Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Audio Malware?


  • Please log in to reply
57 replies to this topic

#1 dnm.24

dnm.24

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 15 June 2013 - 11:35 AM

hi I think i have some sort of audio malware on my system playing sounds through internet explorer, normatl AV software hasnt removed it, what should i do?



BC AdBot (Login to Remove)

 


#2 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:01:07 AM

Posted 15 June 2013 - 03:36 PM

Hi and :welcome:  to BC.

 

Please Download Tdsskiller

    Run TDSSKiller.exe
    Click on Change Parameters
    Put a check in the box of Detect TDLFS file system
    Start scan
    When it is finished the utility outputs a list of detected objects with descriptions:
    The utility automatically selects an action (Cure or Delete) for malicious objects and asks you what to do with suspicious objects (Skip, by default)
    Just stick with the default options and click Continue
    If it wants to reboot please allow it to do so and let me know
    Click on Report and post the contents of the text file that will open

    By default, the utility outputs the log into system disk (it is usually the disk where the operating system is installed, C:\) root folder. The Log will have a name like: TDSSKiller.Version_Date_Time_log.txt.
 



#3 dnm.24

dnm.24
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 15 June 2013 - 05:11 PM

23:05:47.0145 3480  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:05:47.0145 3480  UEFI system
23:05:47.0363 3480  ============================================================
23:05:47.0363 3480  Current date / time: 2013/06/15 23:05:47.0363
23:05:47.0363 3480  SystemInfo:
23:05:47.0364 3480  
23:05:47.0364 3480  OS Version: 6.1.7601 ServicePack: 1.0
23:05:47.0364 3480  Product type: Workstation
23:05:47.0364 3480  ComputerName: DAN-PC
23:05:47.0364 3480  UserName: Dan
23:05:47.0364 3480  Windows directory: C:\Windows
23:05:47.0364 3480  System windows directory: C:\Windows
23:05:47.0364 3480  Running under WOW64
23:05:47.0364 3480  Processor architecture: Intel x64
23:05:47.0364 3480  Number of processors: 8
23:05:47.0364 3480  Page size: 0x1000
23:05:47.0364 3480  Boot type: Normal boot
23:05:47.0364 3480  ============================================================
23:05:53.0052 3480  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:05:53.0152 3480  ============================================================
23:05:53.0152 3480  \Device\Harddisk0\DR0:
23:05:53.0163 3480  GPT partitions:
23:05:53.0197 3480  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {2ACE0445-F431-4B2E-A9A7-AC6707BFAFB8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
23:05:53.0197 3480  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FD5CB980-E9DB-4EB1-8EE1-5433EECD57BC}, Name: Basic data partition, StartLBA 0x98000, BlocksNum 0x14000
23:05:53.0197 3480  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D3CCFE08-4DA7-4865-9C16-47BD45C2805E}, Name: Microsoft reserved partition, StartLBA 0xAC000, BlocksNum 0x40000
23:05:53.0197 3480  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6B3EF87D-AFF5-4D87-9841-A9F59B52C6B2}, Name: Basic data partition, StartLBA 0xEC000, BlocksNum 0x178000
23:05:53.0197 3480  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {273A2977-74B9-4B6B-B7B6-9E4D79C71B9F}, Name: Basic data partition, StartLBA 0x264000, BlocksNum 0x744A2000
23:05:53.0197 3480  MBR partitions:
23:05:53.0197 3480  ============================================================
23:05:53.0347 3480  C: <-> \Device\Harddisk0\DR0\Partition5
23:05:53.0390 3480  D: <-> \Device\Harddisk0\DR0\Partition4
23:05:53.0390 3480  ============================================================
23:05:53.0390 3480  Initialize success
23:05:53.0390 3480  ============================================================
23:06:07.0186 3188  ============================================================
23:06:07.0186 3188  Scan started
23:06:07.0186 3188  Mode: Manual; TDLFS; 
23:06:07.0186 3188  ============================================================
23:06:15.0744 3188  ================ Scan system memory ========================
23:06:15.0744 3188  System memory - ok
23:06:15.0744 3188  ================ Scan services =============================
23:06:18.0073 3188  [ E656FE10D6D27794AFA08136685A69E8 ] 08232002        C:\Windows\system32\DRIVERS\08232002.sys
23:06:18.0098 3188  08232002 - ok
23:06:18.0168 3188  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:06:18.0171 3188  1394ohci - ok
23:06:18.0243 3188  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:06:18.0246 3188  ACPI - ok
23:06:18.0310 3188  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:06:18.0311 3188  AcpiPmi - ok
23:06:18.0716 3188  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:06:18.0716 3188  AdobeARMservice - ok
23:06:20.0107 3188  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:06:20.0110 3188  AdobeFlashPlayerUpdateSvc - ok
23:06:20.0261 3188  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
23:06:20.0308 3188  adp94xx - ok
23:06:20.0768 3188  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
23:06:21.0210 3188  adpahci - ok
23:06:21.0640 3188  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
23:06:21.0653 3188  adpu320 - ok
23:06:21.0761 3188  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:06:21.0767 3188  AeLookupSvc - ok
23:06:21.0910 3188  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
23:06:21.0911 3188  AERTFilters - ok
23:06:22.0298 3188  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:06:22.0303 3188  AFD - ok
23:06:22.0388 3188  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:06:22.0391 3188  agp440 - ok
23:06:22.0424 3188  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:06:22.0433 3188  ALG - ok
23:06:22.0805 3188  [ 36CAEAD8A7FFB90D05EC97985315388F ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe
23:06:22.0805 3188  AlienFusionService - ok
23:06:22.0831 3188  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:06:22.0832 3188  aliide - ok
23:06:22.0870 3188  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:06:22.0878 3188  amdide - ok
23:06:22.0953 3188  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
23:06:22.0960 3188  AmdK8 - ok
23:06:22.0989 3188  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
23:06:22.0993 3188  AmdPPM - ok
23:06:23.0049 3188  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:06:23.0051 3188  amdsata - ok
23:06:23.0103 3188  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:06:23.0106 3188  amdsbs - ok
23:06:23.0144 3188  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:06:23.0149 3188  amdxata - ok
23:06:23.0262 3188  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:06:23.0265 3188  AppID - ok
23:06:23.0334 3188  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:06:23.0336 3188  AppIDSvc - ok
23:06:23.0344 3188  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:06:23.0347 3188  Appinfo - ok
23:06:23.0627 3188  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:06:23.0628 3188  Apple Mobile Device - ok
23:06:23.0689 3188  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
23:06:23.0690 3188  arc - ok
23:06:23.0721 3188  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:06:23.0723 3188  arcsas - ok
23:06:24.0543 3188  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:06:24.0586 3188  aspnet_state - ok
23:06:24.0633 3188  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:06:24.0635 3188  AsyncMac - ok
23:06:24.0685 3188  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:06:24.0685 3188  atapi - ok
23:06:25.0246 3188  [ 5493ED5D300AFC7A9A0A87FCA08E5381 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
23:06:25.0297 3188  athr - ok
23:06:25.0652 3188  [ EA0AF9B866DF07E8FE6C2342585788B0 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
23:06:25.0711 3188  athur - ok
23:06:25.0944 3188  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:06:25.0982 3188  AudioEndpointBuilder - ok
23:06:26.0036 3188  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:06:26.0038 3188  AudioSrv - ok
23:06:27.0166 3188  [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
23:06:27.0201 3188  Autodesk Content Service - ok
23:06:27.0307 3188  [ 3B5657B6C11CDA87F664DD6F7DD0702D ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
23:06:27.0307 3188  avgtp - ok
23:06:27.0394 3188  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:06:27.0398 3188  AxInstSV - ok
23:06:27.0477 3188  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:06:27.0534 3188  b06bdrv - ok
23:06:27.0664 3188  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:06:27.0696 3188  b57nd60a - ok
23:06:27.0755 3188  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:06:27.0762 3188  BDESVC - ok
23:06:27.0802 3188  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:06:27.0810 3188  Beep - ok
23:06:27.0982 3188  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:06:28.0048 3188  BFE - ok
23:06:28.0978 3188  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
23:06:29.0065 3188  BITS - ok
23:06:29.0390 3188  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:06:29.0392 3188  blbdrive - ok
23:06:29.0898 3188  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:06:29.0921 3188  Bonjour Service - ok
23:06:30.0026 3188  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:06:30.0028 3188  bowser - ok
23:06:30.0073 3188  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
23:06:30.0074 3188  BrFiltLo - ok
23:06:30.0099 3188  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
23:06:30.0100 3188  BrFiltUp - ok
23:06:30.0145 3188  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:06:30.0152 3188  BridgeMP - ok
23:06:30.0181 3188  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
23:06:30.0184 3188  Browser - ok
23:06:30.0532 3188  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:06:30.0538 3188  Brserid - ok
23:06:30.0597 3188  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:06:30.0603 3188  BrSerWdm - ok
23:06:30.0654 3188  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:06:30.0656 3188  BrUsbMdm - ok
23:06:30.0694 3188  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:06:30.0698 3188  BrUsbSer - ok
23:06:30.0780 3188  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
23:06:30.0781 3188  BTHMODEM - ok
23:06:30.0877 3188  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:06:30.0879 3188  bthserv - ok
23:06:30.0940 3188  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:06:30.0947 3188  cdfs - ok
23:06:30.0978 3188  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:06:30.0981 3188  cdrom - ok
23:06:31.0012 3188  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:06:31.0013 3188  CertPropSvc - ok
23:06:31.0048 3188  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
23:06:31.0056 3188  circlass - ok
23:06:31.0096 3188  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:06:31.0104 3188  CLFS - ok
23:06:31.0196 3188  [ BB86F147B2A7152E4B4D71A2F0A87D41 ] CLKMSVC10_9EC60124 c:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
23:06:31.0200 3188  CLKMSVC10_9EC60124 - ok
23:06:31.0291 3188  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:06:31.0377 3188  clr_optimization_v2.0.50727_32 - ok
23:06:31.0570 3188  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:06:31.0576 3188  clr_optimization_v2.0.50727_64 - ok
23:06:31.0969 3188  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:06:31.0977 3188  clr_optimization_v4.0.30319_32 - ok
23:06:32.0047 3188  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:06:32.0552 3188  clr_optimization_v4.0.30319_64 - ok
23:06:32.0606 3188  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
23:06:32.0608 3188  CmBatt - ok
23:06:32.0647 3188  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:06:32.0650 3188  cmdide - ok
23:06:32.0887 3188  [ C4943B6C962E4B82197542447AD599F4 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:06:32.0904 3188  CNG - ok
23:06:32.0916 3188  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
23:06:32.0919 3188  Compbatt - ok
23:06:32.0939 3188  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:06:32.0945 3188  CompositeBus - ok
23:06:32.0956 3188  COMSysApp - ok
23:06:32.0977 3188  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
23:06:32.0978 3188  crcdisk - ok
23:06:33.0092 3188  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:06:33.0095 3188  CryptSvc - ok
23:06:33.0250 3188  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:06:33.0254 3188  DcomLaunch - ok
23:06:33.0320 3188  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:06:33.0360 3188  defragsvc - ok
23:06:33.0396 3188  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:06:33.0402 3188  DfsC - ok
23:06:33.0495 3188  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:06:33.0503 3188  Dhcp - ok
23:06:33.0531 3188  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:06:33.0532 3188  discache - ok
23:06:33.0625 3188  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
23:06:33.0629 3188  Disk - ok
23:06:33.0732 3188  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:06:33.0734 3188  Dnscache - ok
23:06:33.0772 3188  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:06:33.0774 3188  dot3svc - ok
23:06:33.0792 3188  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:06:33.0795 3188  DPS - ok
23:06:33.0844 3188  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:06:33.0859 3188  drmkaud - ok
23:06:33.0984 3188  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:06:33.0988 3188  DXGKrnl - ok
23:06:34.0008 3188  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:06:34.0009 3188  EapHost - ok
23:06:35.0187 3188  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:06:35.0300 3188  ebdrv - ok
23:06:35.0357 3188  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:06:35.0357 3188  EFS - ok
23:06:35.0740 3188  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:06:35.0807 3188  ehRecvr - ok
23:06:35.0909 3188  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:06:35.0915 3188  ehSched - ok
23:06:36.0148 3188  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
23:06:36.0210 3188  elxstor - ok
23:06:36.0317 3188  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:06:36.0326 3188  ErrDev - ok
23:06:36.0584 3188  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:06:36.0683 3188  EventSystem - ok
23:06:36.0758 3188  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:06:36.0761 3188  exfat - ok
23:06:36.0810 3188  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:06:36.0812 3188  fastfat - ok
23:06:36.0905 3188  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:06:36.0913 3188  Fax - ok
23:06:36.0989 3188  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
23:06:36.0997 3188  fdc - ok
23:06:37.0049 3188  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:06:37.0050 3188  fdPHost - ok
23:06:37.0094 3188  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:06:37.0095 3188  FDResPub - ok
23:06:37.0173 3188  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:06:37.0179 3188  FileInfo - ok
23:06:37.0213 3188  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:06:37.0219 3188  Filetrace - ok
23:06:37.0459 3188  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:06:37.0476 3188  FLEXnet Licensing Service - ok
23:06:37.0664 3188  [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
23:06:37.0697 3188  FLEXnet Licensing Service 64 - ok
23:06:37.0766 3188  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
23:06:37.0768 3188  flpydisk - ok
23:06:37.0903 3188  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:06:37.0935 3188  FltMgr - ok
23:06:38.0048 3188  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
23:06:38.0098 3188  FontCache - ok
23:06:38.0924 3188  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:06:38.0928 3188  FontCache3.0.0.0 - ok
23:06:39.0138 3188  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:06:39.0145 3188  FsDepends - ok
23:06:39.0206 3188  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:06:39.0207 3188  Fs_Rec - ok
23:06:39.0339 3188  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:06:39.0342 3188  fvevol - ok
23:06:39.0402 3188  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:06:39.0405 3188  gagp30kx - ok
23:06:39.0519 3188  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:06:39.0520 3188  GEARAspiWDM - ok
23:06:39.0613 3188  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:06:39.0655 3188  gpsvc - ok
23:06:39.0689 3188  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:06:39.0691 3188  hcw85cir - ok
23:06:39.0789 3188  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:06:39.0794 3188  HDAudBus - ok
23:06:39.0836 3188  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
23:06:39.0844 3188  HidBatt - ok
23:06:39.0866 3188  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
23:06:39.0868 3188  HidBth - ok
23:06:39.0881 3188  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
23:06:39.0883 3188  HidIr - ok
23:06:39.0898 3188  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
23:06:39.0900 3188  hidserv - ok
23:06:39.0929 3188  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:06:39.0930 3188  HidUsb - ok
23:06:39.0944 3188  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:06:39.0946 3188  hkmsvc - ok
23:06:39.0961 3188  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:06:39.0965 3188  HomeGroupListener - ok
23:06:39.0994 3188  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:06:39.0997 3188  HomeGroupProvider - ok
23:06:40.0044 3188  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:06:40.0045 3188  HpSAMD - ok
23:06:40.0102 3188  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
23:06:40.0104 3188  HTCAND64 - ok
23:06:40.0132 3188  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:06:40.0137 3188  HTTP - ok
23:06:40.0149 3188  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:06:40.0149 3188  hwpolicy - ok
23:06:40.0395 3188  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:06:40.0399 3188  i8042prt - ok
23:06:40.0936 3188  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:06:40.0947 3188  iaStorV - ok
23:06:41.0247 3188  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:06:41.0250 3188  IDriverT - ok
23:06:41.0282 3188  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:06:41.0292 3188  idsvc - ok
23:06:43.0600 3188  [ 10BB0DC3361C9420CC1B0B2128BB89DB ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:06:43.0864 3188  igfx - ok
23:06:44.0934 3188  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
23:06:44.0999 3188  iirsp - ok
23:06:45.0246 3188  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:06:45.0279 3188  IKEEXT - ok
23:06:45.0440 3188  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
23:06:45.0443 3188  Impcd - ok
23:06:48.0748 3188  [ F34322B229C05B88E768508431E0894E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:06:48.0759 3188  IntcAzAudAddService - ok
23:06:48.0849 3188  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
23:06:48.0866 3188  IntcDAud - ok
23:06:49.0061 3188  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:06:49.0069 3188  intelide - ok
23:06:49.0096 3188  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:06:49.0096 3188  intelppm - ok
23:06:49.0163 3188  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:06:49.0167 3188  IPBusEnum - ok
23:06:49.0192 3188  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:06:49.0196 3188  IpFilterDriver - ok
23:06:49.0232 3188  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:06:49.0234 3188  IPMIDRV - ok
23:06:49.0311 3188  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:06:49.0316 3188  IPNAT - ok
23:06:49.0507 3188  [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:06:49.0524 3188  iPod Service - ok
23:06:49.0560 3188  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:06:49.0567 3188  IRENUM - ok
23:06:49.0591 3188  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:06:49.0594 3188  isapnp - ok
23:06:49.0622 3188  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:06:49.0625 3188  iScsiPrt - ok
23:06:49.0681 3188  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:06:49.0681 3188  kbdclass - ok
23:06:49.0792 3188  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:06:49.0792 3188  kbdhid - ok
23:06:49.0833 3188  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:06:49.0834 3188  KeyIso - ok
23:06:50.0261 3188  [ DA1E991A61CFDD755A589E206B97644B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:06:50.0266 3188  KSecDD - ok
23:06:50.0563 3188  [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:06:50.0567 3188  KSecPkg - ok
23:06:50.0634 3188  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:06:50.0637 3188  ksthunk - ok
23:06:50.0735 3188  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:06:50.0744 3188  KtmRm - ok
23:06:50.0857 3188  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:06:50.0865 3188  LanmanServer - ok
23:06:50.0884 3188  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:06:50.0889 3188  LanmanWorkstation - ok
23:06:50.0943 3188  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:06:50.0945 3188  lltdio - ok
23:06:50.0964 3188  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:06:50.0967 3188  lltdsvc - ok
23:06:51.0003 3188  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:06:51.0011 3188  lmhosts - ok
23:06:51.0065 3188  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
23:06:51.0067 3188  LSI_FC - ok
23:06:51.0079 3188  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:06:51.0081 3188  LSI_SAS - ok
23:06:51.0110 3188  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:06:51.0111 3188  LSI_SAS2 - ok
23:06:51.0144 3188  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
23:06:51.0146 3188  LSI_SCSI - ok
23:06:51.0168 3188  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:06:51.0170 3188  luafv - ok
23:06:51.0190 3188  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:06:51.0192 3188  Mcx2Svc - ok
23:06:51.0222 3188  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
23:06:51.0226 3188  megasas - ok
23:06:51.0278 3188  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
23:06:51.0362 3188  MegaSR - ok
23:06:51.0383 3188  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:06:51.0383 3188  MEIx64 - ok
23:06:51.0393 3188  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:06:51.0396 3188  MMCSS - ok
23:06:51.0431 3188  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:06:51.0434 3188  Modem - ok
23:06:51.0448 3188  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:06:51.0448 3188  monitor - ok
23:06:51.0458 3188  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:06:51.0458 3188  mouclass - ok
23:06:51.0471 3188  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:06:51.0479 3188  mouhid - ok
23:06:51.0490 3188  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:06:51.0491 3188  mountmgr - ok
23:06:51.0526 3188  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:06:51.0531 3188  mpio - ok
23:06:51.0578 3188  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:06:51.0582 3188  mpsdrv - ok
23:06:51.0646 3188  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:06:51.0655 3188  MRxDAV - ok
23:06:51.0713 3188  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:06:51.0715 3188  mrxsmb - ok
23:06:51.0757 3188  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:06:51.0759 3188  mrxsmb10 - ok
23:06:51.0762 3188  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:06:51.0763 3188  mrxsmb20 - ok
23:06:51.0797 3188  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:06:51.0798 3188  msahci - ok
23:06:51.0926 3188  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:06:51.0928 3188  msdsm - ok
23:06:52.0006 3188  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:06:52.0014 3188  MSDTC - ok
23:06:52.0054 3188  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:06:52.0060 3188  Msfs - ok
23:06:52.0096 3188  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:06:52.0110 3188  mshidkmdf - ok
23:06:52.0791 3188  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:06:53.0160 3188  msisadrv - ok
23:06:53.0357 3188  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:06:53.0360 3188  MSiSCSI - ok
23:06:53.0362 3188  msiserver - ok
23:06:53.0501 3188  [ 583E83D46CCEDB47476AC0DB6114136A ] MSI_ODD_Service c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
23:06:53.0502 3188  MSI_ODD_Service - ok
23:06:53.0537 3188  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:06:53.0544 3188  MSKSSRV - ok
23:06:53.0580 3188  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:06:53.0587 3188  MSPCLOCK - ok
23:06:53.0613 3188  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:06:53.0615 3188  MSPQM - ok
23:06:53.0644 3188  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:06:53.0647 3188  MsRPC - ok
23:06:53.0669 3188  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:06:53.0669 3188  mssmbios - ok
23:06:53.0692 3188  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:06:53.0699 3188  MSTEE - ok
23:06:53.0743 3188  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
23:06:53.0749 3188  MTConfig - ok
23:06:53.0795 3188  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:06:53.0799 3188  Mup - ok
23:06:53.0876 3188  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:06:53.0901 3188  napagent - ok
23:06:54.0017 3188  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:06:54.0025 3188  NativeWifiP - ok
23:06:54.0252 3188  [ C38B8AE57F78915905064A9A24DC1586 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:06:54.0286 3188  NDIS - ok
23:06:54.0313 3188  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:06:54.0315 3188  NdisCap - ok
23:06:54.0346 3188  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:06:54.0350 3188  NdisTapi - ok
23:06:54.0389 3188  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:06:54.0393 3188  Ndisuio - ok
23:06:54.0419 3188  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:06:54.0422 3188  NdisWan - ok
23:06:54.0424 3188  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:06:54.0425 3188  NDProxy - ok
23:06:54.0489 3188  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:06:54.0490 3188  NetBIOS - ok
23:06:54.0548 3188  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:06:54.0573 3188  NetBT - ok
23:06:54.0611 3188  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:06:54.0611 3188  Netlogon - ok
23:06:54.0714 3188  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:06:54.0722 3188  Netman - ok
23:06:54.0780 3188  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:06:54.0862 3188  NetMsmqActivator - ok
23:06:54.0864 3188  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:06:54.0865 3188  NetPipeActivator - ok
23:06:54.0897 3188  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:06:54.0974 3188  netprofm - ok
23:06:55.0446 3188  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:06:55.0446 3188  NetTcpActivator - ok
23:06:55.0448 3188  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:06:55.0449 3188  NetTcpPortSharing - ok
23:06:55.0555 3188  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
23:06:55.0645 3188  nfrd960 - ok
23:06:56.0034 3188  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:06:56.0067 3188  NlaSvc - ok
23:06:56.0107 3188  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:06:56.0114 3188  Npfs - ok
23:06:56.0159 3188  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:06:56.0251 3188  nsi - ok
23:06:56.0287 3188  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:06:56.0288 3188  nsiproxy - ok
23:06:56.0703 3188  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:06:56.0762 3188  Ntfs - ok
23:06:56.0800 3188  [ 3F39F013168428C8E505A7B9E6CBA8A2 ] NTIOLib_X64     C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys
23:06:56.0800 3188  NTIOLib_X64 - ok
23:06:56.0807 3188  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:06:56.0814 3188  Null - ok
23:06:56.0926 3188  [ 10204955027011E08A9DC27737A48A54 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
23:06:56.0926 3188  NVHDA - ok
23:06:58.0603 3188  [ D877FD69E520DE8CF2BA831BF76506E9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:06:58.0648 3188  nvlddmkm - ok
23:06:58.0683 3188  [ ECAF81AC8637F9BCBFCB6658A31E1109 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
23:06:58.0691 3188  nvpciflt - ok
23:06:58.0852 3188  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:06:58.0855 3188  nvraid - ok
23:06:58.0936 3188  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:06:58.0944 3188  nvstor - ok
23:06:59.0072 3188  [ 67A5E83B66654888C5B4A7CABBD96AA9 ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
23:06:59.0079 3188  NvStUSB - ok
23:06:59.0361 3188  [ 8D1D42215100566824D2693D7FF4866D ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:06:59.0409 3188  nvsvc - ok
23:06:59.0653 3188  [ 496BD042F418E2B98A1947F5800E32F0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
23:06:59.0694 3188  nvUpdatusService - ok
23:06:59.0716 3188  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:06:59.0723 3188  nv_agp - ok
23:06:59.0745 3188  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:06:59.0751 3188  ohci1394 - ok
23:06:59.0895 3188  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:06:59.0903 3188  p2pimsvc - ok
23:06:59.0999 3188  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:07:00.0065 3188  p2psvc - ok
23:07:00.0102 3188  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
23:07:00.0104 3188  Parport - ok
23:07:00.0159 3188  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:07:00.0168 3188  partmgr - ok
23:07:00.0323 3188  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:07:00.0326 3188  PcaSvc - ok
23:07:00.0391 3188  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:07:00.0393 3188  pci - ok
23:07:00.0436 3188  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:07:00.0437 3188  pciide - ok
23:07:00.0591 3188  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:07:00.0624 3188  pcmcia - ok
23:07:00.0685 3188  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:07:00.0690 3188  pcw - ok
23:07:00.0772 3188  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:07:00.0805 3188  PEAUTH - ok
23:07:02.0243 3188  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:07:02.0246 3188  PerfHost - ok
23:07:02.0428 3188  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:07:02.0461 3188  pla - ok
23:07:02.0528 3188  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:07:02.0570 3188  PlugPlay - ok
23:07:02.0605 3188  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:07:02.0608 3188  PNRPAutoReg - ok
23:07:02.0701 3188  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:07:02.0703 3188  PNRPsvc - ok
23:07:02.0938 3188  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:07:02.0959 3188  PolicyAgent - ok
23:07:03.0104 3188  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll
23:07:03.0112 3188  Power - ok
23:07:03.0154 3188  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:07:03.0157 3188  PptpMiniport - ok
23:07:03.0214 3188  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
23:07:03.0221 3188  Processor - ok
23:07:03.0327 3188  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:07:03.0329 3188  ProfSvc - ok
23:07:03.0352 3188  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:07:03.0353 3188  ProtectedStorage - ok
23:07:03.0398 3188  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:07:03.0401 3188  Psched - ok
23:07:03.0818 3188  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
23:07:03.0857 3188  ql2300 - ok
23:07:03.0900 3188  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
23:07:03.0902 3188  ql40xx - ok
23:07:04.0003 3188  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:07:04.0011 3188  QWAVE - ok
23:07:04.0106 3188  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:07:04.0106 3188  QWAVEdrv - ok
23:07:04.0120 3188  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:07:04.0122 3188  RasAcd - ok
23:07:04.0276 3188  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:07:04.0278 3188  RasAgileVpn - ok
23:07:04.0314 3188  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:07:04.0315 3188  RasAuto - ok
23:07:04.0358 3188  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:07:04.0364 3188  Rasl2tp - ok
23:07:04.0419 3188  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:07:04.0422 3188  RasMan - ok
23:07:04.0458 3188  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:07:04.0460 3188  RasPppoe - ok
23:07:04.0594 3188  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:07:04.0595 3188  RasSstp - ok
23:07:04.0679 3188  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:07:04.0687 3188  rdbss - ok
23:07:04.0723 3188  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
23:07:04.0731 3188  rdpbus - ok
23:07:04.0758 3188  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:07:04.0759 3188  RDPCDD - ok
23:07:04.0797 3188  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:07:04.0797 3188  RDPENCDD - ok
23:07:04.0850 3188  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:07:04.0850 3188  RDPREFMP - ok
23:07:04.0935 3188  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:07:04.0937 3188  RDPWD - ok
23:07:04.0984 3188  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:07:04.0987 3188  rdyboost - ok
23:07:05.0072 3188  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:07:05.0073 3188  RemoteAccess - ok
23:07:05.0135 3188  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:07:05.0138 3188  RemoteRegistry - ok
23:07:05.0250 3188  RimUsb - ok
23:07:05.0360 3188  [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
23:07:05.0368 3188  RimVSerPort - ok
23:07:05.0567 3188  rm - ok
23:07:05.0675 3188  [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
23:07:05.0681 3188  ROOTMODEM - ok
23:07:05.0741 3188  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:07:05.0744 3188  RpcEptMapper - ok
23:07:05.0832 3188  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:07:05.0834 3188  RpcLocator - ok
23:07:05.0957 3188  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
23:07:05.0959 3188  RpcSs - ok
23:07:05.0993 3188  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:07:05.0999 3188  rspndr - ok
23:07:06.0137 3188  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:07:06.0139 3188  RTL8167 - ok
23:07:06.0593 3188  [ CAB06CA598638E0457E1DCF8CA824EC2 ] rusb3hub        C:\Windows\system32\DRIVERS\rusb3hub.sys
23:07:06.0597 3188  rusb3hub - ok
23:07:06.0763 3188  [ F47E2920F2A8C34562AAE24B73800C5C ] rusb3xhc        C:\Windows\system32\DRIVERS\rusb3xhc.sys
23:07:06.0879 3188  rusb3xhc - ok
23:07:06.0974 3188  [ 231A3700154B1A49C2F05CB0DA4B2747 ] SaiH0BAC        C:\Windows\system32\DRIVERS\SaiH0BAC.sys
23:07:06.0977 3188  SaiH0BAC - ok
23:07:07.0169 3188  [ 10B72224B9849DB47CE5FFD0FC872275 ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys
23:07:07.0170 3188  SaiMini - ok
23:07:07.0232 3188  [ 6187D4E2D8ABF14C20BC8A3DD35D7E80 ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
23:07:07.0236 3188  SaiNtBus - ok
23:07:07.0264 3188  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:07:07.0265 3188  SamSs - ok
23:07:07.0301 3188  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:07:07.0308 3188  sbp2port - ok
23:07:07.0469 3188  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:07:07.0477 3188  SCardSvr - ok
23:07:07.0528 3188  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:07:07.0529 3188  scfilter - ok
23:07:07.0820 3188  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:07:07.0837 3188  Schedule - ok
23:07:07.0973 3188  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:07:07.0973 3188  SCPolicySvc - ok
23:07:08.0042 3188  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:07:08.0050 3188  SDRSVC - ok
23:07:08.0131 3188  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:07:08.0135 3188  secdrv - ok
23:07:08.0161 3188  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:07:08.0171 3188  seclogon - ok
23:07:08.0353 3188  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
23:07:08.0357 3188  SENS - ok
23:07:08.0760 3188  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:07:08.0765 3188  SensrSvc - ok
23:07:09.0150 3188  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
23:07:09.0157 3188  Serenum - ok
23:07:09.0203 3188  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
23:07:09.0210 3188  Serial - ok
23:07:09.0230 3188  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
23:07:09.0232 3188  sermouse - ok
23:07:09.0257 3188  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:07:09.0259 3188  SessionEnv - ok
23:07:09.0292 3188  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:07:09.0297 3188  sffdisk - ok
23:07:09.0316 3188  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:07:09.0317 3188  sffp_mmc - ok
23:07:09.0362 3188  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:07:09.0363 3188  sffp_sd - ok
23:07:09.0439 3188  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
23:07:09.0440 3188  sfloppy - ok
23:07:09.0531 3188  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:07:09.0535 3188  ShellHWDetection - ok
23:07:09.0624 3188  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:07:09.0631 3188  SiSRaid2 - ok
23:07:09.0693 3188  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:07:09.0695 3188  SiSRaid4 - ok
23:07:09.0725 3188  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:07:09.0741 3188  Smb - ok
23:07:09.0832 3188  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:07:09.0835 3188  SNMPTRAP - ok
23:07:09.0867 3188  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:07:09.0869 3188  spldr - ok
23:07:09.0966 3188  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
23:07:10.0007 3188  Spooler - ok
23:07:10.0873 3188  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:07:10.0923 3188  sppsvc - ok
23:07:10.0962 3188  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:07:10.0964 3188  sppuinotify - ok
23:07:11.0023 3188  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:07:11.0053 3188  srv - ok
23:07:11.0203 3188  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:07:11.0319 3188  srv2 - ok
23:07:11.0355 3188  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:07:11.0358 3188  srvnet - ok
23:07:11.0454 3188  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:07:11.0456 3188  SSDPSRV - ok
23:07:11.0525 3188  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:07:11.0531 3188  SstpSvc - ok
23:07:11.0584 3188  Steam Client Service - ok
23:07:11.0839 3188  [ 37E909075C910B37779DBE1DBE7F180B ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:07:11.0845 3188  Stereo Service - ok
23:07:11.0987 3188  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:07:11.0992 3188  stexstor - ok
23:07:12.0356 3188  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:07:12.0477 3188  stisvc - ok
23:07:12.0823 3188  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:07:12.0824 3188  swenum - ok
23:07:13.0014 3188  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:07:13.0018 3188  SwitchBoard - ok
23:07:13.0062 3188  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:07:13.0085 3188  swprv - ok
23:07:13.0418 3188  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:07:13.0560 3188  SysMain - ok
23:07:13.0603 3188  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:07:13.0608 3188  TabletInputService - ok
23:07:13.0779 3188  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:07:13.0787 3188  TapiSrv - ok
23:07:13.0819 3188  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:07:13.0821 3188  TBS - ok
23:07:14.0040 3188  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:07:14.0809 3188  Tcpip - ok
23:07:15.0516 3188  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:07:15.0522 3188  TCPIP6 - ok
23:07:15.0551 3188  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:07:15.0555 3188  tcpipreg - ok
23:07:15.0564 3188  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:07:15.0564 3188  TDPIPE - ok
23:07:15.0581 3188  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:07:15.0588 3188  TDTCP - ok
23:07:15.0613 3188  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:07:15.0621 3188  tdx - ok
23:07:16.0258 3188  [ C9B9373A0A430C11F0213E359D0772B2 ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
23:07:16.0268 3188  TeamViewer7 - ok
23:07:16.0374 3188  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:07:16.0374 3188  TermDD - ok
23:07:16.0724 3188  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:07:16.0772 3188  TermService - ok
23:07:16.0819 3188  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:07:16.0976 3188  Themes - ok
23:07:17.0049 3188  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:07:17.0050 3188  THREADORDER - ok
23:07:17.0063 3188  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:07:17.0065 3188  TrkWks - ok
23:07:17.0172 3188  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:07:17.0174 3188  TrustedInstaller - ok
23:07:17.0216 3188  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:07:17.0218 3188  tssecsrv - ok
23:07:17.0259 3188  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:07:17.0261 3188  TsUsbFlt - ok
23:07:17.0271 3188  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
23:07:17.0272 3188  TsUsbGD - ok
23:07:17.0290 3188  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:07:17.0291 3188  tunnel - ok
23:07:17.0300 3188  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:07:17.0302 3188  uagp35 - ok
23:07:17.0318 3188  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:07:17.0322 3188  udfs - ok
23:07:17.0338 3188  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:07:17.0340 3188  UI0Detect - ok
23:07:17.0349 3188  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:07:17.0350 3188  uliagpkx - ok
23:07:17.0365 3188  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:07:17.0366 3188  umbus - ok
23:07:17.0378 3188  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
23:07:17.0379 3188  UmPass - ok
23:07:17.0397 3188  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:07:17.0403 3188  upnphost - ok
23:07:17.0440 3188  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:07:17.0444 3188  USBAAPL64 - ok
23:07:17.0460 3188  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:07:17.0462 3188  usbccgp - ok
23:07:17.0483 3188  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:07:17.0485 3188  usbcir - ok
23:07:17.0510 3188  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:07:17.0512 3188  usbehci - ok
23:07:17.0551 3188  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:07:17.0553 3188  usbhub - ok
23:07:17.0566 3188  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:07:17.0568 3188  usbohci - ok
23:07:17.0577 3188  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
23:07:17.0581 3188  usbprint - ok
23:07:17.0594 3188  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:07:17.0596 3188  USBSTOR - ok
23:07:17.0629 3188  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:07:17.0635 3188  usbuhci - ok
23:07:18.0036 3188  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:07:18.0041 3188  UxSms - ok
23:07:18.0077 3188  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:07:18.0078 3188  VaultSvc - ok
23:07:18.0085 3188  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:07:18.0091 3188  vdrvroot - ok
23:07:18.0251 3188  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:07:18.0263 3188  vds - ok
23:07:18.0274 3188  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:07:18.0281 3188  vga - ok
23:07:18.0621 3188  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:07:18.0630 3188  VgaSave - ok
23:07:18.0774 3188  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:07:18.0783 3188  vhdmp - ok
23:07:18.0990 3188  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:07:18.0991 3188  viaide - ok
23:07:19.0007 3188  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:07:19.0009 3188  volmgr - ok
23:07:19.0248 3188  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:07:19.0292 3188  volmgrx - ok
23:07:19.0445 3188  [ DF8126BD41180351A093A3AD2FC8903B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:07:19.0494 3188  volsnap - ok
23:07:19.0917 3188  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:07:19.0920 3188  vsmraid - ok
23:07:20.0143 3188  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:07:20.0211 3188  VSS - ok
23:07:21.0617 3188  [ 4B817450226F93C31ADD5BCC27FED27A ] vToolbarUpdater15.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
23:07:21.0684 3188  vToolbarUpdater15.2.0 - ok
23:07:21.0750 3188  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:07:21.0754 3188  vwifibus - ok
23:07:21.0878 3188  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:07:21.0880 3188  vwififlt - ok
23:07:22.0004 3188  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:07:22.0197 3188  W32Time - ok
23:07:22.0288 3188  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
23:07:22.0291 3188  WacomPen - ok
23:07:22.0555 3188  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:07:22.0644 3188  WANARP - ok
23:07:22.0728 3188  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:07:22.0729 3188  Wanarpv6 - ok
23:07:23.0329 3188  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
23:07:23.0446 3188  WatAdminSvc - ok
23:07:23.0786 3188  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:07:23.0840 3188  wbengine - ok
23:07:23.0912 3188  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:07:23.0915 3188  WbioSrvc - ok
23:07:24.0054 3188  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:07:24.0058 3188  wcncsvc - ok
23:07:24.0101 3188  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:07:24.0104 3188  WcsPlugInService - ok
23:07:24.0279 3188  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
23:07:24.0281 3188  Wd - ok
23:07:24.0313 3188  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:07:24.0355 3188  Wdf01000 - ok
23:07:24.0367 3188  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:07:24.0369 3188  WdiServiceHost - ok
23:07:24.0371 3188  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:07:24.0372 3188  WdiSystemHost - ok
23:07:24.0467 3188  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:07:24.0470 3188  WebClient - ok
23:07:24.0510 3188  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:07:24.0513 3188  Wecsvc - ok
23:07:24.0558 3188  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:07:24.0560 3188  wercplsupport - ok
23:07:24.0770 3188  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:07:24.0772 3188  WerSvc - ok
23:07:24.0836 3188  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:07:24.0837 3188  WfpLwf - ok
23:07:24.0941 3188  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:07:24.0943 3188  WIMMount - ok
23:07:24.0962 3188  WinDefend - ok
23:07:24.0965 3188  WinHttpAutoProxySvc - ok
23:07:25.0066 3188  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:07:25.0068 3188  Winmgmt - ok
23:07:25.0471 3188  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:07:25.0511 3188  WinRM - ok
23:07:25.0621 3188  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:07:25.0627 3188  WinUsb - ok
23:07:25.0786 3188  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:07:25.0811 3188  Wlansvc - ok
23:07:27.0025 3188  [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:07:27.0116 3188  wlidsvc - ok
23:07:27.0349 3188  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:07:27.0413 3188  WmiAcpi - ok
23:07:27.0610 3188  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:07:27.0615 3188  wmiApSrv - ok
23:07:27.0889 3188  WMPNetworkSvc - ok
23:07:28.0077 3188  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:07:28.0084 3188  WPCSvc - ok
23:07:28.0251 3188  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:07:28.0330 3188  WPDBusEnum - ok
23:07:28.0437 3188  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:07:28.0437 3188  ws2ifsl - ok
23:07:28.0512 3188  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
23:07:28.0520 3188  wscsvc - ok
23:07:28.0521 3188  WSearch - ok
23:07:28.0902 3188  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:07:28.0945 3188  wuauserv - ok
23:07:28.0960 3188  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:07:28.0966 3188  WudfPf - ok
23:07:29.0118 3188  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:07:29.0121 3188  WUDFRd - ok
23:07:29.0160 3188  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:07:29.0194 3188  wudfsvc - ok
23:07:29.0254 3188  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:07:29.0370 3188  WwanSvc - ok
23:07:29.0422 3188  ================ Scan global ===============================
23:07:29.0483 3188  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:07:29.0791 3188  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:07:29.0807 3188  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
23:07:29.0824 3188  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:07:29.0854 3188  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:07:29.0862 3188  [Global] - ok
23:07:29.0862 3188  ================ Scan MBR ==================================
23:07:29.0882 3188  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:07:31.0230 3188  \Device\Harddisk0\DR0 - ok
23:07:31.0231 3188  ================ Scan VBR ==================================
23:07:31.0263 3188  [ FD5C7596CFC4F1C14C8C08A76E103FE5 ] \Device\Harddisk0\DR0\Partition1
23:07:31.0264 3188  \Device\Harddisk0\DR0\Partition1 - ok
23:07:31.0282 3188  [ 48DD80CD78230D777204BC5408F8AF2F ] \Device\Harddisk0\DR0\Partition2
23:07:31.0289 3188  \Device\Harddisk0\DR0\Partition2 - ok
23:07:31.0304 3188  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
23:07:31.0305 3188  \Device\Harddisk0\DR0\Partition3 - ok
23:07:31.0325 3188  [ 0B08F5752BB4BB663DA6669FC4201432 ] \Device\Harddisk0\DR0\Partition4
23:07:31.0327 3188  \Device\Harddisk0\DR0\Partition4 - ok
23:07:31.0341 3188  [ E36F78573F68D518AB94E9A0010F55FA ] \Device\Harddisk0\DR0\Partition5
23:07:31.0342 3188  \Device\Harddisk0\DR0\Partition5 - ok
23:07:31.0342 3188  ============================================================
23:07:31.0342 3188  Scan finished
23:07:31.0342 3188  ============================================================
23:07:31.0347 3156  Detected object count: 0
23:07:31.0347 3156  Actual detected object count: 0


thanks for replying



#4 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:01:07 AM

Posted 15 June 2013 - 06:04 PM

You are welcome.  That looks good lets see what we can do.

 

Please Download Malwarebytes AKA MBAM

Update Malwarebytes via the update tab.
Run a full scan
When the scan finishes please select Remove Selected and make sure all of the boxes are checked
Please post the results

The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to
include the top portion which shows MBAM's database version and your operating system.

 

 

Please Download

ESET online scanner

Install it

Click on START, it should download the virus definitions
When scan completes, click on LIST of found threats

Export the list to desktop, copy the contents of the text file in your reply
You may not get a listing if nothing is found
 

After you finish both of these scans please restart your computer and let me know if we have made any improvements.



#5 dnm.24

dnm.24
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 15 June 2013 - 08:21 PM

Here is data from MBAM, still waiting on the ESET
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.06.15.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dan :: DAN-PC [administrator]
 
16/06/2013 00:07:22
mbam-log-2013-06-16 (00-07-22).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 570494
Time elapsed: 53 minute(s), 55 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKCR\CLSID\{dedbb410-30bd-5eb4-8555-c0ee0936e592} (Trojan.Agent) -> Quarantined and deleted successfully.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://startsear.ch/?aff=1&cf=ba4be927-1130-11e2-bee6-180373424244) Good: 
 
(http://www.google.com) -> Quarantined and repaired successfully.
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 7
C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Parche Maddog 2010 FSX.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Modules\Milviz\milvizX.dll (Trojan.Scar) -> Quarantined and deleted successfully.
C:\Users\Dan\AppData\Local\Temp\stub_ddlr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Dan\AppData\Roaming\Bilomfp\3B035EF74E97ECC6A664.exe (Trojan.Agent.TRGen) -> Quarantined and deleted successfully.
C:\Users\Dan\Desktop\PMDG 737NGX\ PMDG NGX.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
C:\Users\Dan\Desktop\[FS2004] - [FSX] - Leonardo, LSH, Maddog 2010 Professional + Liveries (Aircraft)\[FS2004] - [FSX] - Leonardo, LSH, Maddog 2010 Professional + Liveries 
 
(Aircraft)\crack\Parche Maddog 2010 FS9.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
C:\Users\Dan\Desktop\[FS2004] - [FSX] - Leonardo, LSH, Maddog 2010 Professional + Liveries (Aircraft)\[FS2004] - [FSX] - Leonardo, LSH, Maddog 2010 Professional + Liveries 
 
(Aircraft)\crack\Parche Maddog 2010 FSX.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully.
 
(end)


#6 dnm.24

dnm.24
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 15 June 2013 - 08:37 PM

C:\Users\All Users\Reality XP\Reality XP.dll a variant of Win32/Packed.VMProtect.AAA trojan
C:\Users\All Users\Reality XP\rxpGnsSim.dll a variant of Win32/Packed.VMProtect.AAA trojan
C:\Users\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Win32/Adware.Yontoo.B application
C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Gauges\rxpDrop.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
C:\ProgramData\Reality XP\Reality XP.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
C:\ProgramData\Reality XP\rxpGnsSim.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Dan\AppData\Local\Temp\optimizer.exe Win32/Adware.SpeedingUpMyPC application cleaned by deleting - quarantined


#7 dnm.24

dnm.24
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 15 June 2013 - 08:39 PM

Thanks for your help, will probably be monday i next hear from you due to Sunday, and time differences.



#8 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:01:07 AM

Posted 15 June 2013 - 08:41 PM

Please do a restart and let me know how things are.

#9 dnm.24

dnm.24
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 15 June 2013 - 08:53 PM

It currently is restarting but installing 62 updates before shut down is that normal? , I will let you know how things are tomorrow, since it's super late here, thanks for your help once again

#10 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:01:07 AM

Posted 15 June 2013 - 08:56 PM

MS updates will install on restart/shutdown from time to time and that is royalty normal. You are more than welcome.

#11 dnm.24

dnm.24
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 16 June 2013 - 04:47 AM

After restart unfortunately still hearing ad's and can see somethin IExplorer based running in task manager when I dont have it open



#12 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:01:07 AM

Posted 17 June 2013 - 07:34 AM

I think I may know what infection you have, although I have not been able to prove it.  I need to check and see if I can help you here or if I should get you instructions on how to proceed to get elevated help.  Please be patient as i will be back to you with further instruction as soon as I can.



#13 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:01:07 AM

Posted 17 June 2013 - 10:17 AM

My feeling all along has been that this may be a bootkit.  I have seen this a few times in the last week at work.  I wish I could prove this to be true but that is what bootkits do, hide themselves.

 

At this point you will need help from the Malware Response Team.  Please follow the instructions below and also please be patient as the team is very busy.  They will get to you as soon as they can.  You will be in very good hands.  You should include in your post in the virus removal forum a link to this topic along with a note that you may have a bootkit.  Thanks and good luck!

 

 

Please follow the instructions in ==>This Guide<== starting at Step 6.  If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==  Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
 


Edited by Jimbob85, 17 June 2013 - 10:19 AM.


#14 dnm.24

dnm.24
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:07 AM

Posted 17 June 2013 - 10:21 AM

Ok thanks, so just to confirm start a post on the virus removal forum linking this page?

#15 Jimbob85

Jimbob85

  • Members
  • 308 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:VA, USA
  • Local time:01:07 AM

Posted 17 June 2013 - 10:26 AM

Yes, please follow these instructions.

 

Please follow the instructions in ==>This Guide<== starting at Step 6.  If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<==  Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users