Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Zeroaccess infection - advice please


  • This topic is locked This topic is locked
21 replies to this topic

#1 raven219

raven219

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 16 April 2013 - 11:26 AM

Hi there.

 

Things have been going wrong on my PC and after doing dome research I suspect that I have been infected by Zeroaccess.

 

This is what has happened so far.

 

1. A strange message from Avast - I wasn't using the PC at that time so it is not clear what Avast was reporting.  All I was told was that it was a red box!

2. I have lost the connection with items on my home network (NAS, media server etc) but I still have access to the internet.

3. WIndows updates have failed.

 

I have downloaded DDS and tried running it but it stops running when the green bar is about 80% complete.  At that point the PC has locked up as well.  I have tried running DDS in safe mode but have the same problem.

 

Hence I have no logs to attach to this post.

 

I am running Windows 7 SP1 with Avast antivirus.

 

Many thanks

 

Niall


Edited by hamluis, 16 April 2013 - 11:38 AM.
Emphasize added - Hamluis.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 PM

Posted 20 April 2013 - 07:55 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please download RogueKiller© by Tigzy from one of the links below and save it to your desktop.
Link 1 Bleepingcomputer
Link 2 RogueKiller (par Tigzy)

Quit all running programs.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.
When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop, DO NOT ATTACH THE LOG.

#3 raven219

raven219
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 20 April 2013 - 11:53 AM

Thanks for you support Nasdaq

 

Here is the log.

 

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Niall [Admin rights]
Mode : Scan -- Date : 04/20/2013 17:28:40
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3500312CS ATA Device +++++
--- User ---
[MBR] 0a2e750ad7dd6fed57bf3edeadc12bc0
[BSP] 95190fe630a9562b880b304c93ea8527 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 416937 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 853889024 | Size: 60000 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG SP2504C ATA Device +++++
--- User ---
[MBR] 01f4508106cd8ac7391a7ae867e85f1d
[BSP] 696c3af44f4bd92cfb6e8492ca30518f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 82229 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 168406560 | Size: 156245 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_04202013_02d1728.txt >>
RKreport[1]_S_04202013_02d1728.txt


 

Regards



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 PM

Posted 20 April 2013 - 12:21 PM





Run RogueKiller again and click Scan
When the scan completes > click on the Registry tab
Put a check next to all of these item below and uncheck the rest: (if found)

[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND


Now click Delete on the right hand column under Options

Post back the report which should be located on your desktop.
===

Restart the computer normally.

Try to run the DDS tool. If still no luck run this one and post the log if you can.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Please post the logs. Do not attach them.

#5 raven219

raven219
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 20 April 2013 - 02:24 PM

Ran RougeKiller as per instructions.  Report below.

 

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Niall [Admin rights]
Mode : Remove -- Date : 04/20/2013 19:47:20
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3500312CS ATA Device +++++
--- User ---
[MBR] 0a2e750ad7dd6fed57bf3edeadc12bc0
[BSP] 95190fe630a9562b880b304c93ea8527 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 416937 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 853889024 | Size: 60000 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG SP2504C ATA Device +++++
--- User ---
[MBR] 01f4508106cd8ac7391a7ae867e85f1d
[BSP] 696c3af44f4bd92cfb6e8492ca30518f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 82229 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 168406560 | Size: 156245 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3]_D_04202013_02d1947.txt >>
RKreport[1]_S_04202013_02d1728.txt ; RKreport[2]_S_04202013_02d1946.txt ; RKreport[3]_D_04202013_02d1947.txt



Machine booted fine.

 

Ran DDS - Same issue got to 80% on the bar and locked up.

 

Ran ComboFix - got warnings about Avast still running even though I had disabled all the real time shields.  ComboFix got as far as scanning and has been stuck there for over an hour.

 

Regards



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 PM

Posted 21 April 2013 - 07:31 AM

Run this tool.

AVAST Uninstall Utility

http://www.avast.com/uninstall-utility
===

Run ComboFix and post the log.
Close the application if not complete after 30 Minutes.

Keep me posted.

#7 raven219

raven219
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 22 April 2013 - 05:52 AM

Removed AVAST as per the instructions.

 

Rebooted machine and ran ComboFix

 

ComboFix complained about AVAST running still.  Closed ComboFix and searched through running processes.  Found nothing so looked at running services.  Found that Windows Defender and Firewall were running.  Rebooted machine and disabled those services (and disconnected network cable).  Ran ComboFix.  Straight through to scanning with no notices.

 

ComboFix remained stuck at the scanning stage for over 30 minutes and machine was locked.  Had to reboot to get out.

 

Regards



#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 PM

Posted 22 April 2013 - 08:32 AM

You should be able to get a log from this tool.

Download OTL to your desktop.
Double click on the icon to run it.
Make sure all other windows are closed and to let it run uninterrupted.

OTL_Main_Tutorial.gif
  • Select All Users.
  • Under the Custom Scan box paste this text in bold in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT


Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Post both logs DO NOT ATTACH THEM.

#9 raven219

raven219
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 22 April 2013 - 09:15 AM

OTL ran fine.

 

Did not produce an Extras.txt file.  OTL.txt is below.

 

OTL logfile created on: 22/04/2013 15:07:59 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Niall\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
 
3.25 Gb Total Physical Memory | 2.35 Gb Available Physical Memory | 72.38% Memory free
6.50 Gb Paging File | 5.45 Gb Available in Paging File | 83.88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 80.30 Gb Total Space | 33.02 Gb Free Space | 41.13% Space Free | Partition Type: NTFS
Drive D: | 152.58 Gb Total Space | 22.42 Gb Free Space | 14.70% Space Free | Partition Type: NTFS
Drive E: | 407.17 Gb Total Space | 10.56 Gb Free Space | 2.59% Space Free | Partition Type: NTFS
Drive G: | 1.91 Gb Total Space | 0.17 Gb Free Space | 8.83% Space Free | Partition Type: FAT
Drive U: | 58.59 Gb Total Space | 52.92 Gb Free Space | 90.32% Space Free | Partition Type: NTFS
 
Computer Name: SHERIDAN | User Name: Niall | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/04/17 17:02:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Niall\Desktop\OTL.exe
PRC - [2013/04/03 19:38:44 | 000,551,264 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2013/04/03 19:38:42 | 002,895,200 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2013/04/03 19:38:38 | 006,713,696 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Remote\Server\SRFeature.exe
PRC - [2013/03/15 11:30:02 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/03/14 23:55:14 | 001,292,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
PRC - [2013/02/05 09:54:40 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2013/01/25 03:48:50 | 000,583,456 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2013/01/18 12:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\BT Cloud\fshoster32.exe
PRC - [2013/01/14 21:56:22 | 000,095,232 | ---- | M] () -- c:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
PRC - [2012/11/11 14:57:34 | 004,142,216 | ---- | M] (QuicklyTech Pty Ltd) -- C:\Program Files\QuicklyTech\QuickShadow.exe
PRC - [2012/05/04 19:32:44 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\ViakaraokeSrv.exe
PRC - [2011/04/20 02:04:38 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/04/20 02:04:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/04 23:05:54 | 000,284,672 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2010/06/17 06:23:34 | 000,140,224 | ---- | M] (Advanced Micro Devices) -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/12/28 21:33:00 | 000,096,896 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/07/26 18:24:02 | 000,122,880 | ---- | M] (AnyUtils) -- C:\Program Files\AnyUtils\Any Wallpaper\AnyWallpaper.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/03/15 12:15:54 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/03/15 12:15:50 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/03/15 12:15:37 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/03/15 12:15:34 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/03/15 12:15:33 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/03/15 12:15:26 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/03/13 18:04:37 | 006,523,472 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll
MOD - [2013/01/14 21:56:22 | 000,095,232 | ---- | M] () -- c:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
MOD - [2010/04/06 15:57:17 | 007,975,808 | ---- | M] () -- C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2013/04/16 11:10:39 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/03 19:38:44 | 000,551,264 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2013/03/26 06:54:28 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/03/14 23:55:14 | 001,292,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe -- (OfficeSvc)
SRV - [2013/02/05 09:54:40 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2013/01/25 03:48:50 | 000,583,456 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2013/01/18 12:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\BT Cloud\fshoster32.exe -- (fshoster)
SRV - [2012/05/04 19:32:44 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\System32\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2011/04/20 02:04:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/04/19 14:37:26 | 001,181,328 | ---- | M] (Lavasoft) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/01/04 23:05:54 | 000,284,672 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2010/10/21 22:43:15 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/06/17 06:23:34 | 000,140,224 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/12/28 21:33:00 | 000,096,896 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/08/10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mvvideodemo.sys -- (mvvideodemo)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Niall\AppData\Local\Temp\cel90xbe.sys -- (cel90xbe)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Niall\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/02/05 10:15:14 | 000,134,144 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2plx86)
DRV - [2013/02/05 10:15:14 | 000,134,144 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2013/02/05 09:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2012/10/26 16:07:12 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012/09/20 05:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/09/20 05:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012/05/04 19:32:34 | 001,832,560 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2011/12/09 16:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)
DRV - [2011/12/09 16:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)
DRV - [2011/12/09 16:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)
DRV - [2011/12/09 16:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)
DRV - [2011/12/09 16:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV - [2011/07/19 11:12:14 | 000,030,232 | ---- | M] (DaShen Development Team) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DaShenAudio.sys -- (DaShenAudio_simple)
DRV - [2011/04/20 02:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/04/20 02:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/04/20 01:22:10 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/17 13:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010/10/31 09:50:00 | 000,010,616 | ---- | M] (ZoneOS) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zsport.sys -- (zonescreen)
DRV - [2010/04/27 17:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010/04/27 17:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010/04/27 17:57:24 | 000,031,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2010/04/27 17:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010/04/27 15:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2010/02/18 10:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009/12/02 14:19:06 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/10/07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/30 15:33:56 | 000,104,976 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/08/08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009/08/04 10:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009/07/16 11:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/07/14 01:14:43 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\scsiscan.sys -- (scsiscan)
DRV - [2009/07/13 23:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/06 10:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009/06/18 20:45:02 | 004,172,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM)
DRV - [2007/11/18 03:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/09/25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007/06/29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/05/09 22:51:34 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/09 22:47:00 | 001,276,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2007/05/09 22:46:48 | 000,014,112 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2007/04/19 13:12:58 | 000,102,696 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2006/07/06 13:16:12 | 000,064,000 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AIC78XX.SYS -- (aic78xx)
DRV - [2005/04/13 20:34:24 | 000,010,240 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmpu401.sys -- (nvmpu401)
DRV - [2004/07/29 16:29:58 | 000,211,072 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RT2500.sys -- (RT2500)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 82 DF 0A 03 AB 55 CB 01  [binary data]
IE - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.7
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8:  File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Niall\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/16 11:10:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/16 11:10:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/16 11:10:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/04/16 11:10:30 | 000,000,000 | ---D | M]
 
[2011/04/01 12:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Niall\AppData\Roaming\Mozilla\Extensions
[2011/04/01 12:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Niall\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013/02/15 12:22:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Niall\AppData\Roaming\Mozilla\Firefox\Profiles\hqzw2v1l.default\extensions
[2012/02/28 15:26:34 | 000,510,293 | ---- | M] () (No name found) -- C:\Users\Niall\AppData\Roaming\Mozilla\Firefox\Profiles\hqzw2v1l.default\extensions\Music_Player_Minion@code.google.com.xpi
[2013/01/09 21:39:27 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Niall\AppData\Roaming\Mozilla\Firefox\Profiles\hqzw2v1l.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2013/02/15 12:22:47 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Niall\AppData\Roaming\Mozilla\Firefox\Profiles\hqzw2v1l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/04/16 11:10:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/16 11:10:41 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/12/12 20:33:48 | 000,001,738 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/09/04 20:14:58 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/12/12 20:33:48 | 000,001,148 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/12/12 20:33:48 | 000,001,379 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2013/02/28 05:34:59 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2012/12/12 20:33:48 | 000,001,334 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml
 
O1 HOSTS File: ([2013/04/19 10:15:06 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O4 - HKU\S-1-5-21-273302985-3184514135-1570883167-1001..\Run: [Any Wallpaper] C:\Program Files\AnyUtils\Any Wallpaper\AnyWallpaper.exe (AnyUtils)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-273302985-3184514135-1570883167-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.shockwave.com/content/bejeweled2/sis/popcaploader_v10.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2841B1F-333F-4196-BE2C-A2FA1A42F291}: NameServer = 192.168.1.254
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/04/22 15:04:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Niall\Desktop\OTL.exe
[2013/04/22 11:53:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/04/22 11:34:00 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/04/20 20:02:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/04/20 20:02:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/04/20 20:02:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/04/20 20:01:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/20 20:01:13 | 005,056,640 | R--- | C] (Swearware) -- C:\Users\Niall\Desktop\ComboFix.exe
[2013/04/20 19:48:57 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Niall\Desktop\dds.com
[2013/04/20 17:27:33 | 000,000,000 | ---D | C] -- C:\Users\Niall\Desktop\RK_Quarantine
[2013/04/19 10:13:10 | 000,000,000 | ---D | C] -- C:\Users\Niall\AppData\Local\temp
[2013/04/16 16:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/04/16 16:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/04/16 15:49:32 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2013/04/16 12:04:17 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/16 11:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013/04/16 11:10:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/04/14 19:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop
[2013/04/03 16:19:44 | 000,134,144 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\System32\drivers\ser2pl.sys
[2013/04/03 15:51:31 | 000,000,000 | ---D | C] -- C:\Users\Niall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProntoEdit4
[2013/04/03 15:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\ProntoEdit4
[2013/04/02 11:35:18 | 000,000,000 | ---D | C] -- C:\Users\Niall\Documents\Criterion Games
[2013/03/27 21:29:38 | 000,000,000 | ---D | C] -- C:\Program Files\R.G. Mechanics
[2013/03/27 16:35:38 | 000,000,000 | ---D | C] -- C:\Users\Niall\AppData\Local\Logitech
[2013/03/27 16:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames
[2013/03/27 16:32:29 | 000,000,000 | ---D | C] -- C:\Program Files\Infogrames
[2010/02/02 12:16:49 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Niall\AppData\Roaming\pcouffin.sys
 
========== Files - Modified Within 30 Days ==========
 
[2013/04/22 15:08:36 | 000,667,224 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/04/22 15:08:36 | 000,125,900 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/04/22 12:41:37 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/22 12:41:37 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/22 12:33:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/21 15:08:27 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/04/19 10:15:06 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/04/19 09:44:11 | 005,056,640 | R--- | M] (Swearware) -- C:\Users\Niall\Desktop\ComboFix.exe
[2013/04/19 09:43:57 | 000,816,128 | ---- | M] () -- C:\Users\Niall\Desktop\RogueKiller(1).exe
[2013/04/17 17:02:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Niall\Desktop\OTL.exe
[2013/04/16 16:42:09 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Niall\Desktop\dds.com
[2013/04/16 15:49:32 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe
[2013/04/16 11:27:58 | 000,001,990 | ---- | M] () -- C:\Users\Niall\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/04/16 11:21:33 | 000,439,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/04/03 16:11:19 | 000,001,021 | ---- | M] () -- C:\Users\Niall\Desktop\Dropbox.lnk
[2013/03/27 16:35:09 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Grand Prix 4.lnk
 
========== Files Created - No Company Name ==========
 
[2013/04/20 20:02:31 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/04/20 20:02:31 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/04/20 20:02:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/04/20 20:02:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/04/20 20:02:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/19 09:44:39 | 000,816,128 | ---- | C] () -- C:\Users\Niall\Desktop\RogueKiller(1).exe
[2013/03/27 16:35:09 | 000,002,027 | ---- | C] () -- C:\Users\Public\Desktop\Grand Prix 4.lnk
[2013/03/08 11:41:39 | 000,017,864 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2013/03/06 12:19:52 | 000,000,165 | ---- | C] () -- C:\ProgramData\nbinst.ini
[2013/02/24 21:00:11 | 000,000,237 | ---- | C] () -- C:\Users\Niall\AppData\Roaming\burnaware.ini
[2013/02/18 19:09:27 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2013/02/18 19:09:27 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2013/02/09 20:04:08 | 000,000,000 | ---- | C] () -- C:\Windows\setup32.INI
[2012/12/18 11:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012/12/18 11:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012/12/18 11:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012/12/18 11:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012/12/18 11:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012/10/26 13:14:08 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2012/10/26 13:14:08 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2012/10/24 17:25:18 | 000,558,080 | ---- | C] () -- C:\Users\Niall\AppData\Roaming\SharedSettings.ccs
[2012/10/12 21:24:13 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys
[2012/10/12 21:24:13 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys
[2012/10/12 21:23:50 | 000,013,216 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2012/10/12 21:21:26 | 000,011,448 | ---- | C] () -- C:\Windows\System32\drivers\AsUpIO.sys
[2012/10/12 21:21:24 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll
[2012/10/12 21:21:24 | 000,011,296 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys
[2012/10/12 21:17:56 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/08/16 17:26:01 | 031,336,812 | ---- | C] () -- C:\Users\Niall\olympics test.jpg
[2012/05/02 23:08:20 | 000,000,600 | ---- | C] () -- C:\Users\Niall\AppData\Local\PUTTY.RND
[2012/04/10 14:42:44 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\2297F120FC.sys
[2012/01/31 18:36:32 | 000,016,096 | ---- | C] () -- C:\Users\Niall\AppData\Local\Schedule8.dat
[2012/01/11 12:54:22 | 000,000,254 | ---- | C] () -- C:\Users\Niall\SyncDocs.conf
[2011/10/15 19:16:03 | 000,000,108 | ---- | C] () -- C:\Windows\ka.ini
[2011/10/13 14:26:15 | 007,261,768 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2011/09/28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/07/25 14:58:55 | 000,001,171 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/02/23 18:08:16 | 000,019,456 | ---- | C] () -- C:\Users\Niall\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/15 12:26:12 | 010,948,608 | ---- | C] () -- C:\ProgramData\sandra.mda
[2011/01/23 17:07:33 | 000,000,449 | ---- | C] () -- C:\Users\Niall\AUTOEXEC.BAT
[2010/11/28 21:25:41 | 000,001,577 | ---- | C] () -- C:\Users\Niall\AppData\Roaming\dvdae.config
[2010/10/21 20:19:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/02/02 12:16:49 | 000,007,887 | ---- | C] () -- C:\Users\Niall\AppData\Roaming\pcouffin.cat
[2010/02/02 12:16:49 | 000,001,144 | ---- | C] () -- C:\Users\Niall\AppData\Roaming\pcouffin.inf
[2010/01/30 21:48:40 | 000,000,000 | ---- | C] () -- C:\Users\Niall\pspbrwse.jbf
[2010/01/27 21:49:31 | 000,000,153 | ---- | C] () -- C:\Users\Niall\AppData\Roaming\default.rss
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV - [2009/07/14 02:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2010/11/20 13:18:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/14 02:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/20 13:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 13:18:06 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/14 02:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/04 22:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2012/06/02 05:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 13:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 13:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 06:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/14 02:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/14 02:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/14 02:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/20 13:19:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/07/14 02:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/14 02:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/14 02:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/14 02:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2012/10/03 17:42:26 | 000,242,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/14 02:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 11:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 06:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/14 02:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/20 13:21:00 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 13:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/14 02:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/17 06:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/14 02:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/20 13:21:26 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 13:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/20 13:21:05 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 13:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2012/05/01 05:44:12 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 13:17:51 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2010/11/20 13:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2010/11/20 13:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 13:21:06 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/20 13:21:35 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 13:19:40 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/20 13:21:35 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/20 13:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/14 02:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 23:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 13:18:34 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/14 02:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/20 13:21:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
 
< MD5 for: SERVICES  >
[2009/06/10 22:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 22:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
 
< MD5 for: SERVICES.EXE  >
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2009/07/14 03:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/14 03:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
 
< MD5 for: SERVICES.LNK  >
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 05:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.MOCHIADS.COM.SOL  >
[2013/03/22 16:07:17 | 000,000,313 | ---- | M] () MD5=4863AC1160F51FECA5DC6D9B6814FE1B -- C:\Users\Niall\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DCH7WQTP\mochiads.com\services.mochiads.com.sol
 
< MD5 for: SERVICES.MOF  >
[2009/06/10 22:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 22:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
 
< MD5 for: SERVICES.MSC  >
[2009/07/14 03:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 22:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/14 03:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 22:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2009/07/13 21:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 21:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
 
< MD5 for: SVCHOST.EXE  >
[2012/12/14 17:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012/12/14 17:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
 
< MD5 for: WINSOCK.DLL  >
[2009/07/13 22:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL
[2009/07/13 22:41:34 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7\WINSOCK.DLL
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 143 bytes -> C:\Users\Niall\AppData\Roaming\default.rss:OECustomProperty

< End of report >



#10 nasdaq

nasdaq

  • Malware Response Team
  • 40,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 PM

Posted 22 April 2013 - 10:27 AM


Nothing suspicious was found on your OTL log.

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#11 raven219

raven219
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 22 April 2013 - 11:22 AM

Here is TDSSKILLER's log

 

17:07:55.0358 4056  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:07:55.0381 4056  ============================================================
17:07:55.0381 4056  Current date / time: 2013/04/22 17:07:55.0381
17:07:55.0381 4056  SystemInfo:
17:07:55.0381 4056 
17:07:55.0381 4056  OS Version: 6.1.7601 ServicePack: 1.0
17:07:55.0381 4056  Product type: Workstation
17:07:55.0381 4056  ComputerName: SHERIDAN
17:07:55.0381 4056  UserName: Niall
17:07:55.0381 4056  Windows directory: C:\Windows
17:07:55.0381 4056  System windows directory: C:\Windows
17:07:55.0381 4056  Processor architecture: Intel x86
17:07:55.0381 4056  Number of processors: 4
17:07:55.0381 4056  Page size: 0x1000
17:07:55.0381 4056  Boot type: Normal boot
17:07:55.0381 4056  ============================================================
17:07:56.0485 4056  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:07:56.0496 4056  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
17:07:56.0498 4056  Drive \Device\Harddisk2\DR4 - Size: 0x7A700000 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:07:56.0503 4056  ============================================================
17:07:56.0503 4056  \Device\Harddisk0\DR0:
17:07:56.0503 4056  MBR partitions:
17:07:56.0503 4056  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32E54800
17:07:56.0503 4056  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32E55000, BlocksNum 0x7530000
17:07:56.0503 4056  \Device\Harddisk1\DR1:
17:07:56.0503 4056  MBR partitions:
17:07:56.0503 4056  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xA09ADE1
17:07:56.0517 4056  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xA09AE5F, BlocksNum 0x13129371
17:07:56.0517 4056  \Device\Harddisk2\DR4:
17:07:56.0518 4056  MBR partitions:
17:07:56.0518 4056  \Device\Harddisk2\DR4\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x3D37E0
17:07:56.0518 4056  ============================================================
17:07:56.0535 4056  C: <-> \Device\Harddisk1\DR1\Partition1
17:07:56.0563 4056  D: <-> \Device\Harddisk1\DR1\Partition2
17:07:56.0586 4056  E: <-> \Device\Harddisk0\DR0\Partition1
17:07:56.0640 4056  U: <-> \Device\Harddisk0\DR0\Partition2
17:07:56.0640 4056  ============================================================
17:07:56.0640 4056  Initialize success
17:07:56.0640 4056  ============================================================
17:08:17.0667 3236  ============================================================
17:08:17.0667 3236  Scan started
17:08:17.0667 3236  Mode: Manual; SigCheck; TDLFS;
17:08:17.0667 3236  ============================================================
17:08:18.0367 3236  ================ Scan system memory ========================
17:08:18.0367 3236  System memory - ok
17:08:18.0367 3236  ================ Scan services =============================
17:08:18.0517 3236  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:08:18.0550 3236  1394ohci - ok
17:08:18.0594 3236  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:08:18.0604 3236  ACPI - ok
17:08:18.0626 3236  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:08:18.0634 3236  AcpiPmi - ok
17:08:18.0704 3236  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:08:18.0717 3236  adp94xx - ok
17:08:18.0732 3236  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:08:18.0741 3236  adpahci - ok
17:08:18.0751 3236  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:08:18.0760 3236  adpu320 - ok
17:08:18.0792 3236  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:08:18.0807 3236  AeLookupSvc - ok
17:08:18.0846 3236  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
17:08:18.0880 3236  AFD - ok
17:08:18.0900 3236  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:08:18.0927 3236  agp440 - ok
17:08:18.0951 3236  [ CB387D65D0D73CAD4D6661C389BD676C ] aic78xx         C:\Windows\system32\DRIVERS\aic78xx.sys
17:08:18.0956 3236  aic78xx ( UnsignedFile.Multi.Generic ) - warning
17:08:18.0956 3236  aic78xx - detected UnsignedFile.Multi.Generic (1)
17:08:19.0075 3236  [ 7997B6F02CBDA0E31FA18CC85871B938 ] ALCXWDM         C:\Windows\system32\drivers\RTKVAC.SYS
17:08:19.0146 3236  ALCXWDM - ok
17:08:19.0187 3236  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
17:08:19.0195 3236  ALG - ok
17:08:19.0222 3236  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:08:19.0229 3236  aliide - ok
17:08:19.0265 3236  [ EBCCBCBF1DF132E4775E5D6E6DEA3ED0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:08:19.0275 3236  AMD External Events Utility - ok
17:08:19.0354 3236  AMD FUEL Service - ok
17:08:19.0401 3236  [ 9FE76D783A7D47965D086A220B54277B ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
17:08:19.0425 3236  AMD Reservation Manager - ok
17:08:19.0439 3236  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:08:19.0466 3236  amdagp - ok
17:08:19.0476 3236  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:08:19.0486 3236  amdide - ok
17:08:19.0514 3236  [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86        C:\Windows\system32\DRIVERS\amdiox86.sys
17:08:19.0525 3236  amdiox86 - ok
17:08:19.0570 3236  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:08:19.0580 3236  AmdK8 - ok
17:08:19.0780 3236  [ F89643A2CA001B1162061E306F8BF267 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:08:19.0849 3236  amdkmdag - ok
17:08:19.0891 3236  [ FB68E1B9CEC598F0F69503F3AEBB45DD ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:08:19.0901 3236  amdkmdap - ok
17:08:19.0929 3236  [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD          C:\Windows\system32\DRIVERS\AmdLLD.sys
17:08:19.0935 3236  AmdLLD - ok
17:08:19.0970 3236  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:08:19.0976 3236  AmdPPM - ok
17:08:20.0014 3236  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:08:20.0022 3236  amdsata - ok
17:08:20.0039 3236  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:08:20.0047 3236  amdsbs - ok
17:08:20.0057 3236  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:08:20.0064 3236  amdxata - ok
17:08:20.0097 3236  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
17:08:20.0152 3236  AppID - ok
17:08:20.0192 3236  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:08:20.0230 3236  AppIDSvc - ok
17:08:20.0260 3236  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
17:08:20.0282 3236  Appinfo - ok
17:08:20.0380 3236  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:08:20.0390 3236  Apple Mobile Device - ok
17:08:20.0422 3236  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:08:20.0434 3236  arc - ok
17:08:20.0446 3236  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:08:20.0457 3236  arcsas - ok
17:08:20.0506 3236  [ 9D8CB58B9A9E177DDD599791A58A654D ] AsIO            C:\Windows\system32\drivers\AsIO.sys
17:08:20.0516 3236  AsIO - ok
17:08:20.0609 3236  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:08:20.0632 3236  aspnet_state - ok
17:08:20.0701 3236  [ 954FFBFF05B0B60EB63B52AF561436C4 ] AsSysCtrlService C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
17:08:20.0730 3236  AsSysCtrlService - ok
17:08:20.0750 3236  [ E67493490466B5F04B58C22D2590E8CA ] AsUpIO          C:\Windows\system32\drivers\AsUpIO.sys
17:08:20.0777 3236  AsUpIO - ok
17:08:20.0801 3236  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:08:20.0825 3236  AsyncMac - ok
17:08:20.0853 3236  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
17:08:20.0863 3236  atapi - ok
17:08:20.0908 3236  [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr            C:\Windows\system32\DRIVERS\athr.sys
17:08:20.0936 3236  athr - ok
17:08:21.0005 3236  [ 95B1E9804CA10D096C0383F7C6684950 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
17:08:21.0013 3236  AtiHDAudioService - ok
17:08:21.0039 3236  [ 40A07E6916AC098E31A9E39AC202B8A1 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
17:08:21.0048 3236  AtiHdmiService - ok
17:08:21.0338 3236  [ F89643A2CA001B1162061E306F8BF267 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:08:21.0425 3236  atikmdag - ok
17:08:21.0469 3236  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:08:21.0486 3236  AudioEndpointBuilder - ok
17:08:21.0493 3236  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:08:21.0510 3236  Audiosrv - ok
17:08:21.0536 3236  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:08:21.0545 3236  AxInstSV - ok
17:08:21.0581 3236  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
17:08:21.0591 3236  b06bdrv - ok
17:08:21.0616 3236  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:08:21.0625 3236  b57nd60x - ok
17:08:21.0680 3236  [ EB7C2DADF52F50F69F198C14C3556DC1 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
17:08:21.0701 3236  BCM43XX - ok
17:08:21.0728 3236  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:08:21.0734 3236  BDESVC - ok
17:08:21.0764 3236  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:08:21.0780 3236  Beep - ok
17:08:21.0821 3236  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
17:08:21.0890 3236  BFE - ok
17:08:21.0924 3236  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
17:08:21.0953 3236  BITS - ok
17:08:21.0966 3236  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:08:21.0976 3236  blbdrive - ok
17:08:22.0068 3236  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:08:22.0081 3236  Bonjour Service - ok
17:08:22.0104 3236  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:08:22.0114 3236  bowser - ok
17:08:22.0143 3236  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:08:22.0154 3236  BrFiltLo - ok
17:08:22.0163 3236  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:08:22.0174 3236  BrFiltUp - ok
17:08:22.0204 3236  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:08:22.0228 3236  BridgeMP - ok
17:08:22.0253 3236  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
17:08:22.0260 3236  Browser - ok
17:08:22.0286 3236  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:08:22.0296 3236  Brserid - ok
17:08:22.0308 3236  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:08:22.0316 3236  BrSerWdm - ok
17:08:22.0329 3236  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:08:22.0336 3236  BrUsbMdm - ok
17:08:22.0341 3236  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:08:22.0349 3236  BrUsbSer - ok
17:08:22.0360 3236  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:08:22.0368 3236  BTHMODEM - ok
17:08:22.0400 3236  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
17:08:22.0416 3236  bthserv - ok
17:08:22.0498 3236  catchme - ok
17:08:22.0513 3236  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:08:22.0528 3236  cdfs - ok
17:08:22.0566 3236  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:08:22.0595 3236  cdrom - ok
17:08:22.0628 3236  cel90xbe - ok
17:08:22.0670 3236  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:08:22.0715 3236  CertPropSvc - ok
17:08:22.0744 3236  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:08:22.0755 3236  circlass - ok
17:08:22.0789 3236  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
17:08:22.0803 3236  CLFS - ok
17:08:22.0860 3236  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:08:22.0870 3236  clr_optimization_v2.0.50727_32 - ok
17:08:22.0896 3236  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:08:22.0906 3236  clr_optimization_v4.0.30319_32 - ok
17:08:22.0920 3236  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:08:22.0930 3236  CmBatt - ok
17:08:22.0954 3236  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:08:22.0964 3236  cmdide - ok
17:08:23.0013 3236  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:08:23.0068 3236  CNG - ok
17:08:23.0089 3236  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:08:23.0115 3236  Compbatt - ok
17:08:23.0143 3236  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:08:23.0163 3236  CompositeBus - ok
17:08:23.0176 3236  COMSysApp - ok
17:08:23.0240 3236  cpuz135 - ok
17:08:23.0248 3236  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:08:23.0259 3236  crcdisk - ok
17:08:23.0299 3236  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:08:23.0310 3236  CryptSvc - ok
17:08:23.0371 3236  [ F054744F67576A01139885173392502B ] CrystalSysInfo  C:\Program Files\MediaCoder\SysInfo.sys
17:08:23.0386 3236  CrystalSysInfo - ok
17:08:23.0430 3236  [ E99F5CB7F18D0196E072E9A5CFDDAA11 ] DaShenAudio_simple C:\Windows\system32\drivers\DaShenAudio.sys
17:08:23.0445 3236  DaShenAudio_simple - ok
17:08:23.0479 3236  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:08:23.0505 3236  DcomLaunch - ok
17:08:23.0534 3236  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:08:23.0551 3236  defragsvc - ok
17:08:23.0578 3236  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:08:23.0593 3236  DfsC - ok
17:08:23.0623 3236  [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
17:08:23.0631 3236  dg_ssudbus - ok
17:08:23.0678 3236  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:08:23.0689 3236  Dhcp - ok
17:08:23.0713 3236  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
17:08:23.0729 3236  discache - ok
17:08:23.0763 3236  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:08:23.0769 3236  Disk - ok
17:08:23.0800 3236  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:08:23.0808 3236  Dnscache - ok
17:08:23.0840 3236  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:08:23.0856 3236  dot3svc - ok
17:08:23.0884 3236  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
17:08:23.0900 3236  DPS - ok
17:08:23.0933 3236  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:08:23.0940 3236  drmkaud - ok
17:08:23.0983 3236  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:08:24.0019 3236  dtsoftbus01 - ok
17:08:24.0073 3236  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:08:24.0101 3236  DXGKrnl - ok
17:08:24.0121 3236  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
17:08:24.0145 3236  EapHost - ok
17:08:24.0239 3236  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
17:08:24.0296 3236  ebdrv - ok
17:08:24.0319 3236  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
17:08:24.0326 3236  EFS - ok
17:08:24.0381 3236  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:08:24.0396 3236  ehRecvr - ok
17:08:24.0421 3236  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
17:08:24.0429 3236  ehSched - ok
17:08:24.0466 3236  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:08:24.0480 3236  elxstor - ok
17:08:24.0493 3236  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:08:24.0500 3236  ErrDev - ok
17:08:24.0555 3236  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
17:08:24.0573 3236  EventSystem - ok
17:08:24.0590 3236  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
17:08:24.0606 3236  exfat - ok
17:08:24.0635 3236  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:08:24.0651 3236  fastfat - ok
17:08:24.0708 3236  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
17:08:24.0746 3236  Fax - ok
17:08:24.0768 3236  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:08:24.0793 3236  fdc - ok
17:08:24.0806 3236  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
17:08:24.0830 3236  fdPHost - ok
17:08:24.0845 3236  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
17:08:24.0869 3236  FDResPub - ok
17:08:24.0878 3236  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:08:24.0889 3236  FileInfo - ok
17:08:24.0898 3236  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:08:24.0920 3236  Filetrace - ok
17:08:24.0933 3236  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:08:24.0940 3236  flpydisk - ok
17:08:24.0954 3236  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:08:24.0963 3236  FltMgr - ok
17:08:25.0010 3236  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
17:08:25.0024 3236  FontCache - ok
17:08:25.0076 3236  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:08:25.0081 3236  FontCache3.0.0.0 - ok
17:08:25.0091 3236  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:08:25.0099 3236  FsDepends - ok
17:08:25.0190 3236  [ A0F2C92F410EBAE832DFE507C7E4D6FA ] fshoster        C:\Program Files\BT Cloud\fshoster32.exe
17:08:25.0200 3236  fshoster - ok
17:08:25.0238 3236  [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
17:08:25.0249 3236  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
17:08:25.0249 3236  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
17:08:25.0296 3236  [ 0796C1E47ADB9825269E64B9DAB4E741 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
17:08:25.0311 3236  FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
17:08:25.0313 3236  FsUsbExService - detected UnsignedFile.Multi.Generic (1)
17:08:25.0336 3236  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:08:25.0345 3236  Fs_Rec - ok
17:08:25.0373 3236  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:08:25.0388 3236  fvevol - ok
17:08:25.0421 3236  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:08:25.0431 3236  gagp30kx - ok
17:08:25.0481 3236  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:08:25.0490 3236  GEARAspiWDM - ok
17:08:25.0524 3236  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:08:25.0551 3236  gpsvc - ok
17:08:25.0560 3236  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:08:25.0566 3236  hcw85cir - ok
17:08:25.0596 3236  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:08:25.0606 3236  HdAudAddService - ok
17:08:25.0643 3236  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:08:25.0651 3236  HDAudBus - ok
17:08:25.0661 3236  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:08:25.0669 3236  HidBatt - ok
17:08:25.0676 3236  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:08:25.0685 3236  HidBth - ok
17:08:25.0703 3236  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:08:25.0711 3236  HidIr - ok
17:08:25.0733 3236  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
17:08:25.0749 3236  hidserv - ok
17:08:25.0775 3236  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:08:25.0781 3236  HidUsb - ok
17:08:25.0801 3236  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:08:25.0816 3236  hkmsvc - ok
17:08:25.0841 3236  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:08:25.0849 3236  HomeGroupListener - ok
17:08:25.0883 3236  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:08:25.0900 3236  HomeGroupProvider - ok
17:08:25.0929 3236  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:08:25.0958 3236  HpSAMD - ok
17:08:26.0013 3236  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:08:26.0054 3236  HTTP - ok
17:08:26.0078 3236  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:08:26.0088 3236  hwpolicy - ok
17:08:26.0119 3236  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:08:26.0130 3236  i8042prt - ok
17:08:26.0150 3236  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:08:26.0166 3236  iaStorV - ok
17:08:26.0228 3236  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:08:26.0254 3236  idsvc - ok
17:08:26.0276 3236  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:08:26.0288 3236  iirsp - ok
17:08:26.0434 3236  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:08:26.0476 3236  IKEEXT - ok
17:08:26.0558 3236  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:08:26.0568 3236  intelide - ok
17:08:26.0626 3236  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:08:26.0638 3236  intelppm - ok
17:08:26.0670 3236  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:08:26.0695 3236  IPBusEnum - ok
17:08:26.0716 3236  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:08:26.0731 3236  IpFilterDriver - ok
17:08:26.0779 3236  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:08:26.0789 3236  iphlpsvc - ok
17:08:26.0848 3236  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:08:26.0855 3236  IPMIDRV - ok
17:08:26.0868 3236  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:08:26.0884 3236  IPNAT - ok
17:08:26.0933 3236  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:08:26.0946 3236  iPod Service - ok
17:08:26.0969 3236  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:08:26.0978 3236  IRENUM - ok
17:08:27.0003 3236  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:08:27.0010 3236  isapnp - ok
17:08:27.0023 3236  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:08:27.0031 3236  iScsiPrt - ok
17:08:27.0054 3236  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:08:27.0061 3236  kbdclass - ok
17:08:27.0096 3236  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:08:27.0123 3236  kbdhid - ok
17:08:27.0148 3236  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
17:08:27.0175 3236  KeyIso - ok
17:08:27.0199 3236  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:08:27.0210 3236  KSecDD - ok
17:08:27.0220 3236  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:08:27.0231 3236  KSecPkg - ok
17:08:27.0263 3236  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:08:27.0290 3236  KtmRm - ok
17:08:27.0306 3236  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:08:27.0323 3236  LanmanServer - ok
17:08:27.0348 3236  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:08:27.0364 3236  LanmanWorkstation - ok
17:08:27.0455 3236  [ C48B0F913C944D736A455191ECD8FF45 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
17:08:27.0479 3236  Lavasoft Ad-Aware Service - ok
17:08:27.0514 3236  [ 713CD5267ABFB86FE90A72E384E82A38 ] Lbd             C:\Windows\system32\DRIVERS\Lbd.sys
17:08:27.0521 3236  Lbd - ok
17:08:27.0563 3236  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:08:27.0579 3236  lltdio - ok
17:08:27.0614 3236  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:08:27.0631 3236  lltdsvc - ok
17:08:27.0651 3236  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:08:27.0666 3236  lmhosts - ok
17:08:27.0690 3236  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:08:27.0698 3236  LSI_FC - ok
17:08:27.0710 3236  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:08:27.0718 3236  LSI_SAS - ok
17:08:27.0731 3236  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:08:27.0739 3236  LSI_SAS2 - ok
17:08:27.0753 3236  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:08:27.0760 3236  LSI_SCSI - ok
17:08:27.0771 3236  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
17:08:27.0786 3236  luafv - ok
17:08:27.0831 3236  [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2Mon.sys
17:08:27.0845 3236  LVPr2Mon - ok
17:08:27.0889 3236  [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
17:08:27.0920 3236  LVPrcSrv - ok
17:08:27.0951 3236  [ 9E9306063ECD8AA91B3FB76678D3CEE2 ] LVUSBSta        C:\Windows\system32\drivers\LVUSBSta.sys
17:08:27.0963 3236  LVUSBSta - ok
17:08:28.0003 3236  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:08:28.0014 3236  Mcx2Svc - ok
17:08:28.0025 3236  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:08:28.0035 3236  megasas - ok
17:08:28.0059 3236  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:08:28.0074 3236  MegaSR - ok
17:08:28.0101 3236  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
17:08:28.0126 3236  MMCSS - ok
17:08:28.0140 3236  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
17:08:28.0156 3236  Modem - ok
17:08:28.0176 3236  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:08:28.0184 3236  monitor - ok
17:08:28.0216 3236  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:08:28.0223 3236  mouclass - ok
17:08:28.0250 3236  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:08:28.0258 3236  mouhid - ok
17:08:28.0288 3236  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:08:28.0294 3236  mountmgr - ok
17:08:28.0351 3236  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:08:28.0360 3236  MozillaMaintenance - ok
17:08:28.0371 3236  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:08:28.0379 3236  mpio - ok
17:08:28.0394 3236  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:08:28.0409 3236  mpsdrv - ok
17:08:28.0465 3236  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:08:28.0531 3236  MpsSvc - ok
17:08:28.0556 3236  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:08:28.0570 3236  MRxDAV - ok
17:08:28.0595 3236  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:08:28.0605 3236  mrxsmb - ok
17:08:28.0616 3236  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:08:28.0628 3236  mrxsmb10 - ok
17:08:28.0636 3236  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:08:28.0646 3236  mrxsmb20 - ok
17:08:28.0676 3236  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
17:08:28.0684 3236  msahci - ok
17:08:28.0706 3236  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:08:28.0714 3236  msdsm - ok
17:08:28.0723 3236  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
17:08:28.0731 3236  MSDTC - ok
17:08:28.0748 3236  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:08:28.0763 3236  Msfs - ok
17:08:28.0773 3236  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:08:28.0788 3236  mshidkmdf - ok
17:08:28.0798 3236  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:08:28.0804 3236  msisadrv - ok
17:08:28.0839 3236  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:08:28.0854 3236  MSiSCSI - ok
17:08:28.0856 3236  msiserver - ok
17:08:28.0903 3236  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:08:28.0919 3236  MSKSSRV - ok
17:08:28.0938 3236  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:08:28.0953 3236  MSPCLOCK - ok
17:08:28.0960 3236  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:08:28.0976 3236  MSPQM - ok
17:08:28.0990 3236  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:08:28.0999 3236  MsRPC - ok
17:08:29.0008 3236  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:08:29.0015 3236  mssmbios - ok
17:08:29.0024 3236  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:08:29.0040 3236  MSTEE - ok
17:08:29.0043 3236  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:08:29.0049 3236  MTConfig - ok
17:08:29.0076 3236  [ CBE71C122434805CB73FFB6619F60598 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
17:08:29.0083 3236  MTsensor - ok
17:08:29.0095 3236  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:08:29.0101 3236  Mup - ok
17:08:29.0161 3236  mvvideodemo - ok
17:08:29.0203 3236  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
17:08:29.0238 3236  napagent - ok
17:08:29.0269 3236  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:08:29.0284 3236  NativeWifiP - ok
17:08:29.0316 3236  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:08:29.0336 3236  NDIS - ok
17:08:29.0350 3236  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:08:29.0365 3236  NdisCap - ok
17:08:29.0393 3236  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:08:29.0408 3236  NdisTapi - ok
17:08:29.0433 3236  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:08:29.0448 3236  Ndisuio - ok
17:08:29.0474 3236  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:08:29.0489 3236  NdisWan - ok
17:08:29.0528 3236  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:08:29.0541 3236  NDProxy - ok
17:08:29.0586 3236  [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:08:29.0590 3236  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:08:29.0590 3236  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:08:29.0614 3236  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:08:29.0630 3236  NetBIOS - ok
17:08:29.0673 3236  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\drivers\netbt.sys
17:08:29.0734 3236  NetBT - ok
17:08:29.0753 3236  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
17:08:29.0780 3236  Netlogon - ok
17:08:29.0820 3236  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
17:08:29.0848 3236  Netman - ok
17:08:29.0913 3236  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:29.0923 3236  NetMsmqActivator - ok
17:08:29.0925 3236  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:29.0935 3236  NetPipeActivator - ok
17:08:29.0953 3236  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
17:08:29.0971 3236  netprofm - ok
17:08:29.0975 3236  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:29.0981 3236  NetTcpActivator - ok
17:08:29.0984 3236  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:08:29.0990 3236  NetTcpPortSharing - ok
17:08:30.0025 3236  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:08:30.0033 3236  nfrd960 - ok
17:08:30.0059 3236  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:08:30.0068 3236  NlaSvc - ok
17:08:30.0100 3236  nosGetPlusHelper - ok
17:08:30.0113 3236  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:08:30.0129 3236  Npfs - ok
17:08:30.0140 3236  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
17:08:30.0156 3236  nsi - ok
17:08:30.0166 3236  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:08:30.0181 3236  nsiproxy - ok
17:08:30.0226 3236  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:08:30.0244 3236  Ntfs - ok
17:08:30.0251 3236  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
17:08:30.0266 3236  Null - ok
17:08:30.0328 3236  [ D668632606D1CEBF0B6EC64C1DF7ED6F ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
17:08:30.0390 3236  NVENETFD - ok
17:08:30.0423 3236  [ D509EF6E99D1B55887FDC0CB61FD5A42 ] nvmpu401        C:\Windows\system32\drivers\nvmpu401.sys
17:08:30.0433 3236  nvmpu401 - ok
17:08:30.0446 3236  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:08:30.0458 3236  nvraid - ok
17:08:30.0499 3236  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:08:30.0511 3236  nvstor - ok
17:08:30.0549 3236  [ 615D79A1D2C98817FF2FDEB1B167D808 ] nvstor32        C:\Windows\system32\DRIVERS\nvstor32.sys
17:08:30.0561 3236  nvstor32 - ok
17:08:30.0574 3236  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:08:30.0585 3236  nv_agp - ok
17:08:30.0676 3236  [ 2198CF234961D3006BEE2E39426EC0D6 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
17:08:30.0699 3236  OfficeSvc - ok
17:08:30.0708 3236  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:08:30.0714 3236  ohci1394 - ok
17:08:30.0788 3236  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:08:30.0796 3236  ose - ok
17:08:30.0939 3236  [ EE5756BDA5BE5891270E0CC6CEC44096 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:08:30.0993 3236  osppsvc - ok
17:08:31.0031 3236  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:08:31.0040 3236  p2pimsvc - ok
17:08:31.0055 3236  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:08:31.0064 3236  p2psvc - ok
17:08:31.0095 3236  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:08:31.0103 3236  Parport - ok
17:08:31.0124 3236  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:08:31.0130 3236  partmgr - ok
17:08:31.0145 3236  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:08:31.0151 3236  Parvdm - ok
17:08:31.0160 3236  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:08:31.0170 3236  PcaSvc - ok
17:08:31.0201 3236  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
17:08:31.0234 3236  pci - ok
17:08:31.0248 3236  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
17:08:31.0274 3236  pciide - ok
17:08:31.0298 3236  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:08:31.0311 3236  pcmcia - ok
17:08:31.0346 3236  [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
17:08:31.0358 3236  pcouffin - ok
17:08:31.0366 3236  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
17:08:31.0378 3236  pcw - ok
17:08:31.0408 3236  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:08:31.0428 3236  PEAUTH - ok
17:08:31.0458 3236  [ D30EDA6E1AB3C8C82F2CA085AB79040A ] pepifilter      C:\Windows\system32\DRIVERS\lv302af.sys
17:08:31.0464 3236  pepifilter - ok
17:08:31.0531 3236  [ 0DA6C5E0C8DA6CEBE52DAACFE7AE9DE6 ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V32.SYS
17:08:31.0550 3236  PID_PEPI - ok
17:08:31.0605 3236  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
17:08:31.0631 3236  pla - ok
17:08:31.0778 3236  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:08:31.0804 3236  PlugPlay - ok
17:08:31.0870 3236  [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:08:31.0875 3236  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:08:31.0875 3236  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:08:31.0893 3236  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:08:31.0904 3236  PNRPAutoReg - ok
17:08:31.0919 3236  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:08:31.0933 3236  PNRPsvc - ok
17:08:31.0950 3236  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:08:31.0975 3236  PolicyAgent - ok
17:08:31.0999 3236  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
17:08:32.0015 3236  Power - ok
17:08:32.0046 3236  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:08:32.0063 3236  PptpMiniport - ok
17:08:32.0071 3236  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:08:32.0079 3236  Processor - ok
17:08:32.0113 3236  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
17:08:32.0121 3236  ProfSvc - ok
17:08:32.0133 3236  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:08:32.0139 3236  ProtectedStorage - ok
17:08:32.0158 3236  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:08:32.0174 3236  Psched - ok
17:08:32.0218 3236  [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
17:08:32.0224 3236  PSI_SVC_2 - ok
17:08:32.0259 3236  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:08:32.0289 3236  ql2300 - ok
17:08:32.0298 3236  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:08:32.0305 3236  ql40xx - ok
17:08:32.0339 3236  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
17:08:32.0381 3236  QWAVE - ok
17:08:32.0400 3236  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:08:32.0430 3236  QWAVEdrv - ok
17:08:32.0441 3236  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:08:32.0464 3236  RasAcd - ok
17:08:32.0505 3236  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:08:32.0526 3236  RasAgileVpn - ok
17:08:32.0543 3236  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
17:08:32.0568 3236  RasAuto - ok
17:08:32.0583 3236  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:08:32.0599 3236  Rasl2tp - ok
17:08:32.0640 3236  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
17:08:32.0658 3236  RasMan - ok
17:08:32.0669 3236  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:08:32.0685 3236  RasPppoe - ok
17:08:32.0695 3236  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:08:32.0710 3236  RasSstp - ok
17:08:32.0733 3236  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:08:32.0749 3236  rdbss - ok
17:08:32.0763 3236  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:08:32.0771 3236  rdpbus - ok
17:08:32.0795 3236  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:08:32.0811 3236  RDPCDD - ok
17:08:32.0831 3236  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:08:32.0846 3236  RDPENCDD - ok
17:08:32.0858 3236  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:08:32.0871 3236  RDPREFMP - ok
17:08:32.0895 3236  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:08:32.0903 3236  RDPWD - ok
17:08:32.0949 3236  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:08:32.0981 3236  rdyboost - ok
17:08:33.0014 3236  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:08:33.0064 3236  RemoteAccess - ok
17:08:33.0086 3236  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:08:33.0113 3236  RemoteRegistry - ok
17:08:33.0139 3236  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:08:33.0164 3236  RpcEptMapper - ok
17:08:33.0188 3236  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
17:08:33.0195 3236  RpcLocator - ok
17:08:33.0215 3236  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\System32\rpcss.dll
17:08:33.0233 3236  RpcSs - ok
17:08:33.0240 3236  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:08:33.0256 3236  rspndr - ok
17:08:33.0290 3236  [ E67493848B31F7F9123B6BBF6B2AD1B2 ] RT2500          C:\Windows\system32\DRIVERS\RT2500.sys
17:08:33.0299 3236  RT2500 - ok
17:08:33.0338 3236  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
17:08:33.0351 3236  RTL8167 - ok
17:08:33.0368 3236  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
17:08:33.0375 3236  SamSs - ok
17:08:33.0456 3236  [ 230FD3749904CA045EA5EC0AA14006E9 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\Sandra.sys
17:08:33.0464 3236  SANDRA - ok
17:08:33.0489 3236  [ A740F0412A3C994FB3BC1871B79E46CF ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe
17:08:33.0493 3236  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
17:08:33.0493 3236  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
17:08:33.0524 3236  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:08:33.0554 3236  sbp2port - ok
17:08:33.0585 3236  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:08:33.0635 3236  SCardSvr - ok
17:08:33.0648 3236  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:08:33.0669 3236  scfilter - ok
17:08:33.0704 3236  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
17:08:33.0734 3236  Schedule - ok
17:08:33.0766 3236  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:08:33.0781 3236  SCPolicySvc - ok
17:08:33.0810 3236  [ 5AAF9869CC6279FD747412BE7457ABDC ] scsiscan        C:\Windows\system32\DRIVERS\scsiscan.sys
17:08:33.0819 3236  scsiscan - ok
17:08:33.0833 3236  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:08:33.0841 3236  SDRSVC - ok
17:08:33.0874 3236  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:08:33.0890 3236  secdrv - ok
17:08:33.0924 3236  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
17:08:33.0940 3236  seclogon - ok
17:08:33.0970 3236  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
17:08:33.0986 3236  SENS - ok
17:08:34.0009 3236  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:08:34.0016 3236  SensrSvc - ok
17:08:34.0059 3236  [ E7FE65A43586EC5A68B06DEC391186B7 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl.sys
17:08:34.0085 3236  Ser2pl - ok
17:08:34.0103 3236  [ E7FE65A43586EC5A68B06DEC391186B7 ] Ser2plx86       C:\Windows\system32\DRIVERS\ser2pl.sys
17:08:34.0128 3236  Ser2plx86 - ok
17:08:34.0156 3236  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:08:34.0166 3236  Serenum - ok
17:08:34.0198 3236  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:08:34.0208 3236  Serial - ok
17:08:34.0220 3236  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:08:34.0229 3236  sermouse - ok
17:08:34.0256 3236  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:08:34.0273 3236  SessionEnv - ok
17:08:34.0294 3236  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:08:34.0301 3236  sffdisk - ok
17:08:34.0304 3236  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:08:34.0313 3236  sffp_mmc - ok
17:08:34.0318 3236  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:08:34.0325 3236  sffp_sd - ok
17:08:34.0338 3236  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:08:34.0344 3236  sfloppy - ok
17:08:34.0379 3236  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:08:34.0396 3236  SharedAccess - ok
17:08:34.0434 3236  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:08:34.0451 3236  ShellHWDetection - ok
17:08:34.0465 3236  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:08:34.0473 3236  sisagp - ok
17:08:34.0489 3236  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:08:34.0495 3236  SiSRaid2 - ok
17:08:34.0509 3236  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:08:34.0516 3236  SiSRaid4 - ok
17:08:34.0541 3236  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:08:34.0558 3236  Smb - ok
17:08:34.0591 3236  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:08:34.0600 3236  SNMPTRAP - ok
17:08:34.0654 3236  [ C94279F34B1F39ED2F6D2DDCB4E6CDCB ] SplashtopRemoteService C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
17:08:34.0695 3236  SplashtopRemoteService - ok
17:08:34.0709 3236  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:08:34.0735 3236  spldr - ok
17:08:34.0769 3236  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
17:08:34.0783 3236  Spooler - ok
17:08:34.0874 3236  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
17:08:34.0916 3236  sppsvc - ok
17:08:34.0944 3236  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:08:34.0959 3236  sppuinotify - ok
17:08:34.0986 3236  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:08:34.0994 3236  srv - ok
17:08:35.0011 3236  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:08:35.0020 3236  srv2 - ok
17:08:35.0028 3236  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:08:35.0034 3236  srvnet - ok
17:08:35.0060 3236  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:08:35.0078 3236  SSDPSRV - ok
17:08:35.0089 3236  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:08:35.0105 3236  SstpSvc - ok
17:08:35.0130 3236  [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
17:08:35.0140 3236  ssudmdm - ok
17:08:35.0194 3236  [ F9AEDD871E1CD759B95728C9B935D203 ] SSUService      C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
17:08:35.0235 3236  SSUService - ok
17:08:35.0279 3236  Steam Client Service - ok
17:08:35.0310 3236  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:08:35.0338 3236  stexstor - ok
17:08:35.0384 3236  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:08:35.0404 3236  StiSvc - ok
17:08:35.0433 3236  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:08:35.0443 3236  swenum - ok
17:08:35.0476 3236  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
17:08:35.0504 3236  swprv - ok
17:08:35.0554 3236  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
17:08:35.0571 3236  SysMain - ok
17:08:35.0590 3236  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:08:35.0600 3236  TabletInputService - ok
17:08:35.0634 3236  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:08:35.0651 3236  TapiSrv - ok
17:08:35.0726 3236  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
17:08:35.0744 3236  TBS - ok
17:08:35.0950 3236  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:08:35.0989 3236  Tcpip - ok
17:08:36.0019 3236  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:08:36.0046 3236  TCPIP6 - ok
17:08:36.0073 3236  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:08:36.0079 3236  tcpipreg - ok
17:08:36.0104 3236  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:08:36.0110 3236  TDPIPE - ok
17:08:36.0119 3236  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:08:36.0125 3236  TDTCP - ok
17:08:36.0160 3236  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:08:36.0175 3236  tdx - ok
17:08:36.0189 3236  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:08:36.0196 3236  TermDD - ok
17:08:36.0226 3236  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
17:08:36.0246 3236  TermService - ok
17:08:36.0265 3236  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
17:08:36.0275 3236  Themes - ok
17:08:36.0288 3236  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
17:08:36.0304 3236  THREADORDER - ok
17:08:36.0314 3236  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
17:08:36.0331 3236  TrkWks - ok
17:08:36.0366 3236  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:08:36.0429 3236  TrustedInstaller - ok
17:08:36.0448 3236  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:08:36.0469 3236  tssecsrv - ok
17:08:36.0501 3236  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:08:36.0511 3236  TsUsbFlt - ok
17:08:36.0556 3236  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:08:36.0579 3236  tunnel - ok
17:08:36.0599 3236  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:08:36.0609 3236  uagp35 - ok
17:08:36.0640 3236  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:08:36.0664 3236  udfs - ok
17:08:36.0695 3236  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:08:36.0708 3236  UI0Detect - ok
17:08:36.0731 3236  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:08:36.0743 3236  uliagpkx - ok
17:08:36.0764 3236  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
17:08:36.0774 3236  umbus - ok
17:08:36.0814 3236  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:08:36.0840 3236  UmPass - ok
17:08:36.0865 3236  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
17:08:36.0913 3236  upnphost - ok
17:08:36.0950 3236  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
17:08:36.0960 3236  USBAAPL - ok
17:08:36.0976 3236  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:08:36.0988 3236  usbaudio - ok
17:08:37.0001 3236  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:08:37.0011 3236  usbccgp - ok
17:08:37.0021 3236  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:08:37.0035 3236  usbcir - ok
17:08:37.0043 3236  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:08:37.0053 3236  usbehci - ok
17:08:37.0080 3236  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:08:37.0093 3236  usbhub - ok
17:08:37.0105 3236  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:08:37.0115 3236  usbohci - ok
17:08:37.0125 3236  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:08:37.0136 3236  usbprint - ok
17:08:37.0149 3236  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:08:37.0155 3236  USBSTOR - ok
17:08:37.0168 3236  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:08:37.0174 3236  usbuhci - ok
17:08:37.0190 3236  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
17:08:37.0207 3236  UxSms - ok
17:08:37.0217 3236  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
17:08:37.0223 3236  VaultSvc - ok
17:08:37.0243 3236  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:08:37.0250 3236  vdrvroot - ok
17:08:37.0287 3236  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
17:08:37.0305 3236  vds - ok
17:08:37.0332 3236  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:08:37.0339 3236  vga - ok
17:08:37.0345 3236  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:08:37.0360 3236  VgaSave - ok
17:08:37.0393 3236  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:08:37.0402 3236  vhdmp - ok
17:08:37.0425 3236  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:08:37.0433 3236  viaagp - ok
17:08:37.0443 3236  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
17:08:37.0450 3236  ViaC7 - ok
17:08:37.0544 3236  [ C9EB429F3136D9B6FB186736612CC43C ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:08:37.0610 3236  VIAHdAudAddService - ok
17:08:37.0625 3236  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
17:08:37.0635 3236  viaide - ok
17:08:37.0658 3236  [ B9FAFB1A036913B493F1E9D0C6324D2D ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
17:08:37.0670 3236  VIAKaraokeService - ok
17:08:37.0684 3236  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:08:37.0695 3236  volmgr - ok
17:08:37.0709 3236  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:08:37.0723 3236  volmgrx - ok
17:08:37.0744 3236  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:08:37.0758 3236  volsnap - ok
17:08:37.0778 3236  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:08:37.0790 3236  vsmraid - ok
17:08:37.0832 3236  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
17:08:37.0862 3236  VSS - ok
17:08:37.0873 3236  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:08:37.0882 3236  vwifibus - ok
17:08:37.0884 3236  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:08:37.0893 3236  vwififlt - ok
17:08:37.0925 3236  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
17:08:37.0944 3236  W32Time - ok
17:08:37.0955 3236  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:08:37.0963 3236  WacomPen - ok
17:08:37.0998 3236  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:08:38.0012 3236  WANARP - ok
17:08:38.0014 3236  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:08:38.0029 3236  Wanarpv6 - ok
17:08:38.0117 3236  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:08:38.0145 3236  WatAdminSvc - ok
17:08:38.0178 3236  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
17:08:38.0193 3236  wbengine - ok
17:08:38.0210 3236  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:08:38.0222 3236  WbioSrvc - ok
17:08:38.0250 3236  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:08:38.0262 3236  wcncsvc - ok
17:08:38.0269 3236  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:08:38.0278 3236  WcsPlugInService - ok
17:08:38.0300 3236  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:08:38.0307 3236  Wd - ok
17:08:38.0352 3236  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:08:38.0403 3236  Wdf01000 - ok
17:08:38.0420 3236  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:08:38.0439 3236  WdiServiceHost - ok
17:08:38.0443 3236  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:08:38.0457 3236  WdiSystemHost - ok
17:08:38.0482 3236  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
17:08:38.0499 3236  WebClient - ok
17:08:38.0513 3236  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:08:38.0539 3236  Wecsvc - ok
17:08:38.0552 3236  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:08:38.0567 3236  wercplsupport - ok
17:08:38.0603 3236  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:08:38.0620 3236  WerSvc - ok
17:08:38.0648 3236  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:08:38.0663 3236  WfpLwf - ok
17:08:38.0665 3236  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:08:38.0673 3236  WIMMount - ok
17:08:38.0748 3236  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:08:38.0760 3236  WinDefend - ok
17:08:38.0780 3236  WinHttpAutoProxySvc - ok
17:08:38.0837 3236  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:08:38.0852 3236  Winmgmt - ok
17:08:38.0902 3236  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
17:08:38.0925 3236  WinRM - ok
17:08:38.0972 3236  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:08:39.0002 3236  WinUsb - ok
17:08:39.0049 3236  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:08:39.0077 3236  Wlansvc - ok
17:08:39.0182 3236  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:08:39.0212 3236  wlidsvc - ok
17:08:39.0245 3236  [ 5D410936831F7FB58EFF941EAC3F6D3D ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
17:08:39.0253 3236  WmBEnum - ok
17:08:39.0275 3236  [ 7A13CFDE92956CA61A0927D766C5AD4F ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
17:08:39.0283 3236  WmFilter - ok
17:08:39.0318 3236  [ 1F596392149CAC51F7C095AF7D533934 ] WmHidLo         C:\Windows\system32\drivers\WmHidLo.sys
17:08:39.0325 3236  WmHidLo - ok
17:08:39.0352 3236  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:08:39.0358 3236  WmiAcpi - ok
17:08:39.0390 3236  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:08:39.0398 3236  wmiApSrv - ok
17:08:39.0467 3236  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:08:39.0480 3236  WMPNetworkSvc - ok
17:08:39.0495 3236  [ 6F04646BC690F8BBFC344BE32A60796D ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
17:08:39.0502 3236  WmVirHid - ok
17:08:39.0513 3236  [ 1D6CA43D562333F4DFB40BCEF2453F3A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
17:08:39.0519 3236  WmXlCore - ok
17:08:39.0540 3236  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:08:39.0548 3236  WPCSvc - ok
17:08:39.0574 3236  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:08:39.0583 3236  WPDBusEnum - ok
17:08:39.0607 3236  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:08:39.0622 3236  ws2ifsl - ok
17:08:39.0660 3236  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
17:08:39.0688 3236  WsAudio_DeviceS(1) - ok
17:08:39.0713 3236  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
17:08:39.0740 3236  WsAudio_DeviceS(2) - ok
17:08:39.0772 3236  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
17:08:39.0783 3236  WsAudio_DeviceS(3) - ok
17:08:39.0799 3236  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
17:08:39.0810 3236  WsAudio_DeviceS(4) - ok
17:08:39.0839 3236  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
17:08:39.0850 3236  WsAudio_DeviceS(5) - ok
17:08:39.0888 3236  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
17:08:39.0904 3236  wscsvc - ok
17:08:39.0907 3236  WSearch - ok
17:08:39.0967 3236  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
17:08:39.0999 3236  wuauserv - ok
17:08:40.0023 3236  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:08:40.0029 3236  WudfPf - ok
17:08:40.0063 3236  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:08:40.0070 3236  WUDFRd - ok
17:08:40.0100 3236  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:08:40.0108 3236  wudfsvc - ok
17:08:40.0124 3236  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:08:40.0135 3236  WwanSvc - ok
17:08:40.0190 3236  [ 9BE8D207CA430947AA90C9F353760A3C ] zonescreen      C:\Windows\system32\DRIVERS\zsport.sys
17:08:40.0195 3236  zonescreen - ok
17:08:40.0220 3236  ================ Scan global ===============================
17:08:40.0248 3236  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:08:40.0268 3236  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:08:40.0273 3236  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:08:40.0302 3236  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:08:40.0324 3236  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:08:40.0333 3236  [Global] - ok
17:08:40.0334 3236  ================ Scan MBR ==================================
17:08:40.0385 3236  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:08:40.0449 3236  \Device\Harddisk0\DR0 - ok
17:08:40.0470 3236  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:08:40.0778 3236  \Device\Harddisk1\DR1 - ok
17:08:40.0787 3236  [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk2\DR4
17:08:41.0334 3236  \Device\Harddisk2\DR4 - ok
17:08:41.0334 3236  ================ Scan VBR ==================================
17:08:41.0335 3236  [ 25F765FBE714400CA6EF922AEFE09DC7 ] \Device\Harddisk0\DR0\Partition1
17:08:41.0337 3236  \Device\Harddisk0\DR0\Partition1 - ok
17:08:41.0349 3236  [ 0D535AF67946639CC741B751C15DECA2 ] \Device\Harddisk0\DR0\Partition2
17:08:41.0350 3236  \Device\Harddisk0\DR0\Partition2 - ok
17:08:41.0352 3236  [ 9415A1790AE12EF2FFD66C8EC25A0AB0 ] \Device\Harddisk1\DR1\Partition1
17:08:41.0353 3236  \Device\Harddisk1\DR1\Partition1 - ok
17:08:41.0355 3236  [ B2BED141E0F8839873772C4D09EAD06F ] \Device\Harddisk1\DR1\Partition2
17:08:41.0355 3236  \Device\Harddisk1\DR1\Partition2 - ok
17:08:41.0363 3236  [ 8FABA9B3163820CB51B114EBC357B698 ] \Device\Harddisk2\DR4\Partition1
17:08:41.0364 3236  \Device\Harddisk2\DR4\Partition1 - ok
17:08:41.0364 3236  ============================================================
17:08:41.0364 3236  Scan finished
17:08:41.0364 3236  ============================================================
17:08:41.0369 1824  Detected object count: 6
17:08:41.0369 1824  Actual detected object count: 6
17:08:57.0945 1824  aic78xx ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:57.0945 1824  aic78xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:57.0945 1824  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:57.0945 1824  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:57.0948 1824  FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:57.0948 1824  FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:57.0951 1824  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:57.0951 1824  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:57.0955 1824  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:57.0955 1824  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:08:57.0957 1824  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:08:57.0957 1824  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:05.0045 1612  ============================================================
17:09:05.0045 1612  Scan started
17:09:05.0045 1612  Mode: Manual; SigCheck; TDLFS;
17:09:05.0045 1612  ============================================================
17:09:05.0642 1612  ================ Scan system memory ========================
17:09:05.0642 1612  System memory - ok
17:09:05.0642 1612  ================ Scan services =============================
17:09:05.0858 1612  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:09:05.0877 1612  1394ohci - ok
17:09:05.0910 1612  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:09:05.0918 1612  ACPI - ok
17:09:05.0926 1612  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:09:05.0933 1612  AcpiPmi - ok
17:09:05.0962 1612  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:09:05.0972 1612  adp94xx - ok
17:09:05.0991 1612  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:09:06.0000 1612  adpahci - ok
17:09:06.0010 1612  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:09:06.0017 1612  adpu320 - ok
17:09:06.0042 1612  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:09:06.0056 1612  AeLookupSvc - ok
17:09:06.0086 1612  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
17:09:06.0093 1612  AFD - ok
17:09:06.0107 1612  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:09:06.0115 1612  agp440 - ok
17:09:06.0135 1612  [ CB387D65D0D73CAD4D6661C389BD676C ] aic78xx         C:\Windows\system32\DRIVERS\aic78xx.sys
17:09:06.0137 1612  aic78xx ( UnsignedFile.Multi.Generic ) - warning
17:09:06.0137 1612  aic78xx - detected UnsignedFile.Multi.Generic (1)
17:09:06.0270 1612  [ 7997B6F02CBDA0E31FA18CC85871B938 ] ALCXWDM         C:\Windows\system32\drivers\RTKVAC.SYS
17:09:06.0341 1612  ALCXWDM - ok
17:09:06.0371 1612  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
17:09:06.0381 1612  ALG - ok
17:09:06.0390 1612  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:09:06.0398 1612  aliide - ok
17:09:06.0432 1612  [ EBCCBCBF1DF132E4775E5D6E6DEA3ED0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:09:06.0445 1612  AMD External Events Utility - ok
17:09:06.0521 1612  AMD FUEL Service - ok
17:09:06.0558 1612  [ 9FE76D783A7D47965D086A220B54277B ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
17:09:06.0567 1612  AMD Reservation Manager - ok
17:09:06.0580 1612  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:09:06.0590 1612  amdagp - ok
17:09:06.0602 1612  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:09:06.0611 1612  amdide - ok
17:09:06.0622 1612  [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86        C:\Windows\system32\DRIVERS\amdiox86.sys
17:09:06.0631 1612  amdiox86 - ok
17:09:06.0653 1612  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:09:06.0660 1612  AmdK8 - ok
17:09:06.0828 1612  [ F89643A2CA001B1162061E306F8BF267 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:09:06.0891 1612  amdkmdag - ok
17:09:06.0936 1612  [ FB68E1B9CEC598F0F69503F3AEBB45DD ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:09:06.0967 1612  amdkmdap - ok
17:09:07.0005 1612  [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD          C:\Windows\system32\DRIVERS\AmdLLD.sys
17:09:07.0026 1612  AmdLLD - ok
17:09:07.0053 1612  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:09:07.0078 1612  AmdPPM - ok
17:09:07.0107 1612  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:09:07.0117 1612  amdsata - ok
17:09:07.0131 1612  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:09:07.0142 1612  amdsbs - ok
17:09:07.0150 1612  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:09:07.0158 1612  amdxata - ok
17:09:07.0181 1612  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
17:09:07.0202 1612  AppID - ok
17:09:07.0227 1612  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:09:07.0247 1612  AppIDSvc - ok
17:09:07.0270 1612  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
17:09:07.0283 1612  Appinfo - ok
17:09:07.0356 1612  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:09:07.0362 1612  Apple Mobile Device - ok
17:09:07.0373 1612  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:09:07.0381 1612  arc - ok
17:09:07.0383 1612  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:09:07.0391 1612  arcsas - ok
17:09:07.0425 1612  [ 9D8CB58B9A9E177DDD599791A58A654D ] AsIO            C:\Windows\system32\drivers\AsIO.sys
17:09:07.0431 1612  AsIO - ok
17:09:07.0510 1612  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:09:07.0516 1612  aspnet_state - ok
17:09:07.0570 1612  [ 954FFBFF05B0B60EB63B52AF561436C4 ] AsSysCtrlService C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
17:09:07.0598 1612  AsSysCtrlService - ok
17:09:07.0618 1612  [ E67493490466B5F04B58C22D2590E8CA ] AsUpIO          C:\Windows\system32\drivers\AsUpIO.sys
17:09:07.0646 1612  AsUpIO - ok
17:09:07.0661 1612  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:09:07.0685 1612  AsyncMac - ok
17:09:07.0712 1612  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
17:09:07.0722 1612  atapi - ok
17:09:07.0767 1612  [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr            C:\Windows\system32\DRIVERS\athr.sys
17:09:07.0790 1612  athr - ok
17:09:07.0815 1612  [ 95B1E9804CA10D096C0383F7C6684950 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
17:09:07.0822 1612  AtiHDAudioService - ok
17:09:07.0850 1612  [ 40A07E6916AC098E31A9E39AC202B8A1 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
17:09:07.0857 1612  AtiHdmiService - ok
17:09:08.0015 1612  [ F89643A2CA001B1162061E306F8BF267 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:09:08.0077 1612  atikmdag - ok
17:09:08.0113 1612  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:09:08.0131 1612  AudioEndpointBuilder - ok
17:09:08.0137 1612  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:09:08.0153 1612  Audiosrv - ok
17:09:08.0172 1612  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:09:08.0181 1612  AxInstSV - ok
17:09:08.0210 1612  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
17:09:08.0218 1612  b06bdrv - ok
17:09:08.0235 1612  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:09:08.0242 1612  b57nd60x - ok
17:09:08.0292 1612  [ EB7C2DADF52F50F69F198C14C3556DC1 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
17:09:08.0352 1612  BCM43XX - ok
17:09:08.0380 1612  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:09:08.0390 1612  BDESVC - ok
17:09:08.0401 1612  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:09:08.0422 1612  Beep - ok
17:09:08.0453 1612  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
17:09:08.0478 1612  BFE - ok
17:09:08.0510 1612  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
17:09:08.0528 1612  BITS - ok
17:09:08.0545 1612  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:09:08.0551 1612  blbdrive - ok
17:09:08.0603 1612  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:09:08.0611 1612  Bonjour Service - ok
17:09:08.0632 1612  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:09:08.0638 1612  bowser - ok
17:09:08.0646 1612  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:09:08.0653 1612  BrFiltLo - ok
17:09:08.0666 1612  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:09:08.0673 1612  BrFiltUp - ok
17:09:08.0682 1612  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:09:08.0698 1612  BridgeMP - ok
17:09:08.0723 1612  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
17:09:08.0730 1612  Browser - ok
17:09:08.0747 1612  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:09:08.0756 1612  Brserid - ok
17:09:08.0770 1612  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:09:08.0777 1612  BrSerWdm - ok
17:09:08.0782 1612  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:09:08.0790 1612  BrUsbMdm - ok
17:09:08.0795 1612  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:09:08.0802 1612  BrUsbSer - ok
17:09:08.0813 1612  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:09:08.0821 1612  BTHMODEM - ok
17:09:08.0846 1612  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
17:09:08.0861 1612  bthserv - ok
17:09:08.0926 1612  catchme - ok
17:09:08.0941 1612  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:09:09.0000 1612  cdfs - ok
17:09:09.0027 1612  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:09:09.0038 1612  cdrom - ok
17:09:09.0041 1612  cel90xbe - ok
17:09:09.0073 1612  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:09:09.0095 1612  CertPropSvc - ok
17:09:09.0106 1612  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:09:09.0117 1612  circlass - ok
17:09:09.0135 1612  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
17:09:09.0143 1612  CLFS - ok
17:09:09.0188 1612  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:09:09.0195 1612  clr_optimization_v2.0.50727_32 - ok
17:09:09.0217 1612  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:09:09.0223 1612  clr_optimization_v4.0.30319_32 - ok
17:09:09.0232 1612  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:09:09.0238 1612  CmBatt - ok
17:09:09.0258 1612  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:09:09.0265 1612  cmdide - ok
17:09:09.0297 1612  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:09:09.0310 1612  CNG - ok
17:09:09.0326 1612  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:09:09.0332 1612  Compbatt - ok
17:09:09.0356 1612  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:09:09.0363 1612  CompositeBus - ok
17:09:09.0366 1612  COMSysApp - ok
17:09:09.0403 1612  cpuz135 - ok
17:09:09.0411 1612  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:09:09.0418 1612  crcdisk - ok
17:09:09.0445 1612  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:09:09.0466 1612  CryptSvc - ok
17:09:09.0518 1612  [ F054744F67576A01139885173392502B ] CrystalSysInfo  C:\Program Files\MediaCoder\SysInfo.sys
17:09:09.0558 1612  CrystalSysInfo - ok
17:09:09.0585 1612  [ E99F5CB7F18D0196E072E9A5CFDDAA11 ] DaShenAudio_simple C:\Windows\system32\drivers\DaShenAudio.sys
17:09:09.0600 1612  DaShenAudio_simple - ok
17:09:09.0625 1612  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:09:09.0651 1612  DcomLaunch - ok
17:09:09.0681 1612  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:09:09.0697 1612  defragsvc - ok
17:09:09.0723 1612  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:09:09.0738 1612  DfsC - ok
17:09:09.0777 1612  [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
17:09:09.0786 1612  dg_ssudbus - ok
17:09:09.0807 1612  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:09:09.0816 1612  Dhcp - ok
17:09:09.0826 1612  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
17:09:09.0841 1612  discache - ok
17:09:09.0851 1612  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:09:09.0857 1612  Disk - ok
17:09:09.0881 1612  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:09:09.0889 1612  Dnscache - ok
17:09:09.0921 1612  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:09:09.0936 1612  dot3svc - ok
17:09:09.0965 1612  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
17:09:09.0980 1612  DPS - ok
17:09:10.0005 1612  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:09:10.0012 1612  drmkaud - ok
17:09:10.0045 1612  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:09:10.0054 1612  dtsoftbus01 - ok
17:09:10.0089 1612  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:09:10.0102 1612  DXGKrnl - ok
17:09:10.0127 1612  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
17:09:10.0144 1612  EapHost - ok
17:09:10.0252 1612  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
17:09:10.0316 1612  ebdrv - ok
17:09:10.0342 1612  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
17:09:10.0352 1612  EFS - ok
17:09:10.0405 1612  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:09:10.0420 1612  ehRecvr - ok
17:09:10.0452 1612  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
17:09:10.0462 1612  ehSched - ok
17:09:10.0499 1612  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:09:10.0514 1612  elxstor - ok
17:09:10.0524 1612  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:09:10.0531 1612  ErrDev - ok
17:09:10.0570 1612  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
17:09:10.0587 1612  EventSystem - ok
17:09:10.0604 1612  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
17:09:10.0620 1612  exfat - ok
17:09:10.0632 1612  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:09:10.0649 1612  fastfat - ok
17:09:10.0666 1612  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
17:09:10.0677 1612  Fax - ok
17:09:10.0690 1612  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:09:10.0696 1612  fdc - ok
17:09:10.0704 1612  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
17:09:10.0720 1612  fdPHost - ok
17:09:10.0726 1612  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
17:09:10.0742 1612  FDResPub - ok
17:09:10.0751 1612  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:09:10.0757 1612  FileInfo - ok
17:09:10.0771 1612  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:09:10.0786 1612  Filetrace - ok
17:09:10.0797 1612  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:09:10.0805 1612  flpydisk - ok
17:09:10.0819 1612  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:09:10.0827 1612  FltMgr - ok
17:09:10.0875 1612  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
17:09:10.0925 1612  FontCache - ok
17:09:10.0982 1612  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:09:11.0004 1612  FontCache3.0.0.0 - ok
17:09:11.0015 1612  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:09:11.0025 1612  FsDepends - ok
17:09:11.0080 1612  [ A0F2C92F410EBAE832DFE507C7E4D6FA ] fshoster        C:\Program Files\BT Cloud\fshoster32.exe
17:09:11.0095 1612  fshoster - ok
17:09:11.0119 1612  [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk     C:\Windows\system32\FsUsbExDisk.SYS
17:09:11.0124 1612  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
17:09:11.0124 1612  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
17:09:11.0151 1612  [ 0796C1E47ADB9825269E64B9DAB4E741 ] FsUsbExService  C:\Windows\system32\FsUsbExService.Exe
17:09:11.0157 1612  FsUsbExService ( UnsignedFile.Multi.Generic ) - warning
17:09:11.0157 1612  FsUsbExService - detected UnsignedFile.Multi.Generic (1)
17:09:11.0176 1612  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:09:11.0185 1612  Fs_Rec - ok
17:09:11.0212 1612  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:09:11.0227 1612  fvevol - ok
17:09:11.0252 1612  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:09:11.0262 1612  gagp30kx - ok
17:09:11.0289 1612  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:09:11.0296 1612  GEARAspiWDM - ok
17:09:11.0330 1612  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:09:11.0357 1612  gpsvc - ok
17:09:11.0366 1612  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:09:11.0374 1612  hcw85cir - ok
17:09:11.0402 1612  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:09:11.0412 1612  HdAudAddService - ok
17:09:11.0434 1612  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:09:11.0441 1612  HDAudBus - ok
17:09:11.0452 1612  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:09:11.0459 1612  HidBatt - ok
17:09:11.0466 1612  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:09:11.0475 1612  HidBth - ok
17:09:11.0492 1612  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:09:11.0500 1612  HidIr - ok
17:09:11.0522 1612  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
17:09:11.0539 1612  hidserv - ok
17:09:11.0549 1612  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:09:11.0555 1612  HidUsb - ok
17:09:11.0575 1612  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:09:11.0590 1612  hkmsvc - ok
17:09:11.0615 1612  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:09:11.0622 1612  HomeGroupListener - ok
17:09:11.0656 1612  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:09:11.0664 1612  HomeGroupProvider - ok
17:09:11.0676 1612  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:09:11.0684 1612  HpSAMD - ok
17:09:11.0715 1612  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:09:11.0732 1612  HTTP - ok
17:09:11.0752 1612  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:09:11.0759 1612  hwpolicy - ok
17:09:11.0785 1612  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:09:11.0805 1612  i8042prt - ok
17:09:11.0826 1612  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:09:11.0865 1612  iaStorV - ok
17:09:11.0942 1612  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:09:11.0979 1612  idsvc - ok
17:09:12.0009 1612  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:09:12.0019 1612  iirsp - ok
17:09:12.0052 1612  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:09:12.0081 1612  IKEEXT - ok
17:09:12.0090 1612  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:09:12.0097 1612  intelide - ok
17:09:12.0110 1612  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:09:12.0117 1612  intelppm - ok
17:09:12.0145 1612  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:09:12.0161 1612  IPBusEnum - ok
17:09:12.0175 1612  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:09:12.0190 1612  IpFilterDriver - ok
17:09:12.0220 1612  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:09:12.0230 1612  iphlpsvc - ok
17:09:12.0256 1612  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:09:12.0264 1612  IPMIDRV - ok
17:09:12.0276 1612  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:09:12.0292 1612  IPNAT - ok
17:09:12.0325 1612  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:09:12.0336 1612  iPod Service - ok
17:09:12.0344 1612  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:09:12.0352 1612  IRENUM - ok
17:09:12.0361 1612  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:09:12.0369 1612  isapnp - ok
17:09:12.0381 1612  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:09:12.0390 1612  iScsiPrt - ok
17:09:12.0405 1612  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:09:12.0411 1612  kbdclass - ok
17:09:12.0421 1612  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:09:12.0429 1612  kbdhid - ok
17:09:12.0440 1612  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
17:09:12.0447 1612  KeyIso - ok
17:09:12.0475 1612  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:09:12.0494 1612  KSecDD - ok
17:09:12.0514 1612  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:09:12.0545 1612  KSecPkg - ok
17:09:12.0582 1612  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:09:12.0619 1612  KtmRm - ok
17:09:12.0631 1612  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:09:12.0656 1612  LanmanServer - ok
17:09:12.0682 1612  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:09:12.0706 1612  LanmanWorkstation - ok
17:09:12.0764 1612  [ C48B0F913C944D736A455191ECD8FF45 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
17:09:12.0781 1612  Lavasoft Ad-Aware Service - ok
17:09:12.0806 1612  [ 713CD5267ABFB86FE90A72E384E82A38 ] Lbd             C:\Windows\system32\DRIVERS\Lbd.sys
17:09:12.0814 1612  Lbd - ok
17:09:12.0839 1612  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:09:12.0854 1612  lltdio - ok
17:09:12.0881 1612  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:09:12.0899 1612  lltdsvc - ok
17:09:12.0910 1612  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:09:12.0925 1612  lmhosts - ok
17:09:12.0941 1612  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:09:12.0947 1612  LSI_FC - ok
17:09:12.0961 1612  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:09:12.0969 1612  LSI_SAS - ok
17:09:12.0982 1612  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:09:12.0990 1612  LSI_SAS2 - ok
17:09:13.0004 1612  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:09:13.0010 1612  LSI_SCSI - ok
17:09:13.0022 1612  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
17:09:13.0037 1612  luafv - ok
17:09:13.0057 1612  [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2Mon.sys
17:09:13.0065 1612  LVPr2Mon - ok
17:09:13.0115 1612  [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
17:09:13.0146 1612  LVPrcSrv - ok
17:09:13.0177 1612  [ 9E9306063ECD8AA91B3FB76678D3CEE2 ] LVUSBSta        C:\Windows\system32\drivers\LVUSBSta.sys
17:09:13.0202 1612  LVUSBSta - ok
17:09:13.0229 1612  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:09:13.0240 1612  Mcx2Svc - ok
17:09:13.0251 1612  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:09:13.0261 1612  megasas - ok
17:09:13.0276 1612  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:09:13.0290 1612  MegaSR - ok
17:09:13.0320 1612  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
17:09:13.0344 1612  MMCSS - ok
17:09:13.0359 1612  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
17:09:13.0374 1612  Modem - ok
17:09:13.0386 1612  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:09:13.0394 1612  monitor - ok
17:09:13.0417 1612  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:09:13.0424 1612  mouclass - ok
17:09:13.0435 1612  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:09:13.0442 1612  mouhid - ok
17:09:13.0464 1612  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:09:13.0471 1612  mountmgr - ok
17:09:13.0504 1612  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:09:13.0510 1612  MozillaMaintenance - ok
17:09:13.0524 1612  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:09:13.0531 1612  mpio - ok
17:09:13.0546 1612  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:09:13.0560 1612  mpsdrv - ok
17:09:13.0595 1612  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:09:13.0614 1612  MpsSvc - ok
17:09:13.0642 1612  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:09:13.0651 1612  MRxDAV - ok
17:09:13.0672 1612  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:09:13.0679 1612  mrxsmb - ok
17:09:13.0701 1612  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:09:13.0709 1612  mrxsmb10 - ok
17:09:13.0722 1612  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:09:13.0729 1612  mrxsmb20 - ok
17:09:13.0754 1612  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
17:09:13.0760 1612  msahci - ok
17:09:13.0791 1612  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:09:13.0799 1612  msdsm - ok
17:09:13.0809 1612  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
17:09:13.0816 1612  MSDTC - ok
17:09:13.0832 1612  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:09:13.0849 1612  Msfs - ok
17:09:13.0857 1612  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:09:13.0872 1612  mshidkmdf - ok
17:09:13.0899 1612  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:09:13.0906 1612  msisadrv - ok
17:09:13.0924 1612  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:09:13.0940 1612  MSiSCSI - ok
17:09:13.0942 1612  msiserver - ok
17:09:13.0955 1612  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:09:13.0970 1612  MSKSSRV - ok
17:09:13.0981 1612  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:09:13.0996 1612  MSPCLOCK - ok
17:09:14.0005 1612  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:09:14.0020 1612  MSPQM - ok
17:09:14.0034 1612  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:09:14.0042 1612  MsRPC - ok
17:09:14.0051 1612  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:09:14.0059 1612  mssmbios - ok
17:09:14.0067 1612  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:09:14.0084 1612  MSTEE - ok
17:09:14.0086 1612  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:09:14.0092 1612  MTConfig - ok
17:09:14.0120 1612  [ CBE71C122434805CB73FFB6619F60598 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
17:09:14.0127 1612  MTsensor - ok
17:09:14.0139 1612  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:09:14.0146 1612  Mup - ok
17:09:14.0149 1612  mvvideodemo - ok
17:09:14.0176 1612  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
17:09:14.0194 1612  napagent - ok
17:09:14.0212 1612  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:09:14.0222 1612  NativeWifiP - ok
17:09:14.0260 1612  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:09:14.0272 1612  NDIS - ok
17:09:14.0286 1612  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:09:14.0301 1612  NdisCap - ok
17:09:14.0312 1612  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:09:14.0326 1612  NdisTapi - ok
17:09:14.0352 1612  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:09:14.0366 1612  Ndisuio - ok
17:09:14.0392 1612  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:09:14.0407 1612  NdisWan - ok
17:09:14.0439 1612  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:09:14.0452 1612  NDProxy - ok
17:09:14.0472 1612  [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:09:14.0475 1612  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:09:14.0475 1612  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:09:14.0484 1612  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:09:14.0499 1612  NetBIOS - ok
17:09:14.0524 1612  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\drivers\netbt.sys
17:09:14.0539 1612  NetBT - ok
17:09:14.0546 1612  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
17:09:14.0554 1612  Netlogon - ok
17:09:14.0582 1612  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
17:09:14.0600 1612  Netman - ok
17:09:14.0659 1612  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:09:14.0684 1612  NetMsmqActivator - ok
17:09:14.0692 1612  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:09:14.0717 1612  NetPipeActivator - ok
17:09:14.0740 1612  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
17:09:14.0767 1612  netprofm - ok
17:09:14.0771 1612  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:09:14.0781 1612  NetTcpActivator - ok
17:09:14.0785 1612  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:09:14.0794 1612  NetTcpPortSharing - ok
17:09:14.0821 1612  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:09:14.0831 1612  nfrd960 - ok
17:09:14.0855 1612  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:09:14.0867 1612  NlaSvc - ok
17:09:14.0869 1612  nosGetPlusHelper - ok
17:09:14.0875 1612  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:09:14.0891 1612  Npfs - ok
17:09:14.0901 1612  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
17:09:14.0917 1612  nsi - ok
17:09:14.0927 1612  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:09:14.0944 1612  nsiproxy - ok
17:09:14.0987 1612  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:09:15.0005 1612  Ntfs - ok
17:09:15.0012 1612  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
17:09:15.0029 1612  Null - ok
17:09:15.0072 1612  [ D668632606D1CEBF0B6EC64C1DF7ED6F ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
17:09:15.0089 1612  NVENETFD - ok
17:09:15.0110 1612  [ D509EF6E99D1B55887FDC0CB61FD5A42 ] nvmpu401        C:\Windows\system32\drivers\nvmpu401.sys
17:09:15.0116 1612  nvmpu401 - ok
17:09:15.0126 1612  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:09:15.0134 1612  nvraid - ok
17:09:15.0161 1612  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:09:15.0169 1612  nvstor - ok
17:09:15.0195 1612  [ 615D79A1D2C98817FF2FDEB1B167D808 ] nvstor32        C:\Windows\system32\DRIVERS\nvstor32.sys
17:09:15.0202 1612  nvstor32 - ok
17:09:15.0219 1612  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:09:15.0226 1612  nv_agp - ok
17:09:15.0331 1612  [ 2198CF234961D3006BEE2E39426EC0D6 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
17:09:15.0376 1612  OfficeSvc - ok
17:09:15.0386 1612  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:09:15.0396 1612  ohci1394 - ok
17:09:15.0442 1612  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:09:15.0454 1612  ose - ok
17:09:15.0599 1612  [ EE5756BDA5BE5891270E0CC6CEC44096 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:09:15.0654 1612  osppsvc - ok
17:09:15.0685 1612  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:09:15.0694 1612  p2pimsvc - ok
17:09:15.0709 1612  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:09:15.0719 1612  p2psvc - ok
17:09:15.0741 1612  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:09:15.0747 1612  Parport - ok
17:09:15.0770 1612  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:09:15.0776 1612  partmgr - ok
17:09:15.0790 1612  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
17:09:15.0797 1612  Parvdm - ok
17:09:15.0805 1612  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:09:15.0816 1612  PcaSvc - ok
17:09:15.0837 1612  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
17:09:15.0846 1612  pci - ok
17:09:15.0852 1612  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
17:09:15.0859 1612  pciide - ok
17:09:15.0877 1612  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:09:15.0885 1612  pcmcia - ok
17:09:15.0910 1612  [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
17:09:15.0916 1612  pcouffin - ok
17:09:15.0930 1612  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
17:09:15.0936 1612  pcw - ok
17:09:15.0954 1612  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:09:15.0972 1612  PEAUTH - ok
17:09:15.0995 1612  [ D30EDA6E1AB3C8C82F2CA085AB79040A ] pepifilter      C:\Windows\system32\DRIVERS\lv302af.sys
17:09:16.0002 1612  pepifilter - ok
17:09:16.0064 1612  [ 0DA6C5E0C8DA6CEBE52DAACFE7AE9DE6 ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V32.SYS
17:09:16.0139 1612  PID_PEPI - ok
17:09:16.0195 1612  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
17:09:16.0231 1612  pla - ok
17:09:16.0255 1612  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:09:16.0265 1612  PlugPlay - ok
17:09:16.0275 1612  [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:09:16.0279 1612  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:09:16.0279 1612  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:09:16.0306 1612  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:09:16.0314 1612  PNRPAutoReg - ok
17:09:16.0332 1612  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:09:16.0341 1612  PNRPsvc - ok
17:09:16.0355 1612  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:09:16.0371 1612  PolicyAgent - ok
17:09:16.0387 1612  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
17:09:16.0404 1612  Power - ok
17:09:16.0427 1612  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:09:16.0442 1612  PptpMiniport - ok
17:09:16.0451 1612  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:09:16.0459 1612  Processor - ok
17:09:16.0485 1612  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
17:09:16.0492 1612  ProfSvc - ok
17:09:16.0504 1612  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:09:16.0511 1612  ProtectedStorage - ok
17:09:16.0521 1612  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:09:16.0537 1612  Psched - ok
17:09:16.0556 1612  [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
17:09:16.0562 1612  PSI_SVC_2 - ok
17:09:16.0597 1612  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:09:16.0617 1612  ql2300 - ok
17:09:16.0627 1612  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:09:16.0635 1612  ql40xx - ok
17:09:16.0667 1612  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
17:09:16.0679 1612  QWAVE - ok
17:09:16.0690 1612  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:09:16.0697 1612  QWAVEdrv - ok
17:09:16.0705 1612  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:09:16.0721 1612  RasAcd - ok
17:09:16.0752 1612  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:09:16.0766 1612  RasAgileVpn - ok
17:09:16.0781 1612  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
17:09:16.0799 1612  RasAuto - ok
17:09:16.0814 1612  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:09:16.0830 1612  Rasl2tp - ok
17:09:16.0865 1612  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
17:09:16.0932 1612  RasMan - ok
17:09:16.0950 1612  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:09:16.0974 1612  RasPppoe - ok
17:09:16.0984 1612  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:09:17.0006 1612  RasSstp - ok
17:09:17.0030 1612  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:09:17.0054 1612  rdbss - ok
17:09:17.0069 1612  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:09:17.0080 1612  rdpbus - ok
17:09:17.0110 1612  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:09:17.0131 1612  RDPCDD - ok
17:09:17.0145 1612  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:09:17.0166 1612  RDPENCDD - ok
17:09:17.0180 1612  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:09:17.0201 1612  RDPREFMP - ok
17:09:17.0225 1612  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:09:17.0236 1612  RDPWD - ok
17:09:17.0261 1612  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:09:17.0274 1612  rdyboost - ok
17:09:17.0301 1612  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:09:17.0325 1612  RemoteAccess - ok
17:09:17.0350 1612  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:09:17.0367 1612  RemoteRegistry - ok
17:09:17.0379 1612  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:09:17.0395 1612  RpcEptMapper - ok
17:09:17.0417 1612  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
17:09:17.0425 1612  RpcLocator - ok
17:09:17.0445 1612  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\System32\rpcss.dll
17:09:17.0464 1612  RpcSs - ok
17:09:17.0480 1612  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:09:17.0496 1612  rspndr - ok
17:09:17.0521 1612  [ E67493848B31F7F9123B6BBF6B2AD1B2 ] RT2500          C:\Windows\system32\DRIVERS\RT2500.sys
17:09:17.0529 1612  RT2500 - ok
17:09:17.0561 1612  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
17:09:17.0571 1612  RTL8167 - ok
17:09:17.0582 1612  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
17:09:17.0589 1612  SamSs - ok
17:09:17.0679 1612  [ 230FD3749904CA045EA5EC0AA14006E9 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\Sandra.sys
17:09:17.0706 1612  SANDRA - ok
17:09:17.0721 1612  [ A740F0412A3C994FB3BC1871B79E46CF ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe
17:09:17.0731 1612  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
17:09:17.0731 1612  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
17:09:17.0755 1612  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:09:17.0765 1612  sbp2port - ok
17:09:17.0790 1612  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:09:17.0814 1612  SCardSvr - ok
17:09:17.0829 1612  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:09:17.0842 1612  scfilter - ok
17:09:17.0875 1612  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
17:09:17.0896 1612  Schedule - ok
17:09:17.0922 1612  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:09:17.0937 1612  SCPolicySvc - ok
17:09:17.0959 1612  [ 5AAF9869CC6279FD747412BE7457ABDC ] scsiscan        C:\Windows\system32\DRIVERS\scsiscan.sys
17:09:17.0966 1612  scsiscan - ok
17:09:17.0990 1612  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:09:17.0997 1612  SDRSVC - ok
17:09:18.0022 1612  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:09:18.0037 1612  secdrv - ok
17:09:18.0047 1612  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
17:09:18.0064 1612  seclogon - ok
17:09:18.0092 1612  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
17:09:18.0110 1612  SENS - ok
17:09:18.0131 1612  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:09:18.0139 1612  SensrSvc - ok
17:09:18.0164 1612  [ E7FE65A43586EC5A68B06DEC391186B7 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl.sys
17:09:18.0171 1612  Ser2pl - ok
17:09:18.0174 1612  [ E7FE65A43586EC5A68B06DEC391186B7 ] Ser2plx86       C:\Windows\system32\DRIVERS\ser2pl.sys
17:09:18.0180 1612  Ser2plx86 - ok
17:09:18.0187 1612  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:09:18.0195 1612  Serenum - ok
17:09:18.0205 1612  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:09:18.0211 1612  Serial - ok
17:09:18.0227 1612  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:09:18.0234 1612  sermouse - ok
17:09:18.0264 1612  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:09:18.0280 1612  SessionEnv - ok
17:09:18.0301 1612  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:09:18.0309 1612  sffdisk - ok
17:09:18.0311 1612  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:09:18.0319 1612  sffp_mmc - ok
17:09:18.0325 1612  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:09:18.0332 1612  sffp_sd - ok
17:09:18.0345 1612  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:09:18.0351 1612  sfloppy - ok
17:09:18.0385 1612  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:09:18.0449 1612  SharedAccess - ok
17:09:18.0485 1612  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:09:18.0526 1612  ShellHWDetection - ok
17:09:18.0539 1612  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:09:18.0550 1612  sisagp - ok
17:09:18.0561 1612  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:09:18.0572 1612  SiSRaid2 - ok
17:09:18.0582 1612  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:09:18.0592 1612  SiSRaid4 - ok
17:09:18.0607 1612  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:09:18.0622 1612  Smb - ok
17:09:18.0649 1612  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:09:18.0656 1612  SNMPTRAP - ok
17:09:18.0706 1612  [ C94279F34B1F39ED2F6D2DDCB4E6CDCB ] SplashtopRemoteService C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
17:09:18.0716 1612  SplashtopRemoteService - ok
17:09:18.0724 1612  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:09:18.0730 1612  spldr - ok
17:09:18.0759 1612  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
17:09:18.0769 1612  Spooler - ok
17:09:18.0851 1612  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
17:09:18.0889 1612  sppsvc - ok
17:09:18.0917 1612  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:09:18.0932 1612  sppuinotify - ok
17:09:18.0960 1612  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:09:18.0967 1612  srv - ok
17:09:18.0985 1612  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:09:18.0994 1612  srv2 - ok
17:09:19.0001 1612  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:09:19.0007 1612  srvnet - ok
17:09:19.0034 1612  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:09:19.0051 1612  SSDPSRV - ok
17:09:19.0062 1612  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:09:19.0079 1612  SstpSvc - ok
17:09:19.0105 1612  [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
17:09:19.0114 1612  ssudmdm - ok
17:09:19.0167 1612  [ F9AEDD871E1CD759B95728C9B935D203 ] SSUService      C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
17:09:19.0209 1612  SSUService - ok
17:09:19.0227 1612  Steam Client Service - ok
17:09:19.0259 1612  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:09:19.0269 1612  stexstor - ok
17:09:19.0300 1612  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:09:19.0319 1612  StiSvc - ok
17:09:19.0340 1612  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:09:19.0347 1612  swenum - ok
17:09:19.0359 1612  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
17:09:19.0377 1612  swprv - ok
17:09:19.0419 1612  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
17:09:19.0437 1612  SysMain - ok
17:09:19.0464 1612  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:09:19.0474 1612  TabletInputService - ok
17:09:19.0499 1612  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:09:19.0516 1612  TapiSrv - ok
17:09:19.0526 1612  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
17:09:19.0544 1612  TBS - ok
17:09:19.0589 1612  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:09:19.0607 1612  Tcpip - ok
17:09:19.0622 1612  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:09:19.0640 1612  TCPIP6 - ok
17:09:19.0665 1612  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:09:19.0671 1612  tcpipreg - ok
17:09:19.0696 1612  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:09:19.0702 1612  TDPIPE - ok
17:09:19.0711 1612  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:09:19.0717 1612  TDTCP - ok
17:09:19.0745 1612  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:09:19.0760 1612  tdx - ok
17:09:19.0774 1612  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:09:19.0780 1612  TermDD - ok
17:09:19.0811 1612  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
17:09:19.0830 1612  TermService - ok
17:09:19.0841 1612  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
17:09:19.0851 1612  Themes - ok
17:09:19.0864 1612  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
17:09:19.0880 1612  THREADORDER - ok
17:09:19.0890 1612  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
17:09:19.0906 1612  TrkWks - ok
17:09:19.0940 1612  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:09:19.0955 1612  TrustedInstaller - ok
17:09:19.0965 1612  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:09:19.0980 1612  tssecsrv - ok
17:09:20.0011 1612  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:09:20.0036 1612  TsUsbFlt - ok
17:09:20.0092 1612  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:09:20.0136 1612  tunnel - ok
17:09:20.0157 1612  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:09:20.0167 1612  uagp35 - ok
17:09:20.0200 1612  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:09:20.0221 1612  udfs - ok
17:09:20.0254 1612  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:09:20.0262 1612  UI0Detect - ok
17:09:20.0281 1612  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:09:20.0289 1612  uliagpkx - ok
17:09:20.0299 1612  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
17:09:20.0305 1612  umbus - ok
17:09:20.0315 1612  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:09:20.0321 1612  UmPass - ok
17:09:20.0339 1612  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
17:09:20.0357 1612  upnphost - ok
17:09:20.0376 1612  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
17:09:20.0382 1612  USBAAPL - ok
17:09:20.0394 1612  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:09:20.0402 1612  usbaudio - ok
17:09:20.0411 1612  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:09:20.0417 1612  usbccgp - ok
17:09:20.0440 1612  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:09:20.0447 1612  usbcir - ok
17:09:20.0461 1612  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:09:20.0467 1612  usbehci - ok
17:09:20.0481 1612  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:09:20.0490 1612  usbhub - ok
17:09:20.0499 1612  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:09:20.0505 1612  usbohci - ok
17:09:20.0510 1612  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:09:20.0517 1612  usbprint - ok
17:09:20.0525 1612  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:09:20.0531 1612  USBSTOR - ok
17:09:20.0544 1612  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:09:20.0550 1612  usbuhci - ok
17:09:20.0559 1612  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
17:09:20.0574 1612  UxSms - ok
17:09:20.0585 1612  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
17:09:20.0591 1612  VaultSvc - ok
17:09:20.0602 1612  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:09:20.0610 1612  vdrvroot - ok
17:09:20.0659 1612  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
17:09:20.0730 1612  vds - ok
17:09:20.0749 1612  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:09:20.0760 1612  vga - ok
17:09:20.0780 1612  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:09:20.0802 1612  VgaSave - ok
17:09:20.0836 1612  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:09:20.0849 1612  vhdmp - ok
17:09:20.0869 1612  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:09:20.0879 1612  viaagp - ok
17:09:20.0894 1612  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
17:09:20.0904 1612  ViaC7 - ok
17:09:20.0965 1612  [ C9EB429F3136D9B6FB186736612CC43C ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:09:21.0000 1612  VIAHdAudAddService - ok
17:09:21.0010 1612  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
17:09:21.0016 1612  viaide - ok
17:09:21.0026 1612  [ B9FAFB1A036913B493F1E9D0C6324D2D ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
17:09:21.0035 1612  VIAKaraokeService - ok
17:09:21.0044 1612  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:09:21.0051 1612  volmgr - ok
17:09:21.0069 1612  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:09:21.0077 1612  volmgrx - ok
17:09:21.0087 1612  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:09:21.0096 1612  volsnap - ok
17:09:21.0105 1612  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:09:21.0112 1612  vsmraid - ok
17:09:21.0156 1612  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
17:09:21.0179 1612  VSS - ok
17:09:21.0192 1612  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:09:21.0200 1612  vwifibus - ok
17:09:21.0202 1612  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:09:21.0211 1612  vwififlt - ok
17:09:21.0244 1612  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
17:09:21.0262 1612  W32Time - ok
17:09:21.0274 1612  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:09:21.0280 1612  WacomPen - ok
17:09:21.0307 1612  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:09:21.0322 1612  WANARP - ok
17:09:21.0325 1612  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:09:21.0339 1612  Wanarpv6 - ok
17:09:21.0406 1612  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:09:21.0481 1612  WatAdminSvc - ok
17:09:21.0522 1612  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
17:09:21.0545 1612  wbengine - ok
17:09:21.0562 1612  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:09:21.0579 1612  WbioSrvc - ok
17:09:21.0619 1612  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:09:21.0635 1612  wcncsvc - ok
17:09:21.0646 1612  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:09:21.0657 1612  WcsPlugInService - ok
17:09:21.0676 1612  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:09:21.0684 1612  Wd - ok
17:09:21.0715 1612  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:09:21.0727 1612  Wdf01000 - ok
17:09:21.0739 1612  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:09:21.0747 1612  WdiServiceHost - ok
17:09:21.0750 1612  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:09:21.0760 1612  WdiSystemHost - ok
17:09:21.0784 1612  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
17:09:21.0795 1612  WebClient - ok
17:09:21.0807 1612  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:09:21.0825 1612  Wecsvc - ok
17:09:21.0836 1612  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:09:21.0852 1612  wercplsupport - ok
17:09:21.0862 1612  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:09:21.0880 1612  WerSvc - ok
17:09:21.0891 1612  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:09:21.0907 1612  WfpLwf - ok
17:09:21.0910 1612  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:09:21.0916 1612  WIMMount - ok
17:09:21.0981 1612  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:09:22.0031 1612  WinDefend - ok
17:09:22.0047 1612  WinHttpAutoProxySvc - ok
17:09:22.0105 1612  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:09:22.0127 1612  Winmgmt - ok
17:09:22.0170 1612  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
17:09:22.0194 1612  WinRM - ok
17:09:22.0224 1612  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:09:22.0231 1612  WinUsb - ok
17:09:22.0269 1612  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:09:22.0284 1612  Wlansvc - ok
17:09:22.0349 1612  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:09:22.0370 1612  wlidsvc - ok
17:09:22.0397 1612  [ 5D410936831F7FB58EFF941EAC3F6D3D ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
17:09:22.0405 1612  WmBEnum - ok
17:09:22.0409 1612  [ 7A13CFDE92956CA61A0927D766C5AD4F ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
17:09:22.0415 1612  WmFilter - ok
17:09:22.0437 1612  [ 1F596392149CAC51F7C095AF7D533934 ] WmHidLo         C:\Windows\system32\drivers\WmHidLo.sys
17:09:22.0445 1612  WmHidLo - ok
17:09:22.0471 1612  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:09:22.0477 1612  WmiAcpi - ok
17:09:22.0510 1612  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:09:22.0517 1612  wmiApSrv - ok
17:09:22.0587 1612  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:09:22.0641 1612  WMPNetworkSvc - ok
17:09:22.0656 1612  [ 6F04646BC690F8BBFC344BE32A60796D ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
17:09:22.0666 1612  WmVirHid - ok
17:09:22.0674 1612  [ 1D6CA43D562333F4DFB40BCEF2453F3A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
17:09:22.0684 1612  WmXlCore - ok
17:09:22.0710 1612  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:09:22.0721 1612  WPCSvc - ok
17:09:22.0742 1612  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:09:22.0755 1612  WPDBusEnum - ok
17:09:22.0784 1612  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:09:22.0807 1612  ws2ifsl - ok
17:09:22.0829 1612  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
17:09:22.0840 1612  WsAudio_DeviceS(1) - ok
17:09:22.0866 1612  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
17:09:22.0876 1612  WsAudio_DeviceS(2) - ok
17:09:22.0900 1612  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
17:09:22.0910 1612  WsAudio_DeviceS(3) - ok
17:09:22.0919 1612  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
17:09:22.0929 1612  WsAudio_DeviceS(4) - ok
17:09:22.0959 1612  [ 4160CBE59D9B5BE22E4C3897E8DB9D56 ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
17:09:22.0969 1612  WsAudio_DeviceS(5) - ok
17:09:22.0982 1612  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
17:09:22.0997 1612  wscsvc - ok
17:09:23.0001 1612  WSearch - ok
17:09:23.0059 1612  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
17:09:23.0085 1612  wuauserv - ok
17:09:23.0109 1612  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:09:23.0115 1612  WudfPf - ok
17:09:23.0132 1612  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:09:23.0140 1612  WUDFRd - ok
17:09:23.0170 1612  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:09:23.0177 1612  wudfsvc - ok
17:09:23.0194 1612  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:09:23.0205 1612  WwanSvc - ok
17:09:23.0235 1612  [ 9BE8D207CA430947AA90C9F353760A3C ] zonescreen      C:\Windows\system32\DRIVERS\zsport.sys
17:09:23.0240 1612  zonescreen - ok
17:09:23.0244 1612  ================ Scan global ===============================
17:09:23.0267 1612  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
17:09:23.0289 1612  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:09:23.0294 1612  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
17:09:23.0321 1612  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
17:09:23.0332 1612  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
17:09:23.0335 1612  [Global] - ok
17:09:23.0335 1612  ================ Scan MBR ==================================
17:09:23.0337 1612  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:09:23.0360 1612  \Device\Harddisk0\DR0 - ok
17:09:23.0366 1612  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:09:23.0690 1612  \Device\Harddisk1\DR1 - ok
17:09:23.0699 1612  ================ Scan VBR ==================================
17:09:23.0705 1612  [ 25F765FBE714400CA6EF922AEFE09DC7 ] \Device\Harddisk0\DR0\Partition1
17:09:23.0707 1612  \Device\Harddisk0\DR0\Partition1 - ok
17:09:23.0715 1612  [ 0D535AF67946639CC741B751C15DECA2 ] \Device\Harddisk0\DR0\Partition2
17:09:23.0717 1612  \Device\Harddisk0\DR0\Partition2 - ok
17:09:23.0724 1612  [ 9415A1790AE12EF2FFD66C8EC25A0AB0 ] \Device\Harddisk1\DR1\Partition1
17:09:23.0727 1612  \Device\Harddisk1\DR1\Partition1 - ok
17:09:23.0731 1612  [ B2BED141E0F8839873772C4D09EAD06F ] \Device\Harddisk1\DR1\Partition2
17:09:23.0731 1612  \Device\Harddisk1\DR1\Partition2 - ok
17:09:23.0736 1612  ============================================================
17:09:23.0736 1612  Scan finished
17:09:23.0736 1612  ============================================================
17:09:23.0741 1264  Detected object count: 6
17:09:23.0741 1264  Actual detected object count: 6
17:09:44.0720 1264  aic78xx ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:44.0720 1264  aic78xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:44.0720 1264  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:44.0720 1264  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:44.0724 1264  FsUsbExService ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:44.0724 1264  FsUsbExService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:44.0728 1264  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:44.0728 1264  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:44.0729 1264  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:44.0729 1264  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:09:44.0730 1264  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:09:44.0730 1264  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
 

aswMBR's log

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-04-22 17:13:42
-----------------------------
17:13:42.703    OS Version: Windows 6.1.7601 Service Pack 1
17:13:42.703    Number of processors: 4 586 0x403
17:13:42.705    ComputerName: SHERIDAN  UserName: Niall
17:13:43.050    Initialize success
17:14:04.733    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:14:04.739    Disk 0 Vendor: ST3500312CS SC13 Size: 476940MB BusType: 3
17:14:04.745    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-2
17:14:04.752    Disk 1 Vendor: SAMSUNG_SP2504C VT100-50 Size: 238475MB BusType: 3
17:14:04.870    Disk 1 MBR read successfully
17:14:04.873    Disk 1 MBR scan
17:14:04.877    Disk 1 Windows XP default MBR code
17:14:04.879    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS        82229 MB offset 63
17:14:04.883    Disk 1 Partition - 00     05     Extended            156245 MB offset 168406560
17:14:04.903    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS       156242 MB offset 168406623
17:14:04.908    Disk 1 scanning sectors +488397168
17:14:04.917    Disk 1 scanning C:\Windows\system32\drivers
17:14:10.807    Service scanning
17:14:24.189    Modules scanning
17:14:28.374    Disk 1 trace - called modules:
17:14:28.386    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
17:14:28.391    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xc35d2030]
17:14:28.397    3 CLASSPNP.SYS[c960459e] -> nt!IofCallDriver -> [0xc3491918]
17:14:28.402    5 ACPI.sys[c94323d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-2[0xc346a908]
17:14:28.407    Scan finished successfully
17:14:41.805    Disk 1 MBR has been saved successfully to "C:\Users\Niall\Desktop\MBR.dat"
17:14:41.811    The log file has been saved successfully to "C:\Users\Niall\Desktop\aswMBR.txt"

 

And the MDR.dat file

 

Attached File  MBR.zip   513bytes   0 downloads



#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 PM

Posted 22 April 2013 - 12:19 PM

The boot sector is good.

Please download Farbar Service Scanner and run it on the computer with the issue.
[1] Make sure the following options are checked:
[2] Internet Services
[3] Windows Firewall
[4] System Restore
[5] Security Center/Action center
[6] Windows Update
[7] Windows Defender

Press [b]Scan
.
This will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

#13 raven219

raven219
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 22 April 2013 - 12:36 PM

Here is the log.

 

Farbar Service Scanner Version: 14-04-2013
Ran by Niall (administrator) on 22-04-2013 at 18:35:06
Running from "C:\Users\Niall\Desktop"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error.
Google.com is accessible.
Attempt to access Yahoo IP returned error.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============

Other Services:
==============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****



#14 nasdaq

nasdaq

  • Malware Response Team
  • 40,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:14 PM

Posted 22 April 2013 - 12:41 PM

All logs are clean. What are the remining issues with this computer?

#15 raven219

raven219
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 22 April 2013 - 12:42 PM

BTW - I have kept the network cable unplugged since we uninstalled Avast.  When I first ran FSS it had some errors in the connection status because the cable was still unplugged.  I plugged it back in and ran it again to get the results above.  As I was copying the file to my flash drive (using my work laptop to send you the logs) I clicked on one of my network drives by mistake.  Surprisingly it worked!  A couple of other clicks showed all my local network resources were available.

 

I have unplugged the network cable again and have done nothing else to the machine but thought I would let you know that one of the problems seems fixed.

 

Regards



Shall I go ahead and re-install Avast and test out the machine then?

 

Regards






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users