Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Concerned that I may have a Rootkit/Bootkit


  • This topic is locked This topic is locked
17 replies to this topic

#1 scomatt9

scomatt9

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 04 January 2013 - 03:55 PM

A couple of years ago, I was having a lot of problems with my computer that clearly represented a nasty virus had taken hold - sluggish performance, google redirects, etc. After several attempts, I finally believe that I had eliminated all of the infections and I moved on with my life. Everything was (mostly) back to normal except that I felt my computer never really went back to its "optimal performance" and I would occasionally have issues at boot, especially if booting back up from sleep mode. The message would usually say "Disk Read Error. Clt + Alt + Del to Retry." After a few frustrating attempts, my computer would eventually boot. This past weekend, I installed Windows 8 and upon trying to get my PC out of sleep mode, it of course, happened again! Only this time, it was quite a bit harder to start as Win 8 kept insisting that there was a bigger error involving the kernal. Unfortunately, I did not write down the exact error message, but it seems that its logged in the DDS file, so hopefully that has the necessary info (I'm afraid to restart my computer in the meantime, as it was starting to seem like it would never boot again last time.) To make a long story short, I believe that my original virus problem was a Rootkit/Bootkit and I'm afraid that there is still some part of it lingering around (or perhaps I just have a faulty harddrive?) Anyway, all help would be much appreciated. Thanks!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16384
Run by Matthew at 14:42:37 on 2013-01-04
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.3839.1574 [GMT -8:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\lxbxcoms.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lexmark 7100 Series\lxbxmon.exe
C:\Program Files (x86)\Lexmark 7100 Series\ezprint.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskhost.exe
C:\Program Files\WindowsApps\ZinioLLC.Zinio_1.3.0.0_x64__0q6dqzpp40p2e\ZinioReaderWin8.exe
C:\WINDOWS\system32\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=type=W3i_SP,204,0_0,StartPage,20120522,17117,0,18,0
mWinlogon: Userinit = userinit.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{A8E3BE92-04E9-4BD2-8F28-014BC71D2C77} : DHCPNameServer = 192.168.2.1
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=1111&m=dx4200-09
x64-Run: [LXBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\x64\3\LXBXtime.dll,RunDLLEntry
x64-Run: [lxbxmon.exe] "C:\Program Files (x86)\Lexmark 7100 Series\lxbxmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark 7100 Series\ezprint.exe"
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;C:\WINDOWS\System32\Drivers\yk63x64.sys [2012-6-2 287232]
S3 androidusb;ADB Interface Driver;C:\WINDOWS\System32\Drivers\androidusb.sys [2010-4-29 32768]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\Drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-01-04 12:02:23 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5BCDF24D-3EFF-449A-9DE4-DE3DC8CCD950}\mpengine.dll
2013-01-04 11:00:08 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-01-02 23:12:15 279656 ------w- C:\WINDOWS\System32\MpSigStub.exe
2013-01-02 23:11:16 -------- d-----w- C:\TDSSKiller_Quarantine
2013-01-02 22:52:25 -------- d-----w- C:\Users\Matthew\AppData\Local\Diagnostics
2013-01-02 03:04:50 -------- d-----w- C:\Program Files\Lx_cats
2013-01-02 03:04:32 145920 ----a-w- C:\WINDOWS\System32\Spool\prtprocs\x64\lxbxpp6c.dll
2013-01-02 03:04:15 44032 ----a-w- C:\WINDOWS\System32\lxbxvs.dll
2013-01-02 03:02:49 628224 ----a-w- C:\WINDOWS\System32\lxbxutil.dll
2013-01-02 02:53:10 -------- d-----w- C:\Users\Matthew\AppData\Local\ElevatedDiagnostics
2013-01-02 02:12:18 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-01-02 02:12:18 -------- d-----w- C:\Program Files (x86)\Diablo III
2013-01-02 02:12:18 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-01-02 02:11:23 -------- d-----w- C:\ProgramData\Battle.net
2013-01-01 23:34:42 -------- d-----w- C:\Users\Matthew\AppData\Local\Apple Computer
2013-01-01 23:34:36 33240 ----a-w- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
2013-01-01 23:33:56 -------- d-----w- C:\Program Files\iPod
2013-01-01 23:33:55 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-01 23:33:55 -------- d-----w- C:\Program Files\iTunes
2013-01-01 23:33:55 -------- d-----w- C:\Program Files (x86)\iTunes
2013-01-01 23:33:43 -------- d-----w- C:\Users\Matthew\AppData\Local\Apple
2013-01-01 23:33:12 213696 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10187.bin
2013-01-01 23:33:12 -------- d-----w- C:\Program Files\Bonjour
2013-01-01 23:33:12 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-01-01 23:28:49 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-01-01 23:28:47 -------- d-----w- C:\Program Files (x86)\Steam
2013-01-01 23:21:42 -------- d-----w- C:\Users\Matthew\AppData\Local\Google
2013-01-01 23:17:06 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-01-01 23:17:04 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin
2013-01-01 23:14:31 -------- d-----r- C:\Users\Matthew\Searches
2013-01-01 23:13:40 -------- d-----w- C:\Users\Matthew\AppData\Local\VirtualStore
2013-01-01 23:13:31 -------- d-----w- C:\Users\Matthew\AppData\Local\Packages
2013-01-01 23:13:31 -------- d-----w- C:\ProgramData\PRICache
2013-01-01 23:09:20 -------- d-sh--w- C:\Recovery
2013-01-01 22:58:56 0 ----a-w- C:\WINDOWS\ativpsrm.bin
2013-01-01 22:56:44 -------- d-----w- C:\Windows.old
2013-01-01 19:56:48 -------- d-----w- C:\WINDOWS\Panther
2013-01-01 18:18:17 -------- d--h--r- C:\ESD
2012-12-07 23:50:42 -------- d-----w- C:\Crash
.
==================== Find3M ====================
.
.
============= FINISH: 14:43:09.79 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 09 January 2013 - 03:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/480671 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 scomatt9

scomatt9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 09 January 2013 - 06:48 PM

1. Hopefully, my description was already clear enough.
2. See DDS log below
3. I have made a Windows 8 Recovery Drive (flash drive). Is that the same thing? I downloaded the OS from Microsoft, so I don't have any other disks.


**NEW DDS LOG**

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453
Run by Matthew at 15:45:26 on 2013-01-09
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.3839.2316 [GMT -8:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\lxbxcoms.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.124\GoogleCrashHandler64.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\system32\taskhost.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Lexmark 7100 Series\lxbxmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lexmark 7100 Series\ezprint.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=type=W3i_SP,204,0_0,StartPage,20120522,17117,0,18,0
mWinlogon: Userinit = userinit.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{A8E3BE92-04E9-4BD2-8F28-014BC71D2C77} : DHCPNameServer = 192.168.2.1
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=1&o=vp64&d=1111&m=dx4200-09
x64-Run: [LXBXCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\x64\3\LXBXtime.dll,RunDLLEntry
x64-Run: [lxbxmon.exe] "C:\Program Files (x86)\Lexmark 7100 Series\lxbxmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark 7100 Series\ezprint.exe"
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R3 yukonw8;NDIS6.3 Miniport Driver for Marvell Yukon Ethernet Controller;C:\WINDOWS\System32\Drivers\yk63x64.sys [2012-6-2 287232]
S3 androidusb;ADB Interface Driver;C:\WINDOWS\System32\Drivers\androidusb.sys [2010-4-29 32768]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\Drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2013-01-09 11:00:01 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B8C61002-3291-4C1F-9590-DC7EAFF9AEF8}\mpengine.dll
2013-01-08 11:00:09 9125352 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-01-06 02:20:01 3244032 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
2013-01-06 02:20:01 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll
2013-01-06 02:20:00 618496 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
2013-01-06 02:20:00 27880 ----a-w- C:\WINDOWS\System32\drivers\rdpvideominiport.sys
2013-01-06 02:20:00 202240 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll
2013-01-06 02:20:00 115712 ----a-w- C:\WINDOWS\System32\wbem\PolicMan.dll
2013-01-06 02:20:00 109568 ----a-w- C:\WINDOWS\System32\dskquota.dll
2013-01-06 02:18:59 2116096 ----a-w- C:\WINDOWS\System32\mssrch.dll
2013-01-06 02:17:59 1131520 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2013-01-06 02:16:59 90624 ----a-w- C:\WINDOWS\System32\drivers\amdk8.sys
2013-01-06 02:16:59 89088 ----a-w- C:\WINDOWS\System32\drivers\intelppm.sys
2013-01-06 02:16:59 88064 ----a-w- C:\WINDOWS\System32\drivers\amdppm.sys
2013-01-06 02:16:59 87552 ----a-w- C:\WINDOWS\System32\drivers\processr.sys
2013-01-06 02:16:59 22528 ----a-w- C:\WINDOWS\System32\drivers\fxppm.sys
2013-01-06 02:16:58 99328 ----a-w- C:\WINDOWS\System32\wushareduxresources.dll
2013-01-06 02:16:58 9728 ----a-w- C:\WINDOWS\SysWow64\wlanhlp.dll
2013-01-06 02:16:58 9728 ----a-w- C:\WINDOWS\System32\wlanhlp.dll
2013-01-06 02:16:58 16384 ----a-w- C:\WINDOWS\System32\iscsilog.dll
2013-01-05 07:09:55 -------- d-----w- C:\Users\Matthew\AppData\Roaming\Malwarebytes
2013-01-05 07:09:40 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-05 07:09:37 24176 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2013-01-05 07:09:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-05 07:09:25 -------- d-----w- C:\Users\Matthew\AppData\Local\Programs
2013-01-03 01:31:44 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-01-03 01:31:42 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-01-02 23:38:28 144384 ----a-w- C:\WINDOWS\System32\tssdisai.dll
2013-01-02 23:38:28 135680 ----a-w- C:\WINDOWS\System32\appserverai.dll
2013-01-02 23:38:28 126976 ----a-w- C:\WINDOWS\System32\RDWebAI.dll
2013-01-02 23:38:28 122880 ----a-w- C:\WINDOWS\System32\VmHostAI.dll
2013-01-02 23:38:24 148480 ----a-w- C:\WINDOWS\System32\poqexec.exe
2013-01-02 23:38:24 132608 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2013-01-02 23:38:15 94208 ----a-w- C:\WINDOWS\System32\synceng.dll
2013-01-02 23:38:15 72192 ----a-w- C:\WINDOWS\SysWow64\synceng.dll
2013-01-02 23:37:32 17888 ----a-w- C:\WINDOWS\System32\msvcr100_clr0400.dll
2013-01-02 23:37:28 17888 ----a-w- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll
2013-01-02 23:27:59 2048 ----a-w- C:\WINDOWS\SysWow64\tzres.dll
2013-01-02 23:26:57 2893824 ----a-w- C:\WINDOWS\System32\msmpeg2vdec.dll
2013-01-02 23:25:56 26624 ----a-w- C:\WINDOWS\System32\ReAgentc.exe
2013-01-02 23:25:56 24064 ----a-w- C:\WINDOWS\SysWow64\ReAgentc.exe
2013-01-02 23:12:15 279656 ------w- C:\WINDOWS\System32\MpSigStub.exe
2013-01-02 23:11:16 -------- d-----w- C:\TDSSKiller_Quarantine
2013-01-02 22:52:25 -------- d-----w- C:\Users\Matthew\AppData\Local\Diagnostics
2013-01-02 03:04:50 -------- d-----w- C:\Program Files\Lx_cats
2013-01-02 03:04:32 145920 ----a-w- C:\WINDOWS\System32\Spool\prtprocs\x64\lxbxpp6c.dll
2013-01-02 03:04:15 44032 ----a-w- C:\WINDOWS\System32\lxbxvs.dll
2013-01-02 03:02:49 628224 ----a-w- C:\WINDOWS\System32\lxbxutil.dll
2013-01-02 02:53:10 -------- d-----w- C:\Users\Matthew\AppData\Local\ElevatedDiagnostics
2013-01-02 02:12:18 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-01-02 02:12:18 -------- d-----w- C:\Program Files (x86)\Diablo III
2013-01-02 02:12:18 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-01-02 02:11:23 -------- d-----w- C:\ProgramData\Battle.net
2013-01-01 23:34:42 -------- d-----w- C:\Users\Matthew\AppData\Local\Apple Computer
2013-01-01 23:34:36 33240 ----a-w- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
2013-01-01 23:33:56 -------- d-----w- C:\Program Files\iPod
2013-01-01 23:33:55 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-01 23:33:55 -------- d-----w- C:\Program Files\iTunes
2013-01-01 23:33:55 -------- d-----w- C:\Program Files (x86)\iTunes
2013-01-01 23:33:43 -------- d-----w- C:\Users\Matthew\AppData\Local\Apple
2013-01-01 23:33:12 213696 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10187.bin
2013-01-01 23:33:12 -------- d-----w- C:\Program Files\Bonjour
2013-01-01 23:33:12 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-01-01 23:28:49 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-01-01 23:28:47 -------- d-----w- C:\Program Files (x86)\Steam
2013-01-01 23:21:42 -------- d-----w- C:\Users\Matthew\AppData\Local\Google
2013-01-01 23:17:06 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-01-01 23:17:04 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin
2013-01-01 23:14:31 -------- d-----r- C:\Users\Matthew\Searches
2013-01-01 23:13:40 -------- d-----w- C:\Users\Matthew\AppData\Local\VirtualStore
2013-01-01 23:13:31 -------- d-----w- C:\Users\Matthew\AppData\Local\Packages
2013-01-01 23:13:31 -------- d-----w- C:\ProgramData\PRICache
2013-01-01 23:09:20 -------- d-sh--w- C:\Recovery
2013-01-01 22:58:56 0 ----a-w- C:\WINDOWS\ativpsrm.bin
2013-01-01 22:56:44 -------- d-----w- C:\Windows.old
2013-01-01 19:56:48 -------- d-----w- C:\WINDOWS\Panther
2013-01-01 18:18:17 -------- d--h--r- C:\ESD
.
==================== Find3M ====================
.
2012-12-16 08:28:20 46080 ----a-w- C:\WINDOWS\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\WINDOWS\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll
2012-11-29 23:06:06 80736 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2012-11-29 23:06:06 695648 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2012-11-28 04:21:17 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll
2012-11-28 04:20:59 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll
2012-11-20 08:00:23 6971624 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2012-11-20 05:24:19 1164800 ----a-w- C:\WINDOWS\SysWow64\Display.dll
2012-11-20 05:24:17 36352 ----a-w- C:\WINDOWS\SysWow64\DevDispItemProvider.dll
2012-11-20 05:17:23 1184256 ----a-w- C:\WINDOWS\System32\Display.dll
2012-11-20 05:17:20 49152 ----a-w- C:\WINDOWS\System32\DevDispItemProvider.dll
2012-11-20 05:02:46 6656 ----a-w- C:\WINDOWS\SysWow64\KBDKURD.DLL
2012-11-20 04:59:26 7168 ----a-w- C:\WINDOWS\System32\KBDKURD.DLL
2012-11-20 04:56:27 27136 ----a-w- C:\WINDOWS\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\WINDOWS\System32\drivers\hidi2c.sys
2012-11-15 06:08:41 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2012-11-15 06:06:34 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2012-11-13 04:20:30 1120768 ----a-w- C:\WINDOWS\System32\msctf.dll
2012-11-13 04:19:23 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2012-11-13 04:19:14 707584 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2012-11-09 04:49:51 2048 ----a-w- C:\WINDOWS\System32\tzres.dll
2012-11-08 04:25:36 523776 ----a-w- C:\WINDOWS\SysWow64\WSShared.dll
2012-11-08 04:25:36 143872 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
2012-11-08 04:25:36 124928 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:25:35 1775104 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2012-11-08 04:24:27 2881536 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2012-11-08 04:24:22 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll
2012-11-08 04:24:22 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll
2012-11-08 04:24:19 75776 ----a-w- C:\WINDOWS\SysWow64\fontsub.dll
2012-11-08 04:24:06 10752 ----a-w- C:\WINDOWS\SysWow64\dciman32.dll
2012-11-08 04:22:21 641536 ----a-w- C:\WINDOWS\System32\WSShared.dll
2012-11-08 04:22:20 198656 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.dll
2012-11-08 04:22:20 163840 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2012-11-08 04:22:19 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll
2012-11-08 04:22:12 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll
2012-11-08 04:21:00 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll
2012-11-08 04:20:56 67072 ----a-w- C:\WINDOWS\System32\iesetup.dll
2012-11-08 04:20:56 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll
2012-11-08 04:20:50 96256 ----a-w- C:\WINDOWS\System32\fontsub.dll
2012-11-08 04:20:37 14336 ----a-w- C:\WINDOWS\System32\dciman32.dll
2012-11-08 04:02:16 3072 ----a-w- C:\WINDOWS\System32\lpk.dll
2012-11-08 04:01:40 3072 ----a-w- C:\WINDOWS\SysWow64\lpk.dll
2012-11-08 03:59:49 4056576 ----a-w- C:\WINDOWS\System32\win32k.sys
2012-11-08 01:56:52 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll
2012-11-06 07:52:07 445160 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2012-11-06 07:52:04 277736 ----a-w- C:\WINDOWS\System32\drivers\msiscsi.sys
2012-11-06 07:36:23 69864 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2012-11-06 07:36:14 96488 ----a-w- C:\WINDOWS\System32\drivers\wfplwfs.sys
2012-11-06 07:35:34 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys
2012-11-06 07:35:31 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys
2012-11-06 07:33:46 522640 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll
2012-11-06 07:33:46 253512 ----a-w- C:\WINDOWS\System32\audiodg.exe
2012-11-06 07:33:45 490064 ----a-w- C:\WINDOWS\System32\AudioEng.dll
2012-11-06 07:33:45 447792 ----a-w- C:\WINDOWS\System32\AudioSes.dll
2012-11-06 07:33:30 1566432 ----a-w- C:\WINDOWS\System32\ole32.dll
2012-11-06 05:00:06 463768 ----a-w- C:\WINDOWS\SysWow64\AUDIOKSE.dll
2012-11-06 05:00:06 427568 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll
2012-11-06 05:00:06 324344 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2012-11-06 04:54:13 2205696 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2012-11-06 04:48:27 1150160 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2012-11-06 04:19:59 470016 ----a-w- C:\WINDOWS\System32\wlanmsm.dll
2012-11-06 04:18:58 84992 ----a-w- C:\WINDOWS\SysWow64\fdWCN.dll
2012-11-06 04:17:58 110080 ----a-w- C:\WINDOWS\System32\dafWCN.dll
2012-11-06 04:17:44 718848 ----a-w- C:\WINDOWS\System32\BFE.DLL
2012-11-06 04:17:43 2302464 ----a-w- C:\WINDOWS\System32\authui.dll
2012-11-06 04:17:42 785920 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2012-11-06 04:17:41 169472 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll
2012-11-06 04:17:35 2146816 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2012-11-06 04:17:33 322560 ----a-w- C:\WINDOWS\System32\aaclient.dll
2012-11-06 04:17:32 212992 ----a-w- C:\WINDOWS\System32\bthprops.cpl
2012-11-06 03:55:09 212992 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2012-11-06 03:54:09 859136 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2012-11-06 03:53:44 560640 ----a-w- C:\WINDOWS\System32\drivers\afd.sys
2012-11-06 03:52:49 366080 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2012-11-06 03:51:47 665600 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2012-11-03 05:26:59 132096 ----a-w- C:\WINDOWS\System32\sysreset.exe
2012-11-03 05:26:40 34816 ----a-w- C:\WINDOWS\System32\dpnsvr.exe
2012-11-03 05:26:12 32256 ----a-w- C:\WINDOWS\SysWow64\dpnsvr.exe
2012-11-03 05:25:40 945152 ----a-w- C:\WINDOWS\System32\resetengmig.dll
2012-11-03 05:25:40 375808 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2012-11-03 05:25:40 1009664 ----a-w- C:\WINDOWS\System32\reseteng.dll
2012-11-03 05:25:39 443392 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2012-11-03 05:24:34 8192 ----a-w- C:\WINDOWS\SysWow64\dpnhupnp.dll
2012-11-03 05:24:34 8192 ----a-w- C:\WINDOWS\SysWow64\dpnhpast.dll
2012-11-03 05:24:34 58880 ----a-w- C:\WINDOWS\SysWow64\dpnathlp.dll
2012-11-03 05:24:34 375808 ----a-w- C:\WINDOWS\SysWow64\dpnet.dll
2012-11-03 05:24:11 9216 ----a-w- C:\WINDOWS\System32\dpnhupnp.dll
2012-11-03 05:24:11 9216 ----a-w- C:\WINDOWS\System32\dpnhpast.dll
2012-11-03 05:24:11 67584 ----a-w- C:\WINDOWS\System32\dpnathlp.dll
2012-11-03 05:24:11 463872 ----a-w- C:\WINDOWS\System32\dpnet.dll
2012-11-03 05:04:21 4096 ----a-w- C:\WINDOWS\System32\dpnlobby.dll
2012-11-03 05:04:19 3584 ----a-w- C:\WINDOWS\System32\dpnaddr.dll
2012-11-03 05:00:54 3072 ----a-w- C:\WINDOWS\SysWow64\dpnlobby.dll
2012-11-03 05:00:53 2560 ----a-w- C:\WINDOWS\SysWow64\dpnaddr.dll
2012-10-24 03:25:40 13312 ----a-w- C:\WINDOWS\System32\pcalua.exe
2012-10-24 03:24:35 405504 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2012-10-24 03:24:35 31232 ----a-w- C:\WINDOWS\System32\pcadm.dll
.
============= FINISH: 15:46:04.22 ===============

#4 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:18 PM

Posted 10 January 2013 - 06:04 AM

Hi,

My name is Casey and I'll be helping you with your issue.

What method did you use when you installed Windows 8 - did you perform an in-place upgrade (this would have kept your programs and files) or did you perform a fresh install?

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#5 scomatt9

scomatt9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 10 January 2013 - 12:16 PM

Hi Casey. I appreciate the assistance!

I upgraded to Win 8 from Vista so the upgrade allowed me to keep all personal files but not programs (or applications as it calls them now).

Thanks again!
Matt

#6 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:18 PM

Posted 12 January 2013 - 11:04 AM

OK :) let's have a scan with TDSSKiller

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#7 scomatt9

scomatt9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 12 January 2013 - 12:26 PM

Okay, done. TDS Killer did not find any threats. (Although I forgot to mention that I did run this a couple of days before writing my original post and it did find one threat. See below.) The new scan (today) was threat free.

Thanks again and sorry for muddling this up with the previous scan! Totally forgot that I had run it. :(


**OLD** TDS Killer log with threat (Just in case that matters...)

14:59:34.0984 2148 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:59:35.0454 2148 ============================================================
14:59:35.0454 2148 Current date / time: 2013/01/02 14:59:35.0454
14:59:35.0454 2148 SystemInfo:
14:59:35.0454 2148
14:59:35.0454 2148 OS Version: 6.2.9200 ServicePack: 0.0
14:59:35.0454 2148 Product type: Workstation
14:59:35.0454 2148 ComputerName: MATTHEW-PC
14:59:35.0455 2148 UserName: Matthew
14:59:35.0455 2148 Windows directory: C:\WINDOWS
14:59:35.0455 2148 System windows directory: C:\WINDOWS
14:59:35.0455 2148 Running under WOW64
14:59:35.0455 2148 Processor architecture: Intel x64
14:59:35.0455 2148 Number of processors: 4
14:59:35.0455 2148 Page size: 0x1000
14:59:35.0455 2148 Boot type: Normal boot
14:59:35.0455 2148 ============================================================
14:59:36.0681 2148 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:59:36.0682 2148 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:59:36.0720 2148 ============================================================
14:59:36.0720 2148 \Device\Harddisk0\DR0:
14:59:36.0721 2148 MBR partitions:
14:59:36.0721 2148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
14:59:36.0721 2148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1389000, BlocksNum 0x494CE800
14:59:36.0721 2148 \Device\Harddisk1\DR1:
14:59:36.0721 2148 MBR partitions:
14:59:36.0721 2148 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
14:59:36.0721 2148 ============================================================
14:59:36.0735 2148 C: <-> \Device\Harddisk0\DR0\Partition2
14:59:36.0772 2148 D: <-> \Device\Harddisk1\DR1\Partition1
14:59:36.0772 2148 ============================================================
14:59:36.0772 2148 Initialize success
14:59:36.0772 2148 ============================================================
15:00:00.0171 2680 ============================================================
15:00:00.0171 2680 Scan started
15:00:00.0171 2680 Mode: Manual; SigCheck; TDLFS;
15:00:00.0171 2680 ============================================================
15:00:00.0936 2680 ================ Scan system memory ========================
15:00:00.0936 2680 System memory - ok
15:00:00.0937 2680 ================ Scan services =============================
15:00:01.0197 2680 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
15:00:01.0335 2680 1394ohci - ok
15:00:01.0373 2680 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
15:00:01.0408 2680 3ware - ok
15:00:01.0431 2680 [ A3BDA4D1186C8F47FA1BC8E91F197537 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
15:00:01.0464 2680 ACPI - ok
15:00:01.0504 2680 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
15:00:01.0534 2680 acpiex - ok
15:00:01.0555 2680 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
15:00:01.0614 2680 acpipagr - ok
15:00:01.0650 2680 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
15:00:01.0700 2680 AcpiPmi - ok
15:00:01.0731 2680 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
15:00:01.0782 2680 acpitime - ok
15:00:01.0817 2680 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
15:00:01.0899 2680 adp94xx - ok
15:00:01.0921 2680 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
15:00:01.0968 2680 adpahci - ok
15:00:02.0002 2680 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
15:00:02.0052 2680 adpu320 - ok
15:00:02.0097 2680 [ AB34A3211A1D2AB977DE00CD7BC5A464 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
15:00:02.0171 2680 AeLookupSvc - ok
15:00:02.0219 2680 [ 9E975BDC89C83900B2C534C4E1B018F8 ] AFD C:\WINDOWS\system32\drivers\afd.sys
15:00:02.0319 2680 AFD - ok
15:00:02.0403 2680 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\agrsm64.sys
15:00:02.0513 2680 AgereSoftModem - ok
15:00:02.0521 2680 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
15:00:02.0576 2680 agp440 - ok
15:00:02.0611 2680 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe
15:00:02.0637 2680 ALG - ok
15:00:02.0713 2680 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
15:00:02.0740 2680 AllUserInstallAgent - ok
15:00:02.0768 2680 [ FB88D16B55F788EEB7590584FE2D8F1A ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
15:00:02.0847 2680 AmdK8 - ok
15:00:03.0116 2680 [ 8DC532B5BF820E48194C6AFC8862FCBC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
15:00:03.0560 2680 amdkmdag - ok
15:00:03.0588 2680 [ AA48FEABA50C2DED9C485DFDBA044E40 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
15:00:03.0664 2680 amdkmdap - ok
15:00:03.0699 2680 [ 81402FF3373CE4DF77D5C874E369A985 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
15:00:03.0715 2680 AmdPPM - ok
15:00:03.0731 2680 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
15:00:03.0770 2680 amdsata - ok
15:00:03.0810 2680 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
15:00:03.0878 2680 amdsbs - ok
15:00:03.0885 2680 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
15:00:03.0913 2680 amdxata - ok
15:00:03.0949 2680 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys
15:00:03.0994 2680 AppID - ok
15:00:04.0041 2680 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
15:00:04.0088 2680 AppIDSvc - ok
15:00:04.0136 2680 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\WINDOWS\System32\appinfo.dll
15:00:04.0175 2680 Appinfo - ok
15:00:04.0311 2680 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:00:04.0333 2680 Apple Mobile Device - ok
15:00:04.0378 2680 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:00:04.0407 2680 AppMgmt - ok
15:00:04.0437 2680 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys
15:00:04.0470 2680 arc - ok
15:00:04.0488 2680 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
15:00:04.0521 2680 arcsas - ok
15:00:04.0531 2680 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:00:04.0584 2680 AsyncMac - ok
15:00:04.0614 2680 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
15:00:04.0630 2680 atapi - ok
15:00:04.0671 2680 [ 81C712A88D62B7B30AE961BBE2B88547 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:00:04.0725 2680 AudioEndpointBuilder - ok
15:00:04.0779 2680 [ 19F399667D97F9C144AC1FA74D2D881B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
15:00:04.0841 2680 Audiosrv - ok
15:00:04.0872 2680 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
15:00:04.0890 2680 AxInstSV - ok
15:00:04.0928 2680 [ 45C6EC94DE3D466B4B452EA0E3870321 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
15:00:05.0016 2680 b06bdrv - ok
15:00:05.0032 2680 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:00:05.0061 2680 BasicDisplay - ok
15:00:05.0095 2680 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
15:00:05.0126 2680 BasicRender - ok
15:00:05.0164 2680 [ 5BEC02F0A82187227E7457F4600DDFDA ] BDESVC C:\WINDOWS\System32\bdesvc.dll
15:00:05.0193 2680 BDESVC - ok
15:00:05.0230 2680 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:00:05.0286 2680 Beep - ok
15:00:05.0333 2680 [ 407F85D5387EDBB665A7969DF4D4712B ] BFE C:\WINDOWS\System32\bfe.dll
15:00:05.0406 2680 BFE - ok
15:00:05.0459 2680 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll
15:00:05.0518 2680 BITS - ok
15:00:05.0623 2680 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:00:05.0649 2680 Bonjour Service - ok
15:00:05.0658 2680 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
15:00:05.0702 2680 bowser - ok
15:00:05.0758 2680 [ 88F6F0E54F37F99FE7D5513B7623E444 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:00:05.0796 2680 BrokerInfrastructure - ok
15:00:05.0845 2680 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll
15:00:05.0882 2680 Browser - ok
15:00:05.0922 2680 [ 351075A2ADDF86F5C4BA10CA27E8973D ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:00:06.0018 2680 BthAvrcpTg - ok
15:00:06.0037 2680 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
15:00:06.0105 2680 BthHFEnum - ok
15:00:06.0121 2680 [ 531D83EA26C5FFAA79F0A1DC3B0698CF ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
15:00:06.0167 2680 bthhfhid - ok
15:00:06.0178 2680 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
15:00:06.0235 2680 BTHMODEM - ok
15:00:06.0287 2680 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll
15:00:06.0305 2680 bthserv - ok
15:00:06.0338 2680 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:00:06.0394 2680 cdfs - ok
15:00:06.0406 2680 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
15:00:06.0446 2680 cdrom - ok
15:00:06.0489 2680 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
15:00:06.0537 2680 CertPropSvc - ok
15:00:06.0574 2680 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
15:00:06.0639 2680 circlass - ok
15:00:06.0653 2680 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
15:00:06.0682 2680 CLFS - ok
15:00:06.0726 2680 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
15:00:06.0783 2680 CmBatt - ok
15:00:06.0828 2680 [ 1894FD2D5966A81D3B07A7C4D8724D59 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
15:00:06.0872 2680 CNG - ok
15:00:06.0887 2680 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
15:00:06.0957 2680 CompositeBus - ok
15:00:06.0966 2680 COMSysApp - ok
15:00:06.0990 2680 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys
15:00:07.0007 2680 condrv - ok
15:00:07.0044 2680 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
15:00:07.0082 2680 CryptSvc - ok
15:00:07.0133 2680 [ FFDF18821C031B39E15F35BAB0185840 ] CSC C:\WINDOWS\system32\drivers\csc.sys
15:00:07.0210 2680 CSC - ok
15:00:07.0266 2680 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll
15:00:07.0322 2680 CscService - ok
15:00:07.0365 2680 [ E8A676D196E9A4DED7A6C74DEA90FA4E ] dam C:\WINDOWS\system32\drivers\dam.sys
15:00:07.0401 2680 dam - ok
15:00:07.0461 2680 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:00:07.0525 2680 DcomLaunch - ok
15:00:07.0577 2680 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
15:00:07.0615 2680 defragsvc - ok
15:00:07.0661 2680 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:00:07.0747 2680 DeviceAssociationService - ok
15:00:07.0782 2680 [ D7A3877D9E126E21925DA873677C1D65 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
15:00:07.0819 2680 DeviceInstall - ok
15:00:07.0861 2680 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
15:00:07.0923 2680 Dfsc - ok
15:00:07.0969 2680 [ 6DBE7FE196F8E9D212DCC34EDDF7C3C1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
15:00:08.0016 2680 Dhcp - ok
15:00:08.0028 2680 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys
15:00:08.0068 2680 discache - ok
15:00:08.0104 2680 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys
15:00:08.0135 2680 disk - ok
15:00:08.0145 2680 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
15:00:08.0184 2680 dmvsc - ok
15:00:08.0196 2680 [ 9ACE7E657107EB51E5E89FD883F2FD2D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:00:08.0262 2680 Dnscache - ok
15:00:08.0291 2680 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
15:00:08.0316 2680 dot3svc - ok
15:00:08.0350 2680 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll
15:00:08.0412 2680 DPS - ok
15:00:08.0463 2680 [ 013C53A30F896F00C563FD53E695AEF4 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:00:08.0518 2680 drmkaud - ok
15:00:08.0548 2680 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
15:00:08.0571 2680 DsmSvc - ok
15:00:08.0608 2680 [ C58425E4F1E115BB271FBF3FC348AB11 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:00:08.0676 2680 DXGKrnl - ok
15:00:08.0687 2680 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
15:00:08.0731 2680 Eaphost - ok
15:00:08.0825 2680 [ C815C4FAE6A816DFB58975F3D0396692 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
15:00:09.0059 2680 ebdrv - ok
15:00:09.0096 2680 [ 6E0E63801FBEF27995107B8269BCFAAD ] EFS C:\WINDOWS\System32\lsass.exe
15:00:09.0129 2680 EFS - ok
15:00:09.0163 2680 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
15:00:09.0194 2680 EhStorClass - ok
15:00:09.0214 2680 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:00:09.0247 2680 EhStorTcgDrv - ok
15:00:09.0260 2680 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
15:00:09.0285 2680 ErrDev - ok
15:00:09.0337 2680 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll
15:00:09.0409 2680 EventSystem - ok
15:00:09.0437 2680 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
15:00:09.0514 2680 exfat - ok
15:00:09.0545 2680 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
15:00:09.0597 2680 fastfat - ok
15:00:09.0644 2680 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe
15:00:09.0767 2680 Fax - ok
15:00:09.0789 2680 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
15:00:09.0840 2680 fdc - ok
15:00:09.0896 2680 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
15:00:09.0938 2680 fdPHost - ok
15:00:09.0965 2680 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll
15:00:09.0991 2680 FDResPub - ok
15:00:10.0035 2680 [ DFC2156EEC9E0CBC4F8311983567E3AA ] fhsvc C:\WINDOWS\system32\fhsvc.dll
15:00:10.0100 2680 fhsvc - ok
15:00:10.0144 2680 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
15:00:10.0174 2680 FileInfo - ok
15:00:10.0216 2680 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
15:00:10.0297 2680 Filetrace - ok
15:00:10.0324 2680 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
15:00:10.0382 2680 flpydisk - ok
15:00:10.0410 2680 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:00:10.0436 2680 FltMgr - ok
15:00:10.0493 2680 [ 305CB1E16576F436BC8797E629A3D46D ] FontCache C:\WINDOWS\system32\FntCache.dll
15:00:10.0569 2680 FontCache - ok
15:00:10.0584 2680 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
15:00:10.0614 2680 FsDepends - ok
15:00:10.0655 2680 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:00:10.0711 2680 Fs_Rec - ok
15:00:10.0741 2680 [ 79E687A2829B9EBDF488F78260651094 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:00:10.0779 2680 fvevol - ok
15:00:10.0814 2680 [ 3EF3FCCC0E70EEC5C2AD996F32BBA642 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
15:00:10.0850 2680 FxPPM - ok
15:00:10.0877 2680 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
15:00:10.0909 2680 gagp30kx - ok
15:00:10.0941 2680 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:00:10.0968 2680 GEARAspiWDM - ok
15:00:11.0002 2680 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
15:00:11.0029 2680 gencounter - ok
15:00:11.0051 2680 [ A1F17108F3ED752D2614D767792327C5 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:00:11.0085 2680 GPIOClx0101 - ok
15:00:11.0137 2680 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
15:00:11.0243 2680 gpsvc - ok
15:00:11.0323 2680 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:00:11.0344 2680 gupdate - ok
15:00:11.0353 2680 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:00:11.0363 2680 gupdatem - ok
15:00:11.0422 2680 [ 9FC1F11D4D19F61DFE5CC878B4557D3A ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
15:00:11.0523 2680 HdAudAddService - ok
15:00:11.0559 2680 [ 8D6810577E9C4F56DCB8E9BACAC7287B ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
15:00:11.0592 2680 HDAudBus - ok
15:00:11.0609 2680 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
15:00:11.0651 2680 HidBatt - ok
15:00:11.0666 2680 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
15:00:11.0713 2680 HidBth - ok
15:00:11.0747 2680 [ AC0526C4E3A7954F750B8F8D95EFB340 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
15:00:11.0791 2680 hidi2c - ok
15:00:11.0798 2680 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
15:00:11.0870 2680 HidIr - ok
15:00:11.0929 2680 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll
15:00:11.0952 2680 hidserv - ok
15:00:11.0993 2680 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
15:00:12.0021 2680 HidUsb - ok
15:00:12.0054 2680 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
15:00:12.0077 2680 hkmsvc - ok
15:00:12.0131 2680 [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:00:12.0181 2680 HomeGroupListener - ok
15:00:12.0221 2680 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:00:12.0289 2680 HomeGroupProvider - ok
15:00:12.0332 2680 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
15:00:12.0386 2680 HpSAMD - ok
15:00:12.0450 2680 [ 47DBBF38E00C3F7404B71F6509241EF1 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
15:00:12.0515 2680 HTTP - ok
15:00:12.0559 2680 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
15:00:12.0607 2680 hwpolicy - ok
15:00:12.0653 2680 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
15:00:12.0695 2680 hyperkbd - ok
15:00:12.0713 2680 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:00:12.0741 2680 HyperVideo - ok
15:00:12.0779 2680 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
15:00:12.0831 2680 i8042prt - ok
15:00:12.0851 2680 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
15:00:12.0899 2680 iaStorV - ok
15:00:12.0939 2680 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
15:00:12.0992 2680 iirsp - ok
15:00:13.0060 2680 [ 45EACE8D94B9CEC746A85154892C4FDC ] IKEEXT C:\WINDOWS\System32\ikeext.dll
15:00:13.0162 2680 IKEEXT - ok
15:00:13.0192 2680 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
15:00:13.0220 2680 intelide - ok
15:00:13.0231 2680 [ F9E126AA767E2E6E3128434A43C9F713 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
15:00:13.0291 2680 intelppm - ok
15:00:13.0327 2680 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:00:13.0390 2680 IpFilterDriver - ok
15:00:13.0435 2680 [ CAC5202757EF68C4849B0DFFA75F6D3C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
15:00:13.0479 2680 iphlpsvc - ok
15:00:13.0498 2680 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:00:13.0549 2680 IPMIDRV - ok
15:00:13.0578 2680 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
15:00:13.0652 2680 IPNAT - ok
15:00:13.0690 2680 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:00:13.0714 2680 iPod Service - ok
15:00:13.0739 2680 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
15:00:13.0777 2680 IRENUM - ok
15:00:13.0816 2680 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
15:00:13.0845 2680 isapnp - ok
15:00:13.0888 2680 [ F5F0DE1B7F256997501EECECE9648108 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
15:00:13.0941 2680 iScsiPrt - ok
15:00:13.0986 2680 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
15:00:14.0045 2680 kbdclass - ok
15:00:14.0088 2680 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
15:00:14.0145 2680 kbdhid - ok
15:00:14.0189 2680 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
15:00:14.0242 2680 kdnic - ok
15:00:14.0255 2680 [ 6E0E63801FBEF27995107B8269BCFAAD ] KeyIso C:\WINDOWS\system32\lsass.exe
15:00:14.0284 2680 KeyIso - ok
15:00:14.0295 2680 [ A4751040DB14E30E61A4E47481C77274 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
15:00:14.0314 2680 KSecDD - ok
15:00:14.0329 2680 [ E427D299CFE267A2465D3AAF81440ED9 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:00:14.0350 2680 KSecPkg - ok
15:00:14.0360 2680 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
15:00:14.0406 2680 ksthunk - ok
15:00:14.0457 2680 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
15:00:14.0565 2680 KtmRm - ok
15:00:14.0605 2680 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
15:00:14.0659 2680 LanmanServer - ok
15:00:14.0689 2680 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:00:14.0735 2680 LanmanWorkstation - ok
15:00:14.0757 2680 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
15:00:14.0825 2680 lltdio - ok
15:00:14.0853 2680 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
15:00:14.0941 2680 lltdsvc - ok
15:00:14.0974 2680 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
15:00:15.0007 2680 lmhosts - ok
15:00:15.0051 2680 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
15:00:15.0083 2680 LSI_SAS - ok
15:00:15.0115 2680 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
15:00:15.0148 2680 LSI_SAS2 - ok
15:00:15.0173 2680 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
15:00:15.0223 2680 LSI_SCSI - ok
15:00:15.0266 2680 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
15:00:15.0314 2680 LSI_SSS - ok
15:00:15.0364 2680 [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM C:\WINDOWS\System32\lsm.dll
15:00:15.0404 2680 LSM - ok
15:00:15.0451 2680 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
15:00:15.0518 2680 luafv - ok
15:00:15.0532 2680 lxbx_device - ok
15:00:15.0540 2680 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
15:00:15.0579 2680 megasas - ok
15:00:15.0616 2680 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
15:00:15.0661 2680 MegaSR - ok
15:00:15.0704 2680 [ DBD28A7997CF7303E610989C565C9B29 ] MMCSS C:\WINDOWS\system32\mmcss.dll
15:00:15.0738 2680 MMCSS - ok
15:00:15.0749 2680 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys
15:00:15.0792 2680 Modem - ok
15:00:15.0823 2680 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
15:00:15.0839 2680 monitor - ok
15:00:15.0855 2680 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
15:00:15.0907 2680 mouclass - ok
15:00:15.0917 2680 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
15:00:15.0969 2680 mouhid - ok
15:00:15.0993 2680 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
15:00:16.0012 2680 mountmgr - ok
15:00:16.0021 2680 [ 36BF4D86F166ACBC14F0B8B8F90CBCEA ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
15:00:16.0076 2680 mpsdrv - ok
15:00:16.0108 2680 [ 411EA973A1961C287927DF13891EB41E ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
15:00:16.0184 2680 MpsSvc - ok
15:00:16.0220 2680 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
15:00:16.0270 2680 MRxDAV - ok
15:00:16.0302 2680 [ 1EEAA5A62E8C49DDF58798F06F78BFFA ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:00:16.0358 2680 mrxsmb - ok
15:00:16.0380 2680 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:00:16.0471 2680 mrxsmb10 - ok
15:00:16.0483 2680 [ BFBE1EA55ECC15733933D429E384BCA4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:00:16.0532 2680 mrxsmb20 - ok
15:00:16.0546 2680 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
15:00:16.0618 2680 MsBridge - ok
15:00:16.0652 2680 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:00:16.0719 2680 MSDTC - ok
15:00:16.0757 2680 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:00:16.0808 2680 Msfs - ok
15:00:16.0840 2680 [ 62435ABF8D6199659D451DFBC94E773C ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:00:16.0882 2680 msgpiowin32 - ok
15:00:16.0923 2680 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:00:16.0962 2680 mshidkmdf - ok
15:00:16.0985 2680 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
15:00:17.0012 2680 mshidumdf - ok
15:00:17.0033 2680 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
15:00:17.0048 2680 msisadrv - ok
15:00:17.0070 2680 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
15:00:17.0127 2680 MSiSCSI - ok
15:00:17.0133 2680 msiserver - ok
15:00:17.0160 2680 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:00:17.0188 2680 MSKSSRV - ok
15:00:17.0207 2680 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
15:00:17.0261 2680 MsLldp - ok
15:00:17.0287 2680 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:00:17.0347 2680 MSPCLOCK - ok
15:00:17.0383 2680 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:00:17.0443 2680 MSPQM - ok
15:00:17.0488 2680 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
15:00:17.0535 2680 MsRPC - ok
15:00:17.0551 2680 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
15:00:17.0567 2680 mssmbios - ok
15:00:17.0588 2680 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:00:17.0616 2680 MSTEE - ok
15:00:17.0622 2680 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
15:00:17.0649 2680 MTConfig - ok
15:00:17.0669 2680 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
15:00:17.0686 2680 Mup - ok
15:00:17.0704 2680 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
15:00:17.0735 2680 mvumis - ok
15:00:17.0794 2680 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll
15:00:17.0867 2680 napagent - ok
15:00:17.0910 2680 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:00:17.0985 2680 NativeWifiP - ok
15:00:18.0008 2680 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
15:00:18.0028 2680 NcaSvc - ok
15:00:18.0056 2680 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
15:00:18.0085 2680 NcdAutoSetup - ok
15:00:18.0112 2680 [ EAB473DFB958489D3145FE4DD5F5E77B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
15:00:18.0171 2680 NDIS - ok
15:00:18.0204 2680 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
15:00:18.0248 2680 NdisCap - ok
15:00:18.0265 2680 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
15:00:18.0304 2680 NdisImPlatform - ok
15:00:18.0330 2680 [ 8757D4A9701F9F4B59978839F46C32A7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:00:18.0371 2680 NdisTapi - ok
15:00:18.0391 2680 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:00:18.0441 2680 Ndisuio - ok
15:00:18.0467 2680 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:00:18.0530 2680 NdisWan - ok
15:00:18.0537 2680 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:00:18.0559 2680 NDISWANLEGACY - ok
15:00:18.0598 2680 [ FC891984160AAD8D3F047888C6BF1467 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:00:18.0661 2680 NDProxy - ok
15:00:18.0699 2680 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
15:00:18.0770 2680 Ndu - ok
15:00:18.0801 2680 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:00:18.0835 2680 NetBIOS - ok
15:00:18.0854 2680 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:00:18.0925 2680 NetBT - ok
15:00:18.0954 2680 [ 6E0E63801FBEF27995107B8269BCFAAD ] Netlogon C:\WINDOWS\system32\lsass.exe
15:00:18.0970 2680 Netlogon - ok
15:00:19.0014 2680 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll
15:00:19.0039 2680 Netman - ok
15:00:19.0089 2680 [ 20F6FD63E6D456114BC8056D62792786 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
15:00:19.0167 2680 netprofm - ok
15:00:19.0284 2680 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:00:19.0374 2680 NetTcpPortSharing - ok
15:00:19.0400 2680 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
15:00:19.0429 2680 nfrd960 - ok
15:00:19.0465 2680 [ 05B42A91867DA3FF71C59747DC785996 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
15:00:19.0502 2680 NlaSvc - ok
15:00:19.0516 2680 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:00:19.0567 2680 Npfs - ok
15:00:19.0606 2680 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
15:00:19.0660 2680 npsvctrig - ok
15:00:19.0672 2680 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll
15:00:19.0690 2680 nsi - ok
15:00:19.0724 2680 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
15:00:19.0754 2680 nsiproxy - ok
15:00:19.0793 2680 [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:00:19.0893 2680 Ntfs - ok
15:00:19.0904 2680 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys
15:00:19.0931 2680 Null - ok
15:00:19.0974 2680 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
15:00:20.0023 2680 nvraid - ok
15:00:20.0058 2680 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
15:00:20.0111 2680 nvstor - ok
15:00:20.0150 2680 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
15:00:20.0200 2680 nv_agp - ok
15:00:20.0221 2680 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
15:00:20.0256 2680 p2pimsvc - ok
15:00:20.0317 2680 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
15:00:20.0350 2680 p2psvc - ok
15:00:20.0369 2680 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys
15:00:20.0403 2680 Parport - ok
15:00:20.0419 2680 [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
15:00:20.0437 2680 partmgr - ok
15:00:20.0483 2680 [ 19E41F140A6ADBD38943710DA7FF0E38 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
15:00:20.0548 2680 PcaSvc - ok
15:00:20.0582 2680 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys
15:00:20.0619 2680 pci - ok
15:00:20.0634 2680 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
15:00:20.0663 2680 pciide - ok
15:00:20.0688 2680 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
15:00:20.0731 2680 pcmcia - ok
15:00:20.0768 2680 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
15:00:20.0799 2680 pcw - ok
15:00:20.0814 2680 [ 674B0AAFB88A04D313B032C623F6AC9A ] pdc C:\WINDOWS\system32\drivers\pdc.sys
15:00:20.0831 2680 pdc - ok
15:00:20.0859 2680 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
15:00:20.0926 2680 PEAUTH - ok
15:00:20.0978 2680 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
15:00:21.0050 2680 PeerDistSvc - ok
15:00:21.0145 2680 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
15:00:21.0201 2680 PerfHost - ok
15:00:21.0303 2680 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll
15:00:21.0408 2680 pla - ok
15:00:21.0440 2680 [ D7A3877D9E126E21925DA873677C1D65 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
15:00:21.0468 2680 PlugPlay - ok
15:00:21.0501 2680 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
15:00:21.0518 2680 PNRPAutoReg - ok
15:00:21.0546 2680 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
15:00:21.0567 2680 PNRPsvc - ok
15:00:21.0621 2680 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
15:00:21.0685 2680 PolicyAgent - ok
15:00:21.0728 2680 [ AAD0C7235F804728373026EEFFDBCA6C ] Power C:\WINDOWS\system32\umpo.dll
15:00:21.0757 2680 Power - ok
15:00:21.0802 2680 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:00:21.0861 2680 PptpMiniport - ok
15:00:22.0046 2680 [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
15:00:22.0165 2680 PrintNotify - ok
15:00:22.0191 2680 [ 8DA167F8967AB35A2487095CB1B879A0 ] Processor C:\WINDOWS\System32\drivers\processr.sys
15:00:22.0245 2680 Processor - ok
15:00:22.0275 2680 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll
15:00:22.0296 2680 ProfSvc - ok
15:00:22.0342 2680 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
15:00:22.0433 2680 Psched - ok
15:00:22.0496 2680 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll
15:00:22.0539 2680 QWAVE - ok
15:00:22.0558 2680 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
15:00:22.0601 2680 QWAVEdrv - ok
15:00:22.0623 2680 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:00:22.0662 2680 RasAcd - ok
15:00:22.0676 2680 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
15:00:22.0731 2680 RasAgileVpn - ok
15:00:22.0778 2680 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:00:22.0831 2680 RasAuto - ok
15:00:22.0860 2680 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:00:22.0911 2680 Rasl2tp - ok
15:00:22.0958 2680 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:00:23.0016 2680 RasMan - ok
15:00:23.0060 2680 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:00:23.0135 2680 RasPppoe - ok
15:00:23.0146 2680 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
15:00:23.0197 2680 RasSstp - ok
15:00:23.0237 2680 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:00:23.0311 2680 rdbss - ok
15:00:23.0330 2680 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
15:00:23.0370 2680 rdpbus - ok
15:00:23.0386 2680 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
15:00:23.0446 2680 RDPDR - ok
15:00:23.0494 2680 [ 3B4F32CA8B37584ECF98BCE136E38B96 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:00:23.0551 2680 RdpVideoMiniport - ok
15:00:23.0586 2680 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:00:23.0676 2680 RDPWD - ok
15:00:23.0686 2680 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
15:00:23.0707 2680 rdyboost - ok
15:00:23.0741 2680 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:00:23.0770 2680 RemoteAccess - ok
15:00:23.0792 2680 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:00:23.0821 2680 RemoteRegistry - ok
15:00:23.0845 2680 [ 381E606B90F32E501D1E2C852D211AB9 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
15:00:23.0890 2680 RpcEptMapper - ok
15:00:23.0917 2680 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe
15:00:23.0947 2680 RpcLocator - ok
15:00:23.0993 2680 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:00:24.0047 2680 RpcSs - ok
15:00:24.0065 2680 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
15:00:24.0135 2680 rspndr - ok
15:00:24.0152 2680 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
15:00:24.0189 2680 s3cap - ok
15:00:24.0221 2680 [ 6E0E63801FBEF27995107B8269BCFAAD ] SamSs C:\WINDOWS\system32\lsass.exe
15:00:24.0245 2680 SamSs - ok
15:00:24.0261 2680 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
15:00:24.0295 2680 sbp2port - ok
15:00:24.0335 2680 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
15:00:24.0371 2680 SCardSvr - ok
15:00:24.0387 2680 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:00:24.0421 2680 scfilter - ok
15:00:24.0550 2680 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:00:24.0608 2680 Schedule - ok
15:00:24.0662 2680 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
15:00:24.0698 2680 SCPolicySvc - ok
15:00:24.0737 2680 [ 6D3A4C1E3E809C02476B32ACB68C1707 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
15:00:24.0809 2680 sdbus - ok
15:00:24.0837 2680 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
15:00:24.0872 2680 SDRSVC - ok
15:00:24.0903 2680 [ 6BF842A03DAA25CBBA9A585E25731E06 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
15:00:24.0962 2680 sdstor - ok
15:00:24.0975 2680 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
15:00:25.0002 2680 secdrv - ok
15:00:25.0037 2680 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll
15:00:25.0059 2680 seclogon - ok
15:00:25.0167 2680 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll
15:00:25.0234 2680 SENS - ok
15:00:25.0258 2680 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
15:00:25.0277 2680 SensrSvc - ok
15:00:25.0304 2680 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
15:00:25.0333 2680 SerCx - ok
15:00:25.0373 2680 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
15:00:25.0400 2680 Serenum - ok
15:00:25.0437 2680 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys
15:00:25.0467 2680 Serial - ok
15:00:25.0481 2680 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
15:00:25.0527 2680 sermouse - ok
15:00:25.0568 2680 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll
15:00:25.0598 2680 SessionEnv - ok
15:00:25.0619 2680 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
15:00:25.0657 2680 sfloppy - ok
15:00:25.0698 2680 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:00:25.0727 2680 SharedAccess - ok
15:00:25.0800 2680 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:00:25.0871 2680 ShellHWDetection - ok
15:00:25.0911 2680 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:00:25.0963 2680 SiSRaid2 - ok
15:00:25.0981 2680 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
15:00:26.0011 2680 SiSRaid4 - ok
15:00:26.0055 2680 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
15:00:26.0099 2680 SNMPTRAP - ok
15:00:26.0145 2680 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
15:00:26.0192 2680 spaceport - ok
15:00:26.0212 2680 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
15:00:26.0254 2680 SpbCx - ok
15:00:26.0300 2680 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe
15:00:26.0339 2680 Spooler - ok
15:00:26.0479 2680 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe
15:00:26.0683 2680 sppsvc - ok
15:00:26.0710 2680 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:00:26.0788 2680 srv - ok
15:00:26.0807 2680 [ 0DE224F7B8041B17AA53D00327A86396 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
15:00:26.0911 2680 srv2 - ok
15:00:26.0949 2680 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:00:27.0007 2680 srvnet - ok
15:00:27.0049 2680 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:00:27.0095 2680 SSDPSRV - ok
15:00:27.0127 2680 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
15:00:27.0162 2680 SstpSvc - ok
15:00:27.0208 2680 Steam Client Service - ok
15:00:27.0233 2680 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
15:00:27.0262 2680 stexstor - ok
15:00:27.0309 2680 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll
15:00:27.0366 2680 stisvc - ok
15:00:27.0396 2680 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
15:00:27.0442 2680 storahci - ok
15:00:27.0453 2680 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
15:00:27.0486 2680 storflt - ok
15:00:27.0506 2680 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll
15:00:27.0522 2680 StorSvc - ok
15:00:27.0555 2680 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
15:00:27.0585 2680 storvsc - ok
15:00:27.0611 2680 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
15:00:27.0663 2680 storvsp - ok
15:00:27.0672 2680 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll
15:00:27.0699 2680 svsvc - ok
15:00:27.0724 2680 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
15:00:27.0753 2680 swenum - ok
15:00:27.0769 2680 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll
15:00:27.0847 2680 swprv - ok
15:00:27.0904 2680 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll
15:00:27.0980 2680 SysMain - ok
15:00:28.0025 2680 [ F1DA8D3C4395E4B1D58D308A4B062B24 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:00:28.0075 2680 SystemEventsBroker - ok
15:00:28.0090 2680 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:00:28.0119 2680 TabletInputService - ok
15:00:28.0155 2680 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:00:28.0183 2680 TapiSrv - ok
15:00:28.0250 2680 [ AF6A8D27FCABFF85DDC1D4599582B4FE ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
15:00:28.0375 2680 Tcpip - ok
15:00:28.0413 2680 [ AF6A8D27FCABFF85DDC1D4599582B4FE ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:00:28.0488 2680 TCPIP6 - ok
15:00:28.0522 2680 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
15:00:28.0575 2680 tcpipreg - ok
15:00:28.0628 2680 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
15:00:28.0734 2680 tdx - ok
15:00:28.0752 2680 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
15:00:28.0805 2680 terminpt - ok
15:00:28.0830 2680 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll
15:00:28.0881 2680 TermService - ok
15:00:28.0937 2680 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll
15:00:29.0036 2680 Themes - ok
15:00:29.0070 2680 [ DBD28A7997CF7303E610989C565C9B29 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
15:00:29.0089 2680 THREADORDER - ok
15:00:29.0189 2680 [ 2A8B087AE47AC8486859CF479BB704C8 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
15:00:29.0255 2680 TimeBroker - ok
15:00:29.0352 2680 [ 151BD0387B1B320CC9AACE6DB071803B ] TPM C:\WINDOWS\system32\drivers\tpm.sys
15:00:29.0412 2680 TPM - ok
15:00:29.0488 2680 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll
15:00:29.0537 2680 TrkWks - ok
15:00:29.0627 2680 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:00:29.0657 2680 TrustedInstaller - ok
15:00:29.0739 2680 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
15:00:29.0816 2680 TsUsbFlt - ok
15:00:29.0878 2680 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:00:29.0912 2680 TsUsbGD - ok
15:00:30.0006 2680 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
15:00:30.0051 2680 tunnel - ok
15:00:30.0091 2680 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
15:00:30.0123 2680 uagp35 - ok
15:00:30.0138 2680 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
15:00:30.0171 2680 UASPStor - ok
15:00:30.0209 2680 [ AA48AEC5CEB2AA8ED1B1A5758B017F72 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
15:00:30.0258 2680 UCX01000 - ok
15:00:30.0308 2680 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
15:00:30.0402 2680 udfs - ok
15:00:30.0443 2680 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
15:00:30.0465 2680 UI0Detect - ok
15:00:30.0494 2680 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
15:00:30.0530 2680 uliagpkx - ok
15:00:30.0550 2680 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
15:00:30.0599 2680 umbus - ok
15:00:30.0623 2680 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
15:00:30.0650 2680 UmPass - ok
15:00:30.0698 2680 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
15:00:30.0735 2680 UmRdpService - ok
15:00:30.0786 2680 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll
15:00:30.0826 2680 upnphost - ok
15:00:30.0843 2680 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
15:00:30.0899 2680 usbccgp - ok
15:00:30.0913 2680 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
15:00:30.0961 2680 usbcir - ok
15:00:30.0984 2680 [ 742BAFBB51C5B7811098ADE8C7EF5534 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
15:00:31.0016 2680 usbehci - ok
15:00:31.0041 2680 [ 566A32B2054C8E5360DB7839F64D0F58 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
15:00:31.0102 2680 usbhub - ok
15:00:31.0134 2680 [ 12EAB6FB15B572D9C6D9FFC33F87EC3F ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
15:00:31.0197 2680 USBHUB3 - ok
15:00:31.0214 2680 [ F656F5D696A921DA67E98CF9C2BEDA20 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
15:00:31.0241 2680 usbohci - ok
15:00:31.0262 2680 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
15:00:31.0322 2680 usbprint - ok
15:00:31.0377 2680 [ E933ACBC0EC37E88E79EE98965578018 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:00:31.0436 2680 usbscan - ok
15:00:31.0461 2680 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:00:31.0515 2680 USBSTOR - ok
15:00:31.0543 2680 [ 1BBB5F562E80CF9E2F1587150FE3216E ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
15:00:31.0571 2680 usbuhci - ok
15:00:31.0601 2680 [ 8ABF3C3ED6BF5ED15DC947795FF6ACAC ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:00:31.0679 2680 USBXHCI - ok
15:00:31.0704 2680 [ 6E0E63801FBEF27995107B8269BCFAAD ] VaultSvc C:\WINDOWS\system32\lsass.exe
15:00:31.0720 2680 VaultSvc - ok
15:00:31.0742 2680 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
15:00:31.0758 2680 vdrvroot - ok
15:00:31.0806 2680 [ 728C2DEEE875D6968632638922D6A1D7 ] vds C:\WINDOWS\System32\vds.exe
15:00:31.0867 2680 vds - ok
15:00:31.0904 2680 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
15:00:31.0940 2680 VerifierExt - ok
15:00:32.0000 2680 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
15:00:32.0069 2680 vhdmp - ok
15:00:32.0082 2680 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys
15:00:32.0108 2680 viaide - ok
15:00:32.0146 2680 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
15:00:32.0193 2680 Vid - ok
15:00:32.0232 2680 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
15:00:32.0281 2680 vmbus - ok
15:00:32.0321 2680 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
15:00:32.0347 2680 VMBusHID - ok
15:00:32.0386 2680 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
15:00:32.0430 2680 vmbusr - ok
15:00:32.0480 2680 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
15:00:32.0569 2680 vmicheartbeat - ok
15:00:32.0579 2680 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:00:32.0599 2680 vmickvpexchange - ok
15:00:32.0608 2680 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
15:00:32.0628 2680 vmicrdv - ok
15:00:32.0637 2680 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
15:00:32.0656 2680 vmicshutdown - ok
15:00:32.0665 2680 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
15:00:32.0684 2680 vmictimesync - ok
15:00:32.0693 2680 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
15:00:32.0713 2680 vmicvss - ok
15:00:32.0738 2680 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
15:00:32.0775 2680 volmgr - ok
15:00:32.0849 2680 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
15:00:32.0876 2680 volmgrx - ok
15:00:32.0951 2680 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
15:00:32.0977 2680 volsnap - ok
15:00:32.0993 2680 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
15:00:33.0036 2680 vpci - ok
15:00:33.0050 2680 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
15:00:33.0082 2680 vpcivsp - ok
15:00:33.0121 2680 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
15:00:33.0213 2680 vsmraid - ok
15:00:33.0277 2680 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe
15:00:33.0399 2680 VSS - ok
15:00:33.0430 2680 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
15:00:33.0525 2680 VSTXRAID - ok
15:00:33.0548 2680 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
15:00:33.0592 2680 vwifibus - ok
15:00:33.0626 2680 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll
15:00:33.0667 2680 W32Time - ok
15:00:33.0794 2680 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
15:00:33.0824 2680 WacomPen - ok
15:00:33.0848 2680 [ B69492CBD928534160594A7B33602575 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:00:33.0915 2680 Wanarp - ok
15:00:33.0920 2680 [ B69492CBD928534160594A7B33602575 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:00:33.0941 2680 Wanarpv6 - ok
15:00:34.0033 2680 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe
15:00:34.0092 2680 wbengine - ok
15:00:34.0119 2680 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
15:00:34.0143 2680 WbioSrvc - ok
15:00:34.0171 2680 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
15:00:34.0194 2680 Wcmsvc - ok
15:00:34.0227 2680 [ 68C2831A05A339DA8462C6F45BFCB84C ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
15:00:34.0278 2680 wcncsvc - ok
15:00:34.0302 2680 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:00:34.0319 2680 WcsPlugInService - ok
15:00:34.0329 2680 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys
15:00:34.0367 2680 Wd - ok
15:00:34.0403 2680 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
15:00:34.0433 2680 WdBoot - ok
15:00:34.0471 2680 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
15:00:34.0521 2680 Wdf01000 - ok
15:00:34.0552 2680 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
15:00:34.0656 2680 WdFilter - ok
15:00:34.0695 2680 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
15:00:34.0738 2680 WdiServiceHost - ok
15:00:34.0746 2680 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
15:00:34.0781 2680 WdiSystemHost - ok
15:00:34.0817 2680 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:00:34.0861 2680 WebClient - ok
15:00:34.0888 2680 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
15:00:34.0912 2680 Wecsvc - ok
15:00:34.0923 2680 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
15:00:34.0955 2680 wercplsupport - ok
15:00:34.0985 2680 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
15:00:35.0048 2680 WerSvc - ok
15:00:35.0071 2680 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
15:00:35.0090 2680 WFPLWFS - ok
15:00:35.0111 2680 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
15:00:35.0129 2680 WiaRpc - ok
15:00:35.0159 2680 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
15:00:35.0198 2680 WIMMount - ok
15:00:35.0239 2680 WinDefend - ok
15:00:35.0281 2680 [ 1369928779943B5C7AABA263E6E2BBC1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:00:35.0316 2680 WinHttpAutoProxySvc - ok
15:00:35.0402 2680 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:00:35.0423 2680 Winmgmt - ok
15:00:35.0527 2680 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
15:00:35.0640 2680 WinRM - ok
15:00:35.0692 2680 [ CAC452B32656A0A51356912F4A9943CA ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
15:00:35.0758 2680 WlanSvc - ok
15:00:35.0814 2680 [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
15:00:35.0919 2680 wlidsvc - ok
15:00:35.0954 2680 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
15:00:35.0980 2680 WmiAcpi - ok
15:00:36.0016 2680 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:00:36.0036 2680 wmiApSrv - ok
15:00:36.0067 2680 WMPNetworkSvc - ok
15:00:36.0095 2680 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:00:36.0142 2680 wpcfltr - ok
15:00:36.0176 2680 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
15:00:36.0193 2680 WPCSvc - ok
15:00:36.0236 2680 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
15:00:36.0262 2680 WPDBusEnum - ok
15:00:36.0294 2680 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:00:36.0310 2680 WpdUpFltr - ok
15:00:36.0332 2680 [ 58D492F986EC519ECDD54D93618758F8 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:00:36.0366 2680 ws2ifsl - ok
15:00:36.0383 2680 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
15:00:36.0404 2680 wscsvc - ok
15:00:36.0412 2680 WSearch - ok
15:00:36.0493 2680 [ FEC16FE5EAC2D8CD4628B69667B90DE6 ] WSService C:\WINDOWS\System32\WSService.dll
15:00:36.0601 2680 WSService - ok
15:00:36.0698 2680 [ C80DB258C195ACBF86ED42B53554EB28 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
15:00:36.0803 2680 wuauserv - ok
15:00:36.0848 2680 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
15:00:36.0876 2680 WudfPf - ok
15:00:36.0896 2680 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
15:00:36.0915 2680 WUDFRd - ok
15:00:36.0927 2680 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:00:36.0955 2680 WUDFSensorLP - ok
15:00:36.0968 2680 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
15:00:37.0014 2680 wudfsvc - ok
15:00:37.0039 2680 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:00:37.0057 2680 WUDFWpdFs - ok
15:00:37.0092 2680 [ 9FE55B90B1778C4FE351ECD1AEFD8AAF ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
15:00:37.0140 2680 WwanSvc - ok
15:00:37.0189 2680 [ B1EAA8B6E1A6FDB97546DB0AF89A7803 ] yukonw8 C:\WINDOWS\system32\DRIVERS\yk63x64.sys
15:00:37.0260 2680 yukonw8 - ok
15:00:37.0272 2680 ================ Scan global ===============================
15:00:37.0340 2680 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
15:00:37.0402 2680 [ B36597EF454D4FEA2F11429A9A1424BD ] C:\WINDOWS\system32\winsrv.dll
15:00:37.0448 2680 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
15:00:37.0489 2680 [ 754A2CC1F32107EA87CBD305ABE3E618 ] C:\WINDOWS\system32\services.exe
15:00:37.0495 2680 [Global] - ok
15:00:37.0496 2680 ================ Scan MBR ==================================
15:00:37.0505 2680 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:00:37.0825 2680 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:00:37.0825 2680 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:00:37.0833 2680 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:00:38.0295 2680 \Device\Harddisk1\DR1 - ok
15:00:38.0296 2680 ================ Scan VBR ==================================
15:00:38.0303 2680 [ CB409A681EC55B8ED22743DA105ABB6F ] \Device\Harddisk0\DR0\Partition1
15:00:38.0306 2680 \Device\Harddisk0\DR0\Partition1 - ok
15:00:38.0317 2680 [ 28C0BBF2023CCE319959F0B99FDE8F0F ] \Device\Harddisk0\DR0\Partition2
15:00:38.0320 2680 \Device\Harddisk0\DR0\Partition2 - ok
15:00:38.0352 2680 [ 6002EE8E8D6828A15994434B68194ED6 ] \Device\Harddisk1\DR1\Partition1
15:00:38.0355 2680 \Device\Harddisk1\DR1\Partition1 - ok
15:00:38.0356 2680 ============================================================
15:00:38.0356 2680 Scan finished
15:00:38.0356 2680 ============================================================
15:00:38.0378 0816 Detected object count: 1
15:00:38.0378 0816 Actual detected object count: 1
15:11:16.0390 0816 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
15:11:16.0400 0816 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
15:11:16.0409 0816 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
15:11:16.0415 0816 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
15:11:16.0426 0816 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
15:11:16.0484 0816 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
15:11:16.0542 0816 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
15:11:16.0581 0816 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
15:11:16.0614 0816 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
15:11:16.0662 0816 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
15:11:16.0686 0816 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
15:11:16.0696 0816 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
15:11:16.0727 0816 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
15:11:16.0731 0816 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
15:11:16.0736 0816 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
15:11:16.0741 0816 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
15:11:16.0747 0816 \Device\Harddisk0\DR0\TDLFS\bbr32 - copied to quarantine
15:11:16.0795 0816 \Device\Harddisk0\DR0\TDLFS\serf32 - copied to quarantine
15:11:16.0868 0816 \Device\Harddisk0\DR0\TDLFS\ldr_facedll32 - copied to quarantine
15:11:16.0919 0816 \Device\Harddisk0\DR0\TDLFS\ldr_facedll64 - copied to quarantine
15:11:16.0968 0816 \Device\Harddisk0\DR0\TDLFS\bbr64 - copied to quarantine
15:11:17.0067 0816 \Device\Harddisk0\DR0\TDLFS\serf64 - copied to quarantine
15:11:17.0145 0816 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
15:11:17.0154 0816 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
15:11:17.0160 0816 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
15:11:22.0823 1568 Deinitialize success

#8 scomatt9

scomatt9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 12 January 2013 - 01:59 PM

Also...Just in case you wanted the NEW TDS Killer log (that didn't report any threats)

09:18:50.0612 5116 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:18:51.0239 5116 ============================================================
09:18:51.0239 5116 Current date / time: 2013/01/12 09:18:51.0239
09:18:51.0239 5116 SystemInfo:
09:18:51.0239 5116
09:18:51.0239 5116 OS Version: 6.2.9200 ServicePack: 0.0
09:18:51.0239 5116 Product type: Workstation
09:18:51.0239 5116 ComputerName: MATTHEW-PC
09:18:51.0239 5116 UserName: Matthew
09:18:51.0239 5116 Windows directory: C:\WINDOWS
09:18:51.0239 5116 System windows directory: C:\WINDOWS
09:18:51.0240 5116 Running under WOW64
09:18:51.0240 5116 Processor architecture: Intel x64
09:18:51.0240 5116 Number of processors: 4
09:18:51.0240 5116 Page size: 0x1000
09:18:51.0240 5116 Boot type: Normal boot
09:18:51.0240 5116 ============================================================
09:18:52.0470 5116 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:18:58.0139 5116 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:18:58.0344 5116 ============================================================
09:18:58.0344 5116 \Device\Harddisk0\DR0:
09:18:58.0365 5116 MBR partitions:
09:18:58.0366 5116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
09:18:58.0366 5116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1389000, BlocksNum 0x494CE800
09:18:58.0366 5116 \Device\Harddisk1\DR1:
09:18:58.0403 5116 MBR partitions:
09:18:58.0403 5116 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
09:18:58.0403 5116 ============================================================
09:18:58.0437 5116 C: <-> \Device\Harddisk0\DR0\Partition2
09:18:58.0474 5116 D: <-> \Device\Harddisk1\DR1\Partition1
09:18:58.0474 5116 ============================================================
09:18:58.0474 5116 Initialize success
09:18:58.0474 5116 ============================================================
09:19:06.0401 1608 ============================================================
09:19:06.0401 1608 Scan started
09:19:06.0401 1608 Mode: Manual;
09:19:06.0401 1608 ============================================================
09:19:06.0735 1608 ================ Scan system memory ========================
09:19:06.0735 1608 System memory - ok
09:19:06.0742 1608 ================ Scan services =============================
09:19:06.0870 1608 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
09:19:06.0876 1608 1394ohci - ok
09:19:06.0905 1608 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
09:19:06.0908 1608 3ware - ok
09:19:06.0930 1608 [ A3BDA4D1186C8F47FA1BC8E91F197537 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
09:19:06.0938 1608 ACPI - ok
09:19:06.0968 1608 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
09:19:06.0969 1608 acpiex - ok
09:19:06.0987 1608 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
09:19:06.0988 1608 acpipagr - ok
09:19:07.0017 1608 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
09:19:07.0019 1608 AcpiPmi - ok
09:19:07.0043 1608 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
09:19:07.0045 1608 acpitime - ok
09:19:07.0081 1608 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
09:19:07.0098 1608 adp94xx - ok
09:19:07.0121 1608 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
09:19:07.0138 1608 adpahci - ok
09:19:07.0176 1608 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
09:19:07.0181 1608 adpu320 - ok
09:19:07.0221 1608 [ AB34A3211A1D2AB977DE00CD7BC5A464 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
09:19:07.0224 1608 AeLookupSvc - ok
09:19:07.0266 1608 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys
09:19:07.0327 1608 AFD - ok
09:19:07.0371 1608 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\agrsm64.sys
09:19:07.0399 1608 AgereSoftModem - ok
09:19:07.0428 1608 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
09:19:07.0430 1608 agp440 - ok
09:19:07.0453 1608 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe
09:19:07.0455 1608 ALG - ok
09:19:07.0493 1608 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
09:19:07.0497 1608 AllUserInstallAgent - ok
09:19:07.0526 1608 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
09:19:07.0551 1608 AmdK8 - ok
09:19:07.0796 1608 [ 8DC532B5BF820E48194C6AFC8862FCBC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
09:19:07.0995 1608 amdkmdag - ok
09:19:08.0010 1608 [ AA48FEABA50C2DED9C485DFDBA044E40 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
09:19:08.0015 1608 amdkmdap - ok
09:19:08.0035 1608 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
09:19:08.0051 1608 AmdPPM - ok
09:19:08.0071 1608 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
09:19:08.0074 1608 amdsata - ok
09:19:08.0109 1608 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
09:19:08.0115 1608 amdsbs - ok
09:19:08.0124 1608 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
09:19:08.0125 1608 amdxata - ok
09:19:08.0165 1608 [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb C:\WINDOWS\System32\Drivers\androidusb.sys
09:19:08.0183 1608 androidusb - ok
09:19:08.0212 1608 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys
09:19:08.0214 1608 AppID - ok
09:19:08.0240 1608 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
09:19:08.0242 1608 AppIDSvc - ok
09:19:08.0268 1608 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\WINDOWS\System32\appinfo.dll
09:19:08.0270 1608 Appinfo - ok
09:19:08.0342 1608 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:19:08.0345 1608 Apple Mobile Device - ok
09:19:08.0378 1608 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:19:08.0383 1608 AppMgmt - ok
09:19:08.0410 1608 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys
09:19:08.0413 1608 arc - ok
09:19:08.0428 1608 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
09:19:08.0431 1608 arcsas - ok
09:19:08.0445 1608 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:19:08.0446 1608 AsyncMac - ok
09:19:08.0470 1608 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
09:19:08.0471 1608 atapi - ok
09:19:08.0569 1608 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:19:08.0627 1608 AudioEndpointBuilder - ok
09:19:08.0671 1608 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
09:19:08.0756 1608 Audiosrv - ok
09:19:08.0792 1608 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
09:19:08.0795 1608 AxInstSV - ok
09:19:08.0829 1608 [ 45C6EC94DE3D466B4B452EA0E3870321 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
09:19:08.0846 1608 b06bdrv - ok
09:19:08.0863 1608 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:19:08.0865 1608 BasicDisplay - ok
09:19:08.0893 1608 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
09:19:08.0895 1608 BasicRender - ok
09:19:08.0934 1608 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
09:19:08.0999 1608 BDESVC - ok
09:19:09.0026 1608 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:19:09.0028 1608 Beep - ok
09:19:09.0073 1608 [ 7253B5371136DAF5D38AFB2C42D2B78F ] BFE C:\WINDOWS\System32\bfe.dll
09:19:09.0141 1608 BFE - ok
09:19:09.0177 1608 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll
09:19:09.0192 1608 BITS - ok
09:19:09.0274 1608 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:19:09.0292 1608 Bonjour Service - ok
09:19:09.0303 1608 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
09:19:09.0306 1608 bowser - ok
09:19:09.0347 1608 [ 88F6F0E54F37F99FE7D5513B7623E444 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:19:09.0352 1608 BrokerInfrastructure - ok
09:19:09.0385 1608 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll
09:19:09.0389 1608 Browser - ok
09:19:09.0423 1608 [ 351075A2ADDF86F5C4BA10CA27E8973D ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:19:09.0425 1608 BthAvrcpTg - ok
09:19:09.0437 1608 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
09:19:09.0439 1608 BthHFEnum - ok
09:19:09.0450 1608 [ 531D83EA26C5FFAA79F0A1DC3B0698CF ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
09:19:09.0451 1608 bthhfhid - ok
09:19:09.0472 1608 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
09:19:09.0475 1608 BTHMODEM - ok
09:19:09.0515 1608 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll
09:19:09.0519 1608 bthserv - ok
09:19:09.0540 1608 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:19:09.0543 1608 cdfs - ok
09:19:09.0571 1608 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
09:19:09.0575 1608 cdrom - ok
09:19:09.0604 1608 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
09:19:09.0609 1608 CertPropSvc - ok
09:19:09.0636 1608 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
09:19:09.0638 1608 circlass - ok
09:19:09.0667 1608 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
09:19:09.0684 1608 CLFS - ok
09:19:09.0724 1608 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
09:19:09.0726 1608 CmBatt - ok
09:19:09.0765 1608 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
09:19:09.0783 1608 CNG - ok
09:19:09.0810 1608 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
09:19:09.0828 1608 CompositeBus - ok
09:19:09.0839 1608 COMSysApp - ok
09:19:09.0857 1608 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys
09:19:09.0859 1608 condrv - ok
09:19:09.0892 1608 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
09:19:09.0896 1608 CryptSvc - ok
09:19:09.0931 1608 [ FFDF18821C031B39E15F35BAB0185840 ] CSC C:\WINDOWS\system32\drivers\csc.sys
09:19:09.0949 1608 CSC - ok
09:19:09.0987 1608 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll
09:19:10.0013 1608 CscService - ok
09:19:10.0035 1608 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys
09:19:10.0038 1608 dam - ok
09:19:10.0087 1608 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:19:10.0105 1608 DcomLaunch - ok
09:19:10.0142 1608 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
09:19:10.0149 1608 defragsvc - ok
09:19:10.0182 1608 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:19:10.0187 1608 DeviceAssociationService - ok
09:19:10.0221 1608 [ D7A3877D9E126E21925DA873677C1D65 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
09:19:10.0225 1608 DeviceInstall - ok
09:19:10.0251 1608 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
09:19:10.0252 1608 Dfsc - ok
09:19:10.0286 1608 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
09:19:10.0353 1608 Dhcp - ok
09:19:10.0360 1608 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys
09:19:10.0362 1608 discache - ok
09:19:10.0402 1608 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys
09:19:10.0404 1608 disk - ok
09:19:10.0430 1608 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
09:19:10.0431 1608 dmvsc - ok
09:19:10.0443 1608 [ 9ACE7E657107EB51E5E89FD883F2FD2D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:19:10.0449 1608 Dnscache - ok
09:19:10.0484 1608 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
09:19:10.0492 1608 dot3svc - ok
09:19:10.0556 1608 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll
09:19:10.0562 1608 DPS - ok
09:19:10.0593 1608 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:19:10.0606 1608 drmkaud - ok
09:19:10.0639 1608 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
09:19:10.0647 1608 DsmSvc - ok
09:19:10.0681 1608 [ C58425E4F1E115BB271FBF3FC348AB11 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:19:10.0707 1608 DXGKrnl - ok
09:19:10.0728 1608 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
09:19:10.0731 1608 Eaphost - ok
09:19:10.0818 1608 [ C815C4FAE6A816DFB58975F3D0396692 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
09:19:10.0876 1608 ebdrv - ok
09:19:10.0902 1608 [ 6E0E63801FBEF27995107B8269BCFAAD ] EFS C:\WINDOWS\System32\lsass.exe
09:19:10.0904 1608 EFS - ok
09:19:10.0936 1608 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
09:19:10.0937 1608 EhStorClass - ok
09:19:10.0953 1608 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:19:10.0955 1608 EhStorTcgDrv - ok
09:19:10.0983 1608 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
09:19:10.0984 1608 ErrDev - ok
09:19:11.0024 1608 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll
09:19:11.0042 1608 EventSystem - ok
09:19:11.0086 1608 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
09:19:11.0091 1608 exfat - ok
09:19:11.0121 1608 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
09:19:11.0126 1608 fastfat - ok
09:19:11.0167 1608 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe
09:19:11.0184 1608 Fax - ok
09:19:11.0221 1608 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
09:19:11.0222 1608 fdc - ok
09:19:11.0244 1608 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
09:19:11.0246 1608 fdPHost - ok
09:19:11.0271 1608 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll
09:19:11.0273 1608 FDResPub - ok
09:19:11.0303 1608 [ DFC2156EEC9E0CBC4F8311983567E3AA ] fhsvc C:\WINDOWS\system32\fhsvc.dll
09:19:11.0305 1608 fhsvc - ok
09:19:11.0341 1608 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
09:19:11.0342 1608 FileInfo - ok
09:19:11.0372 1608 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
09:19:11.0374 1608 Filetrace - ok
09:19:11.0389 1608 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
09:19:11.0391 1608 flpydisk - ok
09:19:11.0418 1608 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:19:11.0435 1608 FltMgr - ok
09:19:11.0492 1608 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll
09:19:11.0553 1608 FontCache - ok
09:19:11.0565 1608 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
09:19:11.0567 1608 FsDepends - ok
09:19:11.0595 1608 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:19:11.0596 1608 Fs_Rec - ok
09:19:11.0620 1608 [ 79E687A2829B9EBDF488F78260651094 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:19:11.0636 1608 fvevol - ok
09:19:11.0659 1608 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
09:19:11.0674 1608 FxPPM - ok
09:19:11.0691 1608 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
09:19:11.0693 1608 gagp30kx - ok
09:19:11.0722 1608 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
09:19:11.0723 1608 GEARAspiWDM - ok
09:19:11.0752 1608 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
09:19:11.0754 1608 gencounter - ok
09:19:11.0773 1608 [ A1F17108F3ED752D2614D767792327C5 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:19:11.0776 1608 GPIOClx0101 - ok
09:19:11.0834 1608 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
09:19:11.0870 1608 gpsvc - ok
09:19:11.0920 1608 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:19:11.0923 1608 gupdate - ok
09:19:11.0933 1608 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:19:11.0935 1608 gupdatem - ok
09:19:11.0968 1608 [ 9FC1F11D4D19F61DFE5CC878B4557D3A ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
09:19:12.0015 1608 HdAudAddService - ok
09:19:12.0048 1608 [ 8D6810577E9C4F56DCB8E9BACAC7287B ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
09:19:12.0050 1608 HDAudBus - ok
09:19:12.0065 1608 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
09:19:12.0066 1608 HidBatt - ok
09:19:12.0084 1608 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
09:19:12.0086 1608 HidBth - ok
09:19:12.0109 1608 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
09:19:12.0124 1608 hidi2c - ok
09:19:12.0136 1608 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
09:19:12.0138 1608 HidIr - ok
09:19:12.0161 1608 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll
09:19:12.0163 1608 hidserv - ok
09:19:12.0182 1608 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
09:19:12.0200 1608 HidUsb - ok
09:19:12.0226 1608 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
09:19:12.0229 1608 hkmsvc - ok
09:19:12.0266 1608 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:19:12.0308 1608 HomeGroupListener - ok
09:19:12.0336 1608 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:19:12.0353 1608 HomeGroupProvider - ok
09:19:12.0388 1608 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
09:19:12.0390 1608 HpSAMD - ok
09:19:12.0438 1608 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
09:19:12.0516 1608 HTTP - ok
09:19:12.0531 1608 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
09:19:12.0569 1608 hwpolicy - ok
09:19:12.0605 1608 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
09:19:12.0607 1608 hyperkbd - ok
09:19:12.0626 1608 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
09:19:12.0627 1608 HyperVideo - ok
09:19:12.0652 1608 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
09:19:12.0655 1608 i8042prt - ok
09:19:12.0684 1608 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
09:19:12.0701 1608 iaStorV - ok
09:19:12.0727 1608 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
09:19:12.0730 1608 iirsp - ok
09:19:12.0779 1608 [ A8FE84361B11953F651DFDF1B9A36F88 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
09:19:12.0883 1608 IKEEXT - ok
09:19:12.0907 1608 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
09:19:12.0908 1608 intelide - ok
09:19:12.0924 1608 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
09:19:12.0941 1608 intelppm - ok
09:19:12.0958 1608 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:19:12.0960 1608 IpFilterDriver - ok
09:19:13.0000 1608 [ CAC5202757EF68C4849B0DFFA75F6D3C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
09:19:13.0017 1608 iphlpsvc - ok
09:19:13.0038 1608 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:19:13.0040 1608 IPMIDRV - ok
09:19:13.0060 1608 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
09:19:13.0063 1608 IPNAT - ok
09:19:13.0097 1608 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:19:13.0114 1608 iPod Service - ok
09:19:13.0121 1608 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
09:19:13.0123 1608 IRENUM - ok
09:19:13.0165 1608 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
09:19:13.0166 1608 isapnp - ok
09:19:13.0204 1608 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
09:19:13.0212 1608 iScsiPrt - ok
09:19:13.0234 1608 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
09:19:13.0237 1608 kbdclass - ok
09:19:13.0261 1608 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
09:19:13.0263 1608 kbdhid - ok
09:19:13.0296 1608 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
09:19:13.0298 1608 kdnic - ok
09:19:13.0311 1608 [ 6E0E63801FBEF27995107B8269BCFAAD ] KeyIso C:\WINDOWS\system32\lsass.exe
09:19:13.0315 1608 KeyIso - ok
09:19:13.0336 1608 [ A4751040DB14E30E61A4E47481C77274 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
09:19:13.0339 1608 KSecDD - ok
09:19:13.0373 1608 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:19:13.0377 1608 KSecPkg - ok
09:19:13.0392 1608 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
09:19:13.0394 1608 ksthunk - ok
09:19:13.0444 1608 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
09:19:13.0493 1608 KtmRm - ok
09:19:13.0530 1608 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
09:19:13.0548 1608 LanmanServer - ok
09:19:13.0570 1608 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:19:13.0588 1608 LanmanWorkstation - ok
09:19:13.0614 1608 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
09:19:13.0617 1608 lltdio - ok
09:19:13.0655 1608 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
09:19:13.0672 1608 lltdsvc - ok
09:19:13.0706 1608 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
09:19:13.0710 1608 lmhosts - ok
09:19:13.0733 1608 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
09:19:13.0736 1608 LSI_SAS - ok
09:19:13.0767 1608 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
09:19:13.0770 1608 LSI_SAS2 - ok
09:19:13.0789 1608 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
09:19:13.0792 1608 LSI_SCSI - ok
09:19:13.0815 1608 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
09:19:13.0818 1608 LSI_SSS - ok
09:19:13.0862 1608 [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM C:\WINDOWS\System32\lsm.dll
09:19:13.0880 1608 LSM - ok
09:19:13.0917 1608 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
09:19:13.0920 1608 luafv - ok
09:19:13.0931 1608 lxbx_device - ok
09:19:13.0946 1608 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
09:19:13.0948 1608 megasas - ok
09:19:13.0972 1608 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
09:19:13.0977 1608 MegaSR - ok
09:19:14.0010 1608 [ DBD28A7997CF7303E610989C565C9B29 ] MMCSS C:\WINDOWS\system32\mmcss.dll
09:19:14.0013 1608 MMCSS - ok
09:19:14.0028 1608 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys
09:19:14.0030 1608 Modem - ok
09:19:14.0072 1608 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
09:19:14.0074 1608 monitor - ok
09:19:14.0187 1608 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
09:19:14.0193 1608 mouclass - ok
09:19:14.0207 1608 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
09:19:14.0209 1608 mouhid - ok
09:19:14.0225 1608 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
09:19:14.0228 1608 mountmgr - ok
09:19:14.0261 1608 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
09:19:14.0286 1608 mpsdrv - ok
09:19:14.0327 1608 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
09:19:14.0386 1608 MpsSvc - ok
09:19:14.0408 1608 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
09:19:14.0410 1608 MRxDAV - ok
09:19:14.0441 1608 [ 877D60D6E4156EC4A2E0B6871D41BED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:19:14.0445 1608 mrxsmb - ok
09:19:14.0462 1608 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:19:14.0466 1608 mrxsmb10 - ok
09:19:14.0495 1608 [ E078446D4B8622AA6030C7B8A1A08962 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:19:14.0498 1608 mrxsmb20 - ok
09:19:14.0521 1608 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
09:19:14.0523 1608 MsBridge - ok
09:19:14.0555 1608 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:19:14.0560 1608 MSDTC - ok
09:19:14.0580 1608 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:19:14.0581 1608 Msfs - ok
09:19:14.0615 1608 [ 62435ABF8D6199659D451DFBC94E773C ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:19:14.0617 1608 msgpiowin32 - ok
09:19:14.0647 1608 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:19:14.0648 1608 mshidkmdf - ok
09:19:14.0665 1608 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
09:19:14.0667 1608 mshidumdf - ok
09:19:14.0694 1608 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
09:19:14.0695 1608 msisadrv - ok
09:19:14.0724 1608 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
09:19:14.0730 1608 MSiSCSI - ok
09:19:14.0736 1608 msiserver - ok
09:19:14.0759 1608 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:19:14.0761 1608 MSKSSRV - ok
09:19:14.0783 1608 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
09:19:14.0786 1608 MsLldp - ok
09:19:14.0803 1608 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:19:14.0804 1608 MSPCLOCK - ok
09:19:14.0823 1608 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:19:14.0825 1608 MSPQM - ok
09:19:14.0862 1608 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
09:19:14.0880 1608 MsRPC - ok
09:19:14.0895 1608 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
09:19:14.0897 1608 mssmbios - ok
09:19:14.0917 1608 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:19:14.0919 1608 MSTEE - ok
09:19:14.0928 1608 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
09:19:14.0929 1608 MTConfig - ok
09:19:14.0952 1608 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
09:19:14.0953 1608 Mup - ok
09:19:14.0970 1608 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
09:19:14.0971 1608 mvumis - ok
09:19:15.0018 1608 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll
09:19:15.0035 1608 napagent - ok
09:19:15.0065 1608 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:19:15.0073 1608 NativeWifiP - ok
09:19:15.0097 1608 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
09:19:15.0101 1608 NcaSvc - ok
09:19:15.0130 1608 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
09:19:15.0133 1608 NcdAutoSetup - ok
09:19:15.0183 1608 [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
09:19:15.0209 1608 NDIS - ok
09:19:15.0227 1608 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
09:19:15.0229 1608 NdisCap - ok
09:19:15.0247 1608 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
09:19:15.0250 1608 NdisImPlatform - ok
09:19:15.0270 1608 [ 8757D4A9701F9F4B59978839F46C32A7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:19:15.0272 1608 NdisTapi - ok
09:19:15.0299 1608 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:19:15.0301 1608 Ndisuio - ok
09:19:15.0325 1608 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:19:15.0330 1608 NdisWan - ok
09:19:15.0350 1608 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:19:15.0353 1608 NDISWANLEGACY - ok
09:19:15.0381 1608 [ FC891984160AAD8D3F047888C6BF1467 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:19:15.0384 1608 NDProxy - ok
09:19:15.0448 1608 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
09:19:15.0451 1608 Ndu - ok
09:19:15.0467 1608 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:19:15.0469 1608 NetBIOS - ok
09:19:15.0488 1608 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:19:15.0505 1608 NetBT - ok
09:19:15.0519 1608 [ 6E0E63801FBEF27995107B8269BCFAAD ] Netlogon C:\WINDOWS\system32\lsass.exe
09:19:15.0523 1608 Netlogon - ok
09:19:15.0556 1608 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll
09:19:15.0573 1608 Netman - ok
09:19:15.0612 1608 [ 20F6FD63E6D456114BC8056D62792786 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
09:19:15.0629 1608 netprofm - ok
09:19:15.0707 1608 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:19:15.0711 1608 NetTcpPortSharing - ok
09:19:15.0744 1608 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
09:19:15.0745 1608 nfrd960 - ok
09:19:15.0772 1608 [ 05B42A91867DA3FF71C59747DC785996 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
09:19:15.0783 1608 NlaSvc - ok
09:19:15.0797 1608 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:19:15.0798 1608 Npfs - ok
09:19:15.0821 1608 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
09:19:15.0822 1608 npsvctrig - ok
09:19:15.0837 1608 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll
09:19:15.0840 1608 nsi - ok
09:19:15.0846 1608 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
09:19:15.0847 1608 nsiproxy - ok
09:19:15.0908 1608 [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:19:15.0943 1608 Ntfs - ok
09:19:15.0960 1608 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys
09:19:15.0961 1608 Null - ok
09:19:15.0989 1608 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
09:19:15.0992 1608 nvraid - ok
09:19:16.0023 1608 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
09:19:16.0026 1608 nvstor - ok
09:19:16.0057 1608 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
09:19:16.0061 1608 nv_agp - ok
09:19:16.0087 1608 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
09:19:16.0105 1608 p2pimsvc - ok
09:19:16.0141 1608 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
09:19:16.0158 1608 p2psvc - ok
09:19:16.0176 1608 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys
09:19:16.0179 1608 Parport - ok
09:19:16.0192 1608 [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
09:19:16.0194 1608 partmgr - ok
09:19:16.0228 1608 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
09:19:16.0235 1608 PcaSvc - ok
09:19:16.0254 1608 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys
09:19:16.0257 1608 pci - ok
09:19:16.0265 1608 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
09:19:16.0266 1608 pciide - ok
09:19:16.0286 1608 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
09:19:16.0289 1608 pcmcia - ok
09:19:16.0307 1608 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
09:19:16.0308 1608 pcw - ok
09:19:16.0332 1608 [ EF9B4F3136B4C45F421ADE6871659FB6 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
09:19:16.0334 1608 pdc - ok
09:19:16.0360 1608 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
09:19:16.0382 1608 PEAUTH - ok
09:19:16.0451 1608 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
09:19:16.0512 1608 PeerDistSvc - ok
09:19:16.0584 1608 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
09:19:16.0588 1608 PerfHost - ok
09:19:16.0673 1608 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll
09:19:16.0751 1608 pla - ok
09:19:16.0788 1608 [ D7A3877D9E126E21925DA873677C1D65 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
09:19:16.0795 1608 PlugPlay - ok
09:19:16.0837 1608 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
09:19:16.0840 1608 PNRPAutoReg - ok
09:19:16.0879 1608 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
09:19:16.0887 1608 PNRPsvc - ok
09:19:16.0921 1608 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
09:19:16.0939 1608 PolicyAgent - ok
09:19:16.0976 1608 [ AAD0C7235F804728373026EEFFDBCA6C ] Power C:\WINDOWS\system32\umpo.dll
09:19:16.0980 1608 Power - ok
09:19:17.0016 1608 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:19:17.0018 1608 PptpMiniport - ok
09:19:17.0138 1608 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
09:19:17.0326 1608 PrintNotify - ok
09:19:17.0345 1608 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys
09:19:17.0361 1608 Processor - ok
09:19:17.0381 1608 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll
09:19:17.0386 1608 ProfSvc - ok
09:19:17.0411 1608 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
09:19:17.0414 1608 Psched - ok
09:19:17.0447 1608 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll
09:19:17.0453 1608 QWAVE - ok
09:19:17.0465 1608 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
09:19:17.0467 1608 QWAVEdrv - ok
09:19:17.0487 1608 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:19:17.0489 1608 RasAcd - ok
09:19:17.0508 1608 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
09:19:17.0510 1608 RasAgileVpn - ok
09:19:17.0531 1608 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:19:17.0538 1608 RasAuto - ok
09:19:17.0558 1608 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:19:17.0561 1608 Rasl2tp - ok
09:19:17.0591 1608 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:19:17.0608 1608 RasMan - ok
09:19:17.0641 1608 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:19:17.0644 1608 RasPppoe - ok
09:19:17.0652 1608 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
09:19:17.0655 1608 RasSstp - ok
09:19:17.0694 1608 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:19:17.0711 1608 rdbss - ok
09:19:17.0735 1608 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
09:19:17.0737 1608 rdpbus - ok
09:19:17.0765 1608 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
09:19:17.0770 1608 RDPDR - ok
09:19:17.0811 1608 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:19:17.0813 1608 RdpVideoMiniport - ok
09:19:17.0849 1608 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:19:17.0854 1608 RDPWD - ok
09:19:17.0868 1608 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
09:19:17.0873 1608 rdyboost - ok
09:19:17.0901 1608 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:19:17.0906 1608 RemoteAccess - ok
09:19:17.0925 1608 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:19:17.0942 1608 RemoteRegistry - ok
09:19:17.0968 1608 [ 381E606B90F32E501D1E2C852D211AB9 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
09:19:17.0974 1608 RpcEptMapper - ok
09:19:18.0003 1608 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe
09:19:18.0007 1608 RpcLocator - ok
09:19:18.0058 1608 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:19:18.0073 1608 RpcSs - ok
09:19:18.0088 1608 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
09:19:18.0090 1608 rspndr - ok
09:19:18.0108 1608 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
09:19:18.0109 1608 s3cap - ok
09:19:18.0127 1608 [ 6E0E63801FBEF27995107B8269BCFAAD ] SamSs C:\WINDOWS\system32\lsass.exe
09:19:18.0129 1608 SamSs - ok
09:19:18.0151 1608 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
09:19:18.0154 1608 sbp2port - ok
09:19:18.0190 1608 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
09:19:18.0195 1608 SCardSvr - ok
09:19:18.0220 1608 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:19:18.0221 1608 scfilter - ok
09:19:18.0272 1608 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:19:18.0307 1608 Schedule - ok
09:19:18.0336 1608 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
09:19:18.0338 1608 SCPolicySvc - ok
09:19:18.0374 1608 [ AAAB993BDFA5C0D1CB505E16E4D7B4A2 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
09:19:18.0379 1608 sdbus - ok
09:19:18.0402 1608 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
09:19:18.0409 1608 SDRSVC - ok
09:19:18.0424 1608 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
09:19:18.0427 1608 sdstor - ok
09:19:18.0448 1608 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
09:19:18.0449 1608 secdrv - ok
09:19:18.0474 1608 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll
09:19:18.0477 1608 seclogon - ok
09:19:18.0507 1608 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll
09:19:18.0513 1608 SENS - ok
09:19:18.0533 1608 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
09:19:18.0541 1608 SensrSvc - ok
09:19:18.0561 1608 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
09:19:18.0563 1608 SerCx - ok
09:19:18.0588 1608 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
09:19:18.0590 1608 Serenum - ok
09:19:18.0619 1608 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys
09:19:18.0622 1608 Serial - ok
09:19:18.0637 1608 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
09:19:18.0639 1608 sermouse - ok
09:19:18.0680 1608 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll
09:19:18.0697 1608 SessionEnv - ok
09:19:18.0718 1608 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
09:19:18.0720 1608 sfloppy - ok
09:19:18.0757 1608 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:19:18.0775 1608 SharedAccess - ok
09:19:18.0824 1608 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:19:18.0849 1608 ShellHWDetection - ok
09:19:18.0875 1608 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:19:18.0877 1608 SiSRaid2 - ok
09:19:18.0896 1608 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
09:19:18.0898 1608 SiSRaid4 - ok
09:19:18.0929 1608 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
09:19:18.0932 1608 SNMPTRAP - ok
09:19:18.0969 1608 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
09:19:18.0977 1608 spaceport - ok
09:19:18.0994 1608 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
09:19:18.0996 1608 SpbCx - ok
09:19:19.0044 1608 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe
09:19:19.0071 1608 Spooler - ok
09:19:19.0197 1608 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe
09:19:19.0293 1608 sppsvc - ok
09:19:19.0317 1608 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:19:19.0325 1608 srv - ok
09:19:19.0361 1608 [ C2106BB710AA34A046126AED7BCA6964 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
09:19:19.0378 1608 srv2 - ok
09:19:19.0396 1608 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:19:19.0400 1608 srvnet - ok
09:19:19.0431 1608 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:19:19.0437 1608 SSDPSRV - ok
09:19:19.0450 1608 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
09:19:19.0454 1608 SstpSvc - ok
09:19:19.0490 1608 Steam Client Service - ok
09:19:19.0505 1608 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
09:19:19.0506 1608 stexstor - ok
09:19:19.0538 1608 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll
09:19:19.0555 1608 stisvc - ok
09:19:19.0577 1608 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
09:19:19.0579 1608 storahci - ok
09:19:19.0592 1608 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
09:19:19.0594 1608 storflt - ok
09:19:19.0616 1608 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll
09:19:19.0619 1608 StorSvc - ok
09:19:19.0644 1608 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
09:19:19.0646 1608 storvsc - ok
09:19:19.0664 1608 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
09:19:19.0667 1608 storvsp - ok
09:19:19.0681 1608 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll
09:19:19.0686 1608 svsvc - ok
09:19:19.0705 1608 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
09:19:19.0706 1608 swenum - ok
09:19:19.0744 1608 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll
09:19:19.0759 1608 swprv - ok
09:19:19.0800 1608 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll
09:19:19.0826 1608 SysMain - ok
09:19:19.0863 1608 [ F1DA8D3C4395E4B1D58D308A4B062B24 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:19:19.0868 1608 SystemEventsBroker - ok
09:19:19.0893 1608 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:19:19.0896 1608 TabletInputService - ok
09:19:19.0935 1608 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:19:19.0952 1608 TapiSrv - ok
09:19:20.0100 1608 [ AF6A8D27FCABFF85DDC1D4599582B4FE ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
09:19:20.0159 1608 Tcpip - ok
09:19:20.0200 1608 [ AF6A8D27FCABFF85DDC1D4599582B4FE ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:19:20.0217 1608 TCPIP6 - ok
09:19:20.0237 1608 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
09:19:20.0238 1608 tcpipreg - ok
09:19:20.0258 1608 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
09:19:20.0260 1608 tdx - ok
09:19:20.0291 1608 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
09:19:20.0293 1608 terminpt - ok
09:19:20.0324 1608 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll
09:19:20.0339 1608 TermService - ok
09:19:20.0364 1608 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll
09:19:20.0368 1608 Themes - ok
09:19:20.0384 1608 [ DBD28A7997CF7303E610989C565C9B29 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
09:19:20.0386 1608 THREADORDER - ok
09:19:20.0403 1608 [ 2A8B087AE47AC8486859CF479BB704C8 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
09:19:20.0408 1608 TimeBroker - ok
09:19:20.0425 1608 [ 151BD0387B1B320CC9AACE6DB071803B ] TPM C:\WINDOWS\system32\drivers\tpm.sys
09:19:20.0428 1608 TPM - ok
09:19:20.0452 1608 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll
09:19:20.0457 1608 TrkWks - ok
09:19:20.0507 1608 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:19:20.0510 1608 TrustedInstaller - ok
09:19:20.0536 1608 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
09:19:20.0539 1608 TsUsbFlt - ok
09:19:20.0558 1608 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:19:20.0560 1608 TsUsbGD - ok
09:19:20.0588 1608 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
09:19:20.0592 1608 tunnel - ok
09:19:20.0622 1608 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
09:19:20.0625 1608 uagp35 - ok
09:19:20.0644 1608 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
09:19:20.0648 1608 UASPStor - ok
09:19:20.0679 1608 [ AA48AEC5CEB2AA8ED1B1A5758B017F72 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
09:19:20.0682 1608 UCX01000 - ok
09:19:20.0704 1608 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
09:19:20.0709 1608 udfs - ok
09:19:20.0743 1608 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
09:19:20.0749 1608 UI0Detect - ok
09:19:20.0768 1608 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
09:19:20.0771 1608 uliagpkx - ok
09:19:20.0782 1608 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
09:19:20.0784 1608 umbus - ok
09:19:20.0797 1608 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
09:19:20.0798 1608 UmPass - ok
09:19:20.0820 1608 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
09:19:20.0828 1608 UmRdpService - ok
09:19:20.0860 1608 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll
09:19:20.0878 1608 upnphost - ok
09:19:20.0911 1608 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
09:19:20.0949 1608 USBAAPL64 - ok
09:19:20.0975 1608 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
09:19:20.0977 1608 usbccgp - ok
09:19:21.0030 1608 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
09:19:21.0032 1608 usbcir - ok
09:19:21.0067 1608 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
09:19:21.0069 1608 usbehci - ok
09:19:21.0090 1608 [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
09:19:21.0106 1608 usbhub - ok
09:19:21.0143 1608 [ B7A948501424805571BF562BB0BFE31D ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
09:19:21.0160 1608 USBHUB3 - ok
09:19:21.0184 1608 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
09:19:21.0209 1608 usbohci - ok
09:19:21.0227 1608 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
09:19:21.0230 1608 usbprint - ok
09:19:21.0259 1608 [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
09:19:21.0275 1608 usbscan - ok
09:19:21.0286 1608 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:19:21.0289 1608 USBSTOR - ok
09:19:21.0308 1608 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
09:19:21.0340 1608 usbuhci - ok
09:19:21.0376 1608 [ 8ABF3C3ED6BF5ED15DC947795FF6ACAC ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:19:21.0394 1608 USBXHCI - ok
09:19:21.0411 1608 [ 6E0E63801FBEF27995107B8269BCFAAD ] VaultSvc C:\WINDOWS\system32\lsass.exe
09:19:21.0413 1608 VaultSvc - ok
09:19:21.0424 1608 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
09:19:21.0425 1608 vdrvroot - ok
09:19:21.0464 1608 [ 728C2DEEE875D6968632638922D6A1D7 ] vds C:\WINDOWS\System32\vds.exe
09:19:21.0481 1608 vds - ok
09:19:21.0519 1608 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
09:19:21.0522 1608 VerifierExt - ok
09:19:21.0560 1608 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
09:19:21.0578 1608 vhdmp - ok
09:19:21.0590 1608 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys
09:19:21.0592 1608 viaide - ok
09:19:21.0627 1608 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
09:19:21.0633 1608 Vid - ok
09:19:21.0657 1608 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
09:19:21.0661 1608 vmbus - ok
09:19:21.0686 1608 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
09:19:21.0688 1608 VMBusHID - ok
09:19:21.0712 1608 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
09:19:21.0715 1608 vmbusr - ok
09:19:21.0746 1608 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
09:19:21.0763 1608 vmicheartbeat - ok
09:19:21.0777 1608 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
09:19:21.0785 1608 vmickvpexchange - ok
09:19:21.0796 1608 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
09:19:21.0800 1608 vmicrdv - ok
09:19:21.0811 1608 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
09:19:21.0814 1608 vmicshutdown - ok
09:19:21.0823 1608 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
09:19:21.0826 1608 vmictimesync - ok
09:19:21.0835 1608 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
09:19:21.0839 1608 vmicvss - ok
09:19:21.0862 1608 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
09:19:21.0863 1608 volmgr - ok
09:19:21.0881 1608 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
09:19:21.0886 1608 volmgrx - ok
09:19:21.0900 1608 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
09:19:21.0903 1608 volsnap - ok
09:19:21.0924 1608 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
09:19:21.0926 1608 vpci - ok
09:19:21.0941 1608 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
09:19:21.0942 1608 vpcivsp - ok
09:19:21.0970 1608 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
09:19:21.0973 1608 vsmraid - ok
09:19:22.0018 1608 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe
09:19:22.0055 1608 VSS - ok
09:19:22.0079 1608 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
09:19:22.0116 1608 VSTXRAID - ok
09:19:22.0139 1608 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
09:19:22.0141 1608 vwifibus - ok
09:19:22.0177 1608 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll
09:19:22.0194 1608 W32Time - ok
09:19:22.0213 1608 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
09:19:22.0216 1608 WacomPen - ok
09:19:22.0231 1608 [ B69492CBD928534160594A7B33602575 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:19:22.0234 1608 Wanarp - ok
09:19:22.0242 1608 [ B69492CBD928534160594A7B33602575 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:19:22.0244 1608 Wanarpv6 - ok
09:19:22.0290 1608 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe
09:19:22.0325 1608 wbengine - ok
09:19:22.0354 1608 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
09:19:22.0371 1608 WbioSrvc - ok
09:19:22.0395 1608 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
09:19:22.0402 1608 Wcmsvc - ok
09:19:22.0435 1608 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
09:19:22.0499 1608 wcncsvc - ok
09:19:22.0524 1608 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
09:19:22.0528 1608 WcsPlugInService - ok
09:19:22.0548 1608 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys
09:19:22.0550 1608 Wd - ok
09:19:22.0569 1608 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
09:19:22.0571 1608 WdBoot - ok
09:19:22.0602 1608 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
09:19:22.0603 1608 WDC_SAM - ok
09:19:22.0629 1608 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
09:19:22.0646 1608 Wdf01000 - ok
09:19:22.0660 1608 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
09:19:22.0664 1608 WdFilter - ok
09:19:22.0694 1608 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
09:19:22.0699 1608 WdiServiceHost - ok
09:19:22.0704 1608 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
09:19:22.0707 1608 WdiSystemHost - ok
09:19:22.0739 1608 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:19:22.0745 1608 WebClient - ok
09:19:22.0762 1608 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
09:19:22.0771 1608 Wecsvc - ok
09:19:22.0796 1608 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
09:19:22.0800 1608 wercplsupport - ok
09:19:22.0817 1608 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
09:19:22.0822 1608 WerSvc - ok
09:19:22.0838 1608 [ F09BB0754A64733F04707B0395391911 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
09:19:22.0839 1608 WFPLWFS - ok
09:19:22.0868 1608 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
09:19:22.0872 1608 WiaRpc - ok
09:19:22.0907 1608 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
09:19:22.0910 1608 WIMMount - ok
09:19:22.0931 1608 WinDefend - ok
09:19:22.0978 1608 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:19:22.0994 1608 WinHttpAutoProxySvc - ok
09:19:23.0042 1608 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:19:23.0045 1608 Winmgmt - ok
09:19:23.0119 1608 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:19:23.0172 1608 WinRM - ok
09:19:23.0219 1608 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
09:19:23.0246 1608 WlanSvc - ok
09:19:23.0295 1608 [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
09:19:23.0339 1608 wlidsvc - ok
09:19:23.0369 1608 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
09:19:23.0370 1608 WmiAcpi - ok
09:19:23.0409 1608 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:19:23.0414 1608 wmiApSrv - ok
09:19:23.0432 1608 WMPNetworkSvc - ok
09:19:23.0469 1608 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
09:19:23.0472 1608 wpcfltr - ok
09:19:23.0498 1608 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
09:19:23.0504 1608 WPCSvc - ok
09:19:23.0535 1608 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
09:19:23.0542 1608 WPDBusEnum - ok
09:19:23.0559 1608 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:19:23.0561 1608 WpdUpFltr - ok
09:19:23.0571 1608 [ 58D492F986EC519ECDD54D93618758F8 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:19:23.0573 1608 ws2ifsl - ok
09:19:23.0589 1608 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
09:19:23.0696 1608 wscsvc - ok
09:19:23.0705 1608 WSearch - ok
09:19:23.0802 1608 [ FEC16FE5EAC2D8CD4628B69667B90DE6 ] WSService C:\WINDOWS\System32\WSService.dll
09:19:23.0864 1608 WSService - ok
09:19:23.0953 1608 [ F2CF90BBFB637AA2DC3CAAF64661EA43 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
09:19:24.0015 1608 wuauserv - ok
09:19:24.0049 1608 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
09:19:24.0051 1608 WudfPf - ok
09:19:24.0070 1608 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
09:19:24.0073 1608 WUDFRd - ok
09:19:24.0087 1608 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:19:24.0088 1608 WUDFSensorLP - ok
09:19:24.0095 1608 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
09:19:24.0099 1608 wudfsvc - ok
09:19:24.0112 1608 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:19:24.0113 1608 WUDFWpdFs - ok
09:19:24.0130 1608 [ 9FE55B90B1778C4FE351ECD1AEFD8AAF ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
09:19:24.0147 1608 WwanSvc - ok
09:19:24.0177 1608 [ B1EAA8B6E1A6FDB97546DB0AF89A7803 ] yukonw8 C:\WINDOWS\system32\DRIVERS\yk63x64.sys
09:19:24.0182 1608 yukonw8 - ok
09:19:24.0189 1608 ================ Scan global ===============================
09:19:24.0222 1608 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
09:19:24.0233 1608 [ B36597EF454D4FEA2F11429A9A1424BD ] C:\WINDOWS\system32\winsrv.dll
09:19:24.0242 1608 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
09:19:24.0263 1608 [ 754A2CC1F32107EA87CBD305ABE3E618 ] C:\WINDOWS\system32\services.exe
09:19:24.0268 1608 [Global] - ok
09:19:24.0269 1608 ================ Scan MBR ==================================
09:19:24.0278 1608 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:19:24.0527 1608 \Device\Harddisk0\DR0 - ok
09:19:24.0534 1608 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
09:19:24.0704 1608 \Device\Harddisk1\DR1 - ok
09:19:24.0705 1608 ================ Scan VBR ==================================
09:19:24.0712 1608 [ CB409A681EC55B8ED22743DA105ABB6F ] \Device\Harddisk0\DR0\Partition1
09:19:24.0713 1608 \Device\Harddisk0\DR0\Partition1 - ok
09:19:24.0722 1608 [ 28C0BBF2023CCE319959F0B99FDE8F0F ] \Device\Harddisk0\DR0\Partition2
09:19:24.0724 1608 \Device\Harddisk0\DR0\Partition2 - ok
09:19:24.0730 1608 [ 6002EE8E8D6828A15994434B68194ED6 ] \Device\Harddisk1\DR1\Partition1
09:19:24.0732 1608 \Device\Harddisk1\DR1\Partition1 - ok
09:19:24.0734 1608 ============================================================
09:19:24.0734 1608 Scan finished
09:19:24.0734 1608 ============================================================
09:19:24.0753 3988 Detected object count: 0
09:19:24.0753 3988 Actual detected object count: 0
09:22:13.0087 1256 Deinitialize success

#9 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:18 PM

Posted 13 January 2013 - 08:41 AM

Hi,

The first log shows that you were indeed infected with the TDSS rootkit and that TDSSKiller was able to remove it. But I notice the TDSSKiller version you are using is old - so please delete that and redownload it using the instructions I gave you earlier. Then run a new scan and post the log for me :)

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#10 scomatt9

scomatt9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 13 January 2013 - 09:21 AM

Okay, done. The new log is below. Again, TDS Killer is reporting 0 threats found.

06:19:11.0369 3452 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
06:19:12.0009 3452 ============================================================
06:19:12.0009 3452 Current date / time: 2013/01/13 06:19:12.0009
06:19:12.0009 3452 SystemInfo:
06:19:12.0009 3452
06:19:12.0009 3452 OS Version: 6.2.9200 ServicePack: 0.0
06:19:12.0009 3452 Product type: Workstation
06:19:12.0009 3452 ComputerName: MATTHEW-PC
06:19:12.0009 3452 UserName: Matthew
06:19:12.0009 3452 Windows directory: C:\WINDOWS
06:19:12.0009 3452 System windows directory: C:\WINDOWS
06:19:12.0009 3452 Running under WOW64
06:19:12.0009 3452 Processor architecture: Intel x64
06:19:12.0009 3452 Number of processors: 4
06:19:12.0009 3452 Page size: 0x1000
06:19:12.0009 3452 Boot type: Normal boot
06:19:12.0009 3452 ============================================================
06:19:13.0132 3452 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:19:13.0132 3452 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:19:13.0163 3452 ============================================================
06:19:13.0163 3452 \Device\Harddisk0\DR0:
06:19:13.0163 3452 MBR partitions:
06:19:13.0163 3452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
06:19:13.0163 3452 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1389000, BlocksNum 0x494CE800
06:19:13.0163 3452 \Device\Harddisk1\DR1:
06:19:13.0163 3452 MBR partitions:
06:19:13.0163 3452 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
06:19:13.0163 3452 ============================================================
06:19:13.0194 3452 C: <-> \Device\Harddisk0\DR0\Partition2
06:19:13.0257 3452 D: <-> \Device\Harddisk1\DR1\Partition1
06:19:13.0257 3452 ============================================================
06:19:13.0257 3452 Initialize success
06:19:13.0257 3452 ============================================================
06:19:27.0337 3220 ============================================================
06:19:27.0337 3220 Scan started
06:19:27.0337 3220 Mode: Manual;
06:19:27.0337 3220 ============================================================
06:19:28.0118 3220 ================ Scan system memory ========================
06:19:28.0118 3220 System memory - ok
06:19:28.0121 3220 ================ Scan services =============================
06:19:28.0999 3220 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
06:19:29.0016 3220 1394ohci - ok
06:19:29.0051 3220 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
06:19:29.0053 3220 3ware - ok
06:19:29.0091 3220 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
06:19:29.0098 3220 ACPI - ok
06:19:29.0131 3220 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
06:19:29.0132 3220 acpiex - ok
06:19:29.0158 3220 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
06:19:29.0159 3220 acpipagr - ok
06:19:29.0180 3220 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
06:19:29.0181 3220 AcpiPmi - ok
06:19:29.0197 3220 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
06:19:29.0198 3220 acpitime - ok
06:19:29.0224 3220 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
06:19:29.0242 3220 adp94xx - ok
06:19:29.0257 3220 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
06:19:29.0263 3220 adpahci - ok
06:19:29.0288 3220 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
06:19:29.0291 3220 adpu320 - ok
06:19:29.0318 3220 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
06:19:29.0321 3220 AeLookupSvc - ok
06:19:29.0362 3220 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys
06:19:29.0412 3220 AFD - ok
06:19:29.0473 3220 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\agrsm64.sys
06:19:29.0501 3220 AgereSoftModem - ok
06:19:29.0524 3220 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
06:19:29.0526 3220 agp440 - ok
06:19:29.0549 3220 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe
06:19:29.0551 3220 ALG - ok
06:19:29.0606 3220 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
06:19:29.0610 3220 AllUserInstallAgent - ok
06:19:29.0639 3220 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
06:19:29.0657 3220 AmdK8 - ok
06:19:30.0196 3220 [ 8DC532B5BF820E48194C6AFC8862FCBC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
06:19:30.0400 3220 amdkmdag - ok
06:19:30.0442 3220 [ AA48FEABA50C2DED9C485DFDBA044E40 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
06:19:30.0447 3220 amdkmdap - ok
06:19:30.0481 3220 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
06:19:30.0482 3220 AmdPPM - ok
06:19:30.0509 3220 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
06:19:30.0511 3220 amdsata - ok
06:19:30.0538 3220 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
06:19:30.0547 3220 amdsbs - ok
06:19:30.0554 3220 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
06:19:30.0556 3220 amdxata - ok
06:19:30.0589 3220 [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb C:\WINDOWS\System32\Drivers\androidusb.sys
06:19:30.0604 3220 androidusb - ok
06:19:30.0625 3220 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys
06:19:30.0627 3220 AppID - ok
06:19:30.0661 3220 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
06:19:30.0662 3220 AppIDSvc - ok
06:19:30.0705 3220 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\WINDOWS\System32\appinfo.dll
06:19:30.0708 3220 Appinfo - ok
06:19:30.0830 3220 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
06:19:30.0838 3220 Apple Mobile Device - ok
06:19:30.0874 3220 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
06:19:30.0879 3220 AppMgmt - ok
06:19:30.0897 3220 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys
06:19:30.0899 3220 arc - ok
06:19:30.0915 3220 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
06:19:30.0917 3220 arcsas - ok
06:19:30.0933 3220 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
06:19:30.0934 3220 AsyncMac - ok
06:19:30.0958 3220 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
06:19:30.0959 3220 atapi - ok
06:19:31.0005 3220 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
06:19:31.0077 3220 AudioEndpointBuilder - ok
06:19:31.0122 3220 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
06:19:31.0197 3220 Audiosrv - ok
06:19:31.0221 3220 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
06:19:31.0223 3220 AxInstSV - ok
06:19:31.0256 3220 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
06:19:31.0275 3220 b06bdrv - ok
06:19:31.0301 3220 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
06:19:31.0304 3220 BasicDisplay - ok
06:19:31.0339 3220 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
06:19:31.0340 3220 BasicRender - ok
06:19:31.0380 3220 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
06:19:31.0440 3220 BDESVC - ok
06:19:31.0472 3220 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
06:19:31.0473 3220 Beep - ok
06:19:31.0525 3220 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll
06:19:31.0568 3220 BFE - ok
06:19:31.0631 3220 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll
06:19:31.0746 3220 BITS - ok
06:19:31.0855 3220 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
06:19:31.0870 3220 Bonjour Service - ok
06:19:31.0891 3220 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
06:19:31.0894 3220 bowser - ok
06:19:31.0940 3220 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
06:19:31.0945 3220 BrokerInfrastructure - ok
06:19:31.0981 3220 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll
06:19:31.0985 3220 Browser - ok
06:19:32.0014 3220 [ 3AA4309EBD9491E516F13FE3DC752FEE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
06:19:32.0037 3220 BthAvrcpTg - ok
06:19:32.0066 3220 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
06:19:32.0069 3220 BthHFEnum - ok
06:19:32.0091 3220 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
06:19:32.0115 3220 bthhfhid - ok
06:19:32.0143 3220 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
06:19:32.0154 3220 BTHMODEM - ok
06:19:32.0186 3220 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll
06:19:32.0188 3220 bthserv - ok
06:19:32.0210 3220 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
06:19:32.0212 3220 cdfs - ok
06:19:32.0233 3220 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
06:19:32.0237 3220 cdrom - ok
06:19:32.0267 3220 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
06:19:32.0271 3220 CertPropSvc - ok
06:19:32.0290 3220 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
06:19:32.0292 3220 circlass - ok
06:19:32.0321 3220 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
06:19:32.0338 3220 CLFS - ok
06:19:32.0370 3220 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
06:19:32.0372 3220 CmBatt - ok
06:19:32.0420 3220 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
06:19:32.0446 3220 CNG - ok
06:19:32.0464 3220 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
06:19:32.0467 3220 CompositeBus - ok
06:19:32.0476 3220 COMSysApp - ok
06:19:32.0495 3220 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys
06:19:32.0496 3220 condrv - ok
06:19:32.0538 3220 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
06:19:32.0542 3220 CryptSvc - ok
06:19:32.0588 3220 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
06:19:32.0680 3220 CSC - ok
06:19:32.0776 3220 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll
06:19:32.0794 3220 CscService - ok
06:19:32.0806 3220 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys
06:19:32.0807 3220 dam - ok
06:19:32.0872 3220 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
06:19:32.0907 3220 DcomLaunch - ok
06:19:32.0941 3220 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
06:19:32.0958 3220 defragsvc - ok
06:19:33.0006 3220 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
06:19:33.0014 3220 DeviceAssociationService - ok
06:19:33.0056 3220 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
06:19:33.0063 3220 DeviceInstall - ok
06:19:33.0098 3220 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
06:19:33.0100 3220 Dfsc - ok
06:19:33.0133 3220 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
06:19:33.0184 3220 Dhcp - ok
06:19:33.0208 3220 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys
06:19:33.0210 3220 discache - ok
06:19:33.0240 3220 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys
06:19:33.0241 3220 disk - ok
06:19:33.0268 3220 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
06:19:33.0270 3220 dmvsc - ok
06:19:33.0305 3220 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
06:19:33.0309 3220 Dnscache - ok
06:19:33.0338 3220 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
06:19:33.0342 3220 dot3svc - ok
06:19:33.0369 3220 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll
06:19:33.0373 3220 DPS - ok
06:19:33.0399 3220 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
06:19:33.0411 3220 drmkaud - ok
06:19:33.0435 3220 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
06:19:33.0438 3220 DsmSvc - ok
06:19:33.0492 3220 [ 898BF1647BBF012B38EF45C7F9F7A67E ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
06:19:33.0516 3220 DXGKrnl - ok
06:19:33.0542 3220 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
06:19:33.0545 3220 Eaphost - ok
06:19:33.0732 3220 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
06:19:33.0803 3220 ebdrv - ok
06:19:33.0834 3220 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe
06:19:33.0838 3220 EFS - ok
06:19:33.0874 3220 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
06:19:33.0876 3220 EhStorClass - ok
06:19:33.0892 3220 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
06:19:33.0895 3220 EhStorTcgDrv - ok
06:19:33.0913 3220 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
06:19:33.0914 3220 ErrDev - ok
06:19:33.0955 3220 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll
06:19:33.0972 3220 EventSystem - ok
06:19:33.0990 3220 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
06:19:33.0993 3220 exfat - ok
06:19:34.0007 3220 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
06:19:34.0011 3220 fastfat - ok
06:19:34.0038 3220 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe
06:19:34.0056 3220 Fax - ok
06:19:34.0076 3220 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
06:19:34.0077 3220 fdc - ok
06:19:34.0116 3220 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
06:19:34.0119 3220 fdPHost - ok
06:19:34.0152 3220 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll
06:19:34.0155 3220 FDResPub - ok
06:19:34.0192 3220 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
06:19:34.0197 3220 fhsvc - ok
06:19:34.0230 3220 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
06:19:34.0233 3220 FileInfo - ok
06:19:34.0269 3220 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
06:19:34.0271 3220 Filetrace - ok
06:19:34.0286 3220 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
06:19:34.0288 3220 flpydisk - ok
06:19:34.0313 3220 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
06:19:34.0318 3220 FltMgr - ok
06:19:34.0387 3220 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll
06:19:34.0454 3220 FontCache - ok
06:19:34.0470 3220 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
06:19:34.0472 3220 FsDepends - ok
06:19:34.0500 3220 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
06:19:34.0501 3220 Fs_Rec - ok
06:19:34.0580 3220 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
06:19:34.0590 3220 fvevol - ok
06:19:34.0614 3220 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
06:19:34.0639 3220 FxPPM - ok
06:19:34.0664 3220 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
06:19:34.0666 3220 gagp30kx - ok
06:19:34.0702 3220 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
06:19:34.0704 3220 GEARAspiWDM - ok
06:19:34.0733 3220 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
06:19:34.0735 3220 gencounter - ok
06:19:34.0755 3220 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
06:19:34.0758 3220 GPIOClx0101 - ok
06:19:34.0814 3220 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
06:19:34.0858 3220 gpsvc - ok
06:19:34.0908 3220 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:19:34.0911 3220 gupdate - ok
06:19:34.0921 3220 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
06:19:34.0923 3220 gupdatem - ok
06:19:34.0963 3220 [ 9FC1F11D4D19F61DFE5CC878B4557D3A ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
06:19:35.0022 3220 HdAudAddService - ok
06:19:35.0052 3220 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
06:19:35.0053 3220 HDAudBus - ok
06:19:35.0078 3220 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
06:19:35.0089 3220 HidBatt - ok
06:19:35.0115 3220 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
06:19:35.0118 3220 HidBth - ok
06:19:35.0140 3220 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
06:19:35.0165 3220 hidi2c - ok
06:19:35.0183 3220 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
06:19:35.0186 3220 HidIr - ok
06:19:35.0208 3220 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll
06:19:35.0212 3220 hidserv - ok
06:19:35.0246 3220 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
06:19:35.0260 3220 HidUsb - ok
06:19:35.0290 3220 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
06:19:35.0295 3220 hkmsvc - ok
06:19:35.0339 3220 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
06:19:35.0347 3220 HomeGroupListener - ok
06:19:35.0376 3220 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
06:19:35.0389 3220 HomeGroupProvider - ok
06:19:35.0426 3220 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
06:19:35.0428 3220 HpSAMD - ok
06:19:35.0472 3220 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
06:19:35.0543 3220 HTTP - ok
06:19:35.0562 3220 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
06:19:35.0563 3220 hwpolicy - ok
06:19:35.0594 3220 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
06:19:35.0606 3220 hyperkbd - ok
06:19:35.0631 3220 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
06:19:35.0633 3220 HyperVideo - ok
06:19:35.0665 3220 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
06:19:35.0669 3220 i8042prt - ok
06:19:35.0697 3220 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
06:19:35.0715 3220 iaStorV - ok
06:19:35.0749 3220 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
06:19:35.0752 3220 iirsp - ok
06:19:35.0815 3220 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
06:19:35.0853 3220 IKEEXT - ok
06:19:35.0887 3220 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
06:19:35.0889 3220 intelide - ok
06:19:35.0912 3220 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
06:19:35.0928 3220 intelppm - ok
06:19:35.0945 3220 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
06:19:35.0948 3220 IpFilterDriver - ok
06:19:35.0987 3220 [ CAC5202757EF68C4849B0DFFA75F6D3C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
06:19:36.0005 3220 iphlpsvc - ok
06:19:36.0018 3220 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
06:19:36.0020 3220 IPMIDRV - ok
06:19:36.0040 3220 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
06:19:36.0042 3220 IPNAT - ok
06:19:36.0083 3220 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
06:19:36.0100 3220 iPod Service - ok
06:19:36.0109 3220 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
06:19:36.0111 3220 IRENUM - ok
06:19:36.0144 3220 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
06:19:36.0145 3220 isapnp - ok
06:19:36.0183 3220 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
06:19:36.0191 3220 iScsiPrt - ok
06:19:36.0222 3220 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
06:19:36.0224 3220 kbdclass - ok
06:19:36.0257 3220 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
06:19:36.0260 3220 kbdhid - ok
06:19:36.0292 3220 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
06:19:36.0294 3220 kdnic - ok
06:19:36.0309 3220 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe
06:19:36.0312 3220 KeyIso - ok
06:19:36.0346 3220 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
06:19:36.0354 3220 KSecDD - ok
06:19:36.0394 3220 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
06:19:36.0399 3220 KSecPkg - ok
06:19:36.0413 3220 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
06:19:36.0415 3220 ksthunk - ok
06:19:36.0456 3220 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
06:19:36.0474 3220 KtmRm - ok
06:19:36.0510 3220 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
06:19:36.0527 3220 LanmanServer - ok
06:19:36.0550 3220 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
06:19:36.0567 3220 LanmanWorkstation - ok
06:19:36.0593 3220 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
06:19:36.0596 3220 lltdio - ok
06:19:36.0626 3220 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
06:19:36.0643 3220 lltdsvc - ok
06:19:36.0669 3220 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
06:19:36.0673 3220 lmhosts - ok
06:19:36.0712 3220 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
06:19:36.0716 3220 LSI_SAS - ok
06:19:36.0738 3220 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
06:19:36.0741 3220 LSI_SAS2 - ok
06:19:36.0760 3220 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
06:19:36.0763 3220 LSI_SCSI - ok
06:19:36.0794 3220 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
06:19:36.0796 3220 LSI_SSS - ok
06:19:36.0831 3220 [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM C:\WINDOWS\System32\lsm.dll
06:19:36.0848 3220 LSM - ok
06:19:36.0895 3220 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
06:19:36.0913 3220 luafv - ok
06:19:36.0922 3220 lxbx_device - ok
06:19:36.0936 3220 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
06:19:36.0938 3220 megasas - ok
06:19:36.0979 3220 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
06:19:36.0986 3220 MegaSR - ok
06:19:37.0012 3220 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll
06:19:37.0017 3220 MMCSS - ok
06:19:37.0032 3220 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys
06:19:37.0034 3220 Modem - ok
06:19:37.0060 3220 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
06:19:37.0061 3220 monitor - ok
06:19:37.0083 3220 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
06:19:37.0097 3220 mouclass - ok
06:19:37.0120 3220 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
06:19:37.0122 3220 mouhid - ok
06:19:37.0138 3220 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
06:19:37.0141 3220 mountmgr - ok
06:19:37.0173 3220 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
06:19:37.0204 3220 mpsdrv - ok
06:19:37.0261 3220 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
06:19:37.0340 3220 MpsSvc - ok
06:19:37.0370 3220 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
06:19:37.0418 3220 MRxDAV - ok
06:19:37.0490 3220 [ 877D60D6E4156EC4A2E0B6871D41BED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
06:19:37.0527 3220 mrxsmb - ok
06:19:37.0551 3220 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
06:19:37.0568 3220 mrxsmb10 - ok
06:19:37.0600 3220 [ E078446D4B8622AA6030C7B8A1A08962 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
06:19:37.0654 3220 mrxsmb20 - ok
06:19:37.0676 3220 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
06:19:37.0679 3220 MsBridge - ok
06:19:37.0710 3220 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
06:19:37.0717 3220 MSDTC - ok
06:19:37.0752 3220 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
06:19:37.0754 3220 Msfs - ok
06:19:37.0784 3220 [ C9BFB0353099B071E70299549C18C8AE ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
06:19:37.0787 3220 msgpiowin32 - ok
06:19:37.0818 3220 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
06:19:37.0819 3220 mshidkmdf - ok
06:19:37.0845 3220 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
06:19:37.0846 3220 mshidumdf - ok
06:19:37.0865 3220 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
06:19:37.0866 3220 msisadrv - ok
06:19:37.0895 3220 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
06:19:37.0901 3220 MSiSCSI - ok
06:19:37.0911 3220 msiserver - ok
06:19:37.0930 3220 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
06:19:37.0931 3220 MSKSSRV - ok
06:19:37.0954 3220 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
06:19:37.0965 3220 MsLldp - ok
06:19:37.0990 3220 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
06:19:38.0001 3220 MSPCLOCK - ok
06:19:38.0019 3220 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
06:19:38.0028 3220 MSPQM - ok
06:19:38.0066 3220 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
06:19:38.0092 3220 MsRPC - ok
06:19:38.0113 3220 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
06:19:38.0115 3220 mssmbios - ok
06:19:38.0130 3220 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
06:19:38.0132 3220 MSTEE - ok
06:19:38.0138 3220 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
06:19:38.0140 3220 MTConfig - ok
06:19:38.0164 3220 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
06:19:38.0165 3220 Mup - ok
06:19:38.0182 3220 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
06:19:38.0184 3220 mvumis - ok
06:19:38.0241 3220 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll
06:19:38.0258 3220 napagent - ok
06:19:38.0280 3220 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
06:19:38.0298 3220 NativeWifiP - ok
06:19:38.0319 3220 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
06:19:38.0325 3220 NcaSvc - ok
06:19:38.0359 3220 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
06:19:38.0369 3220 NcdAutoSetup - ok
06:19:38.0467 3220 [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
06:19:38.0535 3220 NDIS - ok
06:19:38.0557 3220 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
06:19:38.0559 3220 NdisCap - ok
06:19:38.0577 3220 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
06:19:38.0581 3220 NdisImPlatform - ok
06:19:38.0609 3220 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
06:19:38.0633 3220 NdisTapi - ok
06:19:38.0653 3220 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
06:19:38.0654 3220 Ndisuio - ok
06:19:38.0679 3220 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
06:19:38.0682 3220 NdisWan - ok
06:19:38.0696 3220 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
06:19:38.0697 3220 NDISWANLEGACY - ok
06:19:38.0714 3220 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
06:19:38.0732 3220 NDProxy - ok
06:19:38.0760 3220 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
06:19:38.0762 3220 Ndu - ok
06:19:38.0771 3220 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
06:19:38.0772 3220 NetBIOS - ok
06:19:38.0791 3220 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
06:19:38.0796 3220 NetBT - ok
06:19:38.0808 3220 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe
06:19:38.0810 3220 Netlogon - ok
06:19:38.0851 3220 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll
06:19:38.0856 3220 Netman - ok
06:19:38.0889 3220 [ 20F6FD63E6D456114BC8056D62792786 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
06:19:38.0906 3220 netprofm - ok
06:19:39.0011 3220 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:19:39.0046 3220 NetTcpPortSharing - ok
06:19:39.0090 3220 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
06:19:39.0091 3220 nfrd960 - ok
06:19:39.0154 3220 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
06:19:39.0169 3220 NlaSvc - ok
06:19:39.0193 3220 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
06:19:39.0200 3220 Npfs - ok
06:19:39.0225 3220 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
06:19:39.0227 3220 npsvctrig - ok
06:19:39.0241 3220 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll
06:19:39.0246 3220 nsi - ok
06:19:39.0277 3220 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
06:19:39.0279 3220 nsiproxy - ok
06:19:39.0406 3220 [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
06:19:39.0458 3220 Ntfs - ok
06:19:39.0489 3220 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys
06:19:39.0491 3220 Null - ok
06:19:39.0535 3220 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
06:19:39.0538 3220 nvraid - ok
06:19:39.0578 3220 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
06:19:39.0583 3220 nvstor - ok
06:19:39.0603 3220 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
06:19:39.0607 3220 nv_agp - ok
06:19:39.0650 3220 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
06:19:39.0667 3220 p2pimsvc - ok
06:19:39.0712 3220 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
06:19:39.0729 3220 p2psvc - ok
06:19:39.0746 3220 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys
06:19:39.0749 3220 Parport - ok
06:19:39.0763 3220 [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
06:19:39.0765 3220 partmgr - ok
06:19:39.0809 3220 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
06:19:39.0826 3220 PcaSvc - ok
06:19:39.0843 3220 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys
06:19:39.0848 3220 pci - ok
06:19:39.0861 3220 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
06:19:39.0862 3220 pciide - ok
06:19:39.0882 3220 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
06:19:39.0886 3220 pcmcia - ok
06:19:39.0911 3220 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
06:19:39.0913 3220 pcw - ok
06:19:39.0945 3220 [ EF9B4F3136B4C45F421ADE6871659FB6 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
06:19:39.0953 3220 pdc - ok
06:19:39.0981 3220 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
06:19:40.0008 3220 PEAUTH - ok
06:19:40.0121 3220 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
06:19:40.0170 3220 PeerDistSvc - ok
06:19:40.0321 3220 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
06:19:40.0338 3220 PerfHost - ok
06:19:40.0419 3220 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll
06:19:40.0463 3220 pla - ok
06:19:40.0488 3220 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
06:19:40.0491 3220 PlugPlay - ok
06:19:40.0525 3220 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
06:19:40.0528 3220 PNRPAutoReg - ok
06:19:40.0556 3220 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
06:19:40.0561 3220 PNRPsvc - ok
06:19:40.0693 3220 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
06:19:40.0706 3220 PolicyAgent - ok
06:19:40.0750 3220 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\WINDOWS\system32\umpo.dll
06:19:40.0797 3220 Power - ok
06:19:40.0830 3220 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
06:19:40.0834 3220 PptpMiniport - ok
06:19:41.0050 3220 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
06:19:41.0168 3220 PrintNotify - ok
06:19:41.0183 3220 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys
06:19:41.0199 3220 Processor - ok
06:19:41.0220 3220 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll
06:19:41.0225 3220 ProfSvc - ok
06:19:41.0258 3220 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
06:19:41.0261 3220 Psched - ok
06:19:41.0311 3220 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll
06:19:41.0318 3220 QWAVE - ok
06:19:41.0337 3220 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
06:19:41.0339 3220 QWAVEdrv - ok
06:19:41.0368 3220 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
06:19:41.0369 3220 RasAcd - ok
06:19:41.0388 3220 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
06:19:41.0390 3220 RasAgileVpn - ok
06:19:41.0420 3220 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
06:19:41.0426 3220 RasAuto - ok
06:19:41.0446 3220 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
06:19:41.0450 3220 Rasl2tp - ok
06:19:41.0477 3220 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll
06:19:41.0494 3220 RasMan - ok
06:19:41.0513 3220 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
06:19:41.0515 3220 RasPppoe - ok
06:19:41.0524 3220 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
06:19:41.0526 3220 RasSstp - ok
06:19:41.0565 3220 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
06:19:41.0583 3220 rdbss - ok
06:19:41.0615 3220 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
06:19:41.0617 3220 rdpbus - ok
06:19:41.0645 3220 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
06:19:41.0650 3220 RDPDR - ok
06:19:41.0690 3220 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
06:19:41.0691 3220 RdpVideoMiniport - ok
06:19:41.0720 3220 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
06:19:41.0723 3220 RDPWD - ok
06:19:41.0735 3220 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
06:19:41.0738 3220 rdyboost - ok
06:19:41.0764 3220 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
06:19:41.0767 3220 RemoteAccess - ok
06:19:41.0788 3220 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
06:19:41.0793 3220 RemoteRegistry - ok
06:19:41.0822 3220 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
06:19:41.0870 3220 RpcEptMapper - ok
06:19:41.0892 3220 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe
06:19:41.0894 3220 RpcLocator - ok
06:19:41.0934 3220 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll
06:19:41.0942 3220 RpcSs - ok
06:19:41.0976 3220 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
06:19:41.0988 3220 rspndr - ok
06:19:42.0005 3220 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
06:19:42.0007 3220 s3cap - ok
06:19:42.0026 3220 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\WINDOWS\system32\lsass.exe
06:19:42.0029 3220 SamSs - ok
06:19:42.0049 3220 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
06:19:42.0052 3220 sbp2port - ok
06:19:42.0079 3220 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
06:19:42.0097 3220 SCardSvr - ok
06:19:42.0125 3220 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
06:19:42.0128 3220 scfilter - ok
06:19:42.0177 3220 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\WINDOWS\system32\schedsvc.dll
06:19:42.0214 3220 Schedule - ok
06:19:42.0241 3220 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
06:19:42.0243 3220 SCPolicySvc - ok
06:19:42.0279 3220 [ 66E29CADF9FF6C8325C356BDD617F7EA ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
06:19:42.0297 3220 sdbus - ok
06:19:42.0315 3220 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
06:19:42.0319 3220 SDRSVC - ok
06:19:42.0338 3220 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
06:19:42.0339 3220 sdstor - ok
06:19:42.0361 3220 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
06:19:42.0363 3220 secdrv - ok
06:19:42.0396 3220 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll
06:19:42.0399 3220 seclogon - ok
06:19:42.0437 3220 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll
06:19:42.0443 3220 SENS - ok
06:19:42.0463 3220 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
06:19:42.0471 3220 SensrSvc - ok
06:19:42.0491 3220 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
06:19:42.0494 3220 SerCx - ok
06:19:42.0518 3220 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
06:19:42.0520 3220 Serenum - ok
06:19:42.0558 3220 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys
06:19:42.0560 3220 Serial - ok
06:19:42.0576 3220 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
06:19:42.0578 3220 sermouse - ok
06:19:42.0610 3220 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll
06:19:42.0627 3220 SessionEnv - ok
06:19:42.0656 3220 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
06:19:42.0691 3220 sfloppy - ok
06:19:42.0735 3220 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
06:19:42.0752 3220 SharedAccess - ok
06:19:42.0820 3220 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
06:19:42.0846 3220 ShellHWDetection - ok
06:19:42.0872 3220 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
06:19:42.0874 3220 SiSRaid2 - ok
06:19:42.0894 3220 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
06:19:42.0897 3220 SiSRaid4 - ok
06:19:42.0934 3220 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
06:19:42.0937 3220 SNMPTRAP - ok
06:19:42.0964 3220 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
06:19:42.0968 3220 spaceport - ok
06:19:42.0982 3220 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
06:19:42.0983 3220 SpbCx - ok
06:19:43.0021 3220 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe
06:19:43.0038 3220 Spooler - ok
06:19:43.0368 3220 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe
06:19:43.0457 3220 sppsvc - ok
06:19:43.0525 3220 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
06:19:43.0540 3220 srv - ok
06:19:43.0586 3220 [ C2106BB710AA34A046126AED7BCA6964 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
06:19:43.0659 3220 srv2 - ok
06:19:43.0685 3220 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
06:19:43.0689 3220 srvnet - ok
06:19:43.0719 3220 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
06:19:43.0725 3220 SSDPSRV - ok
06:19:43.0746 3220 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
06:19:43.0750 3220 SstpSvc - ok
06:19:43.0807 3220 Steam Client Service - ok
06:19:43.0827 3220 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
06:19:43.0833 3220 stexstor - ok
06:19:43.0887 3220 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll
06:19:43.0913 3220 stisvc - ok
06:19:43.0949 3220 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
06:19:43.0952 3220 storahci - ok
06:19:43.0964 3220 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
06:19:43.0967 3220 storflt - ok
06:19:43.0988 3220 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll
06:19:43.0993 3220 StorSvc - ok
06:19:44.0016 3220 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
06:19:44.0018 3220 storvsc - ok
06:19:44.0036 3220 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
06:19:44.0039 3220 storvsp - ok
06:19:44.0053 3220 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll
06:19:44.0058 3220 svsvc - ok
06:19:44.0076 3220 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
06:19:44.0078 3220 swenum - ok
06:19:44.0125 3220 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll
06:19:44.0167 3220 swprv - ok
06:19:44.0232 3220 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll
06:19:44.0281 3220 SysMain - ok
06:19:44.0316 3220 [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
06:19:44.0320 3220 SystemEventsBroker - ok
06:19:44.0339 3220 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
06:19:44.0343 3220 TabletInputService - ok
06:19:44.0372 3220 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
06:19:44.0388 3220 TapiSrv - ok
06:19:44.0464 3220 [ 1D644E2D0FC395A055AB1C23C3B43631 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
06:19:44.0520 3220 Tcpip - ok
06:19:44.0563 3220 [ 1D644E2D0FC395A055AB1C23C3B43631 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
06:19:44.0579 3220 TCPIP6 - ok
06:19:44.0608 3220 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
06:19:44.0617 3220 tcpipreg - ok
06:19:44.0646 3220 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
06:19:44.0649 3220 tdx - ok
06:19:44.0671 3220 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
06:19:44.0708 3220 terminpt - ok
06:19:44.0747 3220 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll
06:19:44.0772 3220 TermService - ok
06:19:44.0802 3220 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll
06:19:44.0806 3220 Themes - ok
06:19:44.0820 3220 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
06:19:44.0822 3220 THREADORDER - ok
06:19:44.0838 3220 [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
06:19:44.0843 3220 TimeBroker - ok
06:19:44.0875 3220 [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
06:19:44.0877 3220 TPM - ok
06:19:44.0907 3220 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll
06:19:44.0911 3220 TrkWks - ok
06:19:44.0963 3220 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
06:19:44.0989 3220 TrustedInstaller - ok
06:19:45.0031 3220 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
06:19:45.0034 3220 TsUsbFlt - ok
06:19:45.0055 3220 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
06:19:45.0058 3220 TsUsbGD - ok
06:19:45.0085 3220 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
06:19:45.0089 3220 tunnel - ok
06:19:45.0127 3220 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
06:19:45.0130 3220 uagp35 - ok
06:19:45.0166 3220 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
06:19:45.0169 3220 UASPStor - ok
06:19:45.0202 3220 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
06:19:45.0207 3220 UCX01000 - ok
06:19:45.0236 3220 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
06:19:45.0253 3220 udfs - ok
06:19:45.0289 3220 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
06:19:45.0293 3220 UI0Detect - ok
06:19:45.0322 3220 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
06:19:45.0325 3220 uliagpkx - ok
06:19:45.0337 3220 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
06:19:45.0339 3220 umbus - ok
06:19:45.0351 3220 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
06:19:45.0353 3220 UmPass - ok
06:19:45.0384 3220 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
06:19:45.0401 3220 UmRdpService - ok
06:19:45.0442 3220 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll
06:19:45.0459 3220 upnphost - ok
06:19:45.0490 3220 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
06:19:45.0525 3220 USBAAPL64 - ok
06:19:45.0554 3220 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
06:19:45.0565 3220 usbccgp - ok
06:19:45.0584 3220 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
06:19:45.0586 3220 usbcir - ok
06:19:45.0613 3220 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
06:19:45.0615 3220 usbehci - ok
06:19:45.0635 3220 [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
06:19:45.0651 3220 usbhub - ok
06:19:45.0680 3220 [ B7A948501424805571BF562BB0BFE31D ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
06:19:45.0697 3220 USBHUB3 - ok
06:19:45.0722 3220 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
06:19:45.0747 3220 usbohci - ok
06:19:45.0765 3220 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
06:19:45.0767 3220 usbprint - ok
06:19:45.0805 3220 [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
06:19:45.0826 3220 usbscan - ok
06:19:45.0848 3220 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
06:19:45.0852 3220 USBSTOR - ok
06:19:45.0870 3220 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
06:19:45.0884 3220 usbuhci - ok
06:19:45.0916 3220 [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
06:19:45.0934 3220 USBXHCI - ok
06:19:45.0958 3220 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\WINDOWS\system32\lsass.exe
06:19:45.0962 3220 VaultSvc - ok
06:19:45.0979 3220 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
06:19:45.0989 3220 vdrvroot - ok
06:19:46.0035 3220 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\WINDOWS\System32\vds.exe
06:19:46.0078 3220 vds - ok
06:19:46.0116 3220 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
06:19:46.0119 3220 VerifierExt - ok
06:19:46.0164 3220 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
06:19:46.0182 3220 vhdmp - ok
06:19:46.0194 3220 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys
06:19:46.0196 3220 viaide - ok
06:19:46.0222 3220 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
06:19:46.0225 3220 Vid - ok
06:19:46.0244 3220 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
06:19:46.0246 3220 vmbus - ok
06:19:46.0274 3220 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
06:19:46.0275 3220 VMBusHID - ok
06:19:46.0333 3220 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
06:19:46.0336 3220 vmbusr - ok
06:19:46.0367 3220 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
06:19:46.0384 3220 vmicheartbeat - ok
06:19:46.0398 3220 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
06:19:46.0404 3220 vmickvpexchange - ok
06:19:46.0417 3220 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
06:19:46.0422 3220 vmicrdv - ok
06:19:46.0433 3220 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
06:19:46.0437 3220 vmicshutdown - ok
06:19:46.0448 3220 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
06:19:46.0452 3220 vmictimesync - ok
06:19:46.0467 3220 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
06:19:46.0470 3220 vmicvss - ok
06:19:46.0491 3220 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
06:19:46.0504 3220 volmgr - ok
06:19:46.0527 3220 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
06:19:46.0532 3220 volmgrx - ok
06:19:46.0571 3220 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
06:19:46.0578 3220 volsnap - ok
06:19:46.0604 3220 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
06:19:46.0607 3220 vpci - ok
06:19:46.0637 3220 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
06:19:46.0640 3220 vpcivsp - ok
06:19:46.0683 3220 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
06:19:46.0688 3220 vsmraid - ok
06:19:46.0838 3220 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe
06:19:46.0862 3220 VSS - ok
06:19:46.0900 3220 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
06:19:46.0914 3220 VSTXRAID - ok
06:19:46.0943 3220 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
06:19:46.0945 3220 vwifibus - ok
06:19:46.0979 3220 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll
06:19:46.0996 3220 W32Time - ok
06:19:47.0042 3220 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
06:19:47.0044 3220 WacomPen - ok
06:19:47.0075 3220 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
06:19:47.0096 3220 Wanarp - ok
06:19:47.0102 3220 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
06:19:47.0103 3220 Wanarpv6 - ok
06:19:47.0161 3220 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe
06:19:47.0244 3220 wbengine - ok
06:19:47.0275 3220 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
06:19:47.0289 3220 WbioSrvc - ok
06:19:47.0316 3220 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
06:19:47.0324 3220 Wcmsvc - ok
06:19:47.0356 3220 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
06:19:47.0407 3220 wcncsvc - ok
06:19:47.0428 3220 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
06:19:47.0434 3220 WcsPlugInService - ok
06:19:47.0461 3220 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys
06:19:47.0463 3220 Wd - ok
06:19:47.0498 3220 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
06:19:47.0500 3220 WdBoot - ok
06:19:47.0539 3220 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
06:19:47.0541 3220 WDC_SAM - ok
06:19:47.0645 3220 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
06:19:47.0659 3220 Wdf01000 - ok
06:19:47.0681 3220 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
06:19:47.0684 3220 WdFilter - ok
06:19:47.0723 3220 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
06:19:47.0728 3220 WdiServiceHost - ok
06:19:47.0736 3220 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
06:19:47.0739 3220 WdiSystemHost - ok
06:19:47.0777 3220 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll
06:19:47.0784 3220 WebClient - ok
06:19:47.0816 3220 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
06:19:47.0822 3220 Wecsvc - ok
06:19:47.0842 3220 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
06:19:47.0846 3220 wercplsupport - ok
06:19:47.0863 3220 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
06:19:47.0867 3220 WerSvc - ok
06:19:47.0897 3220 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
06:19:47.0899 3220 WFPLWFS - ok
06:19:47.0931 3220 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
06:19:47.0935 3220 WiaRpc - ok
06:19:47.0961 3220 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
06:19:47.0963 3220 WIMMount - ok
06:19:47.0992 3220 WinDefend - ok
06:19:48.0028 3220 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
06:19:48.0047 3220 WinHttpAutoProxySvc - ok
06:19:48.0205 3220 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
06:19:48.0214 3220 Winmgmt - ok
06:19:48.0343 3220 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
06:19:48.0404 3220 WinRM - ok
06:19:48.0549 3220 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
06:19:48.0570 3220 WlanSvc - ok
06:19:48.0642 3220 [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
06:19:48.0691 3220 wlidsvc - ok
06:19:48.0724 3220 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
06:19:48.0736 3220 WmiAcpi - ok
06:19:48.0781 3220 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
06:19:48.0786 3220 wmiApSrv - ok
06:19:48.0837 3220 WMPNetworkSvc - ok
06:19:48.0858 3220 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
06:19:48.0864 3220 wpcfltr - ok
06:19:48.0911 3220 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
06:19:48.0915 3220 WPCSvc - ok
06:19:48.0973 3220 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
06:19:48.0987 3220 WPDBusEnum - ok
06:19:49.0005 3220 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
06:19:49.0007 3220 WpdUpFltr - ok
06:19:49.0032 3220 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
06:19:49.0055 3220 ws2ifsl - ok
06:19:49.0078 3220 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
06:19:49.0094 3220 wscsvc - ok
06:19:49.0102 3220 WSearch - ok
06:19:49.0375 3220 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\WINDOWS\System32\WSService.dll
06:19:49.0412 3220 WSService - ok
06:19:49.0662 3220 [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv C:\WINDOWS\system32\wuaueng.dll
06:19:49.0724 3220 wuauserv - ok
06:19:49.0754 3220 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
06:19:49.0760 3220 WudfPf - ok
06:19:49.0775 3220 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
06:19:49.0778 3220 WUDFRd - ok
06:19:49.0791 3220 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
06:19:49.0793 3220 WUDFSensorLP - ok
06:19:49.0828 3220 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
06:19:49.0848 3220 wudfsvc - ok
06:19:49.0870 3220 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
06:19:49.0872 3220 WUDFWpdFs - ok
06:19:49.0908 3220 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
06:19:49.0958 3220 WwanSvc - ok
06:19:50.0000 3220 [ B1EAA8B6E1A6FDB97546DB0AF89A7803 ] yukonw8 C:\WINDOWS\system32\DRIVERS\yk63x64.sys
06:19:50.0016 3220 yukonw8 - ok
06:19:50.0028 3220 ================ Scan global ===============================
06:19:50.0068 3220 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
06:19:50.0103 3220 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll
06:19:50.0163 3220 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
06:19:50.0205 3220 [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe
06:19:50.0222 3220 [Global] - ok
06:19:50.0223 3220 ================ Scan MBR ==================================
06:19:50.0233 3220 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
06:19:53.0415 3220 \Device\Harddisk0\DR0 - ok
06:19:53.0426 3220 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
06:19:54.0847 3220 \Device\Harddisk1\DR1 - ok
06:19:54.0848 3220 ================ Scan VBR ==================================
06:19:54.0874 3220 [ CB409A681EC55B8ED22743DA105ABB6F ] \Device\Harddisk0\DR0\Partition1
06:19:54.0911 3220 \Device\Harddisk0\DR0\Partition1 - ok
06:19:54.0931 3220 [ 28C0BBF2023CCE319959F0B99FDE8F0F ] \Device\Harddisk0\DR0\Partition2
06:19:54.0951 3220 \Device\Harddisk0\DR0\Partition2 - ok
06:19:54.0968 3220 [ 6002EE8E8D6828A15994434B68194ED6 ] \Device\Harddisk1\DR1\Partition1
06:19:54.0999 3220 \Device\Harddisk1\DR1\Partition1 - ok
06:19:55.0000 3220 ============================================================
06:19:55.0000 3220 Scan finished
06:19:55.0000 3220 ============================================================
06:19:55.0024 3672 Detected object count: 0
06:19:55.0024 3672 Actual detected object count: 0
06:19:59.0601 3464 Deinitialize success

#11 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:18 PM

Posted 13 January 2013 - 10:31 AM

Good :)

 

Because you were infected with TDSS I should give you the following warning - please note the infection itself has been removed (the speech below is a standard one):

:exclame: Backdoor Trojan warning

I hate to give you bad news, but one or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

 

How is the PC behaving now? I'd like you to run a scan with MalwareByte's Anti-Malware (which I see you have installed). Please update it and then run a full scan - post the log for my review.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#12 scomatt9

scomatt9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 13 January 2013 - 05:54 PM

Well that sounds quite bad...lol. I'd like to clean the system without a reformat if at all possible, but in the event that the best course of action is a reinstall, that's fine as well. Since I just digitally downloaded Win 8 will it be difficult to reinstall though? No disk...

Regarding the computer's behavior, it seems to be doing a little better. No problems at boot and it appears to be running generally "faster" than it was before as well.

And of course Malwarebytes did find another "Backdoor" threat...

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.13.07

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
Matthew :: MATTHEW-PC [administrator]

1/13/2013 11:02:47 AM
mbam-log-2013-01-13 (11-02-47).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 705139
Time elapsed: 3 hour(s), 26 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
D:\Program Files\GarageGames\Torque X\v1.0.5.1\TXB\TXTools\ContentNodeGenerator.exe (Backdoor.MSIL.PGen) -> Quarantined and deleted successfully.

(end)

Edited by scomatt9, 13 January 2013 - 05:56 PM.


#13 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:18 PM

Posted 15 January 2013 - 08:41 AM

Well that sounds quite bad...lol. I'd like to clean the system without a reformat if at all possible, but in the event that the best course of action is a reinstall, that's fine as well. Since I just digitally downloaded Win 8 will it be difficult to reinstall though? No disk...


If you have the original file - then you can burn this to disc or USB and use that.

The threat from MalwareBytes was probably a false positive (a non-threat detected as a threat), so I wouldn't worry about it. Your logs look clean and if you've not noticed any other problems then I think you're OK. I would like one further scan just to be sure though...

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Casey

Edited by Casey_boy, 15 January 2013 - 08:41 AM.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#14 scomatt9

scomatt9
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:18 PM

Posted 16 January 2013 - 07:51 PM

C:\TDSSKiller_Quarantine\02.01.2013_14.59.35\tdlfs0000\tsk0006.dta Win32/Olmasco.O trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.01.2013_14.59.35\tdlfs0000\tsk0011.dta Win64/Olmasco.O trojan cleaned by deleting - quarantined
C:\Users\Matthew\Downloads\cbsidlm-tr1_9-Street_Fighter_X_Mega_Man-SEO2-75827409.exe Win32/DownloadAdmin.F application cleaned by deleting - quarantined
C:\Users\Matthew\Downloads\gimp_installer_1606.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined

#15 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:09:18 PM

Posted 17 January 2013 - 11:51 AM

OK - good smile.gif nothing to be worried about there either. So, good news, your PC appears to be clean!

Below I have outlined a series of categories that outline how you can increase the security of your computer to help reduce the chance of being infected again in the future.

Do not use P2P programs
Peer-to-peer or file-sharing programs (such as uTorrent, Limewire and Bitorrent) are probably the primary route of infection nowadays. These programs allow file sharing between users as the name(s) suggest. It is almost impossible to know whether the file you’re downloading through P2P programs is safe.

It is therefore possible to be infected by downloading infected files via peer-to-peer programs and so I recommend that you do not use these programs. Should you wish to use them, they must be used with extreme care. Some further reading on this subject, along with included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

In addition, P2P programs facilitate cyber crime and help distribute pirated software, movies and other illegal material.

Practice Safe Internet
Another one of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will.

Below are a list of simple precautions to take to keep your computer clean and running securely:
  • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
  • If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.
  • If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know who is themselves infected with malware which is trying to infect everyone in their address book. A key thing to look out for here is: does the email sound as though it’s from the person you know? Often, the email may simply have a web link or a “Run this file to make your PC run fast” message in it.
  • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software. For an example of these types of pop-ups, or Foistware, you should read this article: Foistware, And how to avoid it.
    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. Removal instructions for a lot of these "rogues" can be found here.
  • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you, or will download a file to your PC without your knowledge. You can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake. DO NOT click on these windows, instead close them by finding the open window on your Taskbar, right click and chose close.
  • Do not visit pornographic websites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do, as this can often form part of their funding.
  • When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link you should message back to the person asking if it is legit.
  • Stay away from Warez and Crack sites! As with Peer-2-Peer programs, in addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.
  • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download files from a site, and are not sure if they are legitimate, you can use tools such as BitDefender Traffic Light, Norton Safe Web, or McAfee SiteAdvisor to look up info on the site and stay protected against malicious sites. Please be sure to only choose and install one of those tool bars.
  • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
    Sometimes even legitimate programs will try to bundle extra, unwanted, software with the program you want - this is done to raise money for the program. Be sure to untick any boxes which may indicate that other programs will be downloaded.
Keep Windows up-to-date
Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure.


Keep your browser secure
Most modern browsers have come on in leaps and bounds with their inbuilt, default security. The best way to keep your browser secure nowadays is simply to keep it up-to-date.

The latest versions of the three common browsers can be found below:Use an AntiVirus Software
It is very important that your computer has an up-to-date anti-virus software on it which has a real-time agent running. This alone can save you a lot of trouble with malware in the future.
See this link for a listing of some online & their stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources, a couple of free Anti-Virus programs you may be interested in are Microsoft Security Essentials and Avast.

It is imperative that you update your Antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out. If you use a commercial antivirus program you must make sure you keep renewing your subscription. Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.

Use a Firewall
I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.

All versions of Windows starting from XP have an in-built firewall. With Windows XP this firewall will protect you from incoming traffic (i.e. hackers). Starting with Windows Vista, the firewall was beefed up to also protect you against outgoing traffic (i.e. malicious programs installed on your machine should be blocked from sending data, such as your bank details and passwords, out).

In addition, if you connect to the internet via a router, this will normally have a firewall in-built.

Some people will recommend installing a different firewall (instead of the Windows’ built one), this is personal choice, but the message is to definitely have one! For a tutorial on Firewalls and a listing of some available ones see this link: Understanding and Using Firewalls

Use an Anti-Malware program
Recommended, and free, Anti-Malware programs are Malwarebytes Anti-Malware and SuperAntiSpyware.

You should regularly (perhaps once a week) scan your computer with an Anti-Malware program just as you would with an antivirus software.

Make sure your applications have all of their updates
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is very important to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities (such as Adobe Reader and Java). You can check these by visiting Secunia Software Inspector.

Follow this list and your potential for being infected again will reduce dramatically.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users