Brserid - ok
18:20:24.0118 6612  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:20:24.0119 6612  BrSerWdm - ok
18:20:24.0121 6612  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:20:24.0121 6612  BrUsbMdm - ok
18:20:24.0123 6612  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:20:24.0123 6612  BrUsbSer - ok
18:20:24.0126 6612  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:20:24.0126 6612  BTHMODEM - ok
18:20:24.0129 6612  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:20:24.0130 6612  bthserv - ok
18:20:24.0133 6612  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:20:24.0133 6612  cdfs - ok
18:20:24.0136 6612  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:20:24.0137 6612  cdrom - ok
18:20:24.0140 6612  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:20:24.0141 6612  CertPropSvc - ok
18:20:24.0143 6612  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:20:24.0144 6612  circlass - ok
18:20:24.0148 6612  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:20:24.0150 6612  CLFS - ok
18:20:24.0154 6612  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:20:24.0156 6612  clr_optimization_v2.0.50727_32 - ok
18:20:24.0160 6612  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:20:24.0161 6612  clr_optimization_v2.0.50727_64 - ok
18:20:24.0168 6612  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:20:24.0174 6612  clr_optimization_v4.0.30319_32 - ok
18:20:24.0177 6612  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:20:24.0180 6612  clr_optimization_v4.0.30319_64 - ok
18:20:24.0182 6612  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:20:24.0183 6612  CmBatt - ok
18:20:24.0184 6612  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:20:24.0185 6612  cmdide - ok
18:20:24.0190 6612  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:20:24.0193 6612  CNG - ok
18:20:24.0195 6612  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:20:24.0195 6612  Compbatt - ok
18:20:24.0197 6612  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:20:24.0198 6612  CompositeBus - ok
18:20:24.0199 6612  COMSysApp - ok
18:20:24.0201 6612  [ C08063F052308B6F5882482615387F30 ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
18:20:24.0202 6612  cpuz135 - ok
18:20:24.0204 6612  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:20:24.0204 6612  crcdisk - ok
18:20:24.0207 6612  [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
18:20:24.0208 6612  Creative ALchemy AL6 Licensing Service - ok
18:20:24.0210 6612  [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
18:20:24.0211 6612  Creative Audio Engine Licensing Service - ok
18:20:24.0215 6612  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:20:24.0217 6612  CryptSvc - ok
18:20:24.0221 6612  [ 7DAA33AAEE034AE62EF631A3F13A027B ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
18:20:24.0223 6612  CTAudSvcService - ok
18:20:24.0229 6612  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:20:24.0232 6612  DcomLaunch - ok
18:20:24.0237 6612  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:20:24.0239 6612  defragsvc - ok
18:20:24.0241 6612  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:20:24.0242 6612  DfsC - ok
18:20:24.0246 6612  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:20:24.0248 6612  Dhcp - ok
18:20:24.0250 6612  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:20:24.0251 6612  discache - ok
18:20:24.0253 6612  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:20:24.0253 6612  Disk - ok
18:20:24.0257 6612  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:20:24.0258 6612  Dnscache - ok
18:20:24.0262 6612  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:20:24.0264 6612  dot3svc - ok
18:20:24.0267 6612  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:20:24.0268 6612  DPS - ok
18:20:24.0270 6612  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:20:24.0270 6612  drmkaud - ok
18:20:24.0279 6612  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:20:24.0282 6612  DXGKrnl - ok
18:20:24.0285 6612  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:20:24.0286 6612  EapHost - ok
18:20:24.0308 6612  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:20:24.0324 6612  ebdrv - ok
18:20:24.0327 6612  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:20:24.0327 6612  EFS - ok
18:20:24.0336 6612  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:20:24.0340 6612  ehRecvr - ok
18:20:24.0342 6612  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:20:24.0343 6612  ehSched - ok
18:20:24.0349 6612  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:20:24.0352 6612  elxstor - ok
18:20:24.0355 6612  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:20:24.0355 6612  ErrDev - ok
18:20:24.0362 6612  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:20:24.0364 6612  EventSystem - ok
18:20:24.0367 6612  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:20:24.0369 6612  exfat - ok
18:20:24.0372 6612  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:20:24.0373 6612  fastfat - ok
18:20:24.0381 6612  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:20:24.0384 6612  Fax - ok
18:20:24.0387 6612  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:20:24.0388 6612  fdc - ok
18:20:24.0389 6612  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:20:24.0390 6612  fdPHost - ok
18:20:24.0392 6612  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:20:24.0393 6612  FDResPub - ok
18:20:24.0395 6612  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:20:24.0395 6612  FileInfo - ok
18:20:24.0398 6612  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:20:24.0398 6612  Filetrace - ok
18:20:24.0400 6612  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:20:24.0401 6612  flpydisk - ok
18:20:24.0405 6612  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:20:24.0406 6612  FltMgr - ok
18:20:24.0416 6612  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
18:20:24.0422 6612  FontCache - ok
18:20:24.0425 6612  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:20:24.0426 6612  FontCache3.0.0.0 - ok
18:20:24.0428 6612  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:20:24.0428 6612  FsDepends - ok
18:20:24.0430 6612  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:20:24.0431 6612  Fs_Rec - ok
18:20:24.0434 6612  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:20:24.0435 6612  fvevol - ok
18:20:24.0437 6612  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:20:24.0438 6612  gagp30kx - ok
18:20:24.0440 6612  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:20:24.0441 6612  GEARAspiWDM - ok
18:20:24.0449 6612  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:20:24.0453 6612  gpsvc - ok
18:20:24.0455 6612  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
18:20:24.0455 6612  hamachi - ok
18:20:24.0473 6612  [ A5963114373834D78782013BC803043E ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:20:24.0485 6612  Hamachi2Svc - ok
18:20:24.0488 6612  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:20:24.0488 6612  hcw85cir - ok
18:20:24.0493 6612  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:20:24.0495 6612  HdAudAddService - ok
18:20:24.0498 6612  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:20:24.0499 6612  HDAudBus - ok
18:20:24.0501 6612  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:20:24.0501 6612  HidBatt - ok
18:20:24.0504 6612  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:20:24.0505 6612  HidBth - ok
18:20:24.0507 6612  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:20:24.0508 6612  HidIr - ok
18:20:24.0509 6612  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:20:24.0510 6612  hidserv - ok
18:20:24.0512 6612  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:20:24.0513 6612  HidUsb - ok
18:20:24.0514 6612  [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36     C:\Windows\system32\drivers\hitmanpro36.sys
18:20:24.0515 6612  hitmanpro36 - ok
18:20:24.0517 6612  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:20:24.0518 6612  hkmsvc - ok
18:20:24.0522 6612  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:20:24.0523 6612  HomeGroupListener - ok
18:20:24.0527 6612  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:20:24.0528 6612  HomeGroupProvider - ok
18:20:24.0530 6612  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:20:24.0531 6612  HpSAMD - ok
18:20:24.0539 6612  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:20:24.0543 6612  HTTP - ok
18:20:24.0545 6612  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:20:24.0545 6612  hwpolicy - ok
18:20:24.0547 6612  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:20:24.0548 6612  i8042prt - ok
18:20:24.0554 6612  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:20:24.0557 6612  iaStorV - ok
18:20:24.0565 6612  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:20:24.0570 6612  idsvc - ok
18:20:24.0572 6612  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:20:24.0573 6612  iirsp - ok
18:20:24.0581 6612  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:20:24.0586 6612  IKEEXT - ok
18:20:24.0593 6612  [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:20:24.0597 6612  Intel(R) Capability Licensing Service Interface - ok
18:20:24.0599 6612  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:20:24.0599 6612  intelide - ok
18:20:24.0602 6612  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:20:24.0602 6612  intelppm - ok
18:20:24.0604 6612  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:20:24.0606 6612  IPBusEnum - ok
18:20:24.0608 6612  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:20:24.0609 6612  IpFilterDriver - ok
18:20:24.0611 6612  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:20:24.0612 6612  IPMIDRV - ok
18:20:24.0614 6612  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:20:24.0615 6612  IPNAT - ok
18:20:24.0622 6612  [ B474C756C13960793C7583B766F904C4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:20:24.0624 6612  iPod Service - ok
18:20:24.0626 6612  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:20:24.0627 6612  IRENUM - ok
18:20:24.0629 6612  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:20:24.0629 6612  isapnp - ok
18:20:24.0633 6612  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:20:24.0635 6612  iScsiPrt - ok
18:20:24.0637 6612  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:20:24.0637 6612  iusb3hcs - ok
18:20:24.0642 6612  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:20:24.0643 6612  iusb3hub - ok
18:20:24.0651 6612  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:20:24.0653 6612  iusb3xhc - ok
18:20:24.0657 6612  [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:20:24.0658 6612  jhi_service - ok
18:20:24.0660 6612  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:20:24.0661 6612  kbdclass - ok
18:20:24.0663 6612  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:20:24.0663 6612  kbdhid - ok
18:20:24.0665 6612  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:20:24.0665 6612  KeyIso - ok
18:20:24.0676 6612  [ 64801398A9EA492548703CC5F0109F87 ] ksaud           C:\Windows\system32\drivers\ksaud.sys
18:20:24.0682 6612  ksaud - ok
18:20:24.0684 6612  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:20:24.0685 6612  KSecDD - ok
18:20:24.0689 6612  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:20:24.0690 6612  KSecPkg - ok
18:20:24.0692 6612  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:20:24.0692 6612  ksthunk - ok
18:20:24.0697 6612  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:20:24.0699 6612  KtmRm - ok
18:20:24.0702 6612  [ B8040D3B97B16B89701E31A17353856C ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:20:24.0703 6612  L1C - ok
18:20:24.0706 6612  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:20:24.0708 6612  LanmanServer - ok
18:20:24.0710 6612  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:20:24.0712 6612  LanmanWorkstation - ok
18:20:24.0715 6612  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:20:24.0716 6612  lltdio - ok
18:20:24.0720 6612  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:20:24.0722 6612  lltdsvc - ok
18:20:24.0724 6612  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:20:24.0724 6612  lmhosts - ok
18:20:24.0726 6612  LMIGuardianSvc - ok
18:20:24.0730 6612  lmimirr - ok
18:20:24.0735 6612  [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:20:24.0736 6612  LMS - ok
18:20:24.0739 6612  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:20:24.0740 6612  LSI_FC - ok
18:20:24.0743 6612  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:20:24.0744 6612  LSI_SAS - ok
18:20:24.0746 6612  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:20:24.0747 6612  LSI_SAS2 - ok
18:20:24.0749 6612  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:20:24.0750 6612  LSI_SCSI - ok
18:20:24.0752 6612  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:20:24.0753 6612  luafv - ok
18:20:24.0756 6612  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:20:24.0756 6612  MBAMProtector - ok
18:20:24.0761 6612  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:20:24.0763 6612  MBAMScheduler - ok
18:20:24.0770 6612  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:20:24.0773 6612  MBAMService - ok
18:20:24.0777 6612  [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
18:20:24.0784 6612  mcdbus - ok
18:20:24.0787 6612  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:20:24.0788 6612  Mcx2Svc - ok
18:20:24.0790 6612  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:20:24.0791 6612  megasas - ok
18:20:24.0795 6612  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:20:24.0797 6612  MegaSR - ok
18:20:24.0799 6612  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:20:24.0800 6612  MEIx64 - ok
18:20:24.0802 6612  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:20:24.0803 6612  MMCSS - ok
18:20:24.0805 6612  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:20:24.0805 6612  Modem - ok
18:20:24.0807 6612  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:20:24.0808 6612  monitor - ok
18:20:24.0809 6612  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:20:24.0810 6612  mouclass - ok
18:20:24.0812 6612  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:20:24.0812 6612  mouhid - ok
18:20:24.0814 6612  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:20:24.0815 6612  mountmgr - ok
18:20:24.0817 6612  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:20:24.0819 6612  MozillaMaintenance - ok
18:20:24.0821 6612  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:20:24.0823 6612  mpio - ok
18:20:24.0825 6612  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:20:24.0826 6612  mpsdrv - ok
18:20:24.0834 6612  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:20:24.0838 6612  MpsSvc - ok
18:20:24.0842 6612  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:20:24.0843 6612  MRxDAV - ok
18:20:24.0846 6612  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:20:24.0847 6612  mrxsmb - ok
18:20:24.0851 6612  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:20:24.0852 6612  mrxsmb10 - ok
18:20:24.0856 6612  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:20:24.0857 6612  mrxsmb20 - ok
18:20:24.0859 6612  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:20:24.0859 6612  msahci - ok
18:20:24.0862 6612  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:20:24.0863 6612  msdsm - ok
18:20:24.0866 6612  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:20:24.0867 6612  MSDTC - ok
18:20:24.0870 6612  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:20:24.0871 6612  Msfs - ok
18:20:24.0873 6612  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:20:24.0873 6612  mshidkmdf - ok
18:20:24.0875 6612  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:20:24.0875 6612  msisadrv - ok
18:20:24.0878 6612  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:20:24.0880 6612  MSiSCSI - ok
18:20:24.0881 6612  msiserver - ok
18:20:24.0883 6612  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:20:24.0884 6612  MSKSSRV - ok
18:20:24.0885 6612  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:20:24.0886 6612  MSPCLOCK - ok
18:20:24.0888 6612  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:20:24.0888 6612  MSPQM - ok
18:20:24.0893 6612  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:20:24.0895 6612  MsRPC - ok
18:20:24.0898 6612  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:20:24.0898 6612  mssmbios - ok
18:20:24.0900 6612  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:20:24.0900 6612  MSTEE - ok
18:20:24.0902 6612  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:20:24.0903 6612  MTConfig - ok
18:20:24.0905 6612  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:20:24.0906 6612  Mup - ok
18:20:24.0911 6612  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:20:24.0914 6612  napagent - ok
18:20:24.0918 6612  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:20:24.0920 6612  NativeWifiP - ok
18:20:24.0930 6612  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:20:24.0934 6612  NDIS - ok
18:20:24.0937 6612  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:20:24.0937 6612  NdisCap - ok
18:20:24.0939 6612  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:20:24.0940 6612  NdisTapi - ok
18:20:24.0942 6612  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:20:24.0943 6612  Ndisuio - ok
18:20:24.0946 6612  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:20:24.0947 6612  NdisWan - ok
18:20:24.0949 6612  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:20:24.0949 6612  NDProxy - ok
18:20:24.0951 6612  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:20:24.0952 6612  NetBIOS - ok
18:20:24.0956 6612  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:20:24.0957 6612  NetBT - ok
18:20:24.0959 6612  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:20:24.0960 6612  Netlogon - ok
18:20:24.0964 6612  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:20:24.0967 6612  Netman - ok
18:20:24.0969 6612  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:24.0972 6612  NetMsmqActivator - ok
18:20:24.0974 6612  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:24.0975 6612  NetPipeActivator - ok
18:20:24.0980 6612  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:20:24.0983 6612  netprofm - ok
18:20:24.0985 6612  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:24.0986 6612  NetTcpActivator - ok
18:20:24.0988 6612  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:20:24.0988 6612  NetTcpPortSharing - ok
18:20:24.0990 6612  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:20:24.0991 6612  nfrd960 - ok
18:20:24.0995 6612  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:20:24.0998 6612  NlaSvc - ok
18:20:24.0999 6612  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:20:25.0000 6612  Npfs - ok
18:20:25.0002 6612  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:20:25.0003 6612  nsi - ok
18:20:25.0004 6612  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:20:25.0005 6612  nsiproxy - ok
18:20:25.0018 6612  [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:20:25.0026 6612  Ntfs - ok
18:20:25.0029 6612  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:20:25.0029 6612  Null - ok
18:20:25.0032 6612  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:20:25.0033 6612  NVHDA - ok
18:20:25.0099 6612  [ F67DE5315B4AB7B3F49D857E0592017C ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:20:25.0134 6612  nvlddmkm - ok
18:20:25.0139 6612  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:20:25.0141 6612  nvraid - ok
18:20:25.0144 6612  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:20:25.0146 6612  nvstor - ok
18:20:25.0154 6612  [ CAA0BE3CCACEB136BF575EA70121DB93 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:20:25.0159 6612  nvsvc - ok
18:20:25.0170 6612  [ E31EAECDCF2F7A9174F3730E64CCC6FD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:20:25.0174 6612  nvUpdatusService - ok
18:20:25.0177 6612  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:20:25.0179 6612  nv_agp - ok
18:20:25.0181 6612  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:20:25.0182 6612  ohci1394 - ok
18:20:25.0186 6612  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:20:25.0188 6612  p2pimsvc - ok
18:20:25.0194 6612  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:20:25.0197 6612  p2psvc - ok
18:20:25.0200 6612  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:20:25.0201 6612  Parport - ok
18:20:25.0203 6612  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:20:25.0204 6612  partmgr - ok
18:20:25.0207 6612  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:20:25.0209 6612  PcaSvc - ok
18:20:25.0212 6612  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:20:25.0213 6612  pci - ok
18:20:25.0215 6612  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:20:25.0216 6612  pciide - ok
18:20:25.0219 6612  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:20:25.0221 6612  pcmcia - ok
18:20:25.0223 6612  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:20:25.0223 6612  pcw - ok
18:20:25.0230 6612  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:20:25.0233 6612  PEAUTH - ok
18:20:25.0255 6612  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:20:25.0256 6612  PerfHost - ok
18:20:25.0270 6612  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:20:25.0278 6612  pla - ok
18:20:25.0283 6612  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:20:25.0286 6612  PlugPlay - ok
18:20:25.0288 6612  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:20:25.0289 6612  PNRPAutoReg - ok
18:20:25.0293 6612  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:20:25.0294 6612  PNRPsvc - ok
18:20:25.0300 6612  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:20:25.0303 6612  PolicyAgent - ok
18:20:25.0307 6612  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:20:25.0308 6612  Power - ok
18:20:25.0311 6612  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:20:25.0312 6612  PptpMiniport - ok
18:20:25.0314 6612  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:20:25.0315 6612  Processor - ok
18:20:25.0319 6612  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
18:20:25.0320 6612  ProfSvc - ok
18:20:25.0322 6612  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:20:25.0323 6612  ProtectedStorage - ok
18:20:25.0326 6612  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:20:25.0327 6612  Psched - ok
18:20:25.0339 6612  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:20:25.0346 6612  ql2300 - ok
18:20:25.0349 6612  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:20:25.0350 6612  ql40xx - ok
18:20:25.0354 6612  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:20:25.0356 6612  QWAVE - ok
18:20:25.0358 6612  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:20:25.0358 6612  QWAVEdrv - ok
18:20:25.0360 6612  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:20:25.0361 6612  RasAcd - ok
18:20:25.0363 6612  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:20:25.0364 6612  RasAgileVpn - ok
18:20:25.0366 6612  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:20:25.0367 6612  RasAuto - ok
18:20:25.0371 6612  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:20:25.0372 6612  Rasl2tp - ok
18:20:25.0376 6612  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:20:25.0379 6612  RasMan - ok
18:20:25.0381 6612  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:20:25.0382 6612  RasPppoe - ok
18:20:25.0384 6612  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:20:25.0385 6612  RasSstp - ok
18:20:25.0390 6612  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:20:25.0392 6612  rdbss - ok
18:20:25.0394 6612  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:20:25.0395 6612  rdpbus - ok
18:20:25.0397 6612  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:20:25.0397 6612  RDPCDD - ok
18:20:25.0400 6612  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:20:25.0400 6612  RDPENCDD - ok
18:20:25.0403 6612  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:20:25.0403 6612  RDPREFMP - ok
18:20:25.0406 6612  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:20:25.0408 6612  RDPWD - ok
18:20:25.0411 6612  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:20:25.0413 6612  rdyboost - ok
18:20:25.0415 6612  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:20:25.0417 6612  RemoteAccess - ok
18:20:25.0420 6612  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:20:25.0421 6612  RemoteRegistry - ok
18:20:25.0424 6612  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:20:25.0425 6612  RpcEptMapper - ok
18:20:25.0427 6612  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:20:25.0427 6612  RpcLocator - ok
18:20:25.0433 6612  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:20:25.0435 6612  RpcSs - ok
18:20:25.0437 6612  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:20:25.0438 6612  rspndr - ok
18:20:25.0440 6612  [ 87D5781DFF8AC2EF9BD41B60023BAC50 ] RTCore64        C:\Program Files (x86)\EVGA Precision X\RTCore64.sys
18:20:25.0440 6612  RTCore64 - ok
18:20:25.0443 6612  [ 45C74BA1D62DFA8B9A1AF48689C99DAF ] rzendpt         C:\Windows\system32\DRIVERS\rzendpt.sys
18:20:25.0443 6612  rzendpt - ok
18:20:25.0446 6612  [ 4A7F736E0DA669E5D67B7D6787A2CD69 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
18:20:25.0447 6612  rzudd - ok
18:20:25.0449 6612  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:20:25.0449 6612  SamSs - ok
18:20:25.0451 6612  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:20:25.0452 6612  sbp2port - ok
18:20:25.0456 6612  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:20:25.0457 6612  SCardSvr - ok
18:20:25.0460 6612  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:20:25.0460 6612  scfilter - ok
18:20:25.0470 6612  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:20:25.0476 6612  Schedule - ok
18:20:25.0478 6612  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:20:25.0479 6612  SCPolicySvc - ok
18:20:25.0482 6612  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:20:25.0484 6612  SDRSVC - ok
18:20:25.0486 6612  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:20:25.0486 6612  secdrv - ok
18:20:25.0488 6612  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:20:25.0489 6612  seclogon - ok
18:20:25.0491 6612  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:20:25.0492 6612  SENS - ok
18:20:25.0494 6612  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:20:25.0495 6612  SensrSvc - ok
18:20:25.0497 6612  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:20:25.0498 6612  Serenum - ok
18:20:25.0500 6612  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:20:25.0501 6612  Serial - ok
18:20:25.0503 6612  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:20:25.0504 6612  sermouse - ok
18:20:25.0509 6612  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:20:25.0510 6612  SessionEnv - ok
18:20:25.0512 6612  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:20:25.0513 6612  sffdisk - ok
18:20:25.0514 6612  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:20:25.0515 6612  sffp_mmc - ok
18:20:25.0516 6612  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:20:25.0517 6612  sffp_sd - ok
18:20:25.0519 6612  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:20:25.0519 6612  sfloppy - ok
18:20:25.0525 6612  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:20:25.0528 6612  SharedAccess - ok
18:20:25.0533 6612  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:20:25.0535 6612  ShellHWDetection - ok
18:20:25.0537 6612  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:20:25.0538 6612  SiSRaid2 - ok
18:20:25.0540 6612  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:20:25.0541 6612  SiSRaid4 - ok
18:20:25.0570 6612  [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:20:25.0587 6612  Skype C2C Service - ok
18:20:25.0591 6612  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:20:25.0592 6612  SkypeUpdate - ok
18:20:25.0594 6612  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:20:25.0595 6612  Smb - ok
18:20:25.0599 6612  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:20:25.0600 6612  SNMPTRAP - ok
18:20:25.0601 6612  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:20:25.0602 6612  spldr - ok
18:20:25.0608 6612  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
18:20:25.0612 6612  Spooler - ok
18:20:25.0635 6612  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:20:25.0653 6612  sppsvc - ok
18:20:25.0656 6612  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:20:25.0657 6612  sppuinotify - ok
18:20:25.0662 6612  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:20:25.0665 6612  srv - ok
18:20:25.0670 6612  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:20:25.0672 6612  srv2 - ok
18:20:25.0675 6612  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:20:25.0677 6612  srvnet - ok
18:20:25.0680 6612  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:20:25.0682 6612  SSDPSRV - ok
18:20:25.0684 6612  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:20:25.0685 6612  SstpSvc - ok
18:20:25.0687 6612  Steam Client Service - ok
18:20:25.0690 6612  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:20:25.0690 6612  stexstor - ok
18:20:25.0697 6612  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:20:25.0701 6612  stisvc - ok
18:20:25.0703 6612  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:20:25.0703 6612  swenum - ok
18:20:25.0709 6612  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:20:25.0712 6612  swprv - ok
18:20:25.0725 6612  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:20:25.0735 6612  SysMain - ok
18:20:25.0738 6612  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:20:25.0739 6612  TabletInputService - ok
18:20:25.0743 6612  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:20:25.0746 6612  TapiSrv - ok
18:20:25.0748 6612  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:20:25.0749 6612  TBS - ok
18:20:25.0763 6612  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:20:25.0773 6612  Tcpip - ok
18:20:25.0785 6612  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:20:25.0791 6612  TCPIP6 - ok
18:20:25.0795 6612  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:20:25.0795 6612  tcpipreg - ok
18:20:25.0798 6612  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:20:25.0799 6612  TDPIPE - ok
18:20:25.0800 6612  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:20:25.0801 6612  TDTCP - ok
18:20:25.0804 6612  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:20:25.0805 6612  tdx - ok
18:20:25.0807 6612  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:20:25.0807 6612  TermDD - ok
18:20:25.0814 6612  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:20:25.0818 6612  TermService - ok
18:20:25.0821 6612  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:20:25.0822 6612  Themes - ok
18:20:25.0824 6612  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:20:25.0825 6612  THREADORDER - ok
18:20:25.0827 6612  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:20:25.0829 6612  TrkWks - ok
18:20:25.0832 6612  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:20:25.0832 6612  TrustedInstaller - ok
18:20:25.0835 6612  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:20:25.0836 6612  tssecsrv - ok
18:20:25.0838 6612  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:20:25.0839 6612  TsUsbFlt - ok
18:20:25.0841 6612  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:20:25.0842 6612  tunnel - ok
18:20:25.0845 6612  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:20:25.0845 6612  uagp35 - ok
18:20:25.0850 6612  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:20:25.0852 6612  udfs - ok
18:20:25.0855 6612  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:20:25.0856 6612  UI0Detect - ok
18:20:25.0859 6612  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:20:25.0860 6612  uliagpkx - ok
18:20:25.0862 6612  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
18:20:25.0862 6612  umbus - ok
18:20:25.0864 6612  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:20:25.0865 6612  UmPass - ok
18:20:25.0870 6612  [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:20:25.0871 6612  UNS - ok
18:20:25.0876 6612  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:20:25.0879 6612  upnphost - ok
18:20:25.0881 6612  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:20:25.0882 6612  USBAAPL64 - ok
18:20:25.0884 6612  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:20:25.0885 6612  usbaudio - ok
18:20:25.0888 6612  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:20:25.0889 6612  usbccgp - ok
18:20:25.0891 6612  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:20:25.0892 6612  usbcir - ok
18:20:25.0894 6612  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:20:25.0895 6612  usbehci - ok
18:20:25.0899 6612  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
18:20:25.0901 6612  usbhub - ok
18:20:25.0903 6612  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:20:25.0904 6612  usbohci - ok
18:20:25.0906 6612  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:20:25.0906 6612  usbprint - ok
18:20:25.0909 6612  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
18:20:25.0910 6612  USBSTOR - ok
18:20:25.0912 6612  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:20:25.0912 6612  usbuhci - ok
18:20:25.0914 6612  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:20:25.0915 6612  UxSms - ok
18:20:25.0917 6612  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:20:25.0918 6612  VaultSvc - ok
18:20:25.0920 6612  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
18:20:25.0920 6612  VClone - ok
18:20:25.0922 6612  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:20:25.0923 6612  vdrvroot - ok
18:20:25.0929 6612  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:20:25.0932 6612  vds - ok
18:20:25.0934 6612  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:20:25.0935 6612  vga - ok
18:20:25.0937 6612  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:20:25.0937 6612  VgaSave - ok
18:20:25.0941 6612  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:20:25.0942 6612  vhdmp - ok
18:20:25.0959 6612  [ E8AF45C4FE2457D003E1842806F38748 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
18:20:25.0966 6612  VIAHdAudAddService - ok
18:20:25.0969 6612  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:20:25.0969 6612  viaide - ok
18:20:25.0971 6612  [ 05D6657A9CCFD269D05D41BFFDCE9498 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
18:20:25.0972 6612  VIAKaraokeService - ok
18:20:25.0974 6612  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:20:25.0975 6612  volmgr - ok
18:20:25.0979 6612  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:20:25.0981 6612  volmgrx - ok
18:20:25.0985 6612  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:20:25.0987 6612  volsnap - ok
18:20:25.0990 6612  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:20:25.0991 6612  vsmraid - ok
18:20:26.0004 6612  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:20:26.0012 6612  VSS - ok
18:20:26.0015 6612  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:20:26.0015 6612  vwifibus - ok
18:20:26.0020 6612  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:20:26.0023 6612  W32Time - ok
18:20:26.0026 6612  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:20:26.0026 6612  WacomPen - ok
18:20:26.0029 6612  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:20:26.0030 6612  WANARP - ok
18:20:26.0031 6612  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:20:26.0032 6612  Wanarpv6 - ok
18:20:26.0042 6612  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:20:26.0049 6612  WatAdminSvc - ok
18:20:26.0062 6612  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:20:26.0070 6612  wbengine - ok
18:20:26.0074 6612  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:20:26.0076 6612  WbioSrvc - ok
18:20:26.0081 6612  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:20:26.0083 6612  wcncsvc - ok
18:20:26.0085 6612  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:20:26.0087 6612  WcsPlugInService - ok
18:20:26.0088 6612  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:20:26.0089 6612  Wd - ok
18:20:26.0095 6612  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:20:26.0099 6612  Wdf01000 - ok
18:20:26.0101 6612  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:20:26.0103 6612  WdiServiceHost - ok
18:20:26.0104 6612  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:20:26.0105 6612  WdiSystemHost - ok
18:20:26.0108 6612  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:20:26.0110 6612  WebClient - ok
18:20:26.0114 6612  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:20:26.0116 6612  Wecsvc - ok
18:20:26.0118 6612  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:20:26.0120 6612  wercplsupport - ok
18:20:26.0122 6612  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:20:26.0123 6612  WerSvc - ok
18:20:26.0125 6612  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:20:26.0126 6612  WfpLwf - ok
18:20:26.0127 6612  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:20:26.0128 6612  WIMMount - ok
18:20:26.0131 6612  WinDefend - ok
18:20:26.0134 6612  WinHttpAutoProxySvc - ok
18:20:26.0140 6612  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:20:26.0142 6612  Winmgmt - ok
18:20:26.0156 6612  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:20:26.0167 6612  WinRM - ok
18:20:26.0172 6612  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:20:26.0173 6612  WinUsb - ok
18:20:26.0183 6612  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:20:26.0189 6612  Wlansvc - ok
18:20:26.0191 6612  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:20:26.0191 6612  WmiAcpi - ok
18:20:26.0195 6612  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:20:26.0197 6612  wmiApSrv - ok
18:20:26.0198 6612  WMPNetworkSvc - ok
18:20:26.0200 6612  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:20:26.0202 6612  WPCSvc - ok
18:20:26.0204 6612  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:20:26.0206 6612  WPDBusEnum - ok
18:20:26.0208 6612  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:20:26.0208 6612  ws2ifsl - ok
18:20:26.0211 6612  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:20:26.0213 6612  wscsvc - ok
18:20:26.0214 6612  WSearch - ok
18:20:26.0233 6612  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:20:26.0246 6612  wuauserv - ok
18:20:26.0249 6612  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:20:26.0250 6612  WudfPf - ok
18:20:26.0254 6612  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:20:26.0255 6612  WUDFRd - ok
18:20:26.0257 6612  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:20:26.0259 6612  wudfsvc - ok
18:20:26.0262 6612  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:20:26.0264 6612  WwanSvc - ok
18:20:26.0268 6612  ================ Scan global ===============================
18:20:26.0269 6612  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:20:26.0273 6612  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:20:26.0277 6612  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:20:26.0280 6612  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:20:26.0285 6612  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:20:26.0287 6612  [Global] - ok
18:20:26.0287 6612  ================ Scan MBR ==================================
18:20:26.0302 6612  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:20:26.0533 6612  \Device\Harddisk1\DR1 - ok
18:20:26.0535 6612  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:20:26.0535 6612  Suspicious mbr (Forged): \Device\Harddisk0\DR0
18:20:26.0536 6612  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:20:26.0536 6612  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:20:26.0547 6612  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:20:26.0547 6612  \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:20:26.0547 6612  ================ Scan VBR ==================================
18:20:26.0548 6612  [ B915A1D0325698CD1E8BC8471C2E9D4B ] \Device\Harddisk1\DR1\Partition1
18:20:26.0549 6612  \Device\Harddisk1\DR1\Partition1 - ok
18:20:26.0550 6612  [ 6DE8B0AE870EB4E1465532559B296B1C ] \Device\Harddisk0\DR0\Partition1
18:20:26.0551 6612  \Device\Harddisk0\DR0\Partition1 - ok
18:20:26.0552 6612  [ 3CBE8891BB687280C9F9856F1DF925C3 ] \Device\Harddisk0\DR0\Partition2
18:20:26.0553 6612  \Device\Harddisk0\DR0\Partition2 - ok
18:20:26.0553 6612  ============================================================
18:20:26.0553 6612  Scan finished
18:20:26.0553 6612  ============================================================
18:20:26.0557 6604  Detected object count: 2
18:20:26.0557 6604  Actual detected object count: 2
18:20:48.0595 6604  \Device\Harddisk0\DR0\# - copied to quarantine
18:20:48.0595 6604  \Device\Harddisk0\DR0 - copied to quarantine
18:20:48.0612 6604  \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:20:48.0612 6604  \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:20:48.0617 6604  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:20:48.0620 6604  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:20:48.0621 6604  \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:20:48.0621 6604  \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:20:48.0622 6604  \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:20:48.0623 6604  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:20:48.0624 6604  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:20:48.0624 6604  \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:20:48.0625 6604  \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:20:48.0625 6604  \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
18:20:48.0629 6604  \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
18:20:48.0631 6604  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
18:20:48.0631 6604  \Device\Harddisk0\DR0 - ok
18:20:49.0376 6604  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 
18:20:49.0376 6604  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:20:49.0376 6604  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
18:20:56.0625 6328  Deinitialize success

18:22:06.0049 3708  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:22:06.0759 3708  ============================================================
18:22:06.0759 3708  Current date / time: 2012/11/29 18:22:06.0759
18:22:06.0759 3708  SystemInfo:
18:22:06.0759 3708  
18:22:06.0759 3708  OS Version: 6.1.7601 ServicePack: 1.0
18:22:06.0759 3708  Product type: Workstation
18:22:06.0759 3708  ComputerName: NATHAN-PC
18:22:06.0759 3708  UserName: Nathan
18:22:06.0759 3708  Windows directory: C:\Windows
18:22:06.0759 3708  System windows directory: C:\Windows
18:22:06.0759 3708  Running under WOW64
18:22:06.0759 3708  Processor architecture: Intel x64
18:22:06.0759 3708  Number of processors: 8
18:22:06.0759 3708  Page size: 0x1000
18:22:06.0759 3708  Boot type: Normal boot
18:22:06.0759 3708  ============================================================
18:22:06.0939 3708  BG loaded
18:22:07.0269 3708  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:22:07.0269 3708  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:22:07.0269 3708  ============================================================
18:22:07.0269 3708  \Device\Harddisk1\DR1:
18:22:07.0269 3708  MBR partitions:
18:22:07.0269 3708  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
18:22:07.0269 3708  \Device\Harddisk0\DR0:
18:22:07.0269 3708  MBR partitions:
18:22:07.0269 3708  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:22:07.0269 3708  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0000
18:22:07.0269 3708  ============================================================
18:22:07.0269 3708  C: <-> \Device\Harddisk0\DR0\Partition2
18:22:07.0299 3708  D: <-> \Device\Harddisk1\DR1\Partition1
18:22:07.0299 3708  ============================================================
18:22:07.0299 3708  Initialize success
18:22:07.0299 3708  ============================================================
18:22:13.0341 1316  Deinitialize success

C:\TDSSKiller_Quarantine\29.11.2012_18.19.51\mbr0000\tdlfs0000\tsk0000.dta	a variant of Win32/Olmarik.AYI trojan	cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.11.2012_18.19.51\mbr0000\tdlfs0000\tsk0001.dta	Win64/Olmarik.AK trojan	cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.11.2012_18.19.51\mbr0000\tdlfs0000\tsk0002.dta	a variant of Win32/Rootkit.Kryptik.PR trojan	cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.11.2012_18.19.51\mbr0000\tdlfs0000\tsk0003.dta	Win64/Olmarik.AK trojan	cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.11.2012_18.19.51\mbr0000\tdlfs0000\tsk0007.dta	Win32/Olmarik.AFK trojan	cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.11.2012_18.19.51\mbr0000\tdlfs0000\tsk0008.dta	Win64/Olmarik.AK trojan	cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.11.2012_18.19.51\mbr0000\tdlfs0000\tsk0012.dta	a variant of Win32/Olmarik.AYI trojan	cleaned by deleting - quarantined
C:\Users\Nathan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\74aa4b68-44d07339	a variant of Java/Exploit.CVE-2012-4681.AN trojan	deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\21M6LSZL\cat-and-dolphin-playing-together[1].htm	HTML/ScrInject.B.Gen virus	deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4YFJTGMS\favorites[1].htm	HTML/Iframe.B.Gen virus	deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\805ND4H1\nom-nom-nom-cat[1].htm	HTML/ScrInject.B.Gen virus	deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DDAG154R\cat-and-dolphin-playing-together[1].htm	HTML/ScrInject.B.Gen virus	deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IFCBDRAU\favorites[1].htm	HTML/Iframe.B.Gen virus	deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBTEKSWV\iframe3[1].htm	HTML/ScrInject.B.Gen virus	deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBTEKSWV\kitty-goes-crazy-for-laser[1].htm	HTML/ScrInject.B.Gen virus	deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XM0UBQPD\contact-us[1].htm	HTML/Iframe.B.Gen virus	deleted - quarantined


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:19 AM

Posted 29 November 2012 - 08:48 PM

Ok, good scans,, lots of bad stuff.. After ESET please rerun TDSS and change the option on these to Cure or Delete.
18:20:49.0376 6604 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:20:49.0376 6604 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


And then it apears we need to run... aswMBR
Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Also run TFC as files of this are dropped in the Temp folder.
Please download TFC (Temp File Cleaner) by Old Timer and save it to your desktop.
alternate download link
  • Save any unsaved work. TFC will close ALL open programs including your browser!
  • Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • TFC will clear out all temp folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Note: It is normal for the computer to be slow to boot after running TFC cleaner the first time.

Edited by boopme, 29 November 2012 - 08:58 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Frobond

Frobond
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 29 November 2012 - 11:33 PM

sorry for the delay life has a way of getting in the way from time to time

here are the logs for aswmbr

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-29 20:56:48
-----------------------------
20:56:48.541    OS Version: Windows x64 6.1.7601 Service Pack 1
20:56:48.541    Number of processors: 8 586 0x3A09
20:56:48.541    ComputerName: NATHAN-PC  UserName: Nathan
20:56:48.724    Initialize success
20:57:50.955    AVAST engine defs: 12112901
20:57:56.513    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
20:57:56.514    Disk 0 Vendor:   Size: 0MB BusType: 0
20:57:56.515    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
20:57:56.516    Disk 1 Vendor:   Size: 0MB BusType: 0
20:57:56.518    Disk 0 MBR read successfully
20:57:56.519    Disk 0 MBR scan
20:57:56.521    Disk 0 Windows 7 default MBR code
20:57:56.523    Disk 0 MBR hidden
20:57:56.525    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
20:57:56.528    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       244096 MB offset 206848
20:57:56.532    Disk 0 scanning C:\Windows\system32\drivers
20:57:58.532    Service scanning
20:58:03.574    Modules scanning
20:58:03.579    Disk 0 trace - called modules:
20:58:03.582    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
20:58:03.584    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006f9b790]
20:58:03.586    3 CLASSPNP.SYS[fffff8800185d43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8006d6b680]
20:58:03.786    AVAST engine scan C:\Windows
20:58:04.150    AVAST engine scan C:\Windows\system32
20:59:01.661    AVAST engine scan C:\Windows\system32\drivers
20:59:04.193    AVAST engine scan C:\Users\Nathan
20:59:57.786    AVAST engine scan C:\ProgramData
21:00:00.492    Scan finished successfully
21:00:08.701    Disk 0 MBR has been saved successfully to "C:\Users\Nathan\Desktop\MBR.dat"
21:00:08.704    The log file has been saved successfully to "C:\Users\Nathan\Desktop\aswMBR.txt"


#7 Frobond

Frobond
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:19 AM

Posted 30 November 2012 - 05:40 PM

hope is not against forums rules but wanted to see if their where more instructions i needed to do or if im free and clear now...

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,565 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:19 AM

Posted 30 November 2012 - 09:28 PM

If there are no issues... Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users