Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware .... rotkit


  • This topic is locked This topic is locked
13 replies to this topic

#1 aquaviva

aquaviva

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 02 May 2013 - 04:44 AM

EDIT:Moved to Malware removal forum as DDS log was posted ~~ boopme
 
''Well i cant find any virus, trojans or anything  when scanning... this is what rkill tells me
 
Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 04/30/2013 09:33:30 PM in x64 mode.
Windows Version: Windows 8 Pro 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]
 * WinDefend => "%ProgramFiles%\Windows Defender\MsMpEng.exe" [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 04/30/2013 09:33:32 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)

Edited by boopme, 02 May 2013 - 01:42 PM.


BC AdBot (Login to Remove)

 


#2 aquaviva

aquaviva
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 02 May 2013 - 04:48 AM

boopme that DDS progams stals on me... i press start then the green line stops midway



#3 aquaviva

aquaviva
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 02 May 2013 - 08:24 AM

Rkill 2.4.7 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 05/02/2013 03:23:32 PM in x64 mode.
Windows Version: Windows 8 Pro 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\aquaviva\AppData\Local\Temp\nsi6854.tmp\pev.dat (PID: 5872) [UP-HEUR]
 * C:\Users\aquaviva\AppData\Local\Temp\nsrDB2D.tmp\pev.dat (PID: 7120) [UP-HEUR]
 
2 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]
 * WinDefend => "%ProgramFiles%\Windows Defender\MsMpEng.exe" [Incorrect ImagePath]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 05/02/2013 03:23:38 PM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)


#4 aquaviva

aquaviva
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 02 May 2013 - 10:47 AM

I have a lot of files missing :-(
 
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:46:41 PM, on 2/5/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\iastoricon.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Temp\nsv3A27.tmp\pev.dat
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\aquaviva\Downloads\hijackthis.exe
C:\WINDOWS\SysWOW64\DllHost.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nmd.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - (no file)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [Google Update] "C:\Users\aquaviva\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CoolerMaster Trigger] "C:\Program Files (x86)\Cooler Master\CM Storm Trigger\CMTrigger.exe" /AutoRun
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Tjeneste (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
O23 - Service: vToolbarUpdater12.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: Windows Firewall Control Service (wfcs) - BiniSoft.org - C:\Program Files\Windows Firewall Control\wfcs.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 9593 bytes


#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:01 PM

Posted 05 May 2013 - 08:55 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#6 aquaviva

aquaviva
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 05 May 2013 - 10:50 AM

17:46:33.0027 3952  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:46:33.0369 3952  ============================================================
17:46:33.0369 3952  Current date / time: 2013/05/05 17:46:33.0369
17:46:33.0369 3952  SystemInfo:
17:46:33.0369 3952  
17:46:33.0369 3952  OS Version: 6.2.9200 ServicePack: 0.0
17:46:33.0369 3952  Product type: Workstation
17:46:33.0369 3952  ComputerName: AQUAVIVA-PC
17:46:33.0369 3952  UserName: aquaviva
17:46:33.0369 3952  Windows directory: C:\WINDOWS
17:46:33.0369 3952  System windows directory: C:\WINDOWS
17:46:33.0369 3952  Running under WOW64
17:46:33.0369 3952  Processor architecture: Intel x64
17:46:33.0369 3952  Number of processors: 8
17:46:33.0369 3952  Page size: 0x1000
17:46:33.0370 3952  Boot type: Normal boot
17:46:33.0370 3952  ============================================================
17:46:33.0564 3952  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:46:33.0573 3952  ============================================================
17:46:33.0573 3952  \Device\Harddisk0\DR0:
17:46:33.0573 3952  MBR partitions:
17:46:33.0573 3952  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x200000
17:46:33.0574 3952  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x200800, BlocksNum 0x1A923000
17:46:33.0574 3952  ============================================================
17:46:33.0575 3952  C: <-> \Device\Harddisk0\DR0\Partition2
17:46:33.0575 3952  ============================================================
17:46:33.0575 3952  Initialize success
17:46:33.0575 3952  ============================================================
17:46:40.0741 7056  ============================================================
17:46:40.0741 7056  Scan started
17:46:40.0741 7056  Mode: Manual; SigCheck; TDLFS; 
17:46:40.0741 7056  ============================================================
17:46:40.0893 7056  ================ Scan system memory ========================
17:46:40.0893 7056  System memory - ok
17:46:40.0894 7056  ================ Scan services =============================
17:46:40.0932 7056  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:46:40.0972 7056  1394ohci - ok
17:46:40.0976 7056  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:46:40.0986 7056  3ware - ok
17:46:40.0991 7056  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:46:41.0005 7056  ACPI - ok
17:46:41.0008 7056  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:46:41.0014 7056  acpiex - ok
17:46:41.0016 7056  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:46:41.0023 7056  acpipagr - ok
17:46:41.0025 7056  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:46:41.0032 7056  AcpiPmi - ok
17:46:41.0034 7056  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:46:41.0041 7056  acpitime - ok
17:46:41.0057 7056  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:46:41.0065 7056  AdobeFlashPlayerUpdateSvc - ok
17:46:41.0071 7056  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\WINDOWS\system32\drivers\adp94xx.sys
17:46:41.0087 7056  adp94xx - ok
17:46:41.0092 7056  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\WINDOWS\system32\drivers\adpahci.sys
17:46:41.0104 7056  adpahci - ok
17:46:41.0107 7056  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\WINDOWS\system32\drivers\adpu320.sys
17:46:41.0116 7056  adpu320 - ok
17:46:41.0120 7056  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:46:41.0129 7056  AeLookupSvc - ok
17:46:41.0135 7056  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:46:41.0147 7056  AFD - ok
17:46:41.0150 7056  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:46:41.0157 7056  agp440 - ok
17:46:41.0159 7056  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\WINDOWS\System32\alg.exe
17:46:41.0168 7056  ALG - ok
17:46:41.0171 7056  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
17:46:41.0179 7056  AllUserInstallAgent - ok
17:46:41.0182 7056  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:46:41.0189 7056  AmdK8 - ok
17:46:41.0191 7056  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:46:41.0199 7056  AmdPPM - ok
17:46:41.0202 7056  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:46:41.0209 7056  amdsata - ok
17:46:41.0212 7056  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:46:41.0222 7056  amdsbs - ok
17:46:41.0224 7056  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:46:41.0231 7056  amdxata - ok
17:46:41.0233 7056  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\WINDOWS\System32\Drivers\ssadadb.sys
17:46:41.0247 7056  androidusb - ok
17:46:41.0250 7056  [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
17:46:41.0257 7056  AppHostSvc - ok
17:46:41.0260 7056  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:46:41.0270 7056  AppID - ok
17:46:41.0282 7056  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:46:41.0291 7056  AppIDSvc - ok
17:46:41.0312 7056  [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:46:41.0330 7056  Appinfo - ok
17:46:41.0336 7056  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:46:41.0349 7056  Apple Mobile Device - ok
17:46:41.0352 7056  [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:46:41.0361 7056  AppMgmt - ok
17:46:41.0364 7056  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\WINDOWS\system32\drivers\arc.sys
17:46:41.0371 7056  arc - ok
17:46:41.0374 7056  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:46:41.0382 7056  arcsas - ok
17:46:41.0392 7056  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:46:41.0398 7056  aspnet_state - ok
17:46:41.0400 7056  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:46:41.0410 7056  AsyncMac - ok
17:46:41.0434 7056  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:46:41.0439 7056  atapi - ok
17:46:41.0443 7056  [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:46:41.0452 7056  AudioEndpointBuilder - ok
17:46:41.0459 7056  [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:46:41.0473 7056  Audiosrv - ok
17:46:41.0481 7056  [ AAE1DAE483DD57D0E267FCA42FCB5133 ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
17:46:41.0494 7056  avc3 - ok
17:46:41.0497 7056  [ 3B9549FEF98AB1768A1D6A919F355B70 ] avchv           C:\WINDOWS\system32\DRIVERS\avchv.sys
17:46:41.0506 7056  avchv - ok
17:46:41.0511 7056  [ 8183B715BD56561C27BEBB68B1192B7A ] avckf           C:\WINDOWS\system32\DRIVERS\avckf.sys
17:46:41.0523 7056  avckf - ok
17:46:41.0525 7056  [ E964EA70249DDE1343C8F694B52575EE ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
17:46:41.0531 7056  avgtp - ok
17:46:41.0534 7056  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:46:41.0542 7056  AxInstSV - ok
17:46:41.0547 7056  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:46:41.0562 7056  b06bdrv - ok
17:46:41.0564 7056  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:46:41.0571 7056  BasicDisplay - ok
17:46:41.0577 7056  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:46:41.0584 7056  BasicRender - ok
17:46:41.0590 7056  [ EBD3B67D51F58F45FBDA2BDE853322AA ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
17:46:41.0596 7056  BdDesktopParental - ok
17:46:41.0598 7056  [ 1942D00BBAA28F4104EFD7F66453749D ] bdelam          C:\WINDOWS\system32\drivers\bdelam.sys
17:46:41.0606 7056  bdelam - ok
17:46:41.0609 7056  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:46:41.0617 7056  BDESVC - ok
17:46:41.0622 7056  [ 33BDE38294A142D068C32B2360B7D1C9 ] BdfNdisf        C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys
17:46:41.0628 7056  BdfNdisf - ok
17:46:41.0631 7056  [ 641F901CA6B9A90077FA92BE5EC1E789 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
17:46:41.0637 7056  bdfwfpf - ok
17:46:41.0639 7056  [ E311541A584A29C0D91DD73730B1DCBE ] BDSandBox       C:\WINDOWS\system32\drivers\bdsandbox.sys
17:46:41.0646 7056  BDSandBox - ok
17:46:41.0648 7056  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:46:41.0654 7056  Beep - ok
17:46:41.0661 7056  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\WINDOWS\System32\bfe.dll
17:46:41.0673 7056  BFE - ok
17:46:41.0681 7056  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\WINDOWS\System32\qmgr.dll
17:46:41.0697 7056  BITS - ok
17:46:41.0703 7056  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:46:41.0712 7056  Bonjour Service - ok
17:46:41.0715 7056  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:46:41.0722 7056  bowser - ok
17:46:41.0725 7056  [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:46:41.0733 7056  BrokerInfrastructure - ok
17:46:41.0751 7056  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\WINDOWS\System32\browser.dll
17:46:41.0769 7056  Browser - ok
17:46:41.0772 7056  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:46:41.0780 7056  BthAvrcpTg - ok
17:46:41.0782 7056  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:46:41.0796 7056  BthHFEnum - ok
17:46:41.0798 7056  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:46:41.0805 7056  bthhfhid - ok
17:46:41.0824 7056  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:46:41.0854 7056  BTHMODEM - ok
17:46:41.0858 7056  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:46:41.0865 7056  bthserv - ok
17:46:41.0886 7056  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:46:41.0894 7056  cdfs - ok
17:46:41.0898 7056  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:46:41.0906 7056  cdrom - ok
17:46:41.0909 7056  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:46:41.0919 7056  CertPropSvc - ok
17:46:41.0922 7056  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:46:41.0937 7056  circlass - ok
17:46:41.0942 7056  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:46:41.0953 7056  CLFS - ok
17:46:41.0959 7056  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:46:41.0966 7056  CmBatt - ok
17:46:41.0972 7056  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:46:41.0986 7056  CNG - ok
17:46:41.0990 7056  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:46:42.0003 7056  CompositeBus - ok
17:46:42.0005 7056  COMSysApp - ok
17:46:42.0008 7056  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:46:42.0015 7056  condrv - ok
17:46:42.0019 7056  [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:46:42.0026 7056  CryptSvc - ok
17:46:42.0031 7056  [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
17:46:42.0043 7056  CSC - ok
17:46:42.0050 7056  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService      C:\WINDOWS\System32\cscsvc.dll
17:46:42.0064 7056  CscService - ok
17:46:42.0067 7056  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:46:42.0074 7056  dam - ok
17:46:42.0082 7056  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:46:42.0097 7056  DcomLaunch - ok
17:46:42.0101 7056  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:46:42.0115 7056  defragsvc - ok
17:46:42.0120 7056  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:46:42.0134 7056  DeviceAssociationService - ok
17:46:42.0137 7056  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:46:42.0145 7056  DeviceInstall - ok
17:46:42.0149 7056  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:46:42.0156 7056  Dfsc - ok
17:46:42.0159 7056  [ 41AC348DBD378F618CB4FDEE54270692 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:46:42.0165 7056  dg_ssudbus - ok
17:46:42.0170 7056  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:46:42.0179 7056  Dhcp - ok
17:46:42.0182 7056  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\WINDOWS\system32\drivers\discache.sys
17:46:42.0193 7056  discache - ok
17:46:42.0196 7056  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:46:42.0202 7056  disk - ok
17:46:42.0204 7056  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:46:42.0211 7056  dmvsc - ok
17:46:42.0214 7056  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:46:42.0223 7056  Dnscache - ok
17:46:42.0227 7056  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:46:42.0239 7056  dot3svc - ok
17:46:42.0262 7056  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\WINDOWS\system32\dps.dll
17:46:42.0274 7056  DPS - ok
17:46:42.0276 7056  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:46:42.0282 7056  drmkaud - ok
17:46:42.0286 7056  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:46:42.0296 7056  DsmSvc - ok
17:46:42.0308 7056  [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:46:42.0336 7056  DXGKrnl - ok
17:46:42.0340 7056  [ 651FBD69A9713D623D456A240F96179C ] e1iexpress      C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
17:46:42.0358 7056  e1iexpress - ok
17:46:42.0360 7056  EagleX64 - ok
17:46:42.0363 7056  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:46:42.0372 7056  Eaphost - ok
17:46:42.0447 7056  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:46:42.0505 7056  ebdrv - ok
17:46:42.0508 7056  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\WINDOWS\System32\lsass.exe
17:46:42.0515 7056  EFS - ok
17:46:42.0528 7056  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:46:42.0535 7056  EhStorClass - ok
17:46:42.0539 7056  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:46:42.0546 7056  EhStorTcgDrv - ok
17:46:42.0548 7056  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:46:42.0555 7056  ErrDev - ok
17:46:42.0558 7056  [ 3663291D0D26001A2BB67678AB61D14C ] EtronHub3       C:\WINDOWS\System32\Drivers\EtronHub3.sys
17:46:42.0564 7056  EtronHub3 - ok
17:46:42.0566 7056  [ 744420D6C062C38F7361870F010D6D4B ] EtronXHCI       C:\WINDOWS\System32\Drivers\EtronXHCI.sys
17:46:42.0572 7056  EtronXHCI - ok
17:46:42.0578 7056  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\WINDOWS\system32\es.dll
17:46:42.0590 7056  EventSystem - ok
17:46:42.0594 7056  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:46:42.0606 7056  exfat - ok
17:46:42.0610 7056  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:46:42.0618 7056  fastfat - ok
17:46:42.0625 7056  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:46:42.0638 7056  Fax - ok
17:46:42.0640 7056  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:46:42.0648 7056  fdc - ok
17:46:42.0650 7056  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:46:42.0660 7056  fdPHost - ok
17:46:42.0662 7056  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:46:42.0673 7056  FDResPub - ok
17:46:42.0676 7056  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:46:42.0684 7056  fhsvc - ok
17:46:42.0687 7056  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:46:42.0693 7056  FileInfo - ok
17:46:42.0695 7056  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:46:42.0706 7056  Filetrace - ok
17:46:42.0708 7056  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:46:42.0715 7056  flpydisk - ok
17:46:42.0719 7056  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:46:42.0730 7056  FltMgr - ok
17:46:42.0741 7056  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:46:42.0760 7056  FontCache - ok
17:46:42.0763 7056  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:46:42.0771 7056  FontCache3.0.0.0 - ok
17:46:42.0773 7056  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:46:42.0780 7056  FsDepends - ok
17:46:42.0782 7056  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:46:42.0788 7056  Fs_Rec - ok
17:46:42.0793 7056  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:46:42.0805 7056  fvevol - ok
17:46:42.0808 7056  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:46:42.0814 7056  FxPPM - ok
17:46:42.0816 7056  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:46:42.0823 7056  gagp30kx - ok
17:46:42.0825 7056  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:46:42.0830 7056  GEARAspiWDM - ok
17:46:42.0833 7056  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:46:42.0839 7056  gencounter - ok
17:46:42.0842 7056  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:46:42.0849 7056  GPIOClx0101 - ok
17:46:42.0860 7056  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:46:42.0882 7056  gpsvc - ok
17:46:42.0905 7056  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:46:42.0919 7056  gupdate - ok
17:46:42.0925 7056  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:46:42.0938 7056  gupdatem - ok
17:46:42.0941 7056  [ DB8A82239139348D6666434128D6F5DC ] gzflt           C:\WINDOWS\system32\DRIVERS\gzflt.sys
17:46:42.0948 7056  gzflt - ok
17:46:42.0952 7056  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
17:46:42.0962 7056  HdAudAddService - ok
17:46:42.0964 7056  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:46:42.0972 7056  HDAudBus - ok
17:46:42.0974 7056  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:46:42.0980 7056  HidBatt - ok
17:46:42.0983 7056  [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:46:42.0997 7056  HidBth - ok
17:46:43.0000 7056  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:46:43.0006 7056  hidi2c - ok
17:46:43.0008 7056  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:46:43.0023 7056  HidIr - ok
17:46:43.0026 7056  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:46:43.0032 7056  hidserv - ok
17:46:43.0034 7056  [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:46:43.0040 7056  HidUsb - ok
17:46:43.0043 7056  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:46:43.0052 7056  hkmsvc - ok
17:46:43.0056 7056  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:46:43.0066 7056  HomeGroupListener - ok
17:46:43.0070 7056  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:46:43.0082 7056  HomeGroupProvider - ok
17:46:43.0085 7056  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:46:43.0091 7056  HpSAMD - ok
17:46:43.0099 7056  [ 29CB98187BB5711F7759540976D295FC ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:46:43.0113 7056  HTTP - ok
17:46:43.0115 7056  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:46:43.0121 7056  hwpolicy - ok
17:46:43.0123 7056  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:46:43.0129 7056  hyperkbd - ok
17:46:43.0131 7056  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:46:43.0138 7056  HyperVideo - ok
17:46:43.0140 7056  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:46:43.0148 7056  i8042prt - ok
17:46:43.0154 7056  [ 8DFC3AA7805D1E442193A639E9004E66 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:46:43.0164 7056  iaStorA - ok
17:46:43.0167 7056  [ B6B4054A06B39C5256ED1ECDD68259D4 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
17:46:43.0173 7056  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - warning
17:46:43.0173 7056  IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic (1)
17:46:43.0175 7056  [ 4621FAE7D3C969A1E84A2790D88FCCDE ] iaStorF         C:\WINDOWS\system32\drivers\iaStorF.sys
17:46:43.0181 7056  iaStorF - ok
17:46:43.0186 7056  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:46:43.0199 7056  iaStorV - ok
17:46:43.0202 7056  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\WINDOWS\system32\drivers\iirsp.sys
17:46:43.0209 7056  iirsp - ok
17:46:43.0217 7056  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:46:43.0234 7056  IKEEXT - ok
17:46:43.0260 7056  [ 7D7711B0F972C73AE46105B42092D82E ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:46:43.0306 7056  IntcAzAudAddService - ok
17:46:43.0310 7056  [ 42CEE1BA152FA267AE8587B4DE3B7B28 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
17:46:43.0319 7056  Intel® PROSet Monitoring Service - ok
17:46:43.0321 7056  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:46:43.0327 7056  intelide - ok
17:46:43.0330 7056  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:46:43.0337 7056  intelppm - ok
17:46:43.0340 7056  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:46:43.0349 7056  IpFilterDriver - ok
17:46:43.0392 7056  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:46:43.0419 7056  iphlpsvc - ok
17:46:43.0422 7056  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:46:43.0431 7056  IPMIDRV - ok
17:46:43.0435 7056  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:46:43.0445 7056  IPNAT - ok
17:46:43.0451 7056  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:46:43.0464 7056  iPod Service - ok
17:46:43.0467 7056  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:46:43.0474 7056  IRENUM - ok
17:46:43.0476 7056  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:46:43.0482 7056  isapnp - ok
17:46:43.0486 7056  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:46:43.0497 7056  iScsiPrt - ok
17:46:43.0499 7056  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\WINDOWS\system32\drivers\iusb3hcs.sys
17:46:43.0504 7056  iusb3hcs - ok
17:46:43.0509 7056  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\WINDOWS\system32\drivers\iusb3hub.sys
17:46:43.0518 7056  iusb3hub - ok
17:46:43.0526 7056  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\WINDOWS\system32\drivers\iusb3xhc.sys
17:46:43.0541 7056  iusb3xhc - ok
17:46:43.0543 7056  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:46:43.0551 7056  kbdclass - ok
17:46:43.0553 7056  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:46:43.0560 7056  kbdhid - ok
17:46:43.0563 7056  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:46:43.0569 7056  kdnic - ok
17:46:43.0571 7056  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:46:43.0578 7056  KeyIso - ok
17:46:43.0581 7056  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:46:43.0588 7056  KSecDD - ok
17:46:43.0591 7056  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:46:43.0600 7056  KSecPkg - ok
17:46:43.0602 7056  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:46:43.0609 7056  ksthunk - ok
17:46:43.0613 7056  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:46:43.0624 7056  KtmRm - ok
17:46:43.0628 7056  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:46:43.0638 7056  LanmanServer - ok
17:46:43.0642 7056  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:46:43.0651 7056  LanmanWorkstation - ok
17:46:43.0654 7056  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:46:43.0663 7056  lltdio - ok
17:46:43.0667 7056  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:46:43.0679 7056  lltdsvc - ok
17:46:43.0683 7056  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:46:43.0689 7056  lmhosts - ok
17:46:43.0693 7056  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:46:43.0701 7056  LSI_SAS - ok
17:46:43.0704 7056  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:46:43.0710 7056  LSI_SAS2 - ok
17:46:43.0713 7056  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\WINDOWS\system32\drivers\lsi_scsi.sys
17:46:43.0720 7056  LSI_SCSI - ok
17:46:43.0723 7056  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:46:43.0730 7056  LSI_SSS - ok
17:46:43.0735 7056  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\WINDOWS\System32\lsm.dll
17:46:43.0745 7056  LSM - ok
17:46:43.0749 7056  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:46:43.0760 7056  luafv - ok
17:46:43.0762 7056  [ E5ECF40E5FD459141E5F6685FFD51804 ] Lycosa          C:\WINDOWS\system32\drivers\Lycosa.sys
17:46:43.0768 7056  Lycosa - ok
17:46:43.0771 7056  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:46:43.0777 7056  megasas - ok
17:46:43.0782 7056  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\WINDOWS\system32\drivers\MegaSR.sys
17:46:43.0793 7056  MegaSR - ok
17:46:43.0796 7056  [ 2BB3EAE2EA641515D4B205CAB29E1624 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
17:46:43.0802 7056  MEIx64 - ok
17:46:43.0805 7056  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:46:43.0812 7056  MMCSS - ok
17:46:43.0814 7056  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:46:43.0823 7056  Modem - ok
17:46:43.0825 7056  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:46:43.0832 7056  monitor - ok
17:46:43.0834 7056  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:46:43.0839 7056  mouclass - ok
17:46:43.0842 7056  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:46:43.0849 7056  mouhid - ok
17:46:43.0851 7056  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:46:43.0858 7056  mountmgr - ok
17:46:43.0861 7056  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:46:43.0868 7056  mpsdrv - ok
17:46:43.0875 7056  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:46:43.0890 7056  MpsSvc - ok
17:46:43.0918 7056  [ 866AF645A3B1F4358C4201CE089839EA ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
17:46:43.0932 7056  MQAC - ok
17:46:43.0938 7056  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:46:43.0953 7056  MRxDAV - ok
17:46:43.0969 7056  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:46:43.0987 7056  mrxsmb - ok
17:46:43.0991 7056  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:46:44.0000 7056  mrxsmb10 - ok
17:46:44.0003 7056  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:46:44.0012 7056  mrxsmb20 - ok
17:46:44.0015 7056  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:46:44.0024 7056  MsBridge - ok
17:46:44.0027 7056  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:46:44.0035 7056  MSDTC - ok
17:46:44.0039 7056  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:46:44.0046 7056  Msfs - ok
17:46:44.0048 7056  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:46:44.0054 7056  msgpiowin32 - ok
17:46:44.0057 7056  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:46:44.0063 7056  mshidkmdf - ok
17:46:44.0065 7056  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:46:44.0072 7056  mshidumdf - ok
17:46:44.0074 7056  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:46:44.0079 7056  msisadrv - ok
17:46:44.0082 7056  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:46:44.0090 7056  MSiSCSI - ok
17:46:44.0092 7056  msiserver - ok
17:46:44.0094 7056  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:46:44.0101 7056  MSKSSRV - ok
17:46:44.0103 7056  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:46:44.0110 7056  MsLldp - ok
17:46:44.0112 7056  [ 80FF037D6184FFACB2740A50C7949D20 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
17:46:44.0119 7056  MSMQ - ok
17:46:44.0121 7056  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:46:44.0127 7056  MSPCLOCK - ok
17:46:44.0129 7056  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:46:44.0136 7056  MSPQM - ok
17:46:44.0141 7056  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:46:44.0152 7056  MsRPC - ok
17:46:44.0155 7056  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:46:44.0161 7056  mssmbios - ok
17:46:44.0163 7056  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:46:44.0170 7056  MSTEE - ok
17:46:44.0172 7056  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:46:44.0179 7056  MTConfig - ok
17:46:44.0182 7056  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:46:44.0188 7056  Mup - ok
17:46:44.0191 7056  [ 56616652CFE590E2C936C72DF6094B88 ] mv91cons        C:\WINDOWS\system32\drivers\mv91cons.sys
17:46:44.0196 7056  mv91cons - ok
17:46:44.0200 7056  [ 7EAE8A7EE4955DC1439E6C93D5CC7EE4 ] mvs91xx         C:\WINDOWS\system32\drivers\mvs91xx.sys
17:46:44.0209 7056  mvs91xx - ok
17:46:44.0212 7056  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:46:44.0219 7056  mvumis - ok
17:46:44.0223 7056  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:46:44.0236 7056  napagent - ok
17:46:44.0242 7056  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:46:44.0252 7056  NativeWifiP - ok
17:46:44.0256 7056  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:46:44.0264 7056  NcaSvc - ok
17:46:44.0267 7056  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:46:44.0275 7056  NcdAutoSetup - ok
17:46:44.0284 7056  [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:46:44.0305 7056  NDIS - ok
17:46:44.0308 7056  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:46:44.0317 7056  NdisCap - ok
17:46:44.0320 7056  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:46:44.0328 7056  NdisImPlatform - ok
17:46:44.0330 7056  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:46:44.0336 7056  NdisTapi - ok
17:46:44.0339 7056  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:46:44.0345 7056  Ndisuio - ok
17:46:44.0348 7056  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:46:44.0358 7056  NdisWan - ok
17:46:44.0360 7056  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:46:44.0369 7056  NDISWANLEGACY - ok
17:46:44.0371 7056  [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:46:44.0379 7056  NDProxy - ok
17:46:44.0381 7056  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:46:44.0388 7056  Ndu - ok
17:46:44.0391 7056  [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl64.sys
17:46:44.0397 7056  Netaapl - ok
17:46:44.0400 7056  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:46:44.0408 7056  NetBIOS - ok
17:46:44.0412 7056  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:46:44.0422 7056  NetBT - ok
17:46:44.0424 7056  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:46:44.0431 7056  Netlogon - ok
17:46:44.0435 7056  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\WINDOWS\System32\netman.dll
17:46:44.0445 7056  Netman - ok
17:46:44.0448 7056  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:44.0456 7056  NetMsmqActivator - ok
17:46:44.0458 7056  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:44.0464 7056  NetPipeActivator - ok
17:46:44.0470 7056  [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:46:44.0482 7056  netprofm - ok
17:46:44.0484 7056  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:44.0490 7056  NetTcpActivator - ok
17:46:44.0493 7056  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:46:44.0499 7056  NetTcpPortSharing - ok
17:46:44.0501 7056  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\WINDOWS\system32\drivers\nfrd960.sys
17:46:44.0507 7056  nfrd960 - ok
17:46:44.0512 7056  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:46:44.0523 7056  NlaSvc - ok
17:46:44.0529 7056  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:46:44.0543 7056  Npfs - ok
17:46:44.0560 7056  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:46:44.0571 7056  npsvctrig - ok
17:46:44.0573 7056  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:46:44.0581 7056  nsi - ok
17:46:44.0583 7056  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:46:44.0590 7056  nsiproxy - ok
17:46:44.0606 7056  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:46:44.0641 7056  Ntfs - ok
17:46:44.0643 7056  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:46:44.0651 7056  Null - ok
17:46:44.0653 7056  [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub        C:\WINDOWS\system32\drivers\nusb3hub.sys
17:46:44.0659 7056  nusb3hub - ok
17:46:44.0662 7056  [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc        C:\WINDOWS\system32\drivers\nusb3xhc.sys
17:46:44.0670 7056  nusb3xhc - ok
17:46:44.0673 7056  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
17:46:44.0680 7056  NVHDA - ok
17:46:44.0757 7056  [ 4EE399576F76D38C04745DB739BBC8C7 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:46:44.0917 7056  nvlddmkm - ok
17:46:44.0923 7056  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:46:44.0932 7056  nvraid - ok
17:46:44.0935 7056  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:46:44.0943 7056  nvstor - ok
17:46:44.0951 7056  [ BD0762F934B869FB069811E230DB901D ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
17:46:44.0965 7056  nvsvc - ok
17:46:44.0980 7056  [ 685514743DCD4A741CB7A0035EF01026 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:46:45.0013 7056  nvUpdatusService - ok
17:46:45.0017 7056  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:46:45.0025 7056  nv_agp - ok
17:46:45.0029 7056  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:46:45.0039 7056  p2pimsvc - ok
17:46:45.0044 7056  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:46:45.0055 7056  p2psvc - ok
17:46:45.0058 7056  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:46:45.0066 7056  Parport - ok
17:46:45.0069 7056  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:46:45.0076 7056  partmgr - ok
17:46:45.0080 7056  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:46:45.0091 7056  PcaSvc - ok
17:46:45.0095 7056  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:46:45.0104 7056  pci - ok
17:46:45.0106 7056  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:46:45.0112 7056  pciide - ok
17:46:45.0115 7056  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:46:45.0125 7056  pcmcia - ok
17:46:45.0127 7056  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:46:45.0133 7056  pcw - ok
17:46:45.0135 7056  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:46:45.0142 7056  pdc - ok
17:46:45.0149 7056  [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:46:45.0165 7056  PEAUTH - ok
17:46:45.0183 7056  [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
17:46:45.0211 7056  PeerDistSvc - ok
17:46:45.0227 7056  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:46:45.0235 7056  PerfHost - ok
17:46:45.0248 7056  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\WINDOWS\system32\pla.dll
17:46:45.0272 7056  pla - ok
17:46:45.0275 7056  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:46:45.0283 7056  PlugPlay - ok
17:46:45.0285 7056  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:46:45.0293 7056  PNRPAutoReg - ok
17:46:45.0297 7056  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:46:45.0305 7056  PNRPsvc - ok
17:46:45.0311 7056  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:46:45.0324 7056  PolicyAgent - ok
17:46:45.0328 7056  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\WINDOWS\system32\umpo.dll
17:46:45.0335 7056  Power - ok
17:46:45.0337 7056  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:46:45.0346 7056  PptpMiniport - ok
17:46:45.0366 7056  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
17:46:45.0397 7056  PrintNotify - ok
17:46:45.0400 7056  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:46:45.0408 7056  Processor - ok
17:46:45.0411 7056  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:46:45.0420 7056  ProfSvc - ok
17:46:45.0423 7056  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:46:45.0432 7056  Psched - ok
17:46:45.0436 7056  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:46:45.0447 7056  QWAVE - ok
17:46:45.0449 7056  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:46:45.0456 7056  QWAVEdrv - ok
17:46:45.0458 7056  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:46:45.0467 7056  RasAcd - ok
17:46:45.0469 7056  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
17:46:45.0477 7056  RasAgileVpn - ok
17:46:45.0480 7056  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:46:45.0490 7056  RasAuto - ok
17:46:45.0493 7056  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:46:45.0502 7056  Rasl2tp - ok
17:46:45.0507 7056  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:46:45.0519 7056  RasMan - ok
17:46:45.0522 7056  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:46:45.0531 7056  RasPppoe - ok
17:46:45.0542 7056  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
17:46:45.0551 7056  RasSstp - ok
17:46:45.0556 7056  [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:46:45.0567 7056  rdbss - ok
17:46:45.0570 7056  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:46:45.0576 7056  rdpbus - ok
17:46:45.0579 7056  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:46:45.0588 7056  RDPDR - ok
17:46:45.0592 7056  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:46:45.0598 7056  RdpVideoMiniport - ok
17:46:45.0601 7056  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:46:45.0610 7056  RDPWD - ok
17:46:45.0613 7056  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:46:45.0622 7056  rdyboost - ok
17:46:45.0624 7056  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:46:45.0635 7056  RemoteAccess - ok
17:46:45.0638 7056  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:46:45.0650 7056  RemoteRegistry - ok
17:46:45.0652 7056  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:46:45.0660 7056  RpcEptMapper - ok
17:46:45.0662 7056  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:46:45.0669 7056  RpcLocator - ok
17:46:45.0677 7056  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:46:45.0689 7056  RpcSs - ok
17:46:45.0691 7056  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:46:45.0700 7056  rspndr - ok
17:46:45.0702 7056  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:46:45.0708 7056  s3cap - ok
17:46:45.0710 7056  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\WINDOWS\system32\lsass.exe
17:46:45.0717 7056  SamSs - ok
17:46:45.0719 7056  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:46:45.0727 7056  sbp2port - ok
17:46:45.0730 7056  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:46:45.0741 7056  SCardSvr - ok
17:46:45.0744 7056  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:46:45.0753 7056  scfilter - ok
17:46:45.0763 7056  [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:46:45.0783 7056  Schedule - ok
17:46:45.0786 7056  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:46:45.0796 7056  SCPolicySvc - ok
17:46:45.0799 7056  [ 047315E75392CEA447ACC86257824C16 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:46:45.0808 7056  sdbus - ok
17:46:45.0811 7056  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
17:46:45.0819 7056  SDRSVC - ok
17:46:45.0821 7056  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:46:45.0828 7056  sdstor - ok
17:46:45.0830 7056  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:46:45.0836 7056  secdrv - ok
17:46:45.0838 7056  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:46:45.0848 7056  seclogon - ok
17:46:45.0850 7056  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\WINDOWS\System32\sens.dll
17:46:45.0862 7056  SENS - ok
17:46:45.0865 7056  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:46:45.0873 7056  SensrSvc - ok
17:46:45.0876 7056  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:46:45.0882 7056  SerCx - ok
17:46:45.0884 7056  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:46:45.0891 7056  Serenum - ok
17:46:45.0893 7056  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:46:45.0900 7056  Serial - ok
17:46:45.0902 7056  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:46:45.0909 7056  sermouse - ok
17:46:45.0915 7056  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:46:45.0926 7056  SessionEnv - ok
17:46:45.0930 7056  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:46:45.0937 7056  sfloppy - ok
17:46:45.0941 7056  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:46:45.0954 7056  SharedAccess - ok
17:46:45.0960 7056  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:46:45.0977 7056  ShellHWDetection - ok
17:46:45.0979 7056  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:46:45.0986 7056  SiSRaid2 - ok
17:46:45.0989 7056  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:46:45.0996 7056  SiSRaid4 - ok
17:46:46.0001 7056  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:46:46.0010 7056  SNMPTRAP - ok
17:46:46.0014 7056  [ 739A739DCC5D02FE30EDEADEBD7B9898 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:46:46.0023 7056  spaceport - ok
17:46:46.0026 7056  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:46:46.0032 7056  SpbCx - ok
17:46:46.0039 7056  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:46:46.0052 7056  Spooler - ok
17:46:46.0091 7056  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:46:46.0148 7056  sppsvc - ok
17:46:46.0154 7056  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:46:46.0164 7056  srv - ok
17:46:46.0170 7056  [ 9912FDF63EC78E1977083E20DEAE4889 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:46:46.0183 7056  srv2 - ok
17:46:46.0186 7056  [ FD8B4F201B681C555A4AF41922C52557 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:46:46.0195 7056  srvnet - ok
17:46:46.0198 7056  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\WINDOWS\System32\drivers\ssadbus.sys
17:46:46.0207 7056  ssadbus - ok
17:46:46.0209 7056  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
17:46:46.0216 7056  ssadmdfl - ok
17:46:46.0219 7056  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
17:46:46.0229 7056  ssadmdm - ok
17:46:46.0232 7056  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\WINDOWS\system32\DRIVERS\ssadserd.sys
17:46:46.0240 7056  ssadserd - ok
17:46:46.0244 7056  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:46:46.0257 7056  SSDPSRV - ok
17:46:46.0259 7056  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:46:46.0269 7056  SstpSvc - ok
17:46:46.0272 7056  [ B4C983DA20E2970E21893BF0E4EE2AD8 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:46:46.0280 7056  ssudmdm - ok
17:46:46.0282 7056  Steam Client Service - ok
17:46:46.0284 7056  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:46:46.0290 7056  stexstor - ok
17:46:46.0296 7056  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:46:46.0309 7056  stisvc - ok
17:46:46.0312 7056  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:46:46.0318 7056  storahci - ok
17:46:46.0320 7056  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:46:46.0326 7056  storflt - ok
17:46:46.0329 7056  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:46:46.0335 7056  StorSvc - ok
17:46:46.0337 7056  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:46:46.0344 7056  storvsc - ok
17:46:46.0349 7056  [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp         C:\WINDOWS\System32\drivers\storvsp.sys
17:46:46.0430 7056  storvsp - ok
17:46:46.0435 7056  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:46:46.0453 7056  svsvc - ok
17:46:46.0455 7056  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:46:46.0465 7056  swenum - ok
17:46:46.0471 7056  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\WINDOWS\System32\swprv.dll
17:46:46.0487 7056  swprv - ok
17:46:46.0499 7056  [ DC21E1F06343773D7E24362DCEF7944B ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:46:46.0522 7056  SysMain - ok
17:46:46.0525 7056  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:46:46.0534 7056  SystemEventsBroker - ok
17:46:46.0536 7056  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:46:46.0544 7056  TabletInputService - ok
17:46:46.0548 7056  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:46:46.0559 7056  TapiSrv - ok
17:46:46.0576 7056  [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:46:46.0616 7056  Tcpip - ok
17:46:46.0633 7056  [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:46:46.0666 7056  TCPIP6 - ok
17:46:46.0670 7056  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:46:46.0679 7056  tcpipreg - ok
17:46:46.0682 7056  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:46:46.0690 7056  tdx - ok
17:46:46.0693 7056  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:46:46.0699 7056  terminpt - ok
17:46:46.0706 7056  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\WINDOWS\System32\termsrv.dll
17:46:46.0719 7056  TermService - ok
17:46:46.0722 7056  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\WINDOWS\system32\themeservice.dll
17:46:46.0733 7056  Themes - ok
17:46:46.0736 7056  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:46:46.0742 7056  THREADORDER - ok
17:46:46.0746 7056  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:46:46.0754 7056  TimeBroker - ok
17:46:46.0757 7056  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:46:46.0765 7056  TPM - ok
17:46:46.0767 7056  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:46:46.0776 7056  TrkWks - ok
17:46:46.0781 7056  [ B66EE1D68197DFB9AA24F961E68ACDCC ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
17:46:46.0789 7056  trufos - ok
17:46:46.0792 7056  [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:46:46.0799 7056  TrustedInstaller - ok
17:46:46.0802 7056  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:46:46.0808 7056  TsUsbFlt - ok
17:46:46.0811 7056  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:46:46.0817 7056  TsUsbGD - ok
17:46:46.0820 7056  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:46:46.0829 7056  tunnel - ok
17:46:46.0831 7056  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:46:46.0839 7056  uagp35 - ok
17:46:46.0841 7056  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:46:46.0849 7056  UASPStor - ok
17:46:46.0852 7056  [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:46:46.0861 7056  UCX01000 - ok
17:46:46.0865 7056  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:46:46.0879 7056  udfs - ok
17:46:46.0883 7056  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:46:46.0892 7056  UI0Detect - ok
17:46:46.0894 7056  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:46:46.0901 7056  uliagpkx - ok
17:46:46.0903 7056  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:46:46.0911 7056  umbus - ok
17:46:46.0913 7056  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:46:46.0919 7056  UmPass - ok
17:46:46.0923 7056  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:46:46.0932 7056  UmRdpService - ok
17:46:46.0938 7056  [ 3B709E63B35A6949F4CFB05A6F6A180C ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
17:46:46.0944 7056  UPDATESRV - ok
17:46:46.0949 7056  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:46:46.0964 7056  upnphost - ok
17:46:46.0967 7056  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
17:46:46.0973 7056  USBAAPL64 - ok
17:46:46.0976 7056  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:46:46.0984 7056  usbccgp - ok
17:46:46.0987 7056  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:46:47.0002 7056  usbcir - ok
17:46:47.0005 7056  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:46:47.0011 7056  usbehci - ok
17:46:47.0016 7056  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:46:47.0030 7056  usbhub - ok
17:46:47.0035 7056  [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:46:47.0048 7056  USBHUB3 - ok
17:46:47.0050 7056  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:46:47.0057 7056  usbohci - ok
17:46:47.0059 7056  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:46:47.0066 7056  usbprint - ok
17:46:47.0069 7056  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:46:47.0076 7056  USBSTOR - ok
17:46:47.0079 7056  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:46:47.0086 7056  usbuhci - ok
17:46:47.0090 7056  [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:46:47.0101 7056  USBXHCI - ok
17:46:47.0103 7056  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:46:47.0110 7056  VaultSvc - ok
17:46:47.0112 7056  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:46:47.0118 7056  vdrvroot - ok
17:46:47.0124 7056  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds             C:\WINDOWS\System32\vds.exe
17:46:47.0138 7056  vds - ok
17:46:47.0141 7056  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:46:47.0148 7056  VerifierExt - ok
17:46:47.0153 7056  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:46:47.0167 7056  vhdmp - ok
17:46:47.0169 7056  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:46:47.0175 7056  viaide - ok
17:46:47.0179 7056  [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid             C:\WINDOWS\System32\drivers\Vid.sys
17:46:47.0187 7056  Vid - ok
17:46:47.0190 7056  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:46:47.0197 7056  vmbus - ok
17:46:47.0199 7056  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:46:47.0206 7056  VMBusHID - ok
17:46:47.0208 7056  [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
17:46:47.0216 7056  vmbusr - ok
17:46:47.0221 7056  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:46:47.0230 7056  vmicheartbeat - ok
17:46:47.0233 7056  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:46:47.0241 7056  vmickvpexchange - ok
17:46:47.0245 7056  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:46:47.0253 7056  vmicrdv - ok
17:46:47.0257 7056  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:46:47.0265 7056  vmicshutdown - ok
17:46:47.0268 7056  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:46:47.0277 7056  vmictimesync - ok
17:46:47.0280 7056  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:46:47.0288 7056  vmicvss - ok
17:46:47.0290 7056  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:46:47.0297 7056  volmgr - ok
17:46:47.0302 7056  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:46:47.0313 7056  volmgrx - ok
17:46:47.0318 7056  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:46:47.0328 7056  volsnap - ok
17:46:47.0331 7056  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:46:47.0338 7056  vpci - ok
17:46:47.0340 7056  [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp         C:\WINDOWS\System32\drivers\vpcivsp.sys
17:46:47.0347 7056  vpcivsp - ok
17:46:47.0350 7056  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:46:47.0358 7056  vsmraid - ok
17:46:47.0370 7056  [ EA658570314042C914964FC72AB50E6B ] VSS             C:\WINDOWS\system32\vssvc.exe
17:46:47.0395 7056  VSS - ok
17:46:47.0406 7056  [ F4087B2AA00D96A852B084294B2C547A ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
17:46:47.0427 7056  VSSERV - ok
17:46:47.0432 7056  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:46:47.0443 7056  VSTXRAID - ok
17:46:47.0445 7056  vToolbarUpdater12.2.0 - ok
17:46:47.0449 7056  [ 316A1762BD41C3DB06EB484527838E2D ] VUSB3HUB        C:\WINDOWS\system32\drivers\ViaHub3.sys
17:46:47.0457 7056  VUSB3HUB - ok
17:46:47.0460 7056  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:46:47.0466 7056  vwifibus - ok
17:46:47.0470 7056  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\WINDOWS\system32\w32time.dll
17:46:47.0483 7056  W32Time - ok
17:46:47.0489 7056  [ 901CC968412F8155B08D7ABE0171166A ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:46:47.0500 7056  W3SVC - ok
17:46:47.0502 7056  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:46:47.0509 7056  WacomPen - ok
17:46:47.0512 7056  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:46:47.0518 7056  Wanarp - ok
17:46:47.0520 7056  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:46:47.0527 7056  Wanarpv6 - ok
17:46:47.0531 7056  [ 901CC968412F8155B08D7ABE0171166A ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:46:47.0540 7056  WAS - ok
17:46:47.0554 7056  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:46:47.0576 7056  wbengine - ok
17:46:47.0581 7056  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:46:47.0591 7056  WbioSrvc - ok
17:46:47.0595 7056  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:46:47.0605 7056  Wcmsvc - ok
17:46:47.0610 7056  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:46:47.0621 7056  wcncsvc - ok
17:46:47.0624 7056  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:46:47.0631 7056  WcsPlugInService - ok
17:46:47.0633 7056  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\WINDOWS\system32\drivers\wd.sys
17:46:47.0639 7056  Wd - ok
17:46:47.0642 7056  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:46:47.0648 7056  WdBoot - ok
17:46:47.0655 7056  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:46:47.0671 7056  Wdf01000 - ok
17:46:47.0675 7056  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:46:47.0683 7056  WdFilter - ok
17:46:47.0686 7056  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:46:47.0699 7056  WdiServiceHost - ok
17:46:47.0701 7056  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:46:47.0712 7056  WdiSystemHost - ok
17:46:47.0716 7056  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:46:47.0727 7056  WebClient - ok
17:46:47.0730 7056  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:46:47.0741 7056  Wecsvc - ok
17:46:47.0743 7056  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:46:47.0758 7056  wercplsupport - ok
17:46:47.0760 7056  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:46:47.0770 7056  WerSvc - ok
17:46:47.0773 7056  [ EA8753F5A7DFC98FC9FBE286D7C2443A ] wfcs            C:\Program Files\Windows Firewall Control\wfcs.exe
17:46:47.0781 7056  wfcs - ok
17:46:47.0784 7056  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:46:47.0791 7056  WFPLWFS - ok
17:46:47.0793 7056  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:46:47.0801 7056  WiaRpc - ok
17:46:47.0803 7056  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:46:47.0809 7056  WIMMount - ok
17:46:47.0811 7056  WinDefend - ok
17:46:47.0820 7056  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:46:47.0834 7056  WinHttpAutoProxySvc - ok
17:46:47.0840 7056  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:46:47.0849 7056  Winmgmt - ok
17:46:47.0854 7056  [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0  C:\Users\aquaviva\Downloads\RealTemp_370\WinRing0x64.sys
17:46:47.0860 7056  WinRing0_1_2_0 - ok
17:46:47.0881 7056  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:46:47.0917 7056  WinRM - ok
17:46:47.0922 7056  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
17:46:47.0936 7056  WinUsb - ok
17:46:47.0948 7056  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:46:47.0969 7056  WlanSvc - ok
17:46:47.0982 7056  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:46:48.0007 7056  wlidsvc - ok
17:46:48.0009 7056  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:46:48.0016 7056  WmiAcpi - ok
17:46:48.0020 7056  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:46:48.0030 7056  wmiApSrv - ok
17:46:48.0031 7056  WMPNetworkSvc - ok
17:46:48.0035 7056  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:46:48.0042 7056  wpcfltr - ok
17:46:48.0044 7056  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:46:48.0051 7056  WPCSvc - ok
17:46:48.0054 7056  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:46:48.0062 7056  WPDBusEnum - ok
17:46:48.0064 7056  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:46:48.0070 7056  WpdUpFltr - ok
17:46:48.0072 7056  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:46:48.0079 7056  ws2ifsl - ok
17:46:48.0081 7056  [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:46:48.0089 7056  wscsvc - ok
17:46:48.0091 7056  WSearch - ok
17:46:48.0110 7056  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\WINDOWS\System32\WSService.dll
17:46:48.0156 7056  WSService - ok
17:46:48.0179 7056  [ 79F95469604B77296346DE7DB463EA2A ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:46:48.0217 7056  wuauserv - ok
17:46:48.0220 7056  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:46:48.0228 7056  WudfPf - ok
17:46:48.0231 7056  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:46:48.0240 7056  WUDFRd - ok
17:46:48.0243 7056  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:46:48.0251 7056  WUDFSensorLP - ok
17:46:48.0253 7056  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:46:48.0261 7056  wudfsvc - ok
17:46:48.0264 7056  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:46:48.0271 7056  WUDFWpdFs - ok
17:46:48.0274 7056  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:46:48.0281 7056  WUDFWpdMtp - ok
17:46:48.0286 7056  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:46:48.0297 7056  WwanSvc - ok
17:46:48.0301 7056  [ FFDB0ED9D1D453F7F19DE55FE0706195 ] xhcdrv          C:\WINDOWS\system32\drivers\xhcdrv.sys
17:46:48.0310 7056  xhcdrv - ok
17:46:48.0315 7056  ================ Scan global ===============================
17:46:48.0318 7056  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
17:46:48.0321 7056  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll
17:46:48.0326 7056  [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
17:46:48.0330 7056  [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe
17:46:48.0334 7056  [Global] - ok
17:46:48.0334 7056  ================ Scan MBR ==================================
17:46:48.0335 7056  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:46:48.0437 7056  \Device\Harddisk0\DR0 - ok
17:46:48.0437 7056  ================ Scan VBR ==================================
17:46:48.0438 7056  [ 2104F5FD0D1CF3E7B499C1A09015F1F2 ] \Device\Harddisk0\DR0\Partition1
17:46:48.0439 7056  \Device\Harddisk0\DR0\Partition1 - ok
17:46:48.0440 7056  [ 552DFAF900E91AA73FFEF89E4B9EF27E ] \Device\Harddisk0\DR0\Partition2
17:46:48.0441 7056  \Device\Harddisk0\DR0\Partition2 - ok
17:46:48.0441 7056  ============================================================
17:46:48.0441 7056  Scan finished
17:46:48.0441 7056  ============================================================
17:46:48.0446 6768  Detected object count: 1
17:46:48.0446 6768  Actual detected object count: 1
17:46:52.0780 6768  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:52.0780 6768  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 


#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:01 PM

Posted 05 May 2013 - 10:57 AM

The TDSSKiller log is clean.

I'm missing the aswMBR log. See my previous post.

I would also like you to run this tool.


--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+



#8 aquaviva

aquaviva
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 05 May 2013 - 10:59 AM

downloading the virus dB from avast... takeing some time :-)



#9 aquaviva

aquaviva
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 05 May 2013 - 11:14 AM

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : aquaviva [Admin rights]
Mode : Remove -- Date : 05/05/2013 18:16:55
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 1 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Run : Nvtmru ("C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"  -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat") [-] -> DELETED
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED] ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: ATA OCZ-AGILITY3 SCSI Disk Device +++++
--- User ---
[MBR] e4c19e7ec4543c4d2a072b5f2dad6bd3
[BSP] 7ad17501645d88ea873eee4234a906fb : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1024 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2099200 | Size: 217670 Mo
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 447887360 | Size: 10240 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
 
Finished : << RKreport[2]_D_05052013_02d1816.txt >>
RKreport[1]_S_05052013_02d1813.txt ; RKreport[2]_D_05052013_02d1816.txt

Edited by aquaviva, 05 May 2013 - 11:18 AM.


#10 aquaviva

aquaviva
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 05 May 2013 - 11:25 AM

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-05-05 18:23:04
-----------------------------
18:23:04.350 OS Version: Windows x64 6.2.9200
18:23:04.350 Number of processors: 8 586 0x2D07
18:23:04.351 ComputerName: AQUAVIVA-PC UserName: aquaviva
18:23:04.849 Initialze error C000010E - driver not loaded
18:23:07.012 write error "aswCmnB.dll". The process cannot access the file
because it is being used by another process.
18:23:07.075 AVAST engine defs: 13050500
18:23:33.982 The log file has been saved successfully to
"C:\Users\aquaviva\Downloads\aswMBR.txt"
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-05-05 18:22:26
-----------------------------
18:22:26.455 OS Version: Windows x64 6.2.9200
18:22:26.455 Number of processors: 8 586 0x2D07
18:22:26.455 ComputerName: AQUAVIVA-PC UserName: aquaviva
18:22:26.958 Initialize success
18:22:32.645 The log file has been saved successfully to
"C:\Users\aquaviva\Downloads\Result.txt"
18:22:35.068 AVAST engine defs: 13050500
18:24:09.172 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000037
18:24:09.174 Disk 0 Vendor: ATA_____ 2.15 Size: 228936MB BusType: 11
18:24:09.182 Disk 0 MBR read successfully
18:24:09.183 Disk 0 MBR scan
18:24:09.229 Disk 0 Windows 7 default MBR code
18:24:09.231 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1024 MB
offset 2048
18:24:09.236 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 217670 MB
offset 2099200
18:24:09.239 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 10240
MB offset 447887360
18:24:09.249 Disk 0 scanning C:\WINDOWS\system32\drivers
18:24:11.861 Service scanning
18:24:12.388 Service BdfNdisf C:\Program Files\Common
Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys **LOCKED** 5
18:24:12.403 Service bdfwfpf C:\Program Files\Common
Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys **LOCKED** 5
18:24:14.588 Disk 0 MBR has been saved successfully to
"C:\Users\aquaviva\Downloads\MBR.dat"
18:24:14.637 The log file has been saved successfully to
"C:\Users\aquaviva\Downloads\aswMBR.txt"
Page 1

Attached Files


Edited by nasdaq, 05 May 2013 - 12:52 PM.
MBR log posted.


#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:01 PM

Posted 05 May 2013 - 12:55 PM

Your security programs may be preventing the running of AswMBR.

Your logs look clean.

Are you having any difficulties with this computer?

#12 aquaviva

aquaviva
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 05 May 2013 - 01:00 PM

Not anymore.... think i got it clean but wanted to make sure :-)



#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:01 PM

Posted 05 May 2013 - 01:20 PM

If all is well in 3 or 4 days:

Time for some housekeeping
  • The following will implement some cleanup procedures as well as reset System Restore points:
  • Click Start > Run and copy/paste the following bold text into the Run box and click OK:
  • ComboFix /Uninstall
===

To remove AdwCleaner.

Please double click on AdwCleaner.exe to run the tool.
Click on Uninstall.
Confirm with Yes.

If you decide to keep the AdwCleaner tool make sure to delete your version and download the latest before running it.

Delete the other tools we used.
You can Keep the DDS tool as most forum will ask to see a log before suggesting a fix.

Surf Safely, and Think Prevention!
===

#14 nasdaq

nasdaq

  • Malware Response Team
  • 39,202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:01 PM

Posted 11 May 2013 - 07:19 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users