Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

White Screen after Login


  • Please log in to reply
24 replies to this topic

#1 madmax51mc

madmax51mc

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 20 March 2013 - 08:20 PM

White Screen with mouse cursor is all I have after login.  The desktop flashes for a second before going white. Start in safe mode & instantly logs me off and shuts down. Any help would be great. Thank you.


Edited by madmax51mc, 21 March 2013 - 07:12 PM.
Moved to AII from Windows 7. ~ OB


BC AdBot (Login to Remove)

 


#2 nik476

nik476

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:32 AM

Posted 20 March 2013 - 09:00 PM

Trojan fake! Download malwarebytes antimalware and full scan! Open in safe mod with networking!


Edited by nik476, 20 March 2013 - 09:04 PM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:32 AM

Posted 20 March 2013 - 11:01 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg
  • Check Loaded Modules and Detect TDLFS file system. Do not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png
  • Click Start Scan and allow the scan process to run
  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg
  • Click Reboot computer
  • Please post the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply
  • Due to forum upgrade you may face issues posting the TDSSkiller log.Just last few lines of log is sufficient

===================================================

RKILL

  • Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another.) and save it to your desktop:
  • Link 1
  • Link 2
  • Link 3
  • Link 4
  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================

ESET Online Scanner

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    esetsmartinstaller_enu.png

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button

===================================================

Junkware Removal Tool by thisisu

  • Please download Junkware Removal Tool
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply.

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • RKILL log
  • ESET log
  • Junkware removal tool log


#4 madmax51mc

madmax51mc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 21 March 2013 - 07:12 PM

How do I DL & Run anything with only a white screen and cursor?



#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:32 AM

Posted 21 March 2013 - 07:51 PM

Open in safe mod with networking!

 

Safemode with networking



#6 madmax51mc

madmax51mc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 21 March 2013 - 09:21 PM

Starting in safe mode = Instant log off and reboot.



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:32 AM

Posted 21 March 2013 - 09:27 PM

safemode with command prompt?



#8 madmax51mc

madmax51mc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 21 March 2013 - 10:56 PM

I cannot run TDSSkiller as I have to open windows in safe mode with Command Prompt.

 

I cannot run ESET for the same reason.

 

Performing Full scan with Malwarebytes atm.

 

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/21/2013 08:17:37 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\nenn\Desktop\rkill\rkill-03-21-2013-08-17-38.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * ALERT: ZEROACCESS rootkit symptoms found!
 
     * HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
 
Checking Windows Service Integrity: 
 
 * DHCP Client (Dhcp) is not Running.
   Startup Type set to: Automatic
 
 * DNS Client (Dnscache) is not Running.
   Startup Type set to: Automatic
 
 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic
 
 * Network Connections (Netman) is not Running.
   Startup Type set to: Manual
 
 * Network Store Interface Service (nsi) is not Running.
   Startup Type set to: Automatic
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Ancillary Function Driver for Winsock (AFD) is not Running.
   Startup Type set to: System
 
 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual
 
 * NetBT (NetBT) is not Running.
   Startup Type set to: System
 
 * NSI proxy service driver. (nsiproxy) is not Running.
   Startup Type set to: System
 
 * NetIO Legacy TDI Support Driver (tdx) is not Running.
   Startup Type set to: System
 
 * BFE [Missing Service]
 * iphlpsvc [Missing Service]
 * MpsSvc [Missing Service]
 * WinDefend [Missing Service]
 * wscsvc [Missing Service]
 
 * SharedAccess [Missing ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 03/21/2013 08:17:50 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)


#9 madmax51mc

madmax51mc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 21 March 2013 - 11:39 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2012.12.14.11
 
Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 9.0.8112.16421
nenn :: NENN-PC [administrator]
 
3/21/2013 8:43:23 PM
MBAM-log-2013-03-21 (21-35-54).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 388635
Time elapsed: 52 minute(s), 1 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 10
HKCR\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} (Adware.Yontoo) -> No action taken.
HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} (Adware.Yontoo) -> No action taken.
HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} (Adware.Yontoo) -> No action taken.
HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> No action taken.
HKCR\YontooIEClient.Layers.1 (Adware.Yontoo) -> No action taken.
HKCR\YontooIEClient.Layers (Adware.Yontoo) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} (Adware.Yontoo) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (Trojan.Agent) -> No action taken.
 
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent.RNS) -> Data: explorer.exe,C:\Users\nenn\AppData\Roaming\skype.dat -> No action taken.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 6
C:\Program Files (x86)\Yontoo Layers Client\YontooIEClient.dll (Adware.Yontoo) -> No action taken.
C:\Users\nenn\AppData\Local\Xenocode\Sandbox\Gygan\0.7.7.4\2011.05.13T04.06\Native\STUBEXE\8.0.1112\@PROGRAMFILES@\Gygan BETA\gyg_rar.exe (Trojan.Agent) -> No action taken.
C:\Users\nenn\AppData\Local\Xenocode\Sandbox\Gygan\0.7.7.4\2011.05.13T04.06\Native\STUBEXE\8.0.1112\@PROGRAMFILES@\Internet Explorer\iexplore.exe (Trojan.Agent) -> No action taken.
C:\Users\nenn\AppData\Local\Xenocode\Sandbox\Gygan\0.7.7.4\2011.05.13T04.06\Virtual\STUBEXE\8.0.1112\@PROGRAMFILES@\Gygan BETA\Gygan.exe (Trojan.Agent) -> No action taken.
C:\Users\nenn\AppData\LocalLow\OurBabyMaker_27EI\Installr\Cache\1563AED5.exe (PUP.MyWebSearch) -> No action taken.
C:\Users\nenn\AppData\Roaming\skype.dat (Trojan.Agent) -> No action taken.
 
(end)


#10 madmax51mc

madmax51mc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 21 March 2013 - 11:59 PM

Got it...

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent.RNS) -> Data: explorer.exe,C:\Users\nenn\AppData\Roaming\skype.dat



#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:32 AM

Posted 22 March 2013 - 04:14 AM

Please remove the infections detected by malwarebytes.Restart the PC into normal mode and run malwarebytes again and post the log.Also i want you to run all the scans in normal mode and post the logs

 

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • RKILL log
  • ESET log
  • Junkware removal tool log


#12 madmax51mc

madmax51mc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 23 March 2013 - 08:04 PM

 
Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/23/2013 05:15:10 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * ALERT: ZEROACCESS rootkit symptoms found!
 
     * HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
 
Checking Windows Service Integrity: 
 
 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual
 
 * BFE [Missing Service]
 * iphlpsvc [Missing Service]
 * MpsSvc [Missing Service]
 * WinDefend [Missing Service]
 * wscsvc [Missing Service]
 
 * SharedAccess [Missing ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 03/23/2013 05:15:22 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)
 
 
ESET
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\updater-startnow-200-2.5-g[1].exe a variant of Win32/Toolbar.Zugo application 
C:\Program Files (x86)\EpicPlay\epicPlayGames.dll a variant of Win32/Adware.Gamevance.BR application cleaned by deleting - quarantined
C:\Users\nenn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\25b5bfa2-2c208b09 multiple threats cleaned by deleting - quarantined
C:\Users\nenn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\25b5bfa2-3ac2db03 a variant of Win32/Kryptik.ASMT trojan cleaned by deleting - quarantined
C:\Users\nenn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\29dc9b6d-3fc34838 Java/Exploit.CVE-2012-4681.CU trojan cleaned by deleting - quarantined
C:\Users\nenn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\58a657ef-53cc71ae multiple threats cleaned by deleting - quarantined
C:\Users\nenn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\673405b2-5ced594b Java/Exploit.CVE-2012-4681.CT trojan cleaned by deleting - quarantined
C:\Users\nenn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@epicplay.com\components\epicPlayGames.dll a variant of Win32/Adware.Gamevance.BR application cleaned by deleting - quarantined
C:\Users\nenn\Downloads\cnet_PandoraRecovery2_1_1Setup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\nenn\Downloads\undeleteplus_setup_ask.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\updater-startnow-200-2.5-g[1].exe a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by nenn on Sat 03/23/2013 at 17:16:08.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 03/23/2013 at 17:29:10.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


I was running ESET last night when i read your latest post. I will run malwarebytes now in normal mode. All post reports were ran in normal mode.
 
17:09:10.0411 2328  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:09:11.0098 2328  ============================================================
17:09:11.0098 2328  Current date / time: 2013/03/23 17:09:11.0098
17:09:11.0098 2328  SystemInfo:
17:09:11.0098 2328  
17:09:11.0098 2328  OS Version: 6.1.7601 ServicePack: 1.0
17:09:11.0098 2328  Product type: Workstation
17:09:11.0098 2328  ComputerName: NENN-PC
17:09:11.0098 2328  UserName: nenn
17:09:11.0098 2328  Windows directory: C:\Windows
17:09:11.0098 2328  System windows directory: C:\Windows
17:09:11.0098 2328  Running under WOW64
17:09:11.0098 2328  Processor architecture: Intel x64
17:09:11.0098 2328  Number of processors: 2
17:09:11.0098 2328  Page size: 0x1000
17:09:11.0098 2328  Boot type: Normal boot
17:09:11.0098 2328  ============================================================
17:09:14.0639 2328  BG loaded
17:09:16.0230 2328  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:09:16.0448 2328  ============================================================
17:09:16.0448 2328  \Device\Harddisk0\DR0:
17:09:16.0480 2328  MBR partitions:
17:09:16.0480 2328  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
17:09:16.0480 2328  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x1B592800
17:09:16.0480 2328  ============================================================
17:09:17.0057 2328  C: <-> \Device\Harddisk0\DR0\Partition2
17:09:17.0057 2328  ============================================================
17:09:17.0057 2328  Initialize success
17:09:17.0057 2328  ============================================================
17:09:40.0654 1484  ============================================================
17:09:40.0654 1484  Scan started
17:09:40.0654 1484  Mode: Manual; TDLFS; 
17:09:40.0654 1484  ============================================================
17:09:42.0650 1484  ================ Scan system memory ========================
17:09:42.0650 1484  System memory - ok
17:09:42.0650 1484  ================ Scan services =============================
17:09:42.0916 1484  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:09:42.0916 1484  1394ohci - ok
17:09:42.0978 1484  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:09:42.0978 1484  ACPI - ok
17:09:43.0025 1484  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:09:43.0025 1484  AcpiPmi - ok
17:09:43.0103 1484  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:09:43.0118 1484  AdobeARMservice - ok
17:09:43.0290 1484  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:09:43.0306 1484  AdobeFlashPlayerUpdateSvc - ok
17:09:43.0368 1484  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:09:43.0384 1484  adp94xx - ok
17:09:43.0415 1484  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:09:43.0415 1484  adpahci - ok
17:09:43.0446 1484  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:09:43.0446 1484  adpu320 - ok
17:09:43.0508 1484  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:09:43.0508 1484  AeLookupSvc - ok
17:09:43.0555 1484  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:09:43.0571 1484  AFD - ok
17:09:43.0618 1484  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:09:43.0618 1484  agp440 - ok
17:09:43.0649 1484  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:09:43.0649 1484  ALG - ok
17:09:43.0664 1484  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:09:43.0664 1484  aliide - ok
17:09:43.0711 1484  [ 9CB927E76D3F65A02741A4D9A690178C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:09:43.0711 1484  AMD External Events Utility - ok
17:09:43.0742 1484  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:09:43.0742 1484  amdide - ok
17:09:43.0789 1484  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:09:43.0789 1484  AmdK8 - ok
17:09:44.0054 1484  [ B8660FB5431F136635FB6446AC67FAAE ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:09:44.0101 1484  amdkmdag - ok
17:09:44.0148 1484  [ 5FC9D833F726383D9D60205F5A3CF16B ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:09:44.0148 1484  amdkmdap - ok
17:09:44.0195 1484  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:09:44.0195 1484  AmdPPM - ok
17:09:44.0242 1484  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:09:44.0257 1484  amdsata - ok
17:09:44.0288 1484  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:09:44.0288 1484  amdsbs - ok
17:09:44.0320 1484  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:09:44.0320 1484  amdxata - ok
17:09:44.0382 1484  [ 48CD7E6520D47D62EAB0E6CE3EC30C65 ] Andbus          C:\Windows\system32\DRIVERS\lgandbus64.sys
17:09:44.0382 1484  Andbus - ok
17:09:44.0429 1484  [ 08CBACC00D15DCDBBAAE1A7C8F231C61 ] AndDiag         C:\Windows\system32\DRIVERS\lganddiag64.sys
17:09:44.0429 1484  AndDiag - ok
17:09:44.0444 1484  [ CEA9A4CD6B3A83428CE8501240833668 ] AndGps          C:\Windows\system32\DRIVERS\lgandgps64.sys
17:09:44.0460 1484  AndGps - ok
17:09:44.0507 1484  [ E2B5663E547FA5E756B253EFA8EC8286 ] ANDModem        C:\Windows\system32\DRIVERS\lgandmodem64.sys
17:09:44.0507 1484  ANDModem - ok
17:09:44.0554 1484  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:09:44.0554 1484  AppID - ok
17:09:44.0600 1484  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:09:44.0600 1484  AppIDSvc - ok
17:09:44.0663 1484  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
17:09:44.0663 1484  Appinfo - ok
17:09:44.0772 1484  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:09:44.0772 1484  Apple Mobile Device - ok
17:09:44.0819 1484  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:09:44.0819 1484  arc - ok
17:09:44.0834 1484  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:09:44.0834 1484  arcsas - ok
17:09:44.0881 1484  [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
17:09:44.0897 1484  aswFsBlk - ok
17:09:44.0928 1484  [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
17:09:44.0928 1484  aswMonFlt - ok
17:09:44.0944 1484  [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
17:09:44.0959 1484  aswRdr - ok
17:09:44.0975 1484  [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
17:09:44.0975 1484  aswRvrt - ok
17:09:45.0022 1484  [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
17:09:45.0022 1484  aswSnx - ok
17:09:45.0068 1484  [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
17:09:45.0068 1484  aswSP - ok
17:09:45.0100 1484  [ D62C10D1829C65115111C160EA956260 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
17:09:45.0100 1484  aswTdi - ok
17:09:45.0115 1484  [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
17:09:45.0115 1484  aswVmm - ok
17:09:45.0162 1484  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:09:45.0162 1484  AsyncMac - ok
17:09:45.0209 1484  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:09:45.0209 1484  atapi - ok
17:09:45.0302 1484  [ E642491F64E58CD5BC8FB8B347DCF65F ] athr            C:\Windows\system32\DRIVERS\athrx.sys
17:09:45.0380 1484  athr - ok
17:09:45.0443 1484  [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:09:45.0458 1484  AtiHDAudioService - ok
17:09:45.0490 1484  [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:09:45.0505 1484  AtiPcie - ok
17:09:45.0552 1484  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:09:45.0568 1484  AudioEndpointBuilder - ok
17:09:45.0599 1484  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:09:45.0599 1484  AudioSrv - ok
17:09:45.0677 1484  [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:09:45.0677 1484  avast! Antivirus - ok
17:09:45.0739 1484  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:09:45.0739 1484  AxInstSV - ok
17:09:45.0770 1484  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:09:45.0786 1484  b06bdrv - ok
17:09:45.0833 1484  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:09:45.0848 1484  b57nd60a - ok
17:09:46.0004 1484  [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
17:09:46.0067 1484  BCM43XX - ok
17:09:46.0098 1484  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:09:46.0098 1484  BDESVC - ok
17:09:46.0145 1484  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:09:46.0145 1484  Beep - ok
17:09:46.0176 1484  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:09:46.0176 1484  BITS - ok
17:09:46.0207 1484  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:09:46.0207 1484  blbdrive - ok
17:09:46.0285 1484  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:09:46.0301 1484  Bonjour Service - ok
17:09:46.0332 1484  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:09:46.0332 1484  bowser - ok
17:09:46.0363 1484  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:09:46.0363 1484  BrFiltLo - ok
17:09:46.0394 1484  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:09:46.0394 1484  BrFiltUp - ok
17:09:46.0441 1484  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:09:46.0441 1484  Browser - ok
17:09:46.0457 1484  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:09:46.0472 1484  Brserid - ok
17:09:46.0472 1484  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:09:46.0472 1484  BrSerWdm - ok
17:09:46.0488 1484  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:09:46.0488 1484  BrUsbMdm - ok
17:09:46.0488 1484  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:09:46.0504 1484  BrUsbSer - ok
17:09:46.0519 1484  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:09:46.0519 1484  BTHMODEM - ok
17:09:46.0550 1484  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:09:46.0550 1484  bthserv - ok
17:09:46.0582 1484  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:09:46.0582 1484  cdfs - ok
17:09:46.0644 1484  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:09:46.0644 1484  cdrom - ok
17:09:46.0691 1484  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:09:46.0706 1484  CertPropSvc - ok
17:09:46.0738 1484  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:09:46.0738 1484  circlass - ok
17:09:46.0784 1484  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:09:46.0784 1484  CLFS - ok
17:09:46.0862 1484  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:09:46.0862 1484  clr_optimization_v2.0.50727_32 - ok
17:09:46.0909 1484  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:09:46.0909 1484  clr_optimization_v2.0.50727_64 - ok
17:09:46.0987 1484  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:09:47.0034 1484  clr_optimization_v4.0.30319_32 - ok
17:09:47.0081 1484  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:09:47.0096 1484  clr_optimization_v4.0.30319_64 - ok
17:09:47.0128 1484  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:09:47.0128 1484  CmBatt - ok
17:09:47.0174 1484  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:09:47.0174 1484  cmdide - ok
17:09:47.0221 1484  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
17:09:47.0237 1484  CNG - ok
17:09:47.0268 1484  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:09:47.0268 1484  Compbatt - ok
17:09:47.0315 1484  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:09:47.0315 1484  CompositeBus - ok
17:09:47.0346 1484  COMSysApp - ok
17:09:47.0362 1484  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:09:47.0362 1484  crcdisk - ok
17:09:47.0424 1484  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:09:47.0424 1484  CryptSvc - ok
17:09:47.0549 1484  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:09:47.0564 1484  cvhsvc - ok
17:09:47.0627 1484  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:09:47.0642 1484  DcomLaunch - ok
17:09:47.0674 1484  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:09:47.0674 1484  defragsvc - ok
17:09:47.0720 1484  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:09:47.0720 1484  DfsC - ok
17:09:47.0783 1484  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:09:47.0798 1484  Dhcp - ok
17:09:47.0845 1484  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:09:47.0845 1484  discache - ok
17:09:47.0892 1484  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:09:47.0892 1484  Disk - ok
17:09:47.0923 1484  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:09:47.0939 1484  Dnscache - ok
17:09:47.0986 1484  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:09:47.0986 1484  dot3svc - ok
17:09:48.0048 1484  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:09:48.0048 1484  DPS - ok
17:09:48.0095 1484  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:09:48.0095 1484  drmkaud - ok
17:09:48.0157 1484  [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
17:09:48.0173 1484  DsiWMIService - ok
17:09:48.0251 1484  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:09:48.0266 1484  DXGKrnl - ok
17:09:48.0313 1484  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:09:48.0313 1484  EapHost - ok
17:09:48.0422 1484  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:09:48.0532 1484  ebdrv - ok
17:09:48.0578 1484  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:09:48.0578 1484  EFS - ok
17:09:48.0672 1484  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:09:48.0688 1484  ehRecvr - ok
17:09:48.0719 1484  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:09:48.0719 1484  ehSched - ok
17:09:48.0766 1484  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:09:48.0781 1484  elxstor - ok
17:09:48.0890 1484  [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
17:09:48.0922 1484  ePowerSvc - ok
17:09:48.0953 1484  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:09:48.0968 1484  ErrDev - ok
17:09:49.0015 1484  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:09:49.0015 1484  EventSystem - ok
17:09:49.0046 1484  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:09:49.0046 1484  exfat - ok
17:09:49.0093 1484  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:09:49.0093 1484  fastfat - ok
17:09:49.0171 1484  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:09:49.0187 1484  Fax - ok
17:09:49.0202 1484  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:09:49.0202 1484  fdc - ok
17:09:49.0249 1484  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:09:49.0249 1484  fdPHost - ok
17:09:49.0265 1484  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:09:49.0280 1484  FDResPub - ok
17:09:49.0296 1484  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:09:49.0312 1484  FileInfo - ok
17:09:49.0327 1484  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:09:49.0327 1484  Filetrace - ok
17:09:49.0374 1484  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:09:49.0405 1484  FLEXnet Licensing Service - ok
17:09:49.0421 1484  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:09:49.0436 1484  flpydisk - ok
17:09:49.0483 1484  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:09:49.0483 1484  FltMgr - ok
17:09:49.0561 1484  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
17:09:49.0592 1484  FontCache - ok
17:09:49.0655 1484  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:09:49.0655 1484  FontCache3.0.0.0 - ok
17:09:49.0686 1484  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:09:49.0686 1484  FsDepends - ok
17:09:49.0717 1484  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:09:49.0717 1484  Fs_Rec - ok
17:09:49.0780 1484  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:09:49.0780 1484  fvevol - ok
17:09:49.0811 1484  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:09:49.0811 1484  gagp30kx - ok
17:09:49.0889 1484  [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe
17:09:49.0904 1484  GameConsoleService - ok
17:09:49.0951 1484  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:09:49.0951 1484  GEARAspiWDM - ok
17:09:50.0014 1484  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:09:50.0029 1484  gpsvc - ok
17:09:50.0092 1484  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
17:09:50.0092 1484  GREGService - ok
17:09:50.0170 1484  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:09:50.0170 1484  gupdate - ok
17:09:50.0185 1484  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:09:50.0185 1484  gupdatem - ok
17:09:50.0232 1484  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:09:50.0248 1484  gusvc - ok
17:09:50.0279 1484  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:09:50.0279 1484  hcw85cir - ok
17:09:50.0341 1484  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:09:50.0341 1484  HdAudAddService - ok
17:09:50.0388 1484  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:09:50.0388 1484  HDAudBus - ok
17:09:50.0404 1484  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:09:50.0404 1484  HidBatt - ok
17:09:50.0419 1484  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:09:50.0435 1484  HidBth - ok
17:09:50.0435 1484  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:09:50.0435 1484  HidIr - ok
17:09:50.0466 1484  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:09:50.0466 1484  hidserv - ok
17:09:50.0528 1484  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:09:50.0528 1484  HidUsb - ok
17:09:50.0560 1484  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:09:50.0575 1484  hkmsvc - ok
17:09:50.0622 1484  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:09:50.0638 1484  HomeGroupListener - ok
17:09:50.0684 1484  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:09:50.0700 1484  HomeGroupProvider - ok
17:09:50.0762 1484  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:09:50.0762 1484  HpSAMD - ok
17:09:50.0825 1484  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:09:50.0840 1484  HTTP - ok
17:09:50.0887 1484  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:09:50.0887 1484  hwpolicy - ok
17:09:50.0950 1484  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:09:50.0950 1484  i8042prt - ok
17:09:50.0996 1484  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:09:51.0012 1484  iaStorV - ok
17:09:51.0090 1484  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:09:51.0121 1484  idsvc - ok
17:09:51.0168 1484  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:09:51.0168 1484  iirsp - ok
17:09:51.0246 1484  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:09:51.0262 1484  IKEEXT - ok
17:09:51.0386 1484  [ D311E2DD59A34079D89C249B2A4D9FDB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:09:51.0402 1484  IntcAzAudAddService - ok
17:09:51.0418 1484  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:09:51.0418 1484  intelide - ok
17:09:51.0449 1484  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:09:51.0449 1484  intelppm - ok
17:09:51.0464 1484  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:09:51.0464 1484  IPBusEnum - ok
17:09:51.0511 1484  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:09:51.0511 1484  IpFilterDriver - ok
17:09:51.0558 1484  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:09:51.0558 1484  IPMIDRV - ok
17:09:51.0589 1484  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:09:51.0605 1484  IPNAT - ok
17:09:51.0667 1484  [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:09:51.0698 1484  iPod Service - ok
17:09:51.0714 1484  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:09:51.0730 1484  IRENUM - ok
17:09:51.0745 1484  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:09:51.0761 1484  isapnp - ok
17:09:51.0808 1484  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:09:51.0808 1484  iScsiPrt - ok
17:09:51.0854 1484  [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
17:09:51.0870 1484  k57nd60a - ok
17:09:51.0886 1484  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:09:51.0886 1484  kbdclass - ok
17:09:51.0932 1484  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:09:51.0948 1484  kbdhid - ok
17:09:51.0964 1484  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:09:51.0979 1484  KeyIso - ok
17:09:52.0026 1484  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:09:52.0026 1484  KSecDD - ok
17:09:52.0057 1484  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:09:52.0057 1484  KSecPkg - ok
17:09:52.0088 1484  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:09:52.0104 1484  ksthunk - ok
17:09:52.0151 1484  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:09:52.0166 1484  KtmRm - ok
17:09:52.0213 1484  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:09:52.0229 1484  LanmanServer - ok
17:09:52.0291 1484  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:09:52.0307 1484  LanmanWorkstation - ok
17:09:52.0354 1484  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:09:52.0354 1484  lltdio - ok
17:09:52.0400 1484  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:09:52.0416 1484  lltdsvc - ok
17:09:52.0447 1484  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:09:52.0447 1484  lmhosts - ok
17:09:52.0494 1484  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:09:52.0494 1484  LSI_FC - ok
17:09:52.0525 1484  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:09:52.0525 1484  LSI_SAS - ok
17:09:52.0541 1484  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:09:52.0541 1484  LSI_SAS2 - ok
17:09:52.0556 1484  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:09:52.0556 1484  LSI_SCSI - ok
17:09:52.0572 1484  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:09:52.0572 1484  luafv - ok
17:09:52.0603 1484  MCSTRM - ok
17:09:52.0650 1484  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:09:52.0666 1484  Mcx2Svc - ok
17:09:52.0712 1484  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:09:52.0712 1484  megasas - ok
17:09:52.0728 1484  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:09:52.0728 1484  MegaSR - ok
17:09:52.0744 1484  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:09:52.0759 1484  MMCSS - ok
17:09:52.0759 1484  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:09:52.0759 1484  Modem - ok
17:09:52.0790 1484  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:09:52.0790 1484  monitor - ok
17:09:52.0853 1484  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
17:09:52.0853 1484  mouclass - ok
17:09:52.0868 1484  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:09:52.0884 1484  mouhid - ok
17:09:52.0915 1484  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:09:52.0915 1484  mountmgr - ok
17:09:52.0946 1484  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:09:52.0962 1484  mpio - ok
17:09:52.0978 1484  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:09:52.0978 1484  mpsdrv - ok
17:09:53.0024 1484  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:09:53.0040 1484  MRxDAV - ok
17:09:53.0071 1484  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:09:53.0071 1484  mrxsmb - ok
17:09:53.0118 1484  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:09:53.0134 1484  mrxsmb10 - ok
17:09:53.0149 1484  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:09:53.0149 1484  mrxsmb20 - ok
17:09:53.0196 1484  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:09:53.0196 1484  msahci - ok
17:09:53.0212 1484  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:09:53.0212 1484  msdsm - ok
17:09:53.0227 1484  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:09:53.0243 1484  MSDTC - ok
17:09:53.0290 1484  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:09:53.0290 1484  Msfs - ok
17:09:53.0305 1484  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:09:53.0321 1484  mshidkmdf - ok
17:09:53.0352 1484  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:09:53.0352 1484  msisadrv - ok
17:09:53.0414 1484  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:09:53.0414 1484  MSiSCSI - ok
17:09:53.0430 1484  msiserver - ok
17:09:53.0477 1484  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:09:53.0477 1484  MSKSSRV - ok
17:09:53.0492 1484  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:09:53.0492 1484  MSPCLOCK - ok
17:09:53.0508 1484  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:09:53.0508 1484  MSPQM - ok
17:09:53.0539 1484  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:09:53.0555 1484  MsRPC - ok
17:09:53.0602 1484  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:09:53.0602 1484  mssmbios - ok
17:09:53.0617 1484  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:09:53.0617 1484  MSTEE - ok
17:09:53.0633 1484  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:09:53.0633 1484  MTConfig - ok
17:09:53.0648 1484  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:09:53.0664 1484  Mup - ok
17:09:53.0695 1484  [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
17:09:53.0695 1484  mwlPSDFilter - ok
17:09:53.0726 1484  [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
17:09:53.0726 1484  mwlPSDNServ - ok
17:09:53.0742 1484  [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
17:09:53.0742 1484  mwlPSDVDisk - ok
17:09:53.0820 1484  [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService      C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
17:09:53.0836 1484  MWLService - ok
17:09:53.0898 1484  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:09:53.0914 1484  napagent - ok
17:09:53.0960 1484  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:09:53.0960 1484  NativeWifiP - ok
17:09:54.0038 1484  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:09:54.0054 1484  NDIS - ok
17:09:54.0101 1484  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:09:54.0101 1484  NdisCap - ok
17:09:54.0132 1484  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:09:54.0132 1484  NdisTapi - ok
17:09:54.0179 1484  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:09:54.0179 1484  Ndisuio - ok
17:09:54.0226 1484  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:09:54.0241 1484  NdisWan - ok
17:09:54.0272 1484  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:09:54.0272 1484  NDProxy - ok
17:09:54.0319 1484  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:09:54.0319 1484  NetBIOS - ok
17:09:54.0366 1484  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:09:54.0366 1484  NetBT - ok
17:09:54.0382 1484  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:09:54.0382 1484  Netlogon - ok
17:09:54.0428 1484  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:09:54.0444 1484  Netman - ok
17:09:54.0460 1484  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:09:54.0475 1484  netprofm - ok
17:09:54.0506 1484  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:09:54.0522 1484  NetTcpPortSharing - ok
17:09:54.0553 1484  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:09:54.0553 1484  nfrd960 - ok
17:09:54.0616 1484  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:09:54.0631 1484  NlaSvc - ok
17:09:54.0803 1484  [ 9D037C4705ACE5B69E4CE9AAE8B0A0D0 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:09:54.0912 1484  NOBU - ok
17:09:54.0943 1484  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:09:54.0943 1484  Npfs - ok
17:09:54.0974 1484  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:09:54.0974 1484  nsi - ok
17:09:54.0990 1484  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:09:54.0990 1484  nsiproxy - ok
17:09:55.0068 1484  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:09:55.0115 1484  Ntfs - ok
17:09:55.0162 1484  [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
17:09:55.0177 1484  NTI IScheduleSvc - ok
17:09:55.0208 1484  [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
17:09:55.0208 1484  NTIDrvr - ok
17:09:55.0224 1484  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:09:55.0240 1484  Null - ok
17:09:55.0271 1484  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:09:55.0271 1484  nvraid - ok
17:09:55.0318 1484  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:09:55.0318 1484  nvstor - ok
17:09:55.0349 1484  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:09:55.0349 1484  nv_agp - ok
17:09:55.0396 1484  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:09:55.0396 1484  ohci1394 - ok
17:09:55.0458 1484  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:09:55.0474 1484  ose - ok
17:09:55.0645 1484  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:09:55.0786 1484  osppsvc - ok
17:09:55.0817 1484  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:09:55.0832 1484  p2pimsvc - ok
17:09:55.0848 1484  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:09:55.0864 1484  p2psvc - ok
17:09:55.0910 1484  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:09:55.0910 1484  Parport - ok
17:09:55.0942 1484  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:09:55.0957 1484  partmgr - ok
17:09:55.0973 1484  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:09:55.0988 1484  PcaSvc - ok
17:09:56.0035 1484  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:09:56.0035 1484  pci - ok
17:09:56.0066 1484  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:09:56.0066 1484  pciide - ok
17:09:56.0113 1484  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:09:56.0129 1484  pcmcia - ok
17:09:56.0160 1484  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:09:56.0160 1484  pcw - ok
17:09:56.0191 1484  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:09:56.0207 1484  PEAUTH - ok
17:09:56.0332 1484  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:09:56.0347 1484  PerfHost - ok
17:09:56.0441 1484  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:09:56.0456 1484  pla - ok
17:09:56.0519 1484  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:09:56.0534 1484  PlugPlay - ok
17:09:56.0566 1484  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:09:56.0566 1484  PNRPAutoReg - ok
17:09:56.0597 1484  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:09:56.0597 1484  PNRPsvc - ok
17:09:56.0628 1484  [ 33328FA8A580885AB0065BE6DB266E9F ] Point64         C:\Windows\system32\DRIVERS\point64.sys
17:09:56.0628 1484  Point64 - ok
17:09:56.0675 1484  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:09:56.0706 1484  PolicyAgent - ok
17:09:56.0737 1484  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:09:56.0753 1484  Power - ok
17:09:56.0784 1484  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:09:56.0784 1484  PptpMiniport - ok
17:09:56.0815 1484  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:09:56.0815 1484  Processor - ok
17:09:56.0862 1484  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:09:56.0878 1484  ProfSvc - ok
17:09:56.0893 1484  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:09:56.0909 1484  ProtectedStorage - ok
17:09:56.0971 1484  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:09:56.0971 1484  Psched - ok
17:09:57.0034 1484  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:09:57.0096 1484  ql2300 - ok
17:09:57.0112 1484  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:09:57.0127 1484  ql40xx - ok
17:09:57.0158 1484  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:09:57.0158 1484  QWAVE - ok
17:09:57.0174 1484  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:09:57.0174 1484  QWAVEdrv - ok
17:09:57.0174 1484  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:09:57.0174 1484  RasAcd - ok
17:09:57.0221 1484  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:09:57.0221 1484  RasAgileVpn - ok
17:09:57.0252 1484  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:09:57.0268 1484  RasAuto - ok
17:09:57.0299 1484  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:09:57.0314 1484  Rasl2tp - ok
17:09:57.0361 1484  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:09:57.0377 1484  RasMan - ok
17:09:57.0408 1484  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:09:57.0408 1484  RasPppoe - ok
17:09:57.0424 1484  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:09:57.0439 1484  RasSstp - ok
17:09:57.0470 1484  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:09:57.0470 1484  rdbss - ok
17:09:57.0502 1484  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:09:57.0502 1484  rdpbus - ok
17:09:57.0517 1484  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:09:57.0517 1484  RDPCDD - ok
17:09:57.0548 1484  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:09:57.0548 1484  RDPENCDD - ok
17:09:57.0564 1484  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:09:57.0564 1484  RDPREFMP - ok
17:09:57.0611 1484  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:09:57.0611 1484  RDPWD - ok
17:09:57.0673 1484  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:09:57.0673 1484  rdyboost - ok
17:09:57.0720 1484  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:09:57.0736 1484  RemoteAccess - ok
17:09:57.0767 1484  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:09:57.0767 1484  RemoteRegistry - ok
17:09:57.0782 1484  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:09:57.0798 1484  RpcEptMapper - ok
17:09:57.0814 1484  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:09:57.0829 1484  RpcLocator - ok
17:09:57.0876 1484  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:09:57.0892 1484  RpcSs - ok
17:09:57.0938 1484  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:09:57.0938 1484  rspndr - ok
17:09:58.0001 1484  [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
17:09:58.0016 1484  RSUSBSTOR - ok
17:09:58.0032 1484  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:09:58.0032 1484  SamSs - ok
17:09:58.0079 1484  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:09:58.0079 1484  sbp2port - ok
17:09:58.0126 1484  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:09:58.0141 1484  SCardSvr - ok
17:09:58.0172 1484  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:09:58.0172 1484  scfilter - ok
17:09:58.0235 1484  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:09:58.0266 1484  Schedule - ok
17:09:58.0297 1484  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:09:58.0297 1484  SCPolicySvc - ok
17:09:58.0328 1484  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:09:58.0344 1484  SDRSVC - ok
17:09:58.0391 1484  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:09:58.0406 1484  secdrv - ok
17:09:58.0453 1484  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:09:58.0453 1484  seclogon - ok
17:09:58.0484 1484  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:09:58.0500 1484  SENS - ok
17:09:58.0516 1484  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:09:58.0531 1484  SensrSvc - ok
17:09:58.0547 1484  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:09:58.0562 1484  Serenum - ok
17:09:58.0562 1484  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:09:58.0578 1484  Serial - ok
17:09:58.0578 1484  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:09:58.0578 1484  sermouse - ok
17:09:58.0625 1484  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:09:58.0625 1484  SessionEnv - ok
17:09:58.0672 1484  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:09:58.0672 1484  sffdisk - ok
17:09:58.0703 1484  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:09:58.0703 1484  sffp_mmc - ok
17:09:58.0718 1484  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:09:58.0718 1484  sffp_sd - ok
17:09:58.0750 1484  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:09:58.0750 1484  sfloppy - ok
17:09:58.0828 1484  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
17:09:58.0843 1484  Sftfs - ok
17:09:58.0906 1484  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:09:58.0921 1484  sftlist - ok
17:09:58.0968 1484  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:09:58.0968 1484  Sftplay - ok
17:09:58.0984 1484  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:09:58.0984 1484  Sftredir - ok
17:09:59.0030 1484  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
17:09:59.0030 1484  Sftvol - ok
17:09:59.0077 1484  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:09:59.0077 1484  sftvsa - ok
17:09:59.0124 1484  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:09:59.0140 1484  ShellHWDetection - ok
17:09:59.0171 1484  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:09:59.0171 1484  SiSRaid2 - ok
17:09:59.0202 1484  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:09:59.0202 1484  SiSRaid4 - ok
17:09:59.0218 1484  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:09:59.0233 1484  Smb - ok
17:09:59.0280 1484  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:09:59.0296 1484  SNMPTRAP - ok
17:09:59.0327 1484  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:09:59.0327 1484  spldr - ok
17:09:59.0389 1484  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:09:59.0405 1484  Spooler - ok
17:09:59.0545 1484  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:09:59.0576 1484  sppsvc - ok
17:09:59.0623 1484  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:09:59.0623 1484  sppuinotify - ok
17:09:59.0670 1484  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:09:59.0686 1484  srv - ok
17:09:59.0717 1484  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:09:59.0717 1484  srv2 - ok
17:09:59.0748 1484  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:09:59.0748 1484  srvnet - ok
17:09:59.0795 1484  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:09:59.0810 1484  SSDPSRV - ok
17:09:59.0826 1484  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:09:59.0842 1484  SstpSvc - ok
17:09:59.0873 1484  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:09:59.0873 1484  stexstor - ok
17:09:59.0935 1484  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:09:59.0966 1484  stisvc - ok
17:09:59.0998 1484  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:09:59.0998 1484  swenum - ok
17:10:00.0044 1484  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:10:00.0060 1484  swprv - ok
17:10:00.0107 1484  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:10:00.0107 1484  SynTP - ok
17:10:00.0185 1484  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:10:00.0200 1484  SysMain - ok
17:10:00.0247 1484  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:10:00.0263 1484  TabletInputService - ok
17:10:00.0325 1484  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:10:00.0325 1484  TapiSrv - ok
17:10:00.0372 1484  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:10:00.0372 1484  TBS - ok
17:10:00.0466 1484  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:10:00.0528 1484  Tcpip - ok
17:10:00.0590 1484  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:10:00.0606 1484  TCPIP6 - ok
17:10:00.0668 1484  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:10:00.0668 1484  tcpipreg - ok
17:10:00.0715 1484  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:10:00.0715 1484  TDPIPE - ok
17:10:00.0746 1484  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:10:00.0762 1484  TDTCP - ok
17:10:00.0809 1484  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:10:00.0809 1484  tdx - ok
17:10:00.0856 1484  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:10:00.0856 1484  TermDD - ok
17:10:00.0918 1484  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:10:00.0934 1484  TermService - ok
17:10:00.0965 1484  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:10:00.0980 1484  Themes - ok
17:10:00.0996 1484  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:10:00.0996 1484  THREADORDER - ok
17:10:01.0027 1484  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:10:01.0027 1484  TrkWks - ok
17:10:01.0105 1484  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:10:01.0105 1484  TrustedInstaller - ok
17:10:01.0152 1484  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:10:01.0152 1484  tssecsrv - ok
17:10:01.0214 1484  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:10:01.0214 1484  TsUsbFlt - ok
17:10:01.0277 1484  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:10:01.0277 1484  tunnel - ok
17:10:01.0308 1484  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:10:01.0308 1484  uagp35 - ok
17:10:01.0339 1484  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
17:10:01.0339 1484  UBHelper - ok
17:10:01.0386 1484  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:10:01.0402 1484  udfs - ok
17:10:01.0464 1484  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:10:01.0464 1484  UI0Detect - ok
17:10:01.0511 1484  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:10:01.0526 1484  uliagpkx - ok
17:10:01.0573 1484  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:10:01.0573 1484  umbus - ok
17:10:01.0604 1484  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:10:01.0620 1484  UmPass - ok
17:10:01.0698 1484  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
17:10:01.0698 1484  Updater Service - ok
17:10:01.0760 1484  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:10:01.0760 1484  upnphost - ok
17:10:01.0823 1484  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:10:01.0823 1484  USBAAPL64 - ok
17:10:01.0870 1484  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:10:01.0870 1484  usbccgp - ok
17:10:01.0901 1484  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:10:01.0901 1484  usbcir - ok
17:10:01.0948 1484  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:10:01.0963 1484  usbehci - ok
17:10:02.0010 1484  [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
17:10:02.0010 1484  usbfilter - ok
17:10:02.0041 1484  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:10:02.0057 1484  usbhub - ok
17:10:02.0088 1484  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:10:02.0088 1484  usbohci - ok
17:10:02.0135 1484  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:10:02.0135 1484  usbprint - ok
17:10:02.0150 1484  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:10:02.0166 1484  USBSTOR - ok
17:10:02.0182 1484  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:10:02.0197 1484  usbuhci - ok
17:10:02.0244 1484  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:10:02.0260 1484  usbvideo - ok
17:10:02.0291 1484  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:10:02.0306 1484  UxSms - ok
17:10:02.0322 1484  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:10:02.0322 1484  VaultSvc - ok
17:10:02.0353 1484  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:10:02.0353 1484  vdrvroot - ok
17:10:02.0416 1484  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:10:02.0431 1484  vds - ok
17:10:02.0478 1484  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:10:02.0478 1484  vga - ok
17:10:02.0509 1484  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:10:02.0509 1484  VgaSave - ok
17:10:02.0556 1484  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:10:02.0556 1484  vhdmp - ok
17:10:02.0587 1484  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:10:02.0587 1484  viaide - ok
17:10:02.0618 1484  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:10:02.0618 1484  volmgr - ok
17:10:02.0681 1484  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:10:02.0696 1484  volmgrx - ok
17:10:02.0728 1484  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:10:02.0728 1484  volsnap - ok
17:10:02.0790 1484  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:10:02.0790 1484  vsmraid - ok
17:10:02.0884 1484  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:10:02.0915 1484  VSS - ok
17:10:02.0946 1484  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:10:02.0946 1484  vwifibus - ok
17:10:02.0977 1484  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:10:02.0977 1484  vwififlt - ok
17:10:03.0008 1484  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:10:03.0008 1484  vwifimp - ok
17:10:03.0055 1484  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:10:03.0071 1484  W32Time - ok
17:10:03.0102 1484  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:10:03.0102 1484  WacomPen - ok
17:10:03.0164 1484  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:10:03.0164 1484  WANARP - ok
17:10:03.0180 1484  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:10:03.0180 1484  Wanarpv6 - ok
17:10:03.0274 1484  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:10:03.0320 1484  WatAdminSvc - ok
17:10:03.0383 1484  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:10:03.0430 1484  wbengine - ok
17:10:03.0461 1484  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:10:03.0476 1484  WbioSrvc - ok
17:10:03.0539 1484  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:10:03.0554 1484  wcncsvc - ok
17:10:03.0586 1484  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:10:03.0586 1484  WcsPlugInService - ok
17:10:03.0617 1484  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:10:03.0632 1484  Wd - ok
17:10:03.0679 1484  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
17:10:03.0679 1484  WDC_SAM - ok
17:10:03.0742 1484  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:10:03.0757 1484  Wdf01000 - ok
17:10:03.0773 1484  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:10:03.0788 1484  WdiServiceHost - ok
17:10:03.0804 1484  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:10:03.0804 1484  WdiSystemHost - ok
17:10:03.0851 1484  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:10:03.0866 1484  WebClient - ok
17:10:03.0898 1484  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:10:03.0913 1484  Wecsvc - ok
17:10:03.0944 1484  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:10:03.0944 1484  wercplsupport - ok
17:10:03.0976 1484  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:10:03.0991 1484  WerSvc - ok
17:10:04.0038 1484  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:10:04.0038 1484  WfpLwf - ok
17:10:04.0054 1484  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:10:04.0054 1484  WIMMount - ok
17:10:04.0085 1484  WinHttpAutoProxySvc - ok
17:10:04.0163 1484  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:10:04.0163 1484  Winmgmt - ok
17:10:04.0256 1484  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:10:04.0288 1484  WinRM - ok
17:10:04.0350 1484  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:10:04.0366 1484  WinUsb - ok
17:10:04.0412 1484  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:10:04.0444 1484  Wlansvc - ok
17:10:04.0490 1484  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:10:04.0506 1484  wlcrasvc - ok
17:10:04.0600 1484  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:10:04.0631 1484  wlidsvc - ok
17:10:04.0678 1484  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:10:04.0678 1484  WmiAcpi - ok
17:10:04.0724 1484  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:10:04.0724 1484  wmiApSrv - ok
17:10:04.0756 1484  WMPNetworkSvc - ok
17:10:04.0771 1484  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:10:04.0787 1484  WPCSvc - ok
17:10:04.0834 1484  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:10:04.0849 1484  WPDBusEnum - ok
17:10:04.0865 1484  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:10:04.0880 1484  ws2ifsl - ok
17:10:04.0880 1484  WSearch - ok
17:10:04.0990 1484  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:10:05.0005 1484  wuauserv - ok
17:10:05.0052 1484  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:10:05.0052 1484  WudfPf - ok
17:10:05.0099 1484  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:10:05.0099 1484  WUDFRd - ok
17:10:05.0130 1484  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:10:05.0146 1484  wudfsvc - ok
17:10:05.0192 1484  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:10:05.0208 1484  WwanSvc - ok
17:10:05.0239 1484  ================ Scan global ===============================
17:10:05.0270 1484  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:10:05.0302 1484  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:10:05.0333 1484  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:10:05.0380 1484  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:10:05.0411 1484  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:10:05.0426 1484  [Global] - ok
17:10:05.0426 1484  ================ Scan MBR ==================================
17:10:05.0442 1484  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:10:06.0300 1484  \Device\Harddisk0\DR0 - ok
17:10:06.0300 1484  ================ Scan VBR ==================================
17:10:06.0316 1484  [ 87AB95F6E90E6D6568A3102F9B02C8C9 ] \Device\Harddisk0\DR0\Partition1
17:10:06.0316 1484  \Device\Harddisk0\DR0\Partition1 - ok
17:10:06.0362 1484  [ 9965CBD45616368DA6E856B95F3FD9A9 ] \Device\Harddisk0\DR0\Partition2
17:10:06.0362 1484  \Device\Harddisk0\DR0\Partition2 - ok
17:10:06.0362 1484  ================ Scan active images ========================
17:10:06.0362 1484  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
17:10:06.0362 1484  C:\Windows\System32\drivers\crashdmp.sys - ok
17:10:06.0378 1484  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
17:10:06.0378 1484  C:\Windows\System32\drivers\Dumpata.sys - ok
17:10:06.0378 1484  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
17:10:06.0378 1484  C:\Windows\System32\drivers\msahci.sys - ok
17:10:06.0394 1484  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
17:10:06.0394 1484  C:\Windows\System32\drivers\dumpfve.sys - ok
17:10:06.0394 1484  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
17:10:06.0394 1484  C:\Windows\System32\drivers\cdrom.sys - ok
17:10:06.0409 1484  [ AB8B4D3136D18A20777036E0F0CFC5E1 ] C:\Windows\System32\drivers\aswSnx.sys
17:10:06.0409 1484  C:\Windows\System32\drivers\aswSnx.sys - ok
17:10:06.0409 1484  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
17:10:06.0409 1484  C:\Windows\System32\drivers\beep.sys - ok
17:10:06.0409 1484  [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] C:\Windows\System32\drivers\mwlPSDFilter.sys
17:10:06.0409 1484  C:\Windows\System32\drivers\mwlPSDFilter.sys - ok
17:10:06.0425 1484  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
17:10:06.0425 1484  C:\Windows\System32\drivers\null.sys - ok
17:10:06.0425 1484  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
17:10:06.0425 1484  C:\Windows\System32\drivers\watchdog.sys - ok
17:10:06.0440 1484  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
17:10:06.0440 1484  C:\Windows\System32\drivers\RDPCDD.sys - ok
17:10:06.0440 1484  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
17:10:06.0440 1484  C:\Windows\System32\drivers\RDPENCDD.sys - ok
17:10:06.0440 1484  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
17:10:06.0440 1484  C:\Windows\System32\drivers\RDPREFMP.sys - ok
17:10:06.0456 1484  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
17:10:06.0456 1484  C:\Windows\System32\drivers\vga.sys - ok
17:10:06.0456 1484  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
17:10:06.0456 1484  C:\Windows\System32\drivers\videoprt.sys - ok
17:10:06.0472 1484  [ D62C10D1829C65115111C160EA956260 ] C:\Windows\System32\drivers\aswTdi.sys
17:10:06.0472 1484  C:\Windows\System32\drivers\aswTdi.sys - ok
17:10:06.0472 1484  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
17:10:06.0472 1484  C:\Windows\System32\drivers\msfs.sys - ok
17:10:06.0472 1484  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
17:10:06.0472 1484  C:\Windows\System32\drivers\npfs.sys - ok
17:10:06.0487 1484  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
17:10:06.0487 1484  C:\Windows\System32\drivers\tdi.sys - ok
17:10:06.0487 1484  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
17:10:06.0487 1484  C:\Windows\System32\drivers\tdx.sys - ok
17:10:06.0503 1484  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
17:10:06.0503 1484  C:\Windows\System32\drivers\netbt.sys - ok
17:10:06.0503 1484  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
17:10:06.0503 1484  C:\Windows\System32\drivers\afd.sys - ok
17:10:06.0518 1484  [ 8F90459AFB7FD4557D935CE639EF6110 ] C:\Windows\System32\drivers\aswRdr2.sys
17:10:06.0518 1484  C:\Windows\System32\drivers\aswRdr2.sys - ok
17:10:06.0518 1484  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
17:10:06.0518 1484  C:\Windows\System32\drivers\wfplwf.sys - ok
17:10:06.0518 1484  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
17:10:06.0518 1484  C:\Windows\System32\drivers\pacer.sys - ok
17:10:06.0534 1484  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
17:10:06.0534 1484  C:\Windows\System32\drivers\netbios.sys - ok
17:10:06.0534 1484  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
17:10:06.0534 1484  C:\Windows\System32\drivers\vwififlt.sys - ok
17:10:06.0550 1484  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
17:10:06.0550 1484  C:\Windows\System32\drivers\rdbss.sys - ok
17:10:06.0550 1484  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
17:10:06.0550 1484  C:\Windows\System32\drivers\termdd.sys - ok
17:10:06.0550 1484  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
17:10:06.0550 1484  C:\Windows\System32\drivers\wanarp.sys - ok
17:10:06.0565 1484  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
17:10:06.0565 1484  C:\Windows\System32\drivers\mssmbios.sys - ok
17:10:06.0565 1484  [ 0BEFE32CA56D6EE89D58175725596A85 ] C:\Windows\System32\drivers\mwlPSDNserv.sys
17:10:06.0565 1484  C:\Windows\System32\drivers\mwlPSDNserv.sys - ok
17:10:06.0581 1484  [ D43BC633B8660463E446E28E14A51262 ] C:\Windows\System32\drivers\mwlPSDVDisk.sys
17:10:06.0581 1484  C:\Windows\System32\drivers\mwlPSDVDisk.sys - ok
17:10:06.0581 1484  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
17:10:06.0581 1484  C:\Windows\System32\drivers\nsiproxy.sys - ok
17:10:06.0581 1484  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
17:10:06.0581 1484  C:\Windows\System32\drivers\dfsc.sys - ok
17:10:06.0596 1484  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
17:10:06.0596 1484  C:\Windows\System32\drivers\discache.sys - ok
17:10:06.0596 1484  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
17:10:06.0596 1484  C:\Windows\System32\drivers\blbdrive.sys - ok
17:10:06.0612 1484  [ 97D4D725BD32C965119E6C8E252F8C64 ] C:\Windows\System32\drivers\aswSP.sys
17:10:06.0612 1484  C:\Windows\System32\drivers\aswSP.sys - ok
17:10:06.0612 1484  [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
17:10:06.0612 1484  C:\Windows\System32\drivers\amdppm.sys - ok
17:10:06.0612 1484  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
17:10:06.0612 1484  C:\Windows\System32\drivers\tunnel.sys - ok
17:10:06.0628 1484  [ 5FC9D833F726383D9D60205F5A3CF16B ] C:\Windows\System32\drivers\atikmpag.sys
17:10:06.0628 1484  C:\Windows\System32\drivers\atikmpag.sys - ok
17:10:06.0628 1484  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
17:10:06.0628 1484  C:\Windows\System32\ntdll.dll - ok
17:10:06.0643 1484  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
17:10:06.0643 1484  C:\Windows\System32\smss.exe - ok
17:10:06.0643 1484  [ B8660FB5431F136635FB6446AC67FAAE ] C:\Windows\System32\drivers\atikmdag.sys
17:10:06.0643 1484  C:\Windows\System32\drivers\atikmdag.sys - ok
17:10:06.0643 1484  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
17:10:06.0643 1484  C:\Windows\System32\autochk.exe - ok
17:10:06.0659 1484  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
17:10:06.0659 1484  C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:10:06.0659 1484  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
17:10:06.0659 1484  C:\Windows\System32\drivers\dxgmms1.sys - ok
17:10:06.0659 1484  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
17:10:06.0659 1484  C:\Windows\System32\drivers\hdaudbus.sys - ok
17:10:06.0674 1484  [ 37E053A2CF8F0082B689ED74106E0CEC ] C:\Windows\System32\drivers\k57nd60a.sys
17:10:06.0674 1484  C:\Windows\System32\drivers\k57nd60a.sys - ok
17:10:06.0674 1484  [ 2D659B569A76CDB83B815675A80D7096 ] C:\Windows\System32\drivers\BCMWL664.SYS
17:10:06.0674 1484  C:\Windows\System32\drivers\BCMWL664.SYS - ok
17:10:06.0690 1484  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] C:\Windows\System32\drivers\UBHelper.sys
17:10:06.0690 1484  C:\Windows\System32\drivers\UBHelper.sys - ok
17:10:06.0690 1484  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
17:10:06.0690 1484  C:\Windows\System32\drivers\vwifibus.sys - ok
17:10:06.0690 1484  [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
17:10:06.0706 1484  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
17:10:06.0706 1484  [ EE3BA1024594D5D09E314F206B94069E ] C:\Windows\System32\drivers\NTIDrvr.sys
17:10:06.0706 1484  C:\Windows\System32\drivers\NTIDrvr.sys - ok
17:10:06.0706 1484  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
17:10:06.0706 1484  C:\Windows\System32\drivers\usbport.sys - ok
17:10:06.0721 1484  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
17:10:06.0721 1484  C:\Windows\System32\drivers\i8042prt.sys - ok
17:10:06.0721 1484  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
17:10:06.0721 1484  C:\Windows\System32\drivers\usbehci.sys - ok
17:10:06.0737 1484  [ DC2B306861F42EEEB92EF525F4119F08 ] C:\Windows\System32\drivers\usbfilter.sys
17:10:06.0737 1484  C:\Windows\System32\drivers\usbfilter.sys - ok
17:10:06.0737 1484  [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
17:10:06.0737 1484  C:\Windows\System32\drivers\usbohci.sys - ok
17:10:06.0737 1484  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
17:10:06.0737 1484  C:\Windows\System32\drivers\kbdclass.sys - ok
17:10:06.0752 1484  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
17:10:06.0752 1484  C:\Windows\System32\drivers\usbd.sys - ok
17:10:06.0752 1484  [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] C:\Windows\System32\drivers\SynTP.sys
17:10:06.0752 1484  C:\Windows\System32\drivers\SynTP.sys - ok
17:10:06.0752 1484  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
17:10:06.0752 1484  C:\Windows\System32\drivers\CmBatt.sys - ok
17:10:06.0768 1484  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
17:10:06.0768 1484  C:\Windows\System32\drivers\mouclass.sys - ok
17:10:06.0768 1484  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
17:10:06.0768 1484  C:\Windows\System32\drivers\wmiacpi.sys - ok
17:10:06.0784 1484  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
17:10:06.0784 1484  C:\Windows\System32\drivers\agilevpn.sys - ok
17:10:06.0784 1484  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
17:10:06.0784 1484  C:\Windows\System32\drivers\CompositeBus.sys - ok
17:10:06.0784 1484  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
17:10:06.0784 1484  C:\Windows\System32\drivers\ndistapi.sys - ok
17:10:06.0799 1484  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
17:10:06.0799 1484  C:\Windows\System32\drivers\rasl2tp.sys - ok
17:10:06.0799 1484  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
17:10:06.0799 1484  C:\Windows\System32\drivers\ndiswan.sys - ok
17:10:06.0815 1484  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
17:10:06.0815 1484  C:\Windows\System32\drivers\raspppoe.sys - ok
17:10:06.0815 1484  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
17:10:06.0815 1484  C:\Windows\System32\drivers\raspptp.sys - ok
17:10:06.0815 1484  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
17:10:06.0815 1484  C:\Windows\System32\drivers\ks.sys - ok
17:10:06.0830 1484  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
17:10:06.0830 1484  C:\Windows\System32\drivers\rassstp.sys - ok
17:10:06.0830 1484  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
17:10:06.0830 1484  C:\Windows\System32\drivers\swenum.sys - ok
17:10:06.0846 1484  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
17:10:06.0846 1484  C:\Windows\System32\drivers\umbus.sys - ok
17:10:06.0846 1484  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
17:10:06.0846 1484  C:\Windows\System32\kernel32.dll - ok
17:10:06.0846 1484  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
17:10:06.0846 1484  C:\Windows\System32\imm32.dll - ok
17:10:06.0862 1484  [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
17:10:06.0862 1484  C:\Windows\System32\iertutil.dll - ok
17:10:06.0862 1484  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
17:10:06.0862 1484  C:\Windows\System32\imagehlp.dll - ok
17:10:06.0877 1484  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
17:10:06.0877 1484  C:\Windows\System32\rpcrt4.dll - ok
17:10:06.0877 1484  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
17:10:06.0877 1484  C:\Windows\System32\drivers\usbhub.sys - ok
17:10:06.0893 1484  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
17:10:06.0893 1484  C:\Windows\System32\drivers\ndproxy.sys - ok
17:10:06.0893 1484  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
17:10:06.0893 1484  C:\Windows\System32\drivers\drmk.sys - ok
17:10:06.0893 1484  [ E02B26650ACC2F4901342D4A66774AD7 ] C:\Windows\System32\drivers\AtihdW76.sys
17:10:06.0893 1484  C:\Windows\System32\drivers\AtihdW76.sys - ok
17:10:06.0908 1484  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
17:10:06.0908 1484  C:\Windows\System32\drivers\portcls.sys - ok
17:10:06.0908 1484  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
17:10:06.0908 1484  C:\Windows\System32\drivers\ksthunk.sys - ok
17:10:06.0924 1484  [ D311E2DD59A34079D89C249B2A4D9FDB ] C:\Windows\System32\drivers\RTKVHD64.sys
17:10:06.0924 1484  C:\Windows\System32\drivers\RTKVHD64.sys - ok
17:10:06.0924 1484  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
17:10:06.0924 1484  C:\Windows\System32\drivers\usbccgp.sys - ok
17:10:06.0924 1484  [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
17:10:06.0924 1484  C:\Windows\System32\drivers\usbvideo.sys - ok
17:10:06.0940 1484  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
17:10:06.0940 1484  C:\Windows\System32\setupapi.dll - ok
17:10:06.0940 1484  [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
17:10:06.0940 1484  C:\Windows\System32\wininet.dll - ok
17:10:06.0955 1484  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
17:10:06.0955 1484  C:\Windows\System32\normaliz.dll - ok
17:10:06.0955 1484  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
17:10:06.0955 1484  C:\Windows\System32\oleaut32.dll - ok
17:10:06.0955 1484  [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
17:10:06.0955 1484  C:\Windows\System32\urlmon.dll - ok
17:10:06.0971 1484  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
17:10:06.0971 1484  C:\Windows\System32\gdi32.dll - ok
17:10:06.0971 1484  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
17:10:06.0971 1484  C:\Windows\System32\lpk.dll - ok
17:10:06.0971 1484  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
17:10:06.0971 1484  C:\Windows\System32\user32.dll - ok
17:10:06.0986 1484  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
17:10:06.0986 1484  C:\Windows\System32\Wldap32.dll - ok
17:10:06.0986 1484  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
17:10:06.0986 1484  C:\Windows\System32\msctf.dll - ok
17:10:07.0002 1484  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
17:10:07.0002 1484  C:\Windows\System32\ole32.dll - ok
17:10:07.0002 1484  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
17:10:07.0002 1484  C:\Windows\System32\shlwapi.dll - ok
17:10:07.0002 1484  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
17:10:07.0002 1484  C:\Windows\System32\msvcrt.dll - ok
17:10:07.0018 1484  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
17:10:07.0018 1484  C:\Windows\System32\nsi.dll - ok
17:10:07.0018 1484  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
17:10:07.0018 1484  C:\Windows\System32\psapi.dll - ok
17:10:07.0033 1484  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
17:10:07.0033 1484  C:\Windows\System32\clbcatq.dll - ok
17:10:07.0033 1484  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
17:10:07.0033 1484  C:\Windows\System32\shell32.dll - ok
17:10:07.0033 1484  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
17:10:07.0033 1484  C:\Windows\System32\advapi32.dll - ok
17:10:07.0049 1484  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
17:10:07.0049 1484  C:\Windows\System32\sechost.dll - ok
17:10:07.0049 1484  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
17:10:07.0049 1484  C:\Windows\System32\comdlg32.dll - ok
17:10:07.0064 1484  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
17:10:07.0064 1484  C:\Windows\System32\difxapi.dll - ok
17:10:07.0064 1484  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
17:10:07.0064 1484  C:\Windows\System32\usp10.dll - ok
17:10:07.0064 1484  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
17:10:07.0064 1484  C:\Windows\System32\ws2_32.dll - ok
17:10:07.0080 1484  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
17:10:07.0080 1484  C:\Windows\System32\cfgmgr32.dll - ok
17:10:07.0080 1484  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
17:10:07.0080 1484  C:\Windows\System32\devobj.dll - ok
17:10:07.0096 1484  [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
17:10:07.0096 1484  C:\Windows\System32\crypt32.dll - ok
17:10:07.0096 1484  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
17:10:07.0096 1484  C:\Windows\System32\KernelBase.dll - ok
17:10:07.0096 1484  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
17:10:07.0096 1484  C:\Windows\System32\wintrust.dll - ok
17:10:07.0111 1484  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
17:10:07.0111 1484  C:\Windows\System32\comctl32.dll - ok
17:10:07.0111 1484  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
17:10:07.0111 1484  C:\Windows\System32\msasn1.dll - ok
17:10:07.0127 1484  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
17:10:07.0127 1484  C:\Windows\SysWOW64\normaliz.dll - ok
17:10:07.0127 1484  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
17:10:07.0127 1484  C:\Windows\System32\drivers\dxapi.sys - ok
17:10:07.0127 1484  [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
17:10:07.0127 1484  C:\Windows\System32\win32k.sys - ok
17:10:07.0142 1484  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
17:10:07.0142 1484  C:\Windows\System32\csrsrv.dll - ok
17:10:07.0142 1484  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
17:10:07.0142 1484  C:\Windows\System32\csrss.exe - ok
17:10:07.0158 1484  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
17:10:07.0158 1484  C:\Windows\System32\basesrv.dll - ok
17:10:07.0158 1484  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
17:10:07.0158 1484  C:\Windows\System32\winsrv.dll - ok
17:10:07.0158 1484  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
17:10:07.0158 1484  C:\Windows\System32\drivers\monitor.sys - ok
17:10:07.0174 1484  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
17:10:07.0174 1484  C:\Windows\System32\tsddd.dll - ok
17:10:07.0174 1484  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
17:10:07.0174 1484  C:\Windows\System32\sxssrv.dll - ok
17:10:07.0174 1484  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
17:10:07.0174 1484  C:\Windows\System32\wininit.exe - ok
17:10:07.0189 1484  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
17:10:07.0189 1484  C:\Windows\System32\KBDUS.DLL - ok
17:10:07.0189 1484  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
17:10:07.0189 1484  C:\Windows\System32\profapi.dll - ok
17:10:07.0205 1484  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
17:10:07.0205 1484  C:\Windows\System32\RpcRtRemote.dll - ok
17:10:07.0205 1484  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
17:10:07.0205 1484  C:\Windows\System32\cdd.dll - ok
17:10:07.0205 1484  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
17:10:07.0205 1484  C:\Windows\System32\WlS0WndH.dll - ok
17:10:07.0220 1484  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
17:10:07.0220 1484  C:\Windows\System32\sxs.dll - ok
17:10:07.0220 1484  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
17:10:07.0220 1484  C:\Windows\System32\cryptbase.dll - ok
17:10:07.0236 1484  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
17:10:07.0236 1484  C:\Windows\System32\apphelp.dll - ok
17:10:07.0236 1484  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
17:10:07.0236 1484  C:\Windows\System32\lsasrv.dll - ok
17:10:07.0236 1484  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
17:10:07.0236 1484  C:\Windows\System32\lsass.exe - ok
17:10:07.0252 1484  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
17:10:07.0252 1484  C:\Windows\System32\services.exe - ok
17:10:07.0252 1484  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
17:10:07.0252 1484  C:\Windows\System32\sspisrv.dll - ok
17:10:07.0267 1484  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
17:10:07.0267 1484  C:\Windows\System32\lsm.exe - ok
17:10:07.0267 1484  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
17:10:07.0267 1484  C:\Windows\System32\scext.dll - ok
17:10:07.0267 1484  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
17:10:07.0267 1484  C:\Windows\System32\sspicli.dll - ok
17:10:07.0283 1484  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
17:10:07.0283 1484  C:\Windows\System32\samsrv.dll - ok
17:10:07.0283 1484  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
17:10:07.0283 1484  C:\Windows\System32\scesrv.dll - ok
17:10:07.0283 1484  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
17:10:07.0283 1484  C:\Windows\System32\secur32.dll - ok
17:10:07.0298 1484  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
17:10:07.0298 1484  C:\Windows\System32\sysntfy.dll - ok
17:10:07.0298 1484  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
17:10:07.0298 1484  C:\Windows\System32\wmsgapi.dll - ok
17:10:07.0314 1484  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
17:10:07.0314 1484  C:\Windows\System32\cryptdll.dll - ok
17:10:07.0314 1484  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
17:10:07.0314 1484  C:\Windows\System32\wevtapi.dll - ok
17:10:07.0314 1484  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
17:10:07.0330 1484  C:\Windows\System32\srvcli.dll - ok
17:10:07.0330 1484  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
17:10:07.0330 1484  C:\Windows\System32\authz.dll - ok
17:10:07.0330 1484  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
17:10:07.0330 1484  C:\Windows\System32\cngaudit.dll - ok
17:10:07.0345 1484  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
17:10:07.0345 1484  C:\Windows\System32\aelupsvc.dll - ok
17:10:07.0345 1484  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
17:10:07.0345 1484  C:\Windows\System32\ncrypt.dll - ok
17:10:07.0345 1484  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
17:10:07.0345 1484  C:\Windows\System32\bcrypt.dll - ok
17:10:07.0361 1484  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
17:10:07.0361 1484  C:\Windows\System32\msprivs.dll - ok
17:10:07.0361 1484  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
17:10:07.0361 1484  C:\Windows\System32\atmfd.dll - ok
17:10:07.0376 1484  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
17:10:07.0376 1484  C:\Windows\System32\netjoin.dll - ok
17:10:07.0376 1484  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
17:10:07.0376 1484  C:\Windows\System32\negoexts.dll - ok
17:10:07.0376 1484  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
17:10:07.0376 1484  C:\Windows\System32\kerberos.dll - ok
17:10:07.0392 1484  [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
17:10:07.0392 1484  C:\Windows\System32\alg.exe - ok
17:10:07.0392 1484  [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
17:10:07.0392 1484  C:\Windows\System32\appidsvc.dll - ok
17:10:07.0408 1484  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
17:10:07.0408 1484  C:\Windows\System32\cryptsp.dll - ok
17:10:07.0408 1484  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
17:10:07.0408 1484  C:\Windows\System32\mswsock.dll - ok
17:10:07.0408 1484  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
17:10:07.0408 1484  C:\Windows\System32\msv1_0.dll - ok
17:10:07.0423 1484  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
17:10:07.0423 1484  C:\Windows\System32\wship6.dll - ok
17:10:07.0423 1484  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
17:10:07.0423 1484  C:\Windows\System32\appinfo.dll - ok
17:10:07.0439 1484  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
17:10:07.0439 1484  C:\Windows\System32\netlogon.dll - ok
17:10:07.0439 1484  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
17:10:07.0439 1484  C:\Windows\System32\rascfg.dll - ok
17:10:07.0439 1484  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
17:10:07.0439 1484  C:\Windows\System32\audiosrv.dll - ok
17:10:07.0454 1484  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
17:10:07.0454 1484  C:\Windows\System32\dnsapi.dll - ok
17:10:07.0454 1484  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
17:10:07.0454 1484  C:\Windows\System32\logoncli.dll - ok
17:10:07.0454 1484  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
17:10:07.0454 1484  C:\Windows\System32\AxInstSv.dll - ok
17:10:07.0470 1484  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
17:10:07.0470 1484  C:\Windows\System32\schannel.dll - ok
17:10:07.0470 1484  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
17:10:07.0470 1484  C:\Windows\System32\wdigest.dll - ok
17:10:07.0486 1484  [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
17:10:07.0486 1484  C:\Windows\System32\bdesvc.dll - ok
17:10:07.0486 1484  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
17:10:07.0486 1484  C:\Windows\System32\qmgr.dll - ok
17:10:07.0486 1484  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
17:10:07.0486 1484  C:\Windows\System32\rsaenh.dll - ok
17:10:07.0501 1484  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
17:10:07.0501 1484  C:\Windows\System32\TSpkg.dll - ok
17:10:07.0501 1484  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
17:10:07.0501 1484  C:\Windows\System32\pku2u.dll - ok
17:10:07.0517 1484  [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
17:10:07.0517 1484  C:\Windows\System32\LIVESSP.DLL - ok
17:10:07.0517 1484  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
17:10:07.0517 1484  C:\Windows\System32\bcryptprimitives.dll - ok
17:10:07.0517 1484  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
17:10:07.0517 1484  C:\Windows\System32\credssp.dll - ok
17:10:07.0532 1484  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
17:10:07.0532 1484  C:\Windows\System32\efslsaext.dll - ok
17:10:07.0532 1484  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
17:10:07.0532 1484  C:\Windows\System32\browser.dll - ok
17:10:07.0548 1484  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
17:10:07.0548 1484  C:\Windows\System32\scecli.dll - ok
17:10:07.0548 1484  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
17:10:07.0548 1484  C:\Windows\System32\winlogon.exe - ok
17:10:07.0548 1484  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
17:10:07.0548 1484  C:\Windows\System32\winsta.dll - ok
17:10:07.0564 1484  [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
17:10:07.0564 1484  C:\Windows\System32\bthserv.dll - ok
17:10:07.0564 1484  [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
17:10:07.0564 1484  C:\Windows\System32\certprop.dll - ok
17:10:07.0579 1484  [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
17:10:07.0579 1484  C:\Windows\System32\clfs.sys - ok
17:10:07.0579 1484  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
17:10:07.0579 1484  C:\Windows\System32\comres.dll - ok
17:10:07.0595 1484  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
17:10:07.0595 1484  C:\Windows\System32\cryptsvc.dll - ok
17:10:07.0595 1484  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
17:10:07.0595 1484  C:\Windows\System32\oleres.dll - ok
17:10:07.0595 1484  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
17:10:07.0595 1484  C:\Windows\System32\defragsvc.dll - ok
17:10:07.0610 1484  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
17:10:07.0610 1484  C:\Windows\System32\dhcpcore.dll - ok
17:10:07.0610 1484  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
17:10:07.0610 1484  C:\Windows\System32\dot3svc.dll - ok
17:10:07.0610 1484  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
17:10:07.0610 1484  C:\Windows\System32\dps.dll - ok
17:10:07.0626 1484  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
17:10:07.0626 1484  C:\Windows\System32\eapsvc.dll - ok
17:10:07.0626 1484  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
17:10:07.0626 1484  C:\Windows\System32\efssvc.dll - ok
17:10:07.0642 1484  [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
17:10:07.0642 1484  C:\Windows\ehome\ehrecvr.exe - ok
17:10:07.0642 1484  [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
17:10:07.0642 1484  C:\Windows\ehome\ehsched.exe - ok
17:10:07.0642 1484  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
17:10:07.0642 1484  C:\Windows\System32\wevtsvc.dll - ok
17:10:07.0657 1484  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
17:10:07.0657 1484  C:\Windows\System32\FXSRESM.dll - ok
17:10:07.0657 1484  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
17:10:07.0657 1484  C:\Windows\System32\fdPHost.dll - ok
17:10:07.0673 1484  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
17:10:07.0673 1484  C:\Windows\System32\FDResPub.dll - ok
17:10:07.0673 1484  [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
17:10:07.0673 1484  C:\Windows\System32\drivers\fileinfo.sys - ok
17:10:07.0673 1484  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
17:10:07.0673 1484  C:\Windows\System32\drivers\filetrace.sys - ok
17:10:07.0688 1484  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
17:10:07.0688 1484  C:\Windows\System32\drivers\fltMgr.sys - ok
17:10:07.0688 1484  [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
17:10:07.0688 1484  C:\Windows\System32\FntCache.dll - ok
17:10:07.0704 1484  [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
17:10:07.0704 1484  C:\Windows\System32\PresentationHost.exe - ok
17:10:07.0704 1484  [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
17:10:07.0704 1484  C:\Windows\System32\drivers\fsdepends.sys - ok
17:10:07.0704 1484  [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys
17:10:07.0704 1484  C:\Windows\System32\drivers\fvevol.sys - ok
17:10:07.0720 1484  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
17:10:07.0720 1484  C:\Windows\System32\gpapi.dll - ok
17:10:07.0720 1484  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
17:10:07.0720 1484  C:\Windows\System32\hidserv.dll - ok
17:10:07.0720 1484  [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
17:10:07.0720 1484  C:\Windows\System32\KMSVC.DLL - ok
17:10:07.0735 1484  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
17:10:07.0735 1484  C:\Windows\System32\ListSvc.dll - ok
17:10:07.0735 1484  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
17:10:07.0735 1484  C:\Windows\System32\provsvc.dll - ok
17:10:07.0751 1484  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
17:10:07.0751 1484  C:\Windows\System32\drivers\http.sys - ok
17:10:07.0751 1484  [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
17:10:07.0751 1484  C:\Windows\System32\drivers\hwpolicy.sys - ok
17:10:07.0766 1484  [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
17:10:07.0766 1484  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
17:10:07.0766 1484  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
17:10:07.0766 1484  C:\Windows\System32\IKEEXT.DLL - ok
17:10:07.0766 1484  [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
17:10:07.0766 1484  C:\Windows\System32\IPBusEnum.dll - ok
17:10:07.0782 1484  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
17:10:07.0782 1484  C:\Windows\System32\drivers\irenum.sys - ok
17:10:07.0782 1484  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
17:10:07.0782 1484  C:\Windows\System32\keyiso.dll - ok
17:10:07.0782 1484  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
17:10:07.0782 1484  C:\Windows\System32\srvsvc.dll - ok
17:10:07.0798 1484  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
17:10:07.0798 1484  C:\Windows\System32\wkssvc.dll - ok
17:10:07.0798 1484  [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
17:10:07.0798 1484  C:\Windows\System32\lltdres.dll - ok
17:10:07.0813 1484  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
17:10:07.0813 1484  C:\Windows\System32\drivers\luafv.sys - ok
17:10:07.0813 1484  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
17:10:07.0813 1484  C:\Windows\System32\lmhsvc.dll - ok
17:10:07.0813 1484  [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
17:10:07.0813 1484  C:\Windows\ehome\ehres.dll - ok
17:10:07.0829 1484  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
17:10:07.0829 1484  C:\Windows\System32\mmcss.dll - ok
17:10:07.0829 1484  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
17:10:07.0829 1484  C:\Windows\System32\drivers\mountmgr.sys - ok
17:10:07.0844 1484  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
17:10:07.0844 1484  C:\Windows\System32\FirewallAPI.dll - ok
17:10:07.0844 1484  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
17:10:07.0844 1484  C:\Windows\System32\WebClnt.dll - ok
17:10:07.0844 1484  [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
17:10:07.0844 1484  C:\Windows\System32\drivers\mshidkmdf.sys - ok
17:10:07.0860 1484  [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
17:10:07.0860 1484  C:\Windows\System32\iscsidsc.dll - ok
17:10:07.0860 1484  [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
17:10:07.0860 1484  C:\Windows\System32\msimsg.dll - ok
17:10:07.0876 1484  [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
17:10:07.0876 1484  C:\Windows\System32\drivers\mup.sys - ok
17:10:07.0876 1484  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
17:10:07.0876 1484  C:\Windows\System32\QAGENTRT.DLL - ok
17:10:07.0876 1484  [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
17:10:07.0876 1484  C:\Windows\System32\drivers\ndis.sys - ok
17:10:07.0891 1484  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
17:10:07.0891 1484  C:\Windows\System32\netman.dll - ok
17:10:07.0891 1484  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
17:10:07.0891 1484  C:\Windows\System32\netprofm.dll - ok
17:10:07.0907 1484  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
17:10:07.0907 1484  C:\Windows\System32\nlasvc.dll - ok
17:10:07.0907 1484  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
17:10:07.0907 1484  C:\Windows\System32\nsisvc.dll - ok
17:10:07.0907 1484  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
17:10:07.0907 1484  C:\Windows\System32\pnrpsvc.dll - ok
17:10:07.0922 1484  [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
17:10:07.0922 1484  C:\Windows\System32\drivers\partmgr.sys - ok
17:10:07.0922 1484  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
17:10:07.0922 1484  C:\Windows\System32\p2psvc.dll - ok
17:10:07.0938 1484  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
17:10:07.0938 1484  C:\Windows\System32\pcasvc.dll - ok
17:10:07.0938 1484  [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
17:10:07.0938 1484  C:\Windows\System32\pla.dll - ok
17:10:07.0938 1484  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
17:10:07.0938 1484  C:\Windows\System32\umpnpmgr.dll - ok
17:10:07.0954 1484  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
17:10:07.0954 1484  C:\Windows\System32\pnrpauto.dll - ok
17:10:07.0954 1484  [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
17:10:07.0954 1484  C:\Windows\System32\polstore.dll - ok
17:10:07.0969 1484  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
17:10:07.0969 1484  C:\Windows\System32\umpo.dll - ok
17:10:07.0969 1484  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
17:10:07.0969 1484  C:\Windows\System32\profsvc.dll - ok
17:10:07.0969 1484  [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
17:10:07.0969 1484  C:\Windows\System32\psbase.dll - ok
17:10:07.0985 1484  [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
17:10:07.0985 1484  C:\Windows\System32\qwave.dll - ok
17:10:07.0985 1484  [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
17:10:07.0985 1484  C:\Windows\System32\drivers\qwavedrv.sys - ok
17:10:07.0985 1484  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
17:10:07.0985 1484  C:\Windows\System32\rasauto.dll - ok
17:10:08.0000 1484  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
17:10:08.0000 1484  C:\Windows\System32\rasmans.dll - ok
17:10:08.0000 1484  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
17:10:08.0000 1484  C:\Windows\System32\sstpsvc.dll - ok
17:10:08.0016 1484  [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
17:10:08.0016 1484  C:\Windows\System32\mprdim.dll - ok
17:10:08.0016 1484  [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
17:10:08.0016 1484  C:\Windows\System32\regsvc.dll - ok
17:10:08.0016 1484  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
17:10:08.0016 1484  C:\Windows\System32\RpcEpMap.dll - ok
17:10:08.0032 1484  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
17:10:08.0032 1484  C:\Windows\System32\Locator.exe - ok
17:10:08.0032 1484  [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
17:10:08.0032 1484  C:\Windows\System32\SCardSvr.dll - ok
17:10:08.0032 1484  [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
17:10:08.0032 1484  C:\Windows\System32\drivers\scfilter.sys - ok
17:10:08.0047 1484  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
17:10:08.0047 1484  C:\Windows\System32\schedsvc.dll - ok
17:10:08.0047 1484  [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
17:10:08.0047 1484  C:\Windows\System32\sdrsvc.dll - ok
17:10:08.0063 1484  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
17:10:08.0063 1484  C:\Windows\System32\seclogon.dll - ok


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:32 AM

Posted 23 March 2013 - 08:36 PM

TDSSkiller log is incomplete
 
Malwarebytes

Please download Malwarebytes Anti-Malware and save it to your desktop. If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

===================================================

Farbar's MiniToolBox

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

===================================================

Farbar's Service Scanner

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

===================================================

AdwCleaner by Xplode - Search for Adware

  • Please download AdwCleaner by Xplode onto your desktop.
  • Security softwares may flag it as malicious.This is a false positive and can be ignored.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • Click YES if you receive a warning for reboot
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well

===================================================

Malwarebytes Anti-Rootkit

Download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt
  • Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • MBAR log

Edited by narenxp, 23 March 2013 - 08:36 PM.


#14 madmax51mc

madmax51mc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 23 March 2013 - 08:46 PM

Im trying to put the full TDS report in here it just says saving post... forever. I think its too large

 

here is the malwarebytes log. 

 

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
 
Database version: v2013.03.23.11
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
nenn :: NENN-PC [administrator]
 
3/23/2013 5:40:46 PM
mbam-log-2013-03-23 (17-40-46).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 358065
Time elapsed: 54 minute(s), 58 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)


#15 madmax51mc

madmax51mc
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:11:32 PM

Posted 23 March 2013 - 09:34 PM

MiniToolBox by Farbar  Version:05-03-2013
Ran by nenn (administrator) on 23-03-2013 at 18:55:25
Running from "C:\Users\nenn\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Broadcom 802.11n Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : nenn-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 88-9F-FA-1B-A8-E8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
   Physical Address. . . . . . . . . : 88-9F-FA-1B-A8-E8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::4cdc:72c:ef02:bda5%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.9(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, March 23, 2013 5:05:30 PM
   Lease Expires . . . . . . . . . . : Sunday, March 24, 2013 6:05:01 PM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 394829818
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-CE-3B-EA-1C-75-08-C1-5A-C3
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : 1C-75-08-C1-5A-C3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{F5666093-F410-4F4F-9BAF-22F542A0DA0A}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{B589616E-3D90-4C66-AE83-74A76A53A0B2}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{A83C15A5-2026-426C-8B43-858BE55A2CE8}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  10.0.0.1
 
Name:    google.com
Addresses:  2001:4860:4001:803::1008
 74.125.224.137
 74.125.224.132
 74.125.224.128
 74.125.224.130
 74.125.224.129
 74.125.224.135
 74.125.224.134
 74.125.224.142
 74.125.224.131
 74.125.224.136
 74.125.224.133
 
 
Pinging google.com [74.125.224.135] with 32 bytes of data:
Reply from 74.125.224.135: bytes=32 time=26ms TTL=55
Reply from 74.125.224.135: bytes=32 time=82ms TTL=55
 
Ping statistics for 74.125.224.135:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 26ms, Maximum = 82ms, Average = 54ms
Server:  UnKnown
Address:  10.0.0.1
 
Name:    yahoo.com
Addresses:  98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=151ms TTL=51
Reply from 206.190.36.45: bytes=32 time=163ms TTL=51
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 151ms, Maximum = 163ms, Average = 157ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...88 9f fa 1b a8 e8 ......Microsoft Virtual WiFi Miniport Adapter
 11...88 9f fa 1b a8 e8 ......Broadcom 802.11n Network Adapter
 10...1c 75 08 c1 5a c3 ......Broadcom NetLink ™ Gigabit Ethernet
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.9     25
         10.0.0.0    255.255.255.0         On-link          10.0.0.9    281
         10.0.0.9  255.255.255.255         On-link          10.0.0.9    281
       10.0.0.255  255.255.255.255         On-link          10.0.0.9    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.9    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.9    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    281 fe80::/64                On-link
 11    281 fe80::4cdc:72c:ef02:bda5/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
 
System errors:
=============
Error: (03/23/2013 05:37:48 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
18 Wheels of Steel - American Long Haul (Version: 2.2.0.95)
Acer Backup Manager (Version: 2.0.0.68)
Acer Crystal Eye webcam (Version: 1.0.4.5)
Acer ePower Management (Version: 5.00.3005)
Acer eRecovery Management (Version: 4.05.3013)
Acer Game Console
Acer Games (Version: 1.0.1.3)
Acer Registration (Version: 1.03.3003)
Acer ScreenSaver (Version: 1.1.0707.2010)
Acer Updater (Version: 1.02.3001)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.6.0.6090)
Adobe Flash Player 11 ActiveX (Version: 11.6.602.180)
Adobe Reader XI (11.0.02) (Version: 11.0.02)
Agatha Christie - Death on the Nile (Version: 2.2.0.95)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.795.0)
avast! Free Antivirus (Version: 8.0.1483.0)
Backup Manager Basic (Version: 2.0.0.68)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Build-a-lot 2 (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.1028.1114.18274)
Catalyst Control Center InstallProxy (Version: 2010.1028.1114.18274)
Catalyst Control Center Localization All (Version: 2010.1028.1114.18274)
CCC Help Chinese Standard (Version: 2010.1028.1113.18274)
CCC Help Chinese Traditional (Version: 2010.1028.1113.18274)
CCC Help Czech (Version: 2010.1028.1113.18274)
CCC Help Danish (Version: 2010.1028.1113.18274)
CCC Help Dutch (Version: 2010.1028.1113.18274)
CCC Help English (Version: 2010.1028.1113.18274)
CCC Help Finnish (Version: 2010.1028.1113.18274)
CCC Help French (Version: 2010.1028.1113.18274)
CCC Help German (Version: 2010.1028.1113.18274)
CCC Help Greek (Version: 2010.1028.1113.18274)
CCC Help Hungarian (Version: 2010.1028.1113.18274)
CCC Help Italian (Version: 2010.1028.1113.18274)
CCC Help Japanese (Version: 2010.1028.1113.18274)
CCC Help Korean (Version: 2010.1028.1113.18274)
CCC Help Norwegian (Version: 2010.1028.1113.18274)
CCC Help Polish (Version: 2010.1028.1113.18274)
CCC Help Portuguese (Version: 2010.1028.1113.18274)
CCC Help Russian (Version: 2010.1028.1113.18274)
CCC Help Spanish (Version: 2010.1028.1113.18274)
CCC Help Swedish (Version: 2010.1028.1113.18274)
CCC Help Thai (Version: 2010.1028.1113.18274)
CCC Help Turkish (Version: 2010.1028.1113.18274)
ccc-core-static (Version: 2010.1028.1114.18274)
ccc-utility64 (Version: 2010.1028.1114.18274)
CCleaner (Version: 3.28)
Chuzzle Deluxe (Version: 2.2.0.95)
CyberLink PowerDVD 9 (Version: 9.0.3216.50)
D3DX10 (Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's Carnival Adventure (Version: 2.2.0.95)
eBay Worldwide (Version: 2.1.0901)
EPSON PictureMate User's Guide
EPSON Printer Software
ESET Online Scanner v3
FATE (Version: 2.2.0.95)
Film Factory
GIMP 2.6.10 (Version: 2.6.10)
Google Chrome (Version: 25.0.1364.172)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3607.2246)
Google Update Helper (Version: 1.3.21.135)
Gygan
Identity Card (Version: 1.00.3003)
InstallIQ Updater (Version: 1.4.3.0)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Jewel Quest - Heritage (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 4.0.14)
LG United Mobile Driver (Version: 3.6.0.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MP3 Rocket
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.212.0)
MyWinLocker Suite (Version: 3.1.212.0)
NOOK for PC (Version: 2.5.1.237)
Norton Online Backup (Version: 2.6.0.86)
NTI Media Maker 9 (Version: 9.0.2.8938)
PandoraRecovery (Remove Only)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Realtek High Definition Audio Driver (Version: 6.0.1.6206)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30122)
Shredder (Version: 2.0.8.3)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Welcome Center (Version: 1.02.3005)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WModem Driver Installer (Version: 2.0.6.13)
Yahoo! Toolbar
Zuma's Revenge (Version: 2.2.0.95)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 33%
Total physical RAM: 3834.9 MB
Available physical RAM: 2567.18 MB
Total Pagefile: 7667.98 MB
Available Pagefile: 6429.04 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.25 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Acer) (Fixed) (Total:218.79 GB) (Free:160.83 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\NENN-PC
 
Administrator            Guest                    nenn                     
 
 
**** End of log ****


Farbar Service Scanner Version: 03-03-2013
Ran by nenn (administrator) on 23-03-2013 at 18:56:39
Running from "C:\Users\nenn\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
 
MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
 
bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
 
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.
Checking Start type of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ImagePath of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
Checking ServiceDll of iphlpsvc: ATTENTION!=====> Unable to open iphlpsvc registry key. The service key does not exist.
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users