Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with zeroaccess/moneypak


  • This topic is locked This topic is locked
26 replies to this topic

#1 rendog

rendog

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:57 AM

Posted 07 February 2013 - 04:47 PM

I don't think this malware/virus is completely gone from my system because it seems to pop up about once a week.

 

It blanks out the screen and the FBI warning comes up.

 

Please help, thanks.

 

 

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457  BrowserJavaVersion: 10.13.2
Run by User at 16:43:31 on 2013-02-07
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8169.3204 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Java\jre7\bin\javaw.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} - hxxp://www.auctiva.com/Aurigma/ImageUploader57.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://scottrade.webex.com/client/T28L/nbr/ieatgpc1.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B81725D3-C812-4264-AE9A-356F9B30D999} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-4 283200]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2011-10-27 133800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2011-10-29 26136]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-11-29 130976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-10-27 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-10-27 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-10 1255736]
.
=============== Created Last 30 ================
.
2013-02-06 21:36:03 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{275FEE0D-0A98-44A0-B15C-3D8D19C6CAE6}\mpengine.dll
2013-02-06 06:41:56 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-14 21:39:37 -------- d-sh--w- C:\$RECYCLE.BIN
2013-01-14 21:16:27 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-01-14 20:39:38 98816 ----a-w- C:\Windows\sed.exe
2013-01-14 20:39:38 256000 ----a-w- C:\Windows\PEV.exe
2013-01-14 20:39:38 208896 ----a-w- C:\Windows\MBR.exe
2013-01-14 08:17:09 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
2013-01-14 08:07:40 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-01-14 08:07:40 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-01-14 08:07:40 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-01-14 08:07:40 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-01-14 08:05:58 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-01-14 08:05:58 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-01-14 08:05:58 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-14 08:05:58 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-14 08:05:58 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-14 08:05:58 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-14 08:05:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-01-14 08:05:57 3149824 ----a-w- C:\Windows\System32\win32k.sys
2013-01-14 08:05:57 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-01-14 08:05:57 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-01-14 07:58:15 -------- d-----w- C:\Users\User\AppData\Local\Programs
.
==================== Find3M  ====================
.
2013-02-07 20:46:38 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-07 20:46:38 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-07 03:13:46 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-02-07 03:13:46 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-02-07 03:13:37 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-02-06 22:05:38 5998 ----a-w- C:\Windows\System32\PerfStringBackup.TMP
2013-02-06 06:41:54 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-02-06 06:41:54 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-17 06:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 16:43:37.40 ===============
 



BC AdBot (Login to Remove)

 


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • ONLINE
  •  
  • Gender:Female
  • Local time:08:57 AM

Posted 07 February 2013 - 05:12 PM

Hello and welcome to BleepingComputer! smile.png
 
 
 
I am Elle and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are used to identify the possible threats present on your system so I will analyze the results they produce. 
 
 
As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that aspect. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us. 
 
If you will encounter a delay of over 2 days from me, please don't hesitate and private message me (link in the signature). 
Do not forget to check your topic periodically and subscribe to it so that you can receive notifications regarding my replies.
 
 
 
Please generate new DDS logs (download it from here if you haven't already) and post them in your next reply along with other changes that may have occured since you last posted.
 
 
Thank you very much for your patience. 
 
 
 
 
Regards,
 
Elle

Edited by Blind Faith, 07 February 2013 - 05:16 PM.

Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#3 rendog

rendog
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:57 AM

Posted 07 February 2013 - 05:19 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457  BrowserJavaVersion: 10.13.2
Run by User at 17:18:50 on 2013-02-07
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8169.3072 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Java\jre7\bin\javaw.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
DPF: {38AB0814-B09B-4378-9940-14A19638C3C2} - hxxp://www.auctiva.com/Aurigma/ImageUploader57.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://scottrade.webex.com/client/T28L/nbr/ieatgpc1.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B81725D3-C812-4264-AE9A-356F9B30D999} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-6-4 283200]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2011-10-27 133800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2011-10-29 26136]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2012-11-19 13368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-11-29 130976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-10-27 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-10-27 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-10 1255736]
.
=============== Created Last 30 ================
.
2013-02-06 21:36:03 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{275FEE0D-0A98-44A0-B15C-3D8D19C6CAE6}\mpengine.dll
2013-02-06 06:41:56 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-14 21:39:37 -------- d-sh--w- C:\$RECYCLE.BIN
2013-01-14 21:16:27 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2013-01-14 20:39:38 98816 ----a-w- C:\Windows\sed.exe
2013-01-14 20:39:38 256000 ----a-w- C:\Windows\PEV.exe
2013-01-14 20:39:38 208896 ----a-w- C:\Windows\MBR.exe
2013-01-14 08:17:09 27256 ----a-w- C:\Windows\System32\drivers\FixZeroAccess.sys
2013-01-14 08:07:40 46080 ----a-w- C:\Windows\System32\atmlib.dll
2013-01-14 08:07:40 367616 ----a-w- C:\Windows\System32\atmfd.dll
2013-01-14 08:07:40 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2013-01-14 08:07:40 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2013-01-14 08:05:58 750592 ----a-w- C:\Windows\System32\win32spl.dll
2013-01-14 08:05:58 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-01-14 08:05:58 2002432 ----a-w- C:\Windows\System32\msxml6.dll
2013-01-14 08:05:58 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2013-01-14 08:05:58 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2013-01-14 08:05:58 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-01-14 08:05:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2013-01-14 08:05:57 3149824 ----a-w- C:\Windows\System32\win32k.sys
2013-01-14 08:05:57 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-01-14 08:05:57 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-01-14 07:58:15 -------- d-----w- C:\Users\User\AppData\Local\Programs
.
==================== Find3M  ====================
.
2013-02-07 20:46:38 74096 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-07 20:46:38 697712 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-07 03:13:46 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-02-07 03:13:46 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-02-07 03:13:37 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-02-06 22:05:38 5998 ----a-w- C:\Windows\System32\PerfStringBackup.TMP
2013-02-06 06:41:54 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-02-06 06:41:54 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-01-17 06:28:58 273840 ------w- C:\Windows\System32\MpSigStub.exe
2012-12-14 21:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 17:18:53.58 ===============
 



#4 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • ONLINE
  •  
  • Gender:Female
  • Local time:08:57 AM

Posted 07 February 2013 - 05:22 PM

There should have also been an Attach.txt log. If you can find it, please attach it within your next reply. :)

 

 

 

Elle 


Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#5 rendog

rendog
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:57 AM

Posted 07 February 2013 - 05:26 PM


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 10/27/2011 4:45:00 AM
System Uptime: 2/6/2013 4:04:42 PM (25 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | P8Z68-V PRO
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz | LGA1155 | 3301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 6.405 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_05\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_05\3&11583659&0&FB
Service:
.
Class GUID:
Description:
Device ID: USB\VID_0CF3&PID_3000\6&DF2EE03&0&7
Manufacturer:
Name:
PNP Device ID: USB\VID_0CF3&PID_3000\6&DF2EE03&0&7
Service:
.
==== System Restore Points ===================
.
RP173: 2/6/2013 4:35:59 PM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.01)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Battlefield 3™
Battlelog Web Plugins
Bigasoft Total Video Converter 3.7.16.4643
Bonjour
Braid
CCleaner
CPUID CPU-Z 1.58
D3DX10
DAEMON Tools Lite
ESN Sonar
Fraps
Futuremark SystemInfo
GoToMeeting 5.3.0.977
HandBrake 0.9.6
Intel® Management Engine Components
Intel® Network Connections 15.6.25.0
Intel® Watchdog Timer Driver (Intel® WDT)
iTunes
Java 7 Update 13
Java Auto Updater
join.me
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Age of Empires II
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.1
MKVToolNix 5.8.0
Movie Maker
MSI Afterburner 2.3.0
MSVCRT
MSVCRT110
MSVCRT110_amd64
NVIDIA 3D Vision Controller Driver 301.42
NVIDIA 3D Vision Driver 301.42
NVIDIA Control Panel 301.42
NVIDIA Graphics Driver 301.42
NVIDIA HD Audio Driver 1.3.16.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0213
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.8.15
NVIDIA Update Components
OCCT 4.0.0
OpenAL
Origin
Photo Common
Photo Gallery
PunkBuster Services
Revo Uninstaller 1.94
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SpeedFan (remove only)
Steam
The Last Express
Unigine Heaven DX11 Benchmark 2.5 version 2.5
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Ventrilo Client for Windows x64
VLC media player 2.0.1
WinDirStat 1.1.2
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
2/6/2013 5:33:32 PM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 107.
2/6/2013 5:33:32 PM, Error: Schannel [36874]  - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
2/5/2013 11:06:31 PM, Error: Service Control Manager [7038]  - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
2/5/2013 11:06:31 PM, Error: Service Control Manager [7000]  - The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.
.
==== End Of File ===========================
 



reattached it because it pasted small


Edited by rendog, 07 February 2013 - 05:26 PM.


#6 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • ONLINE
  •  
  • Gender:Female
  • Local time:08:57 AM

Posted 07 February 2013 - 05:28 PM

Hi there,

 

 

Thank you for providing the logs. I will analyze them and come back with a reply ASAP. 

 

 

 

 

Elle 


Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#7 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • ONLINE
  •  
  • Gender:Female
  • Local time:08:57 AM

Posted 08 February 2013 - 06:28 AM

Hi there,
 
 
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it. 
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

  • Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #8 rendog

    rendog
    • Topic Starter

    • Members
    • 22 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:12:57 AM

    Posted 08 February 2013 - 09:28 AM

    09:27:14.0807 14164 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35


     

    09:27:15.0167 14164 ============================================================


     

    09:27:15.0167 14164 Current date / time: 2013/02/08 09:27:15.0167


     

    09:27:15.0167 14164 SystemInfo:


     

    09:27:15.0167 14164


     

    09:27:15.0167 14164 OS Version: 6.1.7601 ServicePack: 1.0


     

    09:27:15.0167 14164 Product type: Workstation


     

    09:27:15.0167 14164 ComputerName: HAF932


     

    09:27:15.0167 14164 UserName: User


     

    09:27:15.0167 14164 Windows directory: C:\Windows


     

    09:27:15.0167 14164 System windows directory: C:\Windows


     

    09:27:15.0167 14164 Running under WOW64


     

    09:27:15.0167 14164 Processor architecture: Intel x64


     

    09:27:15.0167 14164 Number of processors: 4


     

    09:27:15.0167 14164 Page size: 0x1000


     

    09:27:15.0167 14164 Boot type: Normal boot


     

    09:27:15.0167 14164 ============================================================


     

    09:27:15.0287 14164 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040


     

    09:27:15.0287 14164 ============================================================


     

    09:27:15.0287 14164 \Device\Harddisk0\DR0:


     

    09:27:15.0287 14164 MBR partitions:


     

    09:27:15.0287 14164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000


     

    09:27:15.0287 14164 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DC800


     

    09:27:15.0287 14164 ============================================================


     

    09:27:15.0287 14164 C: <-> \Device\Harddisk0\DR0\Partition2


     

    09:27:15.0287 14164 ============================================================


     

    09:27:15.0287 14164 Initialize success


     

    09:27:15.0287 14164 ============================================================


     

    09:27:17.0287 14572 ============================================================


     

    09:27:17.0287 14572 Scan started


     

    09:27:17.0287 14572 Mode: Manual;


     

    09:27:17.0287 14572 ============================================================


     

    09:27:17.0847 14572 ================ Scan system memory ========================


     

    09:27:17.0847 14572 System memory - ok


     

    09:27:17.0847 14572 ================ Scan services =============================


     

    09:27:17.0947 14572 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys


     

    09:27:17.0947 14572 1394ohci - ok


     

    09:27:17.0957 14572 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys


     

    09:27:17.0957 14572 ACPI - ok


     

    09:27:17.0967 14572 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys


     

    09:27:17.0967 14572 AcpiPmi - ok


     

    09:27:17.0967 14572 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe


     

    09:27:17.0967 14572 AdobeARMservice - ok


     

    09:27:17.0977 14572 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys


     

    09:27:17.0977 14572 adp94xx - ok


     

    09:27:17.0987 14572 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys


     

    09:27:17.0987 14572 adpahci - ok


     

    09:27:17.0987 14572 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys


     

    09:27:17.0997 14572 adpu320 - ok


     

    09:27:17.0997 14572 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll


     

    09:27:17.0997 14572 AeLookupSvc - ok


     

    09:27:17.0997 14572 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys


     

    09:27:18.0007 14572 AFD - ok


     

    09:27:18.0007 14572 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys


     

    09:27:18.0007 14572 agp440 - ok


     

    09:27:18.0007 14572 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe


     

    09:27:18.0007 14572 ALG - ok


     

    09:27:18.0017 14572 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys


     

    09:27:18.0017 14572 aliide - ok


     

    09:27:18.0017 14572 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys


     

    09:27:18.0017 14572 amdide - ok


     

    09:27:18.0017 14572 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys


     

    09:27:18.0017 14572 AmdK8 - ok


     

    09:27:18.0017 14572 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys


     

    09:27:18.0027 14572 AmdPPM - ok


     

    09:27:18.0027 14572 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys


     

    09:27:18.0027 14572 amdsata - ok


     

    09:27:18.0027 14572 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys


     

    09:27:18.0027 14572 amdsbs - ok


     

    09:27:18.0037 14572 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys


     

    09:27:18.0037 14572 amdxata - ok


     

    09:27:18.0037 14572 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys


     

    09:27:18.0037 14572 AppID - ok


     

    09:27:18.0037 14572 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll


     

    09:27:18.0037 14572 AppIDSvc - ok


     

    09:27:18.0037 14572 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll


     

    09:27:18.0037 14572 Appinfo - ok


     

    09:27:18.0047 14572 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe


     

    09:27:18.0047 14572 Apple Mobile Device - ok


     

    09:27:18.0047 14572 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll


     

    09:27:18.0057 14572 AppMgmt - ok


     

    09:27:18.0057 14572 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys


     

    09:27:18.0057 14572 arc - ok


     

    09:27:18.0057 14572 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys


     

    09:27:18.0057 14572 arcsas - ok


     

    09:27:18.0077 14572 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO C:\Windows\syswow64\drivers\AsIO.sys


     

    09:27:18.0077 14572 AsIO - ok


     

    09:27:18.0087 14572 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe


     

    09:27:18.0087 14572 aspnet_state - ok


     

    09:27:18.0097 14572 [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys


     

    09:27:18.0097 14572 AsUpIO - ok


     

    09:27:18.0097 14572 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys


     

    09:27:18.0097 14572 AsyncMac - ok


     

    09:27:18.0097 14572 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys


     

    09:27:18.0097 14572 atapi - ok


     

    09:27:18.0107 14572 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll


     

    09:27:18.0107 14572 AudioEndpointBuilder - ok


     

    09:27:18.0117 14572 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll


     

    09:27:18.0117 14572 AudioSrv - ok


     

    09:27:18.0117 14572 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll


     

    09:27:18.0117 14572 AxInstSV - ok


     

    09:27:18.0127 14572 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys


     

    09:27:18.0127 14572 b06bdrv - ok


     

    09:27:18.0137 14572 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys


     

    09:27:18.0137 14572 b57nd60a - ok


     

    09:27:18.0137 14572 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll


     

    09:27:18.0147 14572 BDESVC - ok


     

    09:27:18.0147 14572 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys


     

    09:27:18.0147 14572 Beep - ok


     

    09:27:18.0157 14572 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll


     

    09:27:18.0157 14572 BFE - ok


     

    09:27:18.0167 14572 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll


     

    09:27:18.0177 14572 BITS - ok


     

    09:27:18.0177 14572 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys


     

    09:27:18.0177 14572 blbdrive - ok


     

    09:27:18.0187 14572 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe


     

    09:27:18.0187 14572 Bonjour Service - ok


     

    09:27:18.0187 14572 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys


     

    09:27:18.0197 14572 bowser - ok


     

    09:27:18.0197 14572 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys


     

    09:27:18.0197 14572 BrFiltLo - ok


     

    09:27:18.0197 14572 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys


     

    09:27:18.0197 14572 BrFiltUp - ok


     

    09:27:18.0197 14572 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys


     

    09:27:18.0197 14572 BridgeMP - ok


     

    09:27:18.0207 14572 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll


     

    09:27:18.0207 14572 Browser - ok


     

    09:27:18.0207 14572 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys


     

    09:27:18.0217 14572 Brserid - ok


     

    09:27:18.0217 14572 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys


     

    09:27:18.0217 14572 BrSerWdm - ok


     

    09:27:18.0217 14572 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys


     

    09:27:18.0217 14572 BrUsbMdm - ok


     

    09:27:18.0217 14572 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys


     

    09:27:18.0217 14572 BrUsbSer - ok


     

    09:27:18.0217 14572 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys


     

    09:27:18.0217 14572 BTHMODEM - ok


     

    09:27:18.0227 14572 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll


     

    09:27:18.0227 14572 bthserv - ok


     

    09:27:18.0227 14572 catchme - ok


     

    09:27:18.0227 14572 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys


     

    09:27:18.0227 14572 cdfs - ok


     

    09:27:18.0237 14572 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys


     

    09:27:18.0237 14572 cdrom - ok


     

    09:27:18.0237 14572 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll


     

    09:27:18.0237 14572 CertPropSvc - ok


     

    09:27:18.0237 14572 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys


     

    09:27:18.0237 14572 circlass - ok


     

    09:27:18.0247 14572 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys


     

    09:27:18.0247 14572 CLFS - ok


     

    09:27:18.0257 14572 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe


     

    09:27:18.0257 14572 clr_optimization_v2.0.50727_32 - ok


     

    09:27:18.0257 14572 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe


     

    09:27:18.0257 14572 clr_optimization_v2.0.50727_64 - ok


     

    09:27:18.0267 14572 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


     

    09:27:18.0267 14572 clr_optimization_v4.0.30319_32 - ok


     

    09:27:18.0277 14572 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe


     

    09:27:18.0277 14572 clr_optimization_v4.0.30319_64 - ok


     

    09:27:18.0277 14572 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys


     

    09:27:18.0277 14572 CmBatt - ok


     

    09:27:18.0277 14572 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys


     

    09:27:18.0277 14572 cmdide - ok


     

    09:27:18.0287 14572 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys


     

    09:27:18.0287 14572 CNG - ok


     

    09:27:18.0287 14572 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys


     

    09:27:18.0287 14572 Compbatt - ok


     

    09:27:18.0297 14572 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys


     

    09:27:18.0297 14572 CompositeBus - ok


     

    09:27:18.0297 14572 COMSysApp - ok


     

    09:27:18.0297 14572 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys


     

    09:27:18.0297 14572 crcdisk - ok


     

    09:27:18.0297 14572 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll


     

    09:27:18.0307 14572 CryptSvc - ok


     

    09:27:18.0307 14572 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys


     

    09:27:18.0317 14572 CSC - ok


     

    09:27:18.0317 14572 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll


     

    09:27:18.0327 14572 CscService - ok


     

    09:27:18.0327 14572 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll


     

    09:27:18.0337 14572 DcomLaunch - ok


     

    09:27:18.0337 14572 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll


     

    09:27:18.0347 14572 defragsvc - ok


     

    09:27:18.0347 14572 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys


     

    09:27:18.0347 14572 DfsC - ok


     

    09:27:18.0347 14572 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll


     

    09:27:18.0357 14572 Dhcp - ok


     

    09:27:18.0357 14572 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys


     

    09:27:18.0357 14572 discache - ok


     

    09:27:18.0357 14572 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys


     

    09:27:18.0357 14572 Disk - ok


     

    09:27:18.0357 14572 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll


     

    09:27:18.0367 14572 Dnscache - ok


     

    09:27:18.0367 14572 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll


     

    09:27:18.0367 14572 dot3svc - ok


     

    09:27:18.0367 14572 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll


     

    09:27:18.0377 14572 DPS - ok


     

    09:27:18.0377 14572 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys


     

    09:27:18.0377 14572 drmkaud - ok


     

    09:27:18.0377 14572 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys


     

    09:27:18.0387 14572 dtsoftbus01 - ok


     

    09:27:18.0387 14572 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys


     

    09:27:18.0397 14572 DXGKrnl - ok


     

    09:27:18.0407 14572 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys


     

    09:27:18.0407 14572 e1cexpress - ok


     

    09:27:18.0407 14572 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll


     

    09:27:18.0407 14572 EapHost - ok


     

    09:27:18.0437 14572 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys


     

    09:27:18.0457 14572 ebdrv - ok


     

    09:27:18.0457 14572 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe


     

    09:27:18.0457 14572 EFS - ok


     

    09:27:18.0467 14572 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe


     

    09:27:18.0477 14572 ehRecvr - ok


     

    09:27:18.0477 14572 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe


     

    09:27:18.0477 14572 ehSched - ok


     

    09:27:18.0487 14572 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys


     

    09:27:18.0487 14572 elxstor - ok


     

    09:27:18.0487 14572 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys


     

    09:27:18.0487 14572 ErrDev - ok


     

    09:27:18.0497 14572 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll


     

    09:27:18.0497 14572 EventSystem - ok


     

    09:27:18.0507 14572 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys


     

    09:27:18.0507 14572 exfat - ok


     

    09:27:18.0507 14572 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys


     

    09:27:18.0507 14572 fastfat - ok


     

    09:27:18.0517 14572 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe


     

    09:27:18.0527 14572 Fax - ok


     

    09:27:18.0527 14572 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys


     

    09:27:18.0527 14572 fdc - ok


     

    09:27:18.0527 14572 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll


     

    09:27:18.0527 14572 fdPHost - ok


     

    09:27:18.0527 14572 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll


     

    09:27:18.0527 14572 FDResPub - ok


     

    09:27:18.0527 14572 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys


     

    09:27:18.0537 14572 FileInfo - ok


     

    09:27:18.0537 14572 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys


     

    09:27:18.0537 14572 Filetrace - ok


     

    09:27:18.0537 14572 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys


     

    09:27:18.0537 14572 flpydisk - ok


     

    09:27:18.0537 14572 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys


     

    09:27:18.0547 14572 FltMgr - ok


     

    09:27:18.0557 14572 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll


     

    09:27:18.0567 14572 FontCache - ok


     

    09:27:18.0577 14572 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe


     

    09:27:18.0577 14572 FontCache3.0.0.0 - ok


     

    09:27:18.0577 14572 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys


     

    09:27:18.0577 14572 FsDepends - ok


     

    09:27:18.0577 14572 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys


     

    09:27:18.0577 14572 Fs_Rec - ok


     

    09:27:18.0587 14572 [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe


     

    09:27:18.0587 14572 Futuremark SystemInfo Service - ok


     

    09:27:18.0587 14572 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys


     

    09:27:18.0587 14572 fvevol - ok


     

    09:27:18.0597 14572 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys


     

    09:27:18.0597 14572 gagp30kx - ok


     

    09:27:18.0597 14572 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys


     

    09:27:18.0597 14572 GEARAspiWDM - ok


     

    09:27:18.0607 14572 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll


     

    09:27:18.0607 14572 gpsvc - ok


     

    09:27:18.0607 14572 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys


     

    09:27:18.0607 14572 hcw85cir - ok


     

    09:27:18.0617 14572 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys


     

    09:27:18.0617 14572 HdAudAddService - ok


     

    09:27:18.0617 14572 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys


     

    09:27:18.0627 14572 HDAudBus - ok


     

    09:27:18.0627 14572 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys


     

    09:27:18.0627 14572 HidBatt - ok


     

    09:27:18.0627 14572 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys


     

    09:27:18.0627 14572 HidBth - ok


     

    09:27:18.0627 14572 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys


     

    09:27:18.0627 14572 HidIr - ok


     

    09:27:18.0637 14572 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll


     

    09:27:18.0637 14572 hidserv - ok


     

    09:27:18.0637 14572 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys


     

    09:27:18.0637 14572 HidUsb - ok


     

    09:27:18.0637 14572 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll


     

    09:27:18.0637 14572 hkmsvc - ok


     

    09:27:18.0647 14572 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll


     

    09:27:18.0647 14572 HomeGroupListener - ok


     

    09:27:18.0647 14572 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll


     

    09:27:18.0647 14572 HomeGroupProvider - ok


     

    09:27:18.0647 14572 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys


     

    09:27:18.0657 14572 HpSAMD - ok


     

    09:27:18.0657 14572 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys


     

    09:27:18.0667 14572 HTTP - ok


     

    09:27:18.0667 14572 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys


     

    09:27:18.0667 14572 hwpolicy - ok


     

    09:27:18.0667 14572 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys


     

    09:27:18.0667 14572 i8042prt - ok


     

    09:27:18.0677 14572 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys


     

    09:27:18.0677 14572 iaStorV - ok


     

    09:27:18.0687 14572 [ C1010ADD3DDAE1196ED21057AF7B2AAE ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys


     

    09:27:18.0687 14572 ICCWDT - ok


     

    09:27:18.0687 14572 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe


     

    09:27:18.0697 14572 idsvc - ok


     

    09:27:18.0697 14572 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys


     

    09:27:18.0697 14572 iirsp - ok


     

    09:27:18.0707 14572 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll


     

    09:27:18.0717 14572 IKEEXT - ok


     

    09:27:18.0717 14572 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys


     

    09:27:18.0717 14572 intelide - ok


     

    09:27:18.0727 14572 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys


     

    09:27:18.0727 14572 intelppm - ok


     

    09:27:18.0727 14572 [ 068EC06F3B6DD7B81B365D8FD2CE27E6 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe


     

    09:27:18.0727 14572 Intel® PROSet Monitoring Service - ok


     

    09:27:18.0727 14572 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll


     

    09:27:18.0727 14572 IPBusEnum - ok


     

    09:27:18.0737 14572 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys


     

    09:27:18.0737 14572 IpFilterDriver - ok


     

    09:27:18.0737 14572 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll


     

    09:27:18.0747 14572 iphlpsvc - ok


     

    09:27:18.0747 14572 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys


     

    09:27:18.0747 14572 IPMIDRV - ok


     

    09:27:18.0747 14572 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys


     

    09:27:18.0747 14572 IPNAT - ok


     

    09:27:18.0757 14572 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe


     

    09:27:18.0767 14572 iPod Service - ok


     

    09:27:18.0767 14572 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys


     

    09:27:18.0767 14572 IRENUM - ok


     

    09:27:18.0777 14572 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys


     

    09:27:18.0777 14572 isapnp - ok


     

    09:27:18.0777 14572 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys


     

    09:27:18.0777 14572 iScsiPrt - ok


     

    09:27:18.0777 14572 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys


     

    09:27:18.0777 14572 kbdclass - ok


     

    09:27:18.0787 14572 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys


     

    09:27:18.0787 14572 kbdhid - ok


     

    09:27:18.0787 14572 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe


     

    09:27:18.0787 14572 KeyIso - ok


     

    09:27:18.0787 14572 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys


     

    09:27:18.0787 14572 KSecDD - ok


     

    09:27:18.0797 14572 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys


     

    09:27:18.0797 14572 KSecPkg - ok


     

    09:27:18.0797 14572 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys


     

    09:27:18.0797 14572 ksthunk - ok


     

    09:27:18.0797 14572 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll


     

    09:27:18.0807 14572 KtmRm - ok


     

    09:27:18.0807 14572 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll


     

    09:27:18.0807 14572 LanmanServer - ok


     

    09:27:18.0807 14572 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll


     

    09:27:18.0817 14572 LanmanWorkstation - ok


     

    09:27:18.0817 14572 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys


     

    09:27:18.0817 14572 lltdio - ok


     

    09:27:18.0817 14572 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll


     

    09:27:18.0827 14572 lltdsvc - ok


     

    09:27:18.0827 14572 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll


     

    09:27:18.0827 14572 lmhosts - ok


     

    09:27:18.0827 14572 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys


     

    09:27:18.0827 14572 LSI_FC - ok


     

    09:27:18.0827 14572 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys


     

    09:27:18.0837 14572 LSI_SAS - ok


     

    09:27:18.0837 14572 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys


     

    09:27:18.0837 14572 LSI_SAS2 - ok


     

    09:27:18.0837 14572 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys


     

    09:27:18.0837 14572 LSI_SCSI - ok


     

    09:27:18.0837 14572 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys


     

    09:27:18.0837 14572 luafv - ok


     

    09:27:18.0847 14572 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll


     

    09:27:18.0847 14572 Mcx2Svc - ok


     

    09:27:18.0847 14572 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys


     

    09:27:18.0847 14572 megasas - ok


     

    09:27:18.0847 14572 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys


     

    09:27:18.0857 14572 MegaSR - ok


     

    09:27:18.0857 14572 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys


     

    09:27:18.0857 14572 MEIx64 - ok


     

    09:27:18.0857 14572 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll


     

    09:27:18.0857 14572 MMCSS - ok


     

    09:27:18.0857 14572 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys


     

    09:27:18.0857 14572 Modem - ok


     

    09:27:18.0867 14572 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys


     

    09:27:18.0867 14572 monitor - ok


     

    09:27:18.0867 14572 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys


     

    09:27:18.0867 14572 mouclass - ok


     

    09:27:18.0867 14572 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys


     

    09:27:18.0867 14572 mouhid - ok


     

    09:27:18.0867 14572 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys


     

    09:27:18.0877 14572 mountmgr - ok


     

    09:27:18.0877 14572 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys


     

    09:27:18.0877 14572 mpio - ok


     

    09:27:18.0877 14572 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys


     

    09:27:18.0877 14572 mpsdrv - ok


     

    09:27:18.0887 14572 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll


     

    09:27:18.0897 14572 MpsSvc - ok


     

    09:27:18.0897 14572 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys


     

    09:27:18.0897 14572 MRxDAV - ok


     

    09:27:18.0907 14572 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys


     

    09:27:18.0907 14572 mrxsmb - ok


     

    09:27:18.0907 14572 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys


     

    09:27:18.0907 14572 mrxsmb10 - ok


     

    09:27:18.0917 14572 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys


     

    09:27:18.0917 14572 mrxsmb20 - ok


     

    09:27:18.0917 14572 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys


     

    09:27:18.0917 14572 msahci - ok


     

    09:27:18.0917 14572 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys


     

    09:27:18.0917 14572 msdsm - ok


     

    09:27:18.0927 14572 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe


     

    09:27:18.0927 14572 MSDTC - ok


     

    09:27:18.0927 14572 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys


     

    09:27:18.0927 14572 Msfs - ok


     

    09:27:18.0927 14572 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys


     

    09:27:18.0927 14572 mshidkmdf - ok


     

    09:27:18.0937 14572 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys


     

    09:27:18.0937 14572 msisadrv - ok


     

    09:27:18.0937 14572 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll


     

    09:27:18.0937 14572 MSiSCSI - ok


     

    09:27:18.0937 14572 msiserver - ok


     

    09:27:18.0937 14572 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys


     

    09:27:18.0937 14572 MSKSSRV - ok


     

    09:27:18.0947 14572 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys


     

    09:27:18.0947 14572 MSPCLOCK - ok


     

    09:27:18.0947 14572 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys


     

    09:27:18.0947 14572 MSPQM - ok


     

    09:27:18.0947 14572 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys


     

    09:27:18.0957 14572 MsRPC - ok


     

    09:27:18.0957 14572 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys


     

    09:27:18.0957 14572 mssmbios - ok


     

    09:27:18.0957 14572 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys


     

    09:27:18.0957 14572 MSTEE - ok


     

    09:27:18.0957 14572 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys


     

    09:27:18.0957 14572 MTConfig - ok


     

    09:27:18.0967 14572 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys


     

    09:27:18.0967 14572 Mup - ok


     

    09:27:18.0967 14572 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll


     

    09:27:18.0977 14572 napagent - ok


     

    09:27:18.0977 14572 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys


     

    09:27:18.0977 14572 NativeWifiP - ok


     

    09:27:18.0987 14572 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys


     

    09:27:18.0997 14572 NDIS - ok


     

    09:27:18.0997 14572 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys


     

    09:27:18.0997 14572 NdisCap - ok


     

    09:27:18.0997 14572 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys


     

    09:27:18.0997 14572 NdisTapi - ok


     

    09:27:19.0007 14572 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys


     

    09:27:19.0007 14572 Ndisuio - ok


     

    09:27:19.0007 14572 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys


     

    09:27:19.0007 14572 NdisWan - ok


     

    09:27:19.0007 14572 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys


     

    09:27:19.0007 14572 NDProxy - ok


     

    09:27:19.0017 14572 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys


     

    09:27:19.0017 14572 NetBIOS - ok


     

    09:27:19.0017 14572 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys


     

    09:27:19.0017 14572 NetBT - ok


     

    09:27:19.0017 14572 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe


     

    09:27:19.0017 14572 Netlogon - ok


     

    09:27:19.0027 14572 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll


     

    09:27:19.0027 14572 Netman - ok


     

    09:27:19.0027 14572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe


     

    09:27:19.0027 14572 NetMsmqActivator - ok


     

    09:27:19.0037 14572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe


     

    09:27:19.0037 14572 NetPipeActivator - ok


     

    09:27:19.0037 14572 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll


     

    09:27:19.0047 14572 netprofm - ok


     

    09:27:19.0047 14572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe


     

    09:27:19.0047 14572 NetTcpActivator - ok


     

    09:27:19.0047 14572 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe


     

    09:27:19.0047 14572 NetTcpPortSharing - ok


     

    09:27:19.0047 14572 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys


     

    09:27:19.0047 14572 nfrd960 - ok


     

    09:27:19.0057 14572 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll


     

    09:27:19.0057 14572 NlaSvc - ok


     

    09:27:19.0057 14572 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys


     

    09:27:19.0057 14572 Npfs - ok


     

    09:27:19.0067 14572 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll


     

    09:27:19.0067 14572 nsi - ok


     

    09:27:19.0067 14572 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys


     

    09:27:19.0067 14572 nsiproxy - ok


     

    09:27:19.0077 14572 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys


     

    09:27:19.0087 14572 Ntfs - ok


     

    09:27:19.0097 14572 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys


     

    09:27:19.0097 14572 Null - ok


     

    09:27:19.0097 14572 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys


     

    09:27:19.0097 14572 NVHDA - ok


     

    09:27:19.0207 14572 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys


     

    09:27:19.0317 14572 nvlddmkm - ok


     

    09:27:19.0317 14572 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys


     

    09:27:19.0317 14572 nvraid - ok


     

    09:27:19.0327 14572 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys


     

    09:27:19.0327 14572 nvstor - ok


     

    09:27:19.0337 14572 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe


     

    09:27:19.0337 14572 nvsvc - ok


     

    09:27:19.0347 14572 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe


     

    09:27:19.0357 14572 nvUpdatusService - ok


     

    09:27:19.0367 14572 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys


     

    09:27:19.0367 14572 nv_agp - ok


     

    09:27:19.0367 14572 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys


     

    09:27:19.0367 14572 ohci1394 - ok


     

    09:27:19.0367 14572 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll


     

    09:27:19.0377 14572 p2pimsvc - ok


     

    09:27:19.0377 14572 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll


     

    09:27:19.0387 14572 p2psvc - ok


     

    09:27:19.0387 14572 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys


     

    09:27:19.0387 14572 Parport - ok


     

    09:27:19.0387 14572 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys


     

    09:27:19.0387 14572 partmgr - ok


     

    09:27:19.0397 14572 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll


     

    09:27:19.0397 14572 PcaSvc - ok


     

    09:27:19.0397 14572 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys


     

    09:27:19.0397 14572 pci - ok


     

    09:27:19.0407 14572 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys


     

    09:27:19.0407 14572 pciide - ok


     

    09:27:19.0407 14572 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys


     

    09:27:19.0407 14572 pcmcia - ok


     

    09:27:19.0407 14572 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys


     

    09:27:19.0407 14572 pcw - ok


     

    09:27:19.0417 14572 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys


     

    09:27:19.0427 14572 PEAUTH - ok


     

    09:27:19.0437 14572 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll


     

    09:27:19.0447 14572 PeerDistSvc - ok


     

    09:27:19.0467 14572 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe


     

    09:27:19.0467 14572 PerfHost - ok


     

    09:27:19.0477 14572 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll


     

    09:27:19.0497 14572 pla - ok


     

    09:27:19.0497 14572 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll


     

    09:27:19.0507 14572 PlugPlay - ok


     

    09:27:19.0507 14572 PnkBstrA - ok


     

    09:27:19.0507 14572 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll


     

    09:27:19.0507 14572 PNRPAutoReg - ok


     

    09:27:19.0507 14572 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll


     

    09:27:19.0517 14572 PNRPsvc - ok


     

    09:27:19.0517 14572 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll


     

    09:27:19.0527 14572 PolicyAgent - ok


     

    09:27:19.0527 14572 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll


     

    09:27:19.0527 14572 Power - ok


     

    09:27:19.0527 14572 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys


     

    09:27:19.0537 14572 PptpMiniport - ok


     

    09:27:19.0537 14572 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys


     

    09:27:19.0537 14572 Processor - ok


     

    09:27:19.0537 14572 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll


     

    09:27:19.0537 14572 ProfSvc - ok


     

    09:27:19.0547 14572 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe


     

    09:27:19.0547 14572 ProtectedStorage - ok


     

    09:27:19.0547 14572 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys


     

    09:27:19.0547 14572 Psched - ok


     

    09:27:19.0557 14572 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys


     

    09:27:19.0567 14572 ql2300 - ok


     

    09:27:19.0577 14572 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys


     

    09:27:19.0577 14572 ql40xx - ok


     

    09:27:19.0577 14572 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll


     

    09:27:19.0577 14572 QWAVE - ok


     

    09:27:19.0587 14572 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys


     

    09:27:19.0587 14572 QWAVEdrv - ok


     

    09:27:19.0587 14572 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys


     

    09:27:19.0587 14572 RasAcd - ok


     

    09:27:19.0587 14572 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys


     

    09:27:19.0587 14572 RasAgileVpn - ok


     

    09:27:19.0587 14572 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll


     

    09:27:19.0597 14572 RasAuto - ok


     

    09:27:19.0597 14572 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys


     

    09:27:19.0597 14572 Rasl2tp - ok


     

    09:27:19.0597 14572 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll


     

    09:27:19.0607 14572 RasMan - ok


     

    09:27:19.0607 14572 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys


     

    09:27:19.0607 14572 RasPppoe - ok


     

    09:27:19.0607 14572 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys


     

    09:27:19.0607 14572 RasSstp - ok


     

    09:27:19.0617 14572 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys


     

    09:27:19.0617 14572 rdbss - ok


     

    09:27:19.0617 14572 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys


     

    09:27:19.0617 14572 rdpbus - ok


     

    09:27:19.0617 14572 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys


     

    09:27:19.0617 14572 RDPCDD - ok


     

    09:27:19.0627 14572 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys


     

    09:27:19.0627 14572 RDPDR - ok


     

    09:27:19.0627 14572 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys


     

    09:27:19.0627 14572 RDPENCDD - ok


     

    09:27:19.0627 14572 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys


     

    09:27:19.0627 14572 RDPREFMP - ok


     

    09:27:19.0637 14572 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys


     

    09:27:19.0637 14572 RdpVideoMiniport - ok


     

    09:27:19.0637 14572 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys


     

    09:27:19.0637 14572 RDPWD - ok


     

    09:27:19.0637 14572 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys


     

    09:27:19.0647 14572 rdyboost - ok


     

    09:27:19.0647 14572 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll


     

    09:27:19.0647 14572 RemoteAccess - ok


     

    09:27:19.0647 14572 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll


     

    09:27:19.0647 14572 RemoteRegistry - ok


     

    09:27:19.0657 14572 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll


     

    09:27:19.0657 14572 RpcEptMapper - ok


     

    09:27:19.0657 14572 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe


     

    09:27:19.0657 14572 RpcLocator - ok


     

    09:27:19.0667 14572 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll


     

    09:27:19.0667 14572 RpcSs - ok


     

    09:27:19.0667 14572 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys


     

    09:27:19.0667 14572 rspndr - ok


     

    09:27:19.0667 14572 [ 7F7B8CDE26C4943C9465E412ADBB790F ] RTCore64 C:\Program Files (x86)\MSI Afterburner\RTCore64.sys


     

    09:27:19.0667 14572 RTCore64 - ok


     

    09:27:19.0677 14572 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys


     

    09:27:19.0677 14572 s3cap - ok


     

    09:27:19.0677 14572 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe


     

    09:27:19.0677 14572 SamSs - ok


     

    09:27:19.0677 14572 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys


     

    09:27:19.0677 14572 sbp2port - ok


     

    09:27:19.0687 14572 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll


     

    09:27:19.0687 14572 SCardSvr - ok


     

    09:27:19.0687 14572 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys


     

    09:27:19.0687 14572 scfilter - ok


     

    09:27:19.0697 14572 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll


     

    09:27:19.0707 14572 Schedule - ok


     

    09:27:19.0707 14572 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll


     

    09:27:19.0707 14572 SCPolicySvc - ok


     

    09:27:19.0707 14572 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll


     

    09:27:19.0717 14572 SDRSVC - ok


     

    09:27:19.0717 14572 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys


     

    09:27:19.0717 14572 secdrv - ok


     

    09:27:19.0717 14572 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll


     

    09:27:19.0717 14572 seclogon - ok


     

    09:27:19.0717 14572 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll


     

    09:27:19.0717 14572 SENS - ok


     

    09:27:19.0727 14572 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll


     

    09:27:19.0727 14572 SensrSvc - ok


     

    09:27:19.0727 14572 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys


     

    09:27:19.0727 14572 Serenum - ok


     

    09:27:19.0727 14572 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys


     

    09:27:19.0727 14572 Serial - ok


     

    09:27:19.0727 14572 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys


     

    09:27:19.0737 14572 sermouse - ok


     

    09:27:19.0737 14572 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll


     

    09:27:19.0737 14572 SessionEnv - ok


     

    09:27:19.0737 14572 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys


     

    09:27:19.0737 14572 sffdisk - ok


     

    09:27:19.0747 14572 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys


     

    09:27:19.0747 14572 sffp_mmc - ok


     

    09:27:19.0747 14572 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys


     

    09:27:19.0747 14572 sffp_sd - ok


     

    09:27:19.0747 14572 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys


     

    09:27:19.0747 14572 sfloppy - ok


     

    09:27:19.0757 14572 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll


     

    09:27:19.0757 14572 SharedAccess - ok


     

    09:27:19.0757 14572 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll


     

    09:27:19.0767 14572 ShellHWDetection - ok


     

    09:27:19.0767 14572 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys


     

    09:27:19.0767 14572 SiSRaid2 - ok


     

    09:27:19.0767 14572 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys


     

    09:27:19.0767 14572 SiSRaid4 - ok


     

    09:27:19.0767 14572 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys


     

    09:27:19.0777 14572 Smb - ok


     

    09:27:19.0777 14572 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe


     

    09:27:19.0777 14572 SNMPTRAP - ok


     

    09:27:19.0777 14572 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys


     

    09:27:19.0777 14572 speedfan - ok


     

    09:27:19.0777 14572 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys


     

    09:27:19.0787 14572 spldr - ok


     

    09:27:19.0787 14572 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe


     

    09:27:19.0797 14572 Spooler - ok


     

    09:27:19.0817 14572 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe


     

    09:27:19.0847 14572 sppsvc - ok


     

    09:27:19.0847 14572 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll


     

    09:27:19.0847 14572 sppuinotify - ok


     

    09:27:19.0857 14572 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys


     

    09:27:19.0857 14572 srv - ok


     

    09:27:19.0867 14572 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys


     

    09:27:19.0867 14572 srv2 - ok


     

    09:27:19.0867 14572 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys


     

    09:27:19.0867 14572 srvnet - ok


     

    09:27:19.0877 14572 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll


     

    09:27:19.0877 14572 SSDPSRV - ok


     

    09:27:19.0877 14572 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll


     

    09:27:19.0877 14572 SstpSvc - ok


     

    09:27:19.0877 14572 Steam Client Service - ok


     

    09:27:19.0887 14572 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe


     

    09:27:19.0887 14572 Stereo Service - ok


     

    09:27:19.0887 14572 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys


     

    09:27:19.0887 14572 stexstor - ok


     

    09:27:19.0897 14572 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll


     

    09:27:19.0907 14572 stisvc - ok


     

    09:27:19.0907 14572 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys


     

    09:27:19.0907 14572 storflt - ok


     

    09:27:19.0907 14572 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys


     

    09:27:19.0907 14572 storvsc - ok


     

    09:27:19.0907 14572 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys


     

    09:27:19.0907 14572 swenum - ok


     

    09:27:19.0917 14572 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll


     

    09:27:19.0927 14572 swprv - ok


     

    09:27:19.0927 14572 Synth3dVsc - ok


     

    09:27:19.0937 14572 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll


     

    09:27:19.0947 14572 SysMain - ok


     

    09:27:19.0957 14572 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll


     

    09:27:19.0957 14572 TabletInputService - ok


     

    09:27:19.0957 14572 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll


     

    09:27:19.0967 14572 TapiSrv - ok


     

    09:27:19.0967 14572 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll


     

    09:27:19.0967 14572 TBS - ok


     

    09:27:19.0977 14572 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys


     

    09:27:19.0997 14572 Tcpip - ok


     

    09:27:20.0007 14572 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys


     

    09:27:20.0017 14572 TCPIP6 - ok


     

    09:27:20.0017 14572 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys


     

    09:27:20.0017 14572 tcpipreg - ok


     

    09:27:20.0027 14572 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys


     

    09:27:20.0027 14572 TDPIPE - ok


     

    09:27:20.0027 14572 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys


     

    09:27:20.0027 14572 TDTCP - ok


     

    09:27:20.0027 14572 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys


     

    09:27:20.0027 14572 tdx - ok


     

    09:27:20.0037 14572 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys


     

    09:27:20.0037 14572 TermDD - ok


     

    09:27:20.0037 14572 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll


     

    09:27:20.0047 14572 TermService - ok


     

    09:27:20.0047 14572 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll


     

    09:27:20.0047 14572 Themes - ok


     

    09:27:20.0047 14572 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll


     

    09:27:20.0047 14572 THREADORDER - ok


     

    09:27:20.0057 14572 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll


     

    09:27:20.0057 14572 TrkWks - ok


     

    09:27:20.0057 14572 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe


     

    09:27:20.0057 14572 TrustedInstaller - ok


     

    09:27:20.0067 14572 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys


     

    09:27:20.0067 14572 tssecsrv - ok


     

    09:27:20.0067 14572 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys


     

    09:27:20.0067 14572 TsUsbFlt - ok


     

    09:27:20.0067 14572 tsusbhub - ok


     

    09:27:20.0067 14572 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys


     

    09:27:20.0077 14572 tunnel - ok


     

    09:27:20.0077 14572 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys


     

    09:27:20.0077 14572 uagp35 - ok


     

    09:27:20.0077 14572 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys


     

    09:27:20.0087 14572 udfs - ok


     

    09:27:20.0087 14572 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe


     

    09:27:20.0087 14572 UI0Detect - ok


     

    09:27:20.0087 14572 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys


     

    09:27:20.0087 14572 uliagpkx - ok


     

    09:27:20.0087 14572 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys


     

    09:27:20.0097 14572 umbus - ok


     

    09:27:20.0097 14572 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys


     

    09:27:20.0097 14572 UmPass - ok


     

    09:27:20.0097 14572 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll


     

    09:27:20.0097 14572 UmRdpService - ok


     

    09:27:20.0107 14572 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll


     

    09:27:20.0107 14572 upnphost - ok


     

    09:27:20.0107 14572 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys


     

    09:27:20.0107 14572 USBAAPL64 - ok


     

    09:27:20.0117 14572 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys


     

    09:27:20.0117 14572 usbaudio - ok


     

    09:27:20.0117 14572 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys


     

    09:27:20.0117 14572 usbccgp - ok


     

    09:27:20.0117 14572 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys


     

    09:27:20.0117 14572 usbcir - ok


     

    09:27:20.0127 14572 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys


     

    09:27:20.0127 14572 usbehci - ok


     

    09:27:20.0127 14572 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys


     

    09:27:20.0127 14572 usbhub - ok


     

    09:27:20.0127 14572 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys


     

    09:27:20.0137 14572 usbohci - ok


     

    09:27:20.0137 14572 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys


     

    09:27:20.0137 14572 usbprint - ok


     

    09:27:20.0137 14572 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS


     

    09:27:20.0137 14572 USBSTOR - ok


     

    09:27:20.0137 14572 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys


     

    09:27:20.0137 14572 usbuhci - ok


     

    09:27:20.0147 14572 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll


     

    09:27:20.0147 14572 UxSms - ok


     

    09:27:20.0147 14572 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe


     

    09:27:20.0147 14572 VaultSvc - ok


     

    09:27:20.0147 14572 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys


     

    09:27:20.0147 14572 vdrvroot - ok


     

    09:27:20.0157 14572 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe


     

    09:27:20.0157 14572 vds - ok


     

    09:27:20.0157 14572 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys


     

    09:27:20.0157 14572 vga - ok


     

    09:27:20.0167 14572 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys


     

    09:27:20.0167 14572 VgaSave - ok


     

    09:27:20.0167 14572 VGPU - ok


     

    09:27:20.0167 14572 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys


     

    09:27:20.0167 14572 vhdmp - ok


     

    09:27:20.0167 14572 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys


     

    09:27:20.0177 14572 viaide - ok


     

    09:27:20.0177 14572 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys


     

    09:27:20.0177 14572 vmbus - ok


     

    09:27:20.0177 14572 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys


     

    09:27:20.0177 14572 VMBusHID - ok


     

    09:27:20.0177 14572 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys


     

    09:27:20.0187 14572 volmgr - ok


     

    09:27:20.0187 14572 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys


     

    09:27:20.0187 14572 volmgrx - ok


     

    09:27:20.0197 14572 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys


     

    09:27:20.0197 14572 volsnap - ok


     

    09:27:20.0197 14572 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys


     

    09:27:20.0197 14572 vsmraid - ok


     

    09:27:20.0217 14572 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe


     

    09:27:20.0227 14572 VSS - ok


     

    09:27:20.0227 14572 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys


     

    09:27:20.0227 14572 vwifibus - ok


     

    09:27:20.0237 14572 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll


     

    09:27:20.0237 14572 W32Time - ok


     

    09:27:20.0237 14572 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys


     

    09:27:20.0237 14572 WacomPen - ok


     

    09:27:20.0237 14572 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys


     

    09:27:20.0247 14572 WANARP - ok


     

    09:27:20.0247 14572 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys


     

    09:27:20.0247 14572 Wanarpv6 - ok


     

    09:27:20.0257 14572 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe


     

    09:27:20.0267 14572 WatAdminSvc - ok


     

    09:27:20.0277 14572 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe


     

    09:27:20.0287 14572 wbengine - ok


     

    09:27:20.0297 14572 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll


     

    09:27:20.0297 14572 WbioSrvc - ok


     

    09:27:20.0297 14572 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll


     

    09:27:20.0307 14572 wcncsvc - ok


     

    09:27:20.0307 14572 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll


     

    09:27:20.0307 14572 WcsPlugInService - ok


     

    09:27:20.0307 14572 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys


     

    09:27:20.0307 14572 Wd - ok


     

    09:27:20.0317 14572 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys


     

    09:27:20.0317 14572 Wdf01000 - ok


     

    09:27:20.0327 14572 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll


     

    09:27:20.0327 14572 WdiServiceHost - ok


     

    09:27:20.0327 14572 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll


     

    09:27:20.0327 14572 WdiSystemHost - ok


     

    09:27:20.0327 14572 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll


     

    09:27:20.0337 14572 WebClient - ok


     

    09:27:20.0337 14572 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll


     

    09:27:20.0337 14572 Wecsvc - ok


     

    09:27:20.0337 14572 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll


     

    09:27:20.0347 14572 wercplsupport - ok


     

    09:27:20.0347 14572 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll


     

    09:27:20.0347 14572 WerSvc - ok


     

    09:27:20.0347 14572 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys


     

    09:27:20.0347 14572 WfpLwf - ok


     

    09:27:20.0347 14572 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys


     

    09:27:20.0347 14572 WIMMount - ok


     

    09:27:20.0357 14572 WinDefend - ok


     

    09:27:20.0357 14572 WinHttpAutoProxySvc - ok


     

    09:27:20.0367 14572 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll


     

    09:27:20.0367 14572 Winmgmt - ok


     

    09:27:20.0387 14572 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll


     

    09:27:20.0397 14572 WinRM - ok


     

    09:27:20.0397 14572 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys


     

    09:27:20.0407 14572 WinUsb - ok


     

    09:27:20.0407 14572 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll


     

    09:27:20.0417 14572 Wlansvc - ok


     

    09:27:20.0437 14572 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE


     

    09:27:20.0457 14572 wlidsvc - ok


     

    09:27:20.0457 14572 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys


     

    09:27:20.0457 14572 WmiAcpi - ok


     

    09:27:20.0457 14572 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe


     

    09:27:20.0457 14572 wmiApSrv - ok


     

    09:27:20.0467 14572 WMPNetworkSvc - ok


     

    09:27:20.0467 14572 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll


     

    09:27:20.0467 14572 WPCSvc - ok


     

    09:27:20.0467 14572 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll


     

    09:27:20.0467 14572 WPDBusEnum - ok


     

    09:27:20.0467 14572 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys


     

    09:27:20.0467 14572 ws2ifsl - ok


     

    09:27:20.0477 14572 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll


     

    09:27:20.0477 14572 wscsvc - ok


     

    09:27:20.0477 14572 WSearch - ok


     

    09:27:20.0497 14572 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll


     

    09:27:20.0517 14572 wuauserv - ok


     

    09:27:20.0517 14572 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys


     

    09:27:20.0517 14572 WudfPf - ok


     

    09:27:20.0527 14572 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys


     

    09:27:20.0527 14572 WUDFRd - ok


     

    09:27:20.0527 14572 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll


     

    09:27:20.0527 14572 wudfsvc - ok


     

    09:27:20.0527 14572 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll


     

    09:27:20.0537 14572 WwanSvc - ok


     

    09:27:20.0537 14572 X6va006 - ok


     

    09:27:20.0537 14572 X6va008 - ok


     

    09:27:20.0537 14572 ================ Scan global ===============================


     

    09:27:20.0547 14572 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll


     

    09:27:20.0547 14572 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll


     

    09:27:20.0547 14572 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll


     

    09:27:20.0557 14572 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll


     

    09:27:20.0557 14572 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe


     

    09:27:20.0557 14572 [Global] - ok


     

    09:27:20.0557 14572 ================ Scan MBR ==================================


     

    09:27:20.0567 14572 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0


     

    09:27:20.0697 14572 \Device\Harddisk0\DR0 - ok


     

    09:27:20.0697 14572 ================ Scan VBR ==================================


     

    09:27:20.0697 14572 [ 1F2FBCAA2A54DE97C7ADFBB9A4678A67 ] \Device\Harddisk0\DR0\Partition1


     

    09:27:20.0697 14572 \Device\Harddisk0\DR0\Partition1 - ok


     

    09:27:20.0697 14572 [ 5A2ACF52C988B9720EBAFCF1CC3AB243 ] \Device\Harddisk0\DR0\Partition2


     

    09:27:20.0697 14572 \Device\Harddisk0\DR0\Partition2 - ok


     

    09:27:20.0697 14572 ============================================================


     

    09:27:20.0697 14572 Scan finished


     

    09:27:20.0697 14572 ============================================================


     

    09:27:20.0707 9868 Detected object count: 0


     

    09:27:20.0707 9868 Actual detected object count: 0



    #9 rendog

    rendog
    • Topic Starter

    • Members
    • 22 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:12:57 AM

    Posted 08 February 2013 - 09:29 AM

    09:27:14.0807 14164  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
    09:27:15.0167 14164  ============================================================
    09:27:15.0167 14164  Current date / time: 2013/02/08 09:27:15.0167
    09:27:15.0167 14164  SystemInfo:
    09:27:15.0167 14164 
    09:27:15.0167 14164  OS Version: 6.1.7601 ServicePack: 1.0
    09:27:15.0167 14164  Product type: Workstation
    09:27:15.0167 14164  ComputerName: HAF932
    09:27:15.0167 14164  UserName: User
    09:27:15.0167 14164  Windows directory: C:\Windows
    09:27:15.0167 14164  System windows directory: C:\Windows
    09:27:15.0167 14164  Running under WOW64
    09:27:15.0167 14164  Processor architecture: Intel x64
    09:27:15.0167 14164  Number of processors: 4
    09:27:15.0167 14164  Page size: 0x1000
    09:27:15.0167 14164  Boot type: Normal boot
    09:27:15.0167 14164  ============================================================
    09:27:15.0287 14164  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    09:27:15.0287 14164  ============================================================
    09:27:15.0287 14164  \Device\Harddisk0\DR0:
    09:27:15.0287 14164  MBR partitions:
    09:27:15.0287 14164  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    09:27:15.0287 14164  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DC800
    09:27:15.0287 14164  ============================================================
    09:27:15.0287 14164  C: <-> \Device\Harddisk0\DR0\Partition2
    09:27:15.0287 14164  ============================================================
    09:27:15.0287 14164  Initialize success
    09:27:15.0287 14164  ============================================================
    09:27:17.0287 14572  ============================================================
    09:27:17.0287 14572  Scan started
    09:27:17.0287 14572  Mode: Manual;
    09:27:17.0287 14572  ============================================================
    09:27:17.0847 14572  ================ Scan system memory ========================
    09:27:17.0847 14572  System memory - ok
    09:27:17.0847 14572  ================ Scan services =============================
    09:27:17.0947 14572  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
    09:27:17.0947 14572  1394ohci - ok
    09:27:17.0957 14572  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
    09:27:17.0957 14572  ACPI - ok
    09:27:17.0967 14572  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
    09:27:17.0967 14572  AcpiPmi - ok
    09:27:17.0967 14572  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    09:27:17.0967 14572  AdobeARMservice - ok
    09:27:17.0977 14572  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
    09:27:17.0977 14572  adp94xx - ok
    09:27:17.0987 14572  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
    09:27:17.0987 14572  adpahci - ok
    09:27:17.0987 14572  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
    09:27:17.0997 14572  adpu320 - ok
    09:27:17.0997 14572  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
    09:27:17.0997 14572  AeLookupSvc - ok
    09:27:17.0997 14572  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
    09:27:18.0007 14572  AFD - ok
    09:27:18.0007 14572  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
    09:27:18.0007 14572  agp440 - ok
    09:27:18.0007 14572  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
    09:27:18.0007 14572  ALG - ok
    09:27:18.0017 14572  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
    09:27:18.0017 14572  aliide - ok
    09:27:18.0017 14572  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
    09:27:18.0017 14572  amdide - ok
    09:27:18.0017 14572  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
    09:27:18.0017 14572  AmdK8 - ok
    09:27:18.0017 14572  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
    09:27:18.0027 14572  AmdPPM - ok
    09:27:18.0027 14572  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
    09:27:18.0027 14572  amdsata - ok
    09:27:18.0027 14572  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
    09:27:18.0027 14572  amdsbs - ok
    09:27:18.0037 14572  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
    09:27:18.0037 14572  amdxata - ok
    09:27:18.0037 14572  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
    09:27:18.0037 14572  AppID - ok
    09:27:18.0037 14572  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
    09:27:18.0037 14572  AppIDSvc - ok
    09:27:18.0037 14572  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
    09:27:18.0037 14572  Appinfo - ok
    09:27:18.0047 14572  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    09:27:18.0047 14572  Apple Mobile Device - ok
    09:27:18.0047 14572  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
    09:27:18.0057 14572  AppMgmt - ok
    09:27:18.0057 14572  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
    09:27:18.0057 14572  arc - ok
    09:27:18.0057 14572  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
    09:27:18.0057 14572  arcsas - ok
    09:27:18.0077 14572  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
    09:27:18.0077 14572  AsIO - ok
    09:27:18.0087 14572  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    09:27:18.0087 14572  aspnet_state - ok
    09:27:18.0097 14572  [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
    09:27:18.0097 14572  AsUpIO - ok
    09:27:18.0097 14572  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
    09:27:18.0097 14572  AsyncMac - ok
    09:27:18.0097 14572  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
    09:27:18.0097 14572  atapi - ok
    09:27:18.0107 14572  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    09:27:18.0107 14572  AudioEndpointBuilder - ok
    09:27:18.0117 14572  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
    09:27:18.0117 14572  AudioSrv - ok
    09:27:18.0117 14572  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
    09:27:18.0117 14572  AxInstSV - ok
    09:27:18.0127 14572  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
    09:27:18.0127 14572  b06bdrv - ok
    09:27:18.0137 14572  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
    09:27:18.0137 14572  b57nd60a - ok
    09:27:18.0137 14572  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
    09:27:18.0147 14572  BDESVC - ok
    09:27:18.0147 14572  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
    09:27:18.0147 14572  Beep - ok
    09:27:18.0157 14572  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
    09:27:18.0157 14572  BFE - ok
    09:27:18.0167 14572  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
    09:27:18.0177 14572  BITS - ok
    09:27:18.0177 14572  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
    09:27:18.0177 14572  blbdrive - ok
    09:27:18.0187 14572  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    09:27:18.0187 14572  Bonjour Service - ok
    09:27:18.0187 14572  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
    09:27:18.0197 14572  bowser - ok
    09:27:18.0197 14572  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
    09:27:18.0197 14572  BrFiltLo - ok
    09:27:18.0197 14572  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
    09:27:18.0197 14572  BrFiltUp - ok
    09:27:18.0197 14572  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
    09:27:18.0197 14572  BridgeMP - ok
    09:27:18.0207 14572  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
    09:27:18.0207 14572  Browser - ok
    09:27:18.0207 14572  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
    09:27:18.0217 14572  Brserid - ok
    09:27:18.0217 14572  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
    09:27:18.0217 14572  BrSerWdm - ok
    09:27:18.0217 14572  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
    09:27:18.0217 14572  BrUsbMdm - ok
    09:27:18.0217 14572  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
    09:27:18.0217 14572  BrUsbSer - ok
    09:27:18.0217 14572  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
    09:27:18.0217 14572  BTHMODEM - ok
    09:27:18.0227 14572  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
    09:27:18.0227 14572  bthserv - ok
    09:27:18.0227 14572  catchme - ok
    09:27:18.0227 14572  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
    09:27:18.0227 14572  cdfs - ok
    09:27:18.0237 14572  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
    09:27:18.0237 14572  cdrom - ok
    09:27:18.0237 14572  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
    09:27:18.0237 14572  CertPropSvc - ok
    09:27:18.0237 14572  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
    09:27:18.0237 14572  circlass - ok
    09:27:18.0247 14572  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
    09:27:18.0247 14572  CLFS - ok
    09:27:18.0257 14572  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    09:27:18.0257 14572  clr_optimization_v2.0.50727_32 - ok
    09:27:18.0257 14572  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    09:27:18.0257 14572  clr_optimization_v2.0.50727_64 - ok
    09:27:18.0267 14572  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    09:27:18.0267 14572  clr_optimization_v4.0.30319_32 - ok
    09:27:18.0277 14572  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    09:27:18.0277 14572  clr_optimization_v4.0.30319_64 - ok
    09:27:18.0277 14572  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
    09:27:18.0277 14572  CmBatt - ok
    09:27:18.0277 14572  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
    09:27:18.0277 14572  cmdide - ok
    09:27:18.0287 14572  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
    09:27:18.0287 14572  CNG - ok
    09:27:18.0287 14572  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
    09:27:18.0287 14572  Compbatt - ok
    09:27:18.0297 14572  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
    09:27:18.0297 14572  CompositeBus - ok
    09:27:18.0297 14572  COMSysApp - ok
    09:27:18.0297 14572  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
    09:27:18.0297 14572  crcdisk - ok
    09:27:18.0297 14572  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
    09:27:18.0307 14572  CryptSvc - ok
    09:27:18.0307 14572  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
    09:27:18.0317 14572  CSC - ok
    09:27:18.0317 14572  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
    09:27:18.0327 14572  CscService - ok
    09:27:18.0327 14572  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
    09:27:18.0337 14572  DcomLaunch - ok
    09:27:18.0337 14572  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
    09:27:18.0347 14572  defragsvc - ok
    09:27:18.0347 14572  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
    09:27:18.0347 14572  DfsC - ok
    09:27:18.0347 14572  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
    09:27:18.0357 14572  Dhcp - ok
    09:27:18.0357 14572  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
    09:27:18.0357 14572  discache - ok
    09:27:18.0357 14572  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
    09:27:18.0357 14572  Disk - ok
    09:27:18.0357 14572  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
    09:27:18.0367 14572  Dnscache - ok
    09:27:18.0367 14572  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
    09:27:18.0367 14572  dot3svc - ok
    09:27:18.0367 14572  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
    09:27:18.0377 14572  DPS - ok
    09:27:18.0377 14572  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
    09:27:18.0377 14572  drmkaud - ok
    09:27:18.0377 14572  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
    09:27:18.0387 14572  dtsoftbus01 - ok
    09:27:18.0387 14572  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
    09:27:18.0397 14572  DXGKrnl - ok
    09:27:18.0407 14572  [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
    09:27:18.0407 14572  e1cexpress - ok
    09:27:18.0407 14572  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
    09:27:18.0407 14572  EapHost - ok
    09:27:18.0437 14572  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
    09:27:18.0457 14572  ebdrv - ok
    09:27:18.0457 14572  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
    09:27:18.0457 14572  EFS - ok
    09:27:18.0467 14572  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
    09:27:18.0477 14572  ehRecvr - ok
    09:27:18.0477 14572  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
    09:27:18.0477 14572  ehSched - ok
    09:27:18.0487 14572  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
    09:27:18.0487 14572  elxstor - ok
    09:27:18.0487 14572  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
    09:27:18.0487 14572  ErrDev - ok
    09:27:18.0497 14572  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
    09:27:18.0497 14572  EventSystem - ok
    09:27:18.0507 14572  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
    09:27:18.0507 14572  exfat - ok
    09:27:18.0507 14572  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
    09:27:18.0507 14572  fastfat - ok
    09:27:18.0517 14572  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
    09:27:18.0527 14572  Fax - ok
    09:27:18.0527 14572  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
    09:27:18.0527 14572  fdc - ok
    09:27:18.0527 14572  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
    09:27:18.0527 14572  fdPHost - ok
    09:27:18.0527 14572  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
    09:27:18.0527 14572  FDResPub - ok
    09:27:18.0527 14572  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
    09:27:18.0537 14572  FileInfo - ok
    09:27:18.0537 14572  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
    09:27:18.0537 14572  Filetrace - ok
    09:27:18.0537 14572  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
    09:27:18.0537 14572  flpydisk - ok
    09:27:18.0537 14572  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
    09:27:18.0547 14572  FltMgr - ok
    09:27:18.0557 14572  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
    09:27:18.0567 14572  FontCache - ok
    09:27:18.0577 14572  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    09:27:18.0577 14572  FontCache3.0.0.0 - ok
    09:27:18.0577 14572  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
    09:27:18.0577 14572  FsDepends - ok
    09:27:18.0577 14572  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
    09:27:18.0577 14572  Fs_Rec - ok
    09:27:18.0587 14572  [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
    09:27:18.0587 14572  Futuremark SystemInfo Service - ok
    09:27:18.0587 14572  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
    09:27:18.0587 14572  fvevol - ok
    09:27:18.0597 14572  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
    09:27:18.0597 14572  gagp30kx - ok
    09:27:18.0597 14572  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    09:27:18.0597 14572  GEARAspiWDM - ok
    09:27:18.0607 14572  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
    09:27:18.0607 14572  gpsvc - ok
    09:27:18.0607 14572  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
    09:27:18.0607 14572  hcw85cir - ok
    09:27:18.0617 14572  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    09:27:18.0617 14572  HdAudAddService - ok
    09:27:18.0617 14572  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
    09:27:18.0627 14572  HDAudBus - ok
    09:27:18.0627 14572  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
    09:27:18.0627 14572  HidBatt - ok
    09:27:18.0627 14572  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
    09:27:18.0627 14572  HidBth - ok
    09:27:18.0627 14572  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
    09:27:18.0627 14572  HidIr - ok
    09:27:18.0637 14572  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
    09:27:18.0637 14572  hidserv - ok
    09:27:18.0637 14572  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
    09:27:18.0637 14572  HidUsb - ok
    09:27:18.0637 14572  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
    09:27:18.0637 14572  hkmsvc - ok
    09:27:18.0647 14572  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    09:27:18.0647 14572  HomeGroupListener - ok
    09:27:18.0647 14572  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    09:27:18.0647 14572  HomeGroupProvider - ok
    09:27:18.0647 14572  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
    09:27:18.0657 14572  HpSAMD - ok
    09:27:18.0657 14572  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
    09:27:18.0667 14572  HTTP - ok
    09:27:18.0667 14572  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
    09:27:18.0667 14572  hwpolicy - ok
    09:27:18.0667 14572  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
    09:27:18.0667 14572  i8042prt - ok
    09:27:18.0677 14572  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
    09:27:18.0677 14572  iaStorV - ok
    09:27:18.0687 14572  [ C1010ADD3DDAE1196ED21057AF7B2AAE ] ICCWDT          C:\Windows\system32\DRIVERS\ICCWDT.sys
    09:27:18.0687 14572  ICCWDT - ok
    09:27:18.0687 14572  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    09:27:18.0697 14572  idsvc - ok
    09:27:18.0697 14572  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
    09:27:18.0697 14572  iirsp - ok
    09:27:18.0707 14572  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
    09:27:18.0717 14572  IKEEXT - ok
    09:27:18.0717 14572  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
    09:27:18.0717 14572  intelide - ok
    09:27:18.0727 14572  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
    09:27:18.0727 14572  intelppm - ok
    09:27:18.0727 14572  [ 068EC06F3B6DD7B81B365D8FD2CE27E6 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
    09:27:18.0727 14572  Intel® PROSet Monitoring Service - ok
    09:27:18.0727 14572  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
    09:27:18.0727 14572  IPBusEnum - ok
    09:27:18.0737 14572  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
    09:27:18.0737 14572  IpFilterDriver - ok
    09:27:18.0737 14572  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
    09:27:18.0747 14572  iphlpsvc - ok
    09:27:18.0747 14572  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
    09:27:18.0747 14572  IPMIDRV - ok
    09:27:18.0747 14572  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
    09:27:18.0747 14572  IPNAT - ok
    09:27:18.0757 14572  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
    09:27:18.0767 14572  iPod Service - ok
    09:27:18.0767 14572  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
    09:27:18.0767 14572  IRENUM - ok
    09:27:18.0777 14572  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
    09:27:18.0777 14572  isapnp - ok
    09:27:18.0777 14572  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
    09:27:18.0777 14572  iScsiPrt - ok
    09:27:18.0777 14572  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
    09:27:18.0777 14572  kbdclass - ok
    09:27:18.0787 14572  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
    09:27:18.0787 14572  kbdhid - ok
    09:27:18.0787 14572  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
    09:27:18.0787 14572  KeyIso - ok
    09:27:18.0787 14572  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
    09:27:18.0787 14572  KSecDD - ok
    09:27:18.0797 14572  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
    09:27:18.0797 14572  KSecPkg - ok
    09:27:18.0797 14572  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
    09:27:18.0797 14572  ksthunk - ok
    09:27:18.0797 14572  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
    09:27:18.0807 14572  KtmRm - ok
    09:27:18.0807 14572  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
    09:27:18.0807 14572  LanmanServer - ok
    09:27:18.0807 14572  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    09:27:18.0817 14572  LanmanWorkstation - ok
    09:27:18.0817 14572  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
    09:27:18.0817 14572  lltdio - ok
    09:27:18.0817 14572  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
    09:27:18.0827 14572  lltdsvc - ok
    09:27:18.0827 14572  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
    09:27:18.0827 14572  lmhosts - ok
    09:27:18.0827 14572  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
    09:27:18.0827 14572  LSI_FC - ok
    09:27:18.0827 14572  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
    09:27:18.0837 14572  LSI_SAS - ok
    09:27:18.0837 14572  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
    09:27:18.0837 14572  LSI_SAS2 - ok
    09:27:18.0837 14572  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
    09:27:18.0837 14572  LSI_SCSI - ok
    09:27:18.0837 14572  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
    09:27:18.0837 14572  luafv - ok
    09:27:18.0847 14572  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
    09:27:18.0847 14572  Mcx2Svc - ok
    09:27:18.0847 14572  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
    09:27:18.0847 14572  megasas - ok
    09:27:18.0847 14572  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
    09:27:18.0857 14572  MegaSR - ok
    09:27:18.0857 14572  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
    09:27:18.0857 14572  MEIx64 - ok
    09:27:18.0857 14572  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
    09:27:18.0857 14572  MMCSS - ok
    09:27:18.0857 14572  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
    09:27:18.0857 14572  Modem - ok
    09:27:18.0867 14572  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
    09:27:18.0867 14572  monitor - ok
    09:27:18.0867 14572  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
    09:27:18.0867 14572  mouclass - ok
    09:27:18.0867 14572  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
    09:27:18.0867 14572  mouhid - ok
    09:27:18.0867 14572  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
    09:27:18.0877 14572  mountmgr - ok
    09:27:18.0877 14572  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
    09:27:18.0877 14572  mpio - ok
    09:27:18.0877 14572  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
    09:27:18.0877 14572  mpsdrv - ok
    09:27:18.0887 14572  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
    09:27:18.0897 14572  MpsSvc - ok
    09:27:18.0897 14572  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
    09:27:18.0897 14572  MRxDAV - ok
    09:27:18.0907 14572  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
    09:27:18.0907 14572  mrxsmb - ok
    09:27:18.0907 14572  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
    09:27:18.0907 14572  mrxsmb10 - ok
    09:27:18.0917 14572  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
    09:27:18.0917 14572  mrxsmb20 - ok
    09:27:18.0917 14572  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
    09:27:18.0917 14572  msahci - ok
    09:27:18.0917 14572  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
    09:27:18.0917 14572  msdsm - ok
    09:27:18.0927 14572  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
    09:27:18.0927 14572  MSDTC - ok
    09:27:18.0927 14572  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
    09:27:18.0927 14572  Msfs - ok
    09:27:18.0927 14572  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
    09:27:18.0927 14572  mshidkmdf - ok
    09:27:18.0937 14572  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
    09:27:18.0937 14572  msisadrv - ok
    09:27:18.0937 14572  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
    09:27:18.0937 14572  MSiSCSI - ok
    09:27:18.0937 14572  msiserver - ok
    09:27:18.0937 14572  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
    09:27:18.0937 14572  MSKSSRV - ok
    09:27:18.0947 14572  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
    09:27:18.0947 14572  MSPCLOCK - ok
    09:27:18.0947 14572  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
    09:27:18.0947 14572  MSPQM - ok
    09:27:18.0947 14572  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
    09:27:18.0957 14572  MsRPC - ok
    09:27:18.0957 14572  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
    09:27:18.0957 14572  mssmbios - ok
    09:27:18.0957 14572  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
    09:27:18.0957 14572  MSTEE - ok
    09:27:18.0957 14572  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
    09:27:18.0957 14572  MTConfig - ok
    09:27:18.0967 14572  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
    09:27:18.0967 14572  Mup - ok
    09:27:18.0967 14572  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
    09:27:18.0977 14572  napagent - ok
    09:27:18.0977 14572  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
    09:27:18.0977 14572  NativeWifiP - ok
    09:27:18.0987 14572  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
    09:27:18.0997 14572  NDIS - ok
    09:27:18.0997 14572  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
    09:27:18.0997 14572  NdisCap - ok
    09:27:18.0997 14572  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
    09:27:18.0997 14572  NdisTapi - ok
    09:27:19.0007 14572  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
    09:27:19.0007 14572  Ndisuio - ok
    09:27:19.0007 14572  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
    09:27:19.0007 14572  NdisWan - ok
    09:27:19.0007 14572  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
    09:27:19.0007 14572  NDProxy - ok
    09:27:19.0017 14572  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
    09:27:19.0017 14572  NetBIOS - ok
    09:27:19.0017 14572  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
    09:27:19.0017 14572  NetBT - ok
    09:27:19.0017 14572  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
    09:27:19.0017 14572  Netlogon - ok
    09:27:19.0027 14572  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
    09:27:19.0027 14572  Netman - ok
    09:27:19.0027 14572  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    09:27:19.0027 14572  NetMsmqActivator - ok
    09:27:19.0037 14572  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    09:27:19.0037 14572  NetPipeActivator - ok
    09:27:19.0037 14572  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
    09:27:19.0047 14572  netprofm - ok
    09:27:19.0047 14572  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    09:27:19.0047 14572  NetTcpActivator - ok
    09:27:19.0047 14572  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    09:27:19.0047 14572  NetTcpPortSharing - ok
    09:27:19.0047 14572  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
    09:27:19.0047 14572  nfrd960 - ok
    09:27:19.0057 14572  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
    09:27:19.0057 14572  NlaSvc - ok
    09:27:19.0057 14572  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
    09:27:19.0057 14572  Npfs - ok
    09:27:19.0067 14572  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
    09:27:19.0067 14572  nsi - ok
    09:27:19.0067 14572  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
    09:27:19.0067 14572  nsiproxy - ok
    09:27:19.0077 14572  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
    09:27:19.0087 14572  Ntfs - ok
    09:27:19.0097 14572  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
    09:27:19.0097 14572  Null - ok
    09:27:19.0097 14572  [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
    09:27:19.0097 14572  NVHDA - ok
    09:27:19.0207 14572  [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
    09:27:19.0317 14572  nvlddmkm - ok
    09:27:19.0317 14572  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
    09:27:19.0317 14572  nvraid - ok
    09:27:19.0327 14572  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
    09:27:19.0327 14572  nvstor - ok
    09:27:19.0337 14572  [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc           C:\Windows\system32\nvvsvc.exe
    09:27:19.0337 14572  nvsvc - ok
    09:27:19.0347 14572  [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    09:27:19.0357 14572  nvUpdatusService - ok
    09:27:19.0367 14572  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
    09:27:19.0367 14572  nv_agp - ok
    09:27:19.0367 14572  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
    09:27:19.0367 14572  ohci1394 - ok
    09:27:19.0367 14572  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
    09:27:19.0377 14572  p2pimsvc - ok
    09:27:19.0377 14572  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
    09:27:19.0387 14572  p2psvc - ok
    09:27:19.0387 14572  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
    09:27:19.0387 14572  Parport - ok
    09:27:19.0387 14572  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
    09:27:19.0387 14572  partmgr - ok
    09:27:19.0397 14572  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
    09:27:19.0397 14572  PcaSvc - ok
    09:27:19.0397 14572  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
    09:27:19.0397 14572  pci - ok
    09:27:19.0407 14572  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
    09:27:19.0407 14572  pciide - ok
    09:27:19.0407 14572  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
    09:27:19.0407 14572  pcmcia - ok
    09:27:19.0407 14572  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
    09:27:19.0407 14572  pcw - ok
    09:27:19.0417 14572  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
    09:27:19.0427 14572  PEAUTH - ok
    09:27:19.0437 14572  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
    09:27:19.0447 14572  PeerDistSvc - ok
    09:27:19.0467 14572  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
    09:27:19.0467 14572  PerfHost - ok
    09:27:19.0477 14572  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
    09:27:19.0497 14572  pla - ok
    09:27:19.0497 14572  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
    09:27:19.0507 14572  PlugPlay - ok
    09:27:19.0507 14572  PnkBstrA - ok
    09:27:19.0507 14572  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
    09:27:19.0507 14572  PNRPAutoReg - ok
    09:27:19.0507 14572  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
    09:27:19.0517 14572  PNRPsvc - ok
    09:27:19.0517 14572  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
    09:27:19.0527 14572  PolicyAgent - ok
    09:27:19.0527 14572  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
    09:27:19.0527 14572  Power - ok
    09:27:19.0527 14572  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
    09:27:19.0537 14572  PptpMiniport - ok
    09:27:19.0537 14572  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
    09:27:19.0537 14572  Processor - ok
    09:27:19.0537 14572  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
    09:27:19.0537 14572  ProfSvc - ok
    09:27:19.0547 14572  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    09:27:19.0547 14572  ProtectedStorage - ok
    09:27:19.0547 14572  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
    09:27:19.0547 14572  Psched - ok
    09:27:19.0557 14572  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
    09:27:19.0567 14572  ql2300 - ok
    09:27:19.0577 14572  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
    09:27:19.0577 14572  ql40xx - ok
    09:27:19.0577 14572  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
    09:27:19.0577 14572  QWAVE - ok
    09:27:19.0587 14572  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
    09:27:19.0587 14572  QWAVEdrv - ok
    09:27:19.0587 14572  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
    09:27:19.0587 14572  RasAcd - ok
    09:27:19.0587 14572  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
    09:27:19.0587 14572  RasAgileVpn - ok
    09:27:19.0587 14572  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
    09:27:19.0597 14572  RasAuto - ok
    09:27:19.0597 14572  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
    09:27:19.0597 14572  Rasl2tp - ok
    09:27:19.0597 14572  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
    09:27:19.0607 14572  RasMan - ok
    09:27:19.0607 14572  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
    09:27:19.0607 14572  RasPppoe - ok
    09:27:19.0607 14572  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
    09:27:19.0607 14572  RasSstp - ok
    09:27:19.0617 14572  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
    09:27:19.0617 14572  rdbss - ok
    09:27:19.0617 14572  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
    09:27:19.0617 14572  rdpbus - ok
    09:27:19.0617 14572  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
    09:27:19.0617 14572  RDPCDD - ok
    09:27:19.0627 14572  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
    09:27:19.0627 14572  RDPDR - ok
    09:27:19.0627 14572  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
    09:27:19.0627 14572  RDPENCDD - ok
    09:27:19.0627 14572  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
    09:27:19.0627 14572  RDPREFMP - ok
    09:27:19.0637 14572  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    09:27:19.0637 14572  RdpVideoMiniport - ok
    09:27:19.0637 14572  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
    09:27:19.0637 14572  RDPWD - ok
    09:27:19.0637 14572  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
    09:27:19.0647 14572  rdyboost - ok
    09:27:19.0647 14572  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
    09:27:19.0647 14572  RemoteAccess - ok
    09:27:19.0647 14572  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
    09:27:19.0647 14572  RemoteRegistry - ok
    09:27:19.0657 14572  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
    09:27:19.0657 14572  RpcEptMapper - ok
    09:27:19.0657 14572  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
    09:27:19.0657 14572  RpcLocator - ok
    09:27:19.0667 14572  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
    09:27:19.0667 14572  RpcSs - ok
    09:27:19.0667 14572  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
    09:27:19.0667 14572  rspndr - ok
    09:27:19.0667 14572  [ 7F7B8CDE26C4943C9465E412ADBB790F ] RTCore64        C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
    09:27:19.0667 14572  RTCore64 - ok
    09:27:19.0677 14572  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
    09:27:19.0677 14572  s3cap - ok
    09:27:19.0677 14572  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
    09:27:19.0677 14572  SamSs - ok
    09:27:19.0677 14572  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
    09:27:19.0677 14572  sbp2port - ok
    09:27:19.0687 14572  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
    09:27:19.0687 14572  SCardSvr - ok
    09:27:19.0687 14572  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
    09:27:19.0687 14572  scfilter - ok
    09:27:19.0697 14572  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
    09:27:19.0707 14572  Schedule - ok
    09:27:19.0707 14572  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
    09:27:19.0707 14572  SCPolicySvc - ok
    09:27:19.0707 14572  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
    09:27:19.0717 14572  SDRSVC - ok
    09:27:19.0717 14572  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
    09:27:19.0717 14572  secdrv - ok
    09:27:19.0717 14572  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
    09:27:19.0717 14572  seclogon - ok
    09:27:19.0717 14572  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
    09:27:19.0717 14572  SENS - ok
    09:27:19.0727 14572  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
    09:27:19.0727 14572  SensrSvc - ok
    09:27:19.0727 14572  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
    09:27:19.0727 14572  Serenum - ok
    09:27:19.0727 14572  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
    09:27:19.0727 14572  Serial - ok
    09:27:19.0727 14572  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
    09:27:19.0737 14572  sermouse - ok
    09:27:19.0737 14572  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
    09:27:19.0737 14572  SessionEnv - ok
    09:27:19.0737 14572  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
    09:27:19.0737 14572  sffdisk - ok
    09:27:19.0747 14572  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
    09:27:19.0747 14572  sffp_mmc - ok
    09:27:19.0747 14572  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
    09:27:19.0747 14572  sffp_sd - ok
    09:27:19.0747 14572  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
    09:27:19.0747 14572  sfloppy - ok
    09:27:19.0757 14572  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
    09:27:19.0757 14572  SharedAccess - ok
    09:27:19.0757 14572  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    09:27:19.0767 14572  ShellHWDetection - ok
    09:27:19.0767 14572  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
    09:27:19.0767 14572  SiSRaid2 - ok
    09:27:19.0767 14572  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
    09:27:19.0767 14572  SiSRaid4 - ok
    09:27:19.0767 14572  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
    09:27:19.0777 14572  Smb - ok
    09:27:19.0777 14572  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
    09:27:19.0777 14572  SNMPTRAP - ok
    09:27:19.0777 14572  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
    09:27:19.0777 14572  speedfan - ok
    09:27:19.0777 14572  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
    09:27:19.0787 14572  spldr - ok
    09:27:19.0787 14572  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
    09:27:19.0797 14572  Spooler - ok
    09:27:19.0817 14572  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
    09:27:19.0847 14572  sppsvc - ok
    09:27:19.0847 14572  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
    09:27:19.0847 14572  sppuinotify - ok
    09:27:19.0857 14572  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
    09:27:19.0857 14572  srv - ok
    09:27:19.0867 14572  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
    09:27:19.0867 14572  srv2 - ok
    09:27:19.0867 14572  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
    09:27:19.0867 14572  srvnet - ok
    09:27:19.0877 14572  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
    09:27:19.0877 14572  SSDPSRV - ok
    09:27:19.0877 14572  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
    09:27:19.0877 14572  SstpSvc - ok
    09:27:19.0877 14572  Steam Client Service - ok
    09:27:19.0887 14572  [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    09:27:19.0887 14572  Stereo Service - ok
    09:27:19.0887 14572  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
    09:27:19.0887 14572  stexstor - ok
    09:27:19.0897 14572  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
    09:27:19.0907 14572  stisvc - ok
    09:27:19.0907 14572  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
    09:27:19.0907 14572  storflt - ok
    09:27:19.0907 14572  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
    09:27:19.0907 14572  storvsc - ok
    09:27:19.0907 14572  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
    09:27:19.0907 14572  swenum - ok
    09:27:19.0917 14572  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
    09:27:19.0927 14572  swprv - ok
    09:27:19.0927 14572  Synth3dVsc - ok
    09:27:19.0937 14572  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
    09:27:19.0947 14572  SysMain - ok
    09:27:19.0957 14572  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    09:27:19.0957 14572  TabletInputService - ok
    09:27:19.0957 14572  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
    09:27:19.0967 14572  TapiSrv - ok
    09:27:19.0967 14572  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
    09:27:19.0967 14572  TBS - ok
    09:27:19.0977 14572  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
    09:27:19.0997 14572  Tcpip - ok
    09:27:20.0007 14572  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
    09:27:20.0017 14572  TCPIP6 - ok
    09:27:20.0017 14572  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
    09:27:20.0017 14572  tcpipreg - ok
    09:27:20.0027 14572  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
    09:27:20.0027 14572  TDPIPE - ok
    09:27:20.0027 14572  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
    09:27:20.0027 14572  TDTCP - ok
    09:27:20.0027 14572  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
    09:27:20.0027 14572  tdx - ok
    09:27:20.0037 14572  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
    09:27:20.0037 14572  TermDD - ok
    09:27:20.0037 14572  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
    09:27:20.0047 14572  TermService - ok
    09:27:20.0047 14572  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
    09:27:20.0047 14572  Themes - ok
    09:27:20.0047 14572  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
    09:27:20.0047 14572  THREADORDER - ok
    09:27:20.0057 14572  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
    09:27:20.0057 14572  TrkWks - ok
    09:27:20.0057 14572  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    09:27:20.0057 14572  TrustedInstaller - ok
    09:27:20.0067 14572  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
    09:27:20.0067 14572  tssecsrv - ok
    09:27:20.0067 14572  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
    09:27:20.0067 14572  TsUsbFlt - ok
    09:27:20.0067 14572  tsusbhub - ok
    09:27:20.0067 14572  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
    09:27:20.0077 14572  tunnel - ok
    09:27:20.0077 14572  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
    09:27:20.0077 14572  uagp35 - ok
    09:27:20.0077 14572  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
    09:27:20.0087 14572  udfs - ok
    09:27:20.0087 14572  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
    09:27:20.0087 14572  UI0Detect - ok
    09:27:20.0087 14572  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
    09:27:20.0087 14572  uliagpkx - ok
    09:27:20.0087 14572  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
    09:27:20.0097 14572  umbus - ok
    09:27:20.0097 14572  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
    09:27:20.0097 14572  UmPass - ok
    09:27:20.0097 14572  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
    09:27:20.0097 14572  UmRdpService - ok
    09:27:20.0107 14572  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
    09:27:20.0107 14572  upnphost - ok
    09:27:20.0107 14572  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
    09:27:20.0107 14572  USBAAPL64 - ok
    09:27:20.0117 14572  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
    09:27:20.0117 14572  usbaudio - ok
    09:27:20.0117 14572  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
    09:27:20.0117 14572  usbccgp - ok
    09:27:20.0117 14572  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
    09:27:20.0117 14572  usbcir - ok
    09:27:20.0127 14572  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
    09:27:20.0127 14572  usbehci - ok
    09:27:20.0127 14572  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
    09:27:20.0127 14572  usbhub - ok
    09:27:20.0127 14572  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
    09:27:20.0137 14572  usbohci - ok
    09:27:20.0137 14572  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
    09:27:20.0137 14572  usbprint - ok
    09:27:20.0137 14572  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
    09:27:20.0137 14572  USBSTOR - ok
    09:27:20.0137 14572  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
    09:27:20.0137 14572  usbuhci - ok
    09:27:20.0147 14572  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
    09:27:20.0147 14572  UxSms - ok
    09:27:20.0147 14572  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
    09:27:20.0147 14572  VaultSvc - ok
    09:27:20.0147 14572  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
    09:27:20.0147 14572  vdrvroot - ok
    09:27:20.0157 14572  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
    09:27:20.0157 14572  vds - ok
    09:27:20.0157 14572  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
    09:27:20.0157 14572  vga - ok
    09:27:20.0167 14572  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
    09:27:20.0167 14572  VgaSave - ok
    09:27:20.0167 14572  VGPU - ok
    09:27:20.0167 14572  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
    09:27:20.0167 14572  vhdmp - ok
    09:27:20.0167 14572  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
    09:27:20.0177 14572  viaide - ok
    09:27:20.0177 14572  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
    09:27:20.0177 14572  vmbus - ok
    09:27:20.0177 14572  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
    09:27:20.0177 14572  VMBusHID - ok
    09:27:20.0177 14572  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
    09:27:20.0187 14572  volmgr - ok
    09:27:20.0187 14572  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
    09:27:20.0187 14572  volmgrx - ok
    09:27:20.0197 14572  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
    09:27:20.0197 14572  volsnap - ok
    09:27:20.0197 14572  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
    09:27:20.0197 14572  vsmraid - ok
    09:27:20.0217 14572  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
    09:27:20.0227 14572  VSS - ok
    09:27:20.0227 14572  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
    09:27:20.0227 14572  vwifibus - ok
    09:27:20.0237 14572  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
    09:27:20.0237 14572  W32Time - ok
    09:27:20.0237 14572  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
    09:27:20.0237 14572  WacomPen - ok
    09:27:20.0237 14572  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
    09:27:20.0247 14572  WANARP - ok
    09:27:20.0247 14572  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
    09:27:20.0247 14572  Wanarpv6 - ok
    09:27:20.0257 14572  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
    09:27:20.0267 14572  WatAdminSvc - ok
    09:27:20.0277 14572  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
    09:27:20.0287 14572  wbengine - ok
    09:27:20.0297 14572  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
    09:27:20.0297 14572  WbioSrvc - ok
    09:27:20.0297 14572  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
    09:27:20.0307 14572  wcncsvc - ok
    09:27:20.0307 14572  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    09:27:20.0307 14572  WcsPlugInService - ok
    09:27:20.0307 14572  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
    09:27:20.0307 14572  Wd - ok
    09:27:20.0317 14572  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
    09:27:20.0317 14572  Wdf01000 - ok
    09:27:20.0327 14572  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
    09:27:20.0327 14572  WdiServiceHost - ok
    09:27:20.0327 14572  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
    09:27:20.0327 14572  WdiSystemHost - ok
    09:27:20.0327 14572  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
    09:27:20.0337 14572  WebClient - ok
    09:27:20.0337 14572  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
    09:27:20.0337 14572  Wecsvc - ok
    09:27:20.0337 14572  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
    09:27:20.0347 14572  wercplsupport - ok
    09:27:20.0347 14572  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
    09:27:20.0347 14572  WerSvc - ok
    09:27:20.0347 14572  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
    09:27:20.0347 14572  WfpLwf - ok
    09:27:20.0347 14572  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
    09:27:20.0347 14572  WIMMount - ok
    09:27:20.0357 14572  WinDefend - ok
    09:27:20.0357 14572  WinHttpAutoProxySvc - ok
    09:27:20.0367 14572  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
    09:27:20.0367 14572  Winmgmt - ok
    09:27:20.0387 14572  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
    09:27:20.0397 14572  WinRM - ok
    09:27:20.0397 14572  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
    09:27:20.0407 14572  WinUsb - ok
    09:27:20.0407 14572  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
    09:27:20.0417 14572  Wlansvc - ok
    09:27:20.0437 14572  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    09:27:20.0457 14572  wlidsvc - ok
    09:27:20.0457 14572  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
    09:27:20.0457 14572  WmiAcpi - ok
    09:27:20.0457 14572  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
    09:27:20.0457 14572  wmiApSrv - ok
    09:27:20.0467 14572  WMPNetworkSvc - ok
    09:27:20.0467 14572  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
    09:27:20.0467 14572  WPCSvc - ok
    09:27:20.0467 14572  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
    09:27:20.0467 14572  WPDBusEnum - ok
    09:27:20.0467 14572  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
    09:27:20.0467 14572  ws2ifsl - ok
    09:27:20.0477 14572  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
    09:27:20.0477 14572  wscsvc - ok
    09:27:20.0477 14572  WSearch - ok
    09:27:20.0497 14572  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
    09:27:20.0517 14572  wuauserv - ok
    09:27:20.0517 14572  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
    09:27:20.0517 14572  WudfPf - ok
    09:27:20.0527 14572  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
    09:27:20.0527 14572  WUDFRd - ok
    09:27:20.0527 14572  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
    09:27:20.0527 14572  wudfsvc - ok
    09:27:20.0527 14572  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
    09:27:20.0537 14572  WwanSvc - ok
    09:27:20.0537 14572  X6va006 - ok
    09:27:20.0537 14572  X6va008 - ok
    09:27:20.0537 14572  ================ Scan global ===============================
    09:27:20.0547 14572  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    09:27:20.0547 14572  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
    09:27:20.0547 14572  [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
    09:27:20.0557 14572  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    09:27:20.0557 14572  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    09:27:20.0557 14572  [Global] - ok
    09:27:20.0557 14572  ================ Scan MBR ==================================
    09:27:20.0567 14572  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    09:27:20.0697 14572  \Device\Harddisk0\DR0 - ok
    09:27:20.0697 14572  ================ Scan VBR ==================================
    09:27:20.0697 14572  [ 1F2FBCAA2A54DE97C7ADFBB9A4678A67 ] \Device\Harddisk0\DR0\Partition1
    09:27:20.0697 14572  \Device\Harddisk0\DR0\Partition1 - ok
    09:27:20.0697 14572  [ 5A2ACF52C988B9720EBAFCF1CC3AB243 ] \Device\Harddisk0\DR0\Partition2
    09:27:20.0697 14572  \Device\Harddisk0\DR0\Partition2 - ok
    09:27:20.0697 14572  ============================================================
    09:27:20.0697 14572  Scan finished
    09:27:20.0697 14572  ============================================================
    09:27:20.0707 9868  Detected object count: 0
    09:27:20.0707 9868  Actual detected object count: 0
     



    #10 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • ONLINE
    •  
    • Gender:Female
    • Local time:08:57 AM

    Posted 08 February 2013 - 02:02 PM

    Hi there,

     

     

    I don't see an Anti Virus Program running on your machine

    Download and install an antivirus program, and make sure that you keep it updated
    New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
    Three good antivirus programs free for non-commercial home use are Avast!, Antivir and Microsoft Security Essentials

    Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

     

     

     

    After you have installed an Antivirus program please run a full scan and tell me what the results were. 

     

     

    Elle


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #11 rendog

    rendog
    • Topic Starter

    • Members
    • 22 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:12:57 AM

    Posted 09 February 2013 - 12:47 AM

    Please see attached pics

    Attached Files



    #12 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • ONLINE
    •  
    • Gender:Female
    • Local time:08:57 AM

    Posted 09 February 2013 - 03:07 PM

    Hi there,

     

     

    In order to make our job easier please follow the instructions in our tutorial on How to remove the FBI MoneyPak RansomwareIt has been proven to be very efficient.

    Scroll down to the "Automated Removal Instructions for FBI MoneyPak Ransomware using the Emsisoft Emergency Kit" section and follow all the listed instructions .

     

     

    Please do ask me about any step that might represent an issue to you and report back the results. smile.png

     

     

     

     

    Elle 


    Edited by Blind Faith, 09 February 2013 - 03:08 PM.

    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #13 rendog

    rendog
    • Topic Starter

    • Members
    • 22 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:12:57 AM

    Posted 09 February 2013 - 04:08 PM

    I ran the Emsisoft software and it found just one possible infected file on my desktop, but I can't find the folder of the Emsisoft software on my computer.

     

    I looked under program files and program files 86, and i searched the computer via the start button but nothing comes up.



    #14 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • ONLINE
    •  
    • Gender:Female
    • Local time:08:57 AM

    Posted 09 February 2013 - 04:18 PM

    Hi there,

     

     

    Did you quarantine  the file as suggested in step #10? Have you got FBI warning again? And how is your system behaving in general now?

     

     

     

     

    Elle 


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #15 rendog

    rendog
    • Topic Starter

    • Members
    • 22 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:12:57 AM

    Posted 09 February 2013 - 04:48 PM

    Hello,

     

    Yes I did.  Everything seems great so far.  Do you think I'm somewhat in the clear?






    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users