Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC cleanup - Rootkit and more.


  • Please log in to reply
4 replies to this topic

#1 thibauld

thibauld

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 04 July 2013 - 11:11 PM

Hi guys, 

 

In another post I was having problems with my internet connection speed and was asked to run TDSSkiller, which found a rootkit.

 

Here are the TDSSkiller and DDS logs:

 

06:07:07.0797 7888  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
06:07:07.0992 7888  ============================================================
06:07:07.0992 7888  Current date / time: 2013/07/05 06:07:07.0992
06:07:07.0992 7888  SystemInfo:
06:07:07.0992 7888  
06:07:07.0992 7888  OS Version: 6.1.7601 ServicePack: 1.0
06:07:07.0992 7888  Product type: Workstation
06:07:07.0993 7888  ComputerName: THIBAULD-PC
06:07:07.0993 7888  UserName: Thibauld
06:07:07.0993 7888  Windows directory: C:\Windows
06:07:07.0993 7888  System windows directory: C:\Windows
06:07:07.0993 7888  Running under WOW64
06:07:07.0993 7888  Processor architecture: Intel x64
06:07:07.0993 7888  Number of processors: 3
06:07:07.0993 7888  Page size: 0x1000
06:07:07.0993 7888  Boot type: Normal boot
06:07:07.0993 7888  ============================================================
06:07:09.0810 7888  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:07:09.0828 7888  ============================================================
06:07:09.0828 7888  \Device\Harddisk0\DR0:
06:07:09.0828 7888  MBR partitions:
06:07:09.0828 7888  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74704800
06:07:09.0828 7888  ============================================================
06:07:09.0856 7888  C: <-> \Device\Harddisk0\DR0\Partition1
06:07:09.0871 7888  ============================================================
06:07:09.0871 7888  Initialize success
06:07:09.0871 7888  ============================================================
06:07:18.0800 7964  ============================================================
06:07:18.0800 7964  Scan started
06:07:18.0800 7964  Mode: Manual; SigCheck; TDLFS; 
06:07:18.0800 7964  ============================================================
06:07:20.0643 7964  ================ Scan system memory ========================
06:07:20.0643 7964  System memory - ok
06:07:20.0643 7964  ================ Scan services =============================
06:07:20.0863 7964  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
06:07:21.0109 7964  1394ohci - ok
06:07:21.0150 7964  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
06:07:21.0166 7964  ACPI - ok
06:07:21.0182 7964  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
06:07:21.0241 7964  AcpiPmi - ok
06:07:21.0315 7964  [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:07:21.0336 7964  AdobeARMservice - ok
06:07:21.0424 7964  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:07:21.0438 7964  AdobeFlashPlayerUpdateSvc - ok
06:07:21.0469 7964  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
06:07:21.0488 7964  adp94xx - ok
06:07:21.0506 7964  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
06:07:21.0521 7964  adpahci - ok
06:07:21.0533 7964  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
06:07:21.0546 7964  adpu320 - ok
06:07:21.0566 7964  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
06:07:21.0662 7964  AeLookupSvc - ok
06:07:21.0691 7964  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
06:07:21.0759 7964  AFD - ok
06:07:21.0788 7964  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
06:07:21.0799 7964  agp440 - ok
06:07:21.0818 7964  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
06:07:21.0881 7964  ALG - ok
06:07:21.0901 7964  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
06:07:21.0911 7964  aliide - ok
06:07:21.0950 7964  [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:07:22.0039 7964  AMD External Events Utility - ok
06:07:22.0090 7964  AMD FUEL Service - ok
06:07:22.0095 7964  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
06:07:22.0105 7964  amdide - ok
06:07:22.0141 7964  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
06:07:22.0182 7964  amdiox64 - ok
06:07:22.0236 7964  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
06:07:22.0305 7964  AmdK8 - ok
06:07:22.0478 7964  [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
06:07:22.0666 7964  amdkmdag - ok
06:07:22.0691 7964  [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
06:07:22.0718 7964  amdkmdap - ok
06:07:22.0742 7964  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
06:07:22.0784 7964  AmdPPM - ok
06:07:22.0829 7964  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
06:07:22.0841 7964  amdsata - ok
06:07:22.0862 7964  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
06:07:22.0876 7964  amdsbs - ok
06:07:22.0910 7964  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
06:07:22.0941 7964  amdxata - ok
06:07:23.0023 7964  [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
06:07:23.0032 7964  AODDriver4.1 - ok
06:07:23.0073 7964  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
06:07:23.0172 7964  AppID - ok
06:07:23.0204 7964  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
06:07:23.0242 7964  AppIDSvc - ok
06:07:23.0264 7964  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
06:07:23.0307 7964  Appinfo - ok
06:07:23.0369 7964  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
06:07:23.0378 7964  Apple Mobile Device - ok
06:07:23.0405 7964  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
06:07:23.0438 7964  AppMgmt - ok
06:07:23.0450 7964  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
06:07:23.0462 7964  arc - ok
06:07:23.0474 7964  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
06:07:23.0485 7964  arcsas - ok
06:07:23.0589 7964  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:07:23.0599 7964  aspnet_state - ok
06:07:23.0619 7964  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
06:07:23.0686 7964  AsyncMac - ok
06:07:23.0704 7964  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
06:07:23.0717 7964  atapi - ok
06:07:23.0756 7964  [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
06:07:23.0769 7964  AtiHDAudioService - ok
06:07:23.0948 7964  [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
06:07:24.0089 7964  atikmdag - ok
06:07:24.0143 7964  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:07:24.0224 7964  AudioEndpointBuilder - ok
06:07:24.0233 7964  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
06:07:24.0266 7964  AudioSrv - ok
06:07:24.0413 7964  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
06:07:24.0518 7964  AVGIDSAgent - ok
06:07:24.0545 7964  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
06:07:24.0557 7964  AVGIDSDriver - ok
06:07:24.0580 7964  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
06:07:24.0590 7964  AVGIDSHA - ok
06:07:24.0602 7964  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
06:07:24.0623 7964  Avgldx64 - ok
06:07:24.0666 7964  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
06:07:24.0689 7964  Avgloga - ok
06:07:24.0715 7964  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
06:07:24.0726 7964  Avgmfx64 - ok
06:07:24.0753 7964  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
06:07:24.0762 7964  Avgrkx64 - ok
06:07:24.0781 7964  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
06:07:24.0794 7964  Avgtdia - ok
06:07:24.0819 7964  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
06:07:24.0831 7964  avgwd - ok
06:07:24.0865 7964  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
06:07:24.0923 7964  AxInstSV - ok
06:07:24.0963 7964  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
06:07:25.0040 7964  b06bdrv - ok
06:07:25.0068 7964  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
06:07:25.0107 7964  b57nd60a - ok
06:07:25.0138 7964  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
06:07:25.0177 7964  BDESVC - ok
06:07:25.0191 7964  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
06:07:25.0255 7964  Beep - ok
06:07:25.0513 7964  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
06:07:25.0579 7964  BFE - ok
06:07:25.0627 7964  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
06:07:25.0708 7964  BITS - ok
06:07:25.0731 7964  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
06:07:25.0755 7964  blbdrive - ok
06:07:25.0859 7964  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
06:07:25.0874 7964  Bonjour Service - ok
06:07:25.0926 7964  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
06:07:25.0988 7964  bowser - ok
06:07:26.0013 7964  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:07:26.0124 7964  BrFiltLo - ok
06:07:26.0142 7964  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:07:26.0162 7964  BrFiltUp - ok
06:07:26.0184 7964  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
06:07:26.0201 7964  Browser - ok
06:07:26.0223 7964  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
06:07:26.0279 7964  Brserid - ok
06:07:26.0295 7964  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
06:07:26.0314 7964  BrSerWdm - ok
06:07:26.0333 7964  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
06:07:26.0376 7964  BrUsbMdm - ok
06:07:26.0390 7964  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
06:07:26.0400 7964  BrUsbSer - ok
06:07:26.0419 7964  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
06:07:26.0451 7964  BTHMODEM - ok
06:07:26.0491 7964  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
06:07:26.0534 7964  bthserv - ok
06:07:26.0552 7964  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
06:07:26.0582 7964  cdfs - ok
06:07:26.0624 7964  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
06:07:26.0667 7964  cdrom - ok
06:07:26.0695 7964  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
06:07:26.0724 7964  CertPropSvc - ok
06:07:26.0730 7964  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
06:07:26.0767 7964  circlass - ok
06:07:26.0858 7964  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
06:07:26.0899 7964  CLFS - ok
06:07:27.0007 7964  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:07:27.0037 7964  clr_optimization_v2.0.50727_32 - ok
06:07:27.0079 7964  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:07:27.0104 7964  clr_optimization_v2.0.50727_64 - ok
06:07:27.0162 7964  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:07:27.0172 7964  clr_optimization_v4.0.30319_32 - ok
06:07:27.0190 7964  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:07:27.0200 7964  clr_optimization_v4.0.30319_64 - ok
06:07:27.0216 7964  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
06:07:27.0248 7964  CmBatt - ok
06:07:27.0270 7964  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
06:07:27.0280 7964  cmdide - ok
06:07:27.0305 7964  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
06:07:27.0333 7964  CNG - ok
06:07:27.0347 7964  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
06:07:27.0357 7964  Compbatt - ok
06:07:27.0408 7964  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
06:07:27.0425 7964  CompositeBus - ok
06:07:27.0433 7964  COMSysApp - ok
06:07:27.0438 7964  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
06:07:27.0448 7964  crcdisk - ok
06:07:27.0464 7964  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
06:07:27.0481 7964  CryptSvc - ok
06:07:27.0511 7964  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
06:07:27.0585 7964  CSC - ok
06:07:27.0622 7964  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
06:07:27.0656 7964  CscService - ok
06:07:27.0693 7964  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
06:07:27.0744 7964  DcomLaunch - ok
06:07:27.0790 7964  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
06:07:27.0836 7964  defragsvc - ok
06:07:27.0860 7964  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
06:07:27.0904 7964  DfsC - ok
06:07:27.0929 7964  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
06:07:27.0973 7964  Dhcp - ok
06:07:27.0986 7964  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
06:07:28.0037 7964  discache - ok
06:07:28.0089 7964  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
06:07:28.0122 7964  Disk - ok
06:07:28.0147 7964  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
06:07:28.0217 7964  Dnscache - ok
06:07:28.0249 7964  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
06:07:28.0292 7964  dot3svc - ok
06:07:28.0323 7964  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
06:07:28.0369 7964  DPS - ok
06:07:28.0404 7964  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
06:07:28.0431 7964  drmkaud - ok
06:07:28.0475 7964  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
06:07:28.0488 7964  dtsoftbus01 - ok
06:07:28.0528 7964  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
06:07:28.0555 7964  DXGKrnl - ok
06:07:28.0586 7964  EagleX64 - ok
06:07:28.0616 7964  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
06:07:28.0653 7964  EapHost - ok
06:07:28.0714 7964  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
06:07:28.0783 7964  ebdrv - ok
06:07:28.0808 7964  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
06:07:28.0849 7964  EFS - ok
06:07:28.0870 7964  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
06:07:28.0889 7964  elxstor - ok
06:07:28.0897 7964  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
06:07:28.0917 7964  ErrDev - ok
06:07:28.0944 7964  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
06:07:28.0978 7964  EventSystem - ok
06:07:29.0003 7964  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
06:07:29.0034 7964  exfat - ok
06:07:29.0054 7964  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
06:07:29.0092 7964  fastfat - ok
06:07:29.0105 7964  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
06:07:29.0133 7964  fdc - ok
06:07:29.0159 7964  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
06:07:29.0203 7964  fdPHost - ok
06:07:29.0221 7964  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
06:07:29.0271 7964  FDResPub - ok
06:07:29.0301 7964  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
06:07:29.0311 7964  FileInfo - ok
06:07:29.0319 7964  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
06:07:29.0361 7964  Filetrace - ok
06:07:29.0378 7964  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
06:07:29.0388 7964  flpydisk - ok
06:07:29.0423 7964  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
06:07:29.0437 7964  FltMgr - ok
06:07:29.0490 7964  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
06:07:29.0554 7964  FontCache - ok
06:07:29.0604 7964  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:07:29.0612 7964  FontCache3.0.0.0 - ok
06:07:29.0619 7964  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
06:07:29.0630 7964  FsDepends - ok
06:07:29.0643 7964  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
06:07:29.0653 7964  Fs_Rec - ok
06:07:29.0679 7964  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
06:07:29.0695 7964  fvevol - ok
06:07:29.0709 7964  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
06:07:29.0720 7964  gagp30kx - ok
06:07:29.0749 7964  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
06:07:29.0758 7964  GEARAspiWDM - ok
06:07:29.0798 7964  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
06:07:29.0842 7964  gpsvc - ok
06:07:29.0878 7964  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
06:07:29.0887 7964  hamachi - ok
06:07:29.0958 7964  [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
06:07:30.0007 7964  Hamachi2Svc - ok
06:07:30.0022 7964  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
06:07:30.0076 7964  hcw85cir - ok
06:07:30.0121 7964  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:07:30.0146 7964  HdAudAddService - ok
06:07:30.0173 7964  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
06:07:30.0199 7964  HDAudBus - ok
06:07:30.0213 7964  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
06:07:30.0224 7964  HidBatt - ok
06:07:30.0235 7964  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
06:07:30.0259 7964  HidBth - ok
06:07:30.0270 7964  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
06:07:30.0283 7964  HidIr - ok
06:07:30.0316 7964  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
06:07:30.0360 7964  hidserv - ok
06:07:30.0415 7964  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
06:07:30.0425 7964  HidUsb - ok
06:07:30.0453 7964  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
06:07:30.0509 7964  hkmsvc - ok
06:07:30.0545 7964  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:07:30.0575 7964  HomeGroupListener - ok
06:07:30.0600 7964  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:07:30.0613 7964  HomeGroupProvider - ok
06:07:30.0629 7964  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
06:07:30.0640 7964  HpSAMD - ok
06:07:30.0691 7964  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
06:07:30.0756 7964  HTTP - ok
06:07:30.0773 7964  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
06:07:30.0783 7964  hwpolicy - ok
06:07:30.0813 7964  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
06:07:30.0824 7964  i8042prt - ok
06:07:30.0860 7964  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
06:07:30.0877 7964  iaStorV - ok
06:07:30.0925 7964  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
06:07:30.0944 7964  IDriverT ( UnsignedFile.Multi.Generic ) - warning
06:07:30.0944 7964  IDriverT - detected UnsignedFile.Multi.Generic (1)
06:07:30.0988 7964  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:07:31.0010 7964  idsvc - ok
06:07:31.0039 7964  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
06:07:31.0050 7964  iirsp - ok
06:07:31.0077 7964  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
06:07:31.0124 7964  IKEEXT - ok
06:07:31.0190 7964  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
06:07:31.0200 7964  intelide - ok
06:07:31.0217 7964  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
06:07:31.0237 7964  intelppm - ok
06:07:31.0263 7964  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
06:07:31.0293 7964  IPBusEnum - ok
06:07:31.0324 7964  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:07:31.0363 7964  IpFilterDriver - ok
06:07:31.0401 7964  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
06:07:31.0474 7964  iphlpsvc - ok
06:07:31.0499 7964  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
06:07:31.0511 7964  IPMIDRV - ok
06:07:31.0528 7964  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
06:07:31.0573 7964  IPNAT - ok
06:07:31.0612 7964  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
06:07:31.0632 7964  iPod Service - ok
06:07:31.0650 7964  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
06:07:31.0700 7964  IRENUM - ok
06:07:31.0710 7964  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
06:07:31.0720 7964  isapnp - ok
06:07:31.0735 7964  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
06:07:31.0749 7964  iScsiPrt - ok
06:07:31.0770 7964  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
06:07:31.0793 7964  kbdclass - ok
06:07:31.0815 7964  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
06:07:31.0835 7964  kbdhid - ok
06:07:31.0852 7964  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
06:07:31.0862 7964  KeyIso - ok
06:07:31.0884 7964  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
06:07:31.0907 7964  KSecDD - ok
06:07:31.0928 7964  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
06:07:31.0940 7964  KSecPkg - ok
06:07:31.0952 7964  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
06:07:31.0992 7964  ksthunk - ok
06:07:32.0021 7964  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
06:07:32.0087 7964  KtmRm - ok
06:07:32.0139 7964  [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
06:07:32.0153 7964  LADF_CaptureOnly - ok
06:07:32.0165 7964  [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
06:07:32.0179 7964  LADF_RenderOnly - ok
06:07:32.0210 7964  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
06:07:32.0250 7964  LanmanServer - ok
06:07:32.0272 7964  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:07:32.0311 7964  LanmanWorkstation - ok
06:07:32.0332 7964  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
06:07:32.0340 7964  LGBusEnum - ok
06:07:32.0350 7964  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
06:07:32.0357 7964  LGVirHid - ok
06:07:32.0385 7964  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
06:07:32.0426 7964  lltdio - ok
06:07:32.0452 7964  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
06:07:32.0486 7964  lltdsvc - ok
06:07:32.0500 7964  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
06:07:32.0529 7964  lmhosts - ok
06:07:32.0550 7964  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
06:07:32.0562 7964  LSI_FC - ok
06:07:32.0574 7964  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
06:07:32.0585 7964  LSI_SAS - ok
06:07:32.0593 7964  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:07:32.0604 7964  LSI_SAS2 - ok
06:07:32.0616 7964  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:07:32.0640 7964  LSI_SCSI - ok
06:07:32.0680 7964  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
06:07:32.0724 7964  luafv - ok
06:07:32.0756 7964  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
06:07:32.0766 7964  MBAMProtector - ok
06:07:32.0804 7964  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
06:07:32.0820 7964  MBAMScheduler - ok
06:07:32.0836 7964  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
06:07:32.0857 7964  MBAMService - ok
06:07:32.0870 7964  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
06:07:32.0882 7964  megasas - ok
06:07:32.0900 7964  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
06:07:32.0932 7964  MegaSR - ok
06:07:32.0986 7964  Microsoft SharePoint Workspace Audit Service - ok
06:07:32.0999 7964  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
06:07:33.0028 7964  MMCSS - ok
06:07:33.0040 7964  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
06:07:33.0086 7964  Modem - ok
06:07:33.0103 7964  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
06:07:33.0140 7964  monitor - ok
06:07:33.0199 7964  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
06:07:33.0225 7964  mouclass - ok
06:07:33.0273 7964  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
06:07:33.0295 7964  mouhid - ok
06:07:33.0330 7964  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
06:07:33.0349 7964  mountmgr - ok
06:07:33.0459 7964  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:07:33.0487 7964  MozillaMaintenance - ok
06:07:33.0533 7964  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
06:07:33.0554 7964  mpio - ok
06:07:33.0566 7964  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
06:07:33.0596 7964  mpsdrv - ok
06:07:33.0636 7964  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
06:07:33.0703 7964  MpsSvc - ok
06:07:33.0735 7964  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
06:07:33.0762 7964  MRxDAV - ok
06:07:33.0799 7964  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
06:07:33.0844 7964  mrxsmb - ok
06:07:33.0881 7964  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:07:33.0914 7964  mrxsmb10 - ok
06:07:33.0941 7964  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:07:33.0952 7964  mrxsmb20 - ok
06:07:34.0003 7964  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
06:07:34.0016 7964  msahci - ok
06:07:34.0036 7964  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
06:07:34.0048 7964  msdsm - ok
06:07:34.0065 7964  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
06:07:34.0089 7964  MSDTC - ok
06:07:34.0114 7964  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
06:07:34.0144 7964  Msfs - ok
06:07:34.0153 7964  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
06:07:34.0192 7964  mshidkmdf - ok
06:07:34.0243 7964  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
06:07:34.0270 7964  msisadrv - ok
06:07:34.0322 7964  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
06:07:34.0397 7964  MSiSCSI - ok
06:07:34.0401 7964  msiserver - ok
06:07:34.0461 7964  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
06:07:34.0522 7964  MSKSSRV - ok
06:07:34.0539 7964  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
06:07:34.0609 7964  MSPCLOCK - ok
06:07:34.0618 7964  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
06:07:34.0660 7964  MSPQM - ok
06:07:34.0733 7964  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
06:07:34.0754 7964  MsRPC - ok
06:07:34.0789 7964  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
06:07:34.0813 7964  mssmbios - ok
06:07:34.0836 7964  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
06:07:34.0884 7964  MSTEE - ok
06:07:34.0930 7964  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
06:07:34.0968 7964  MTConfig - ok
06:07:35.0018 7964  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
06:07:35.0037 7964  Mup - ok
06:07:35.0154 7964  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
06:07:35.0223 7964  napagent - ok
06:07:35.0374 7964  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
06:07:35.0413 7964  NativeWifiP - ok
06:07:35.0588 7964  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
06:07:35.0622 7964  NDIS - ok
06:07:35.0651 7964  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
06:07:35.0706 7964  NdisCap - ok
06:07:35.0755 7964  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
06:07:35.0812 7964  NdisTapi - ok
06:07:35.0850 7964  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
06:07:35.0936 7964  Ndisuio - ok
06:07:35.0967 7964  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
06:07:36.0015 7964  NdisWan - ok
06:07:36.0049 7964  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
06:07:36.0079 7964  NDProxy - ok
06:07:36.0120 7964  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
06:07:36.0183 7964  NetBIOS - ok
06:07:36.0254 7964  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
06:07:36.0295 7964  NetBT - ok
06:07:36.0305 7964  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
06:07:36.0317 7964  Netlogon - ok
06:07:36.0361 7964  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
06:07:36.0395 7964  Netman - ok
06:07:36.0437 7964  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:07:36.0459 7964  NetMsmqActivator - ok
06:07:36.0463 7964  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:07:36.0473 7964  NetPipeActivator - ok
06:07:36.0596 7964  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
06:07:36.0654 7964  netprofm - ok
06:07:36.0789 7964  [ D66596DB0A0739A89C25B590CE36D628 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
06:07:36.0836 7964  netr28x - ok
06:07:36.0846 7964  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:07:36.0856 7964  NetTcpActivator - ok
06:07:36.0859 7964  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:07:36.0869 7964  NetTcpPortSharing - ok
06:07:36.0886 7964  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
06:07:36.0901 7964  nfrd960 - ok
06:07:36.0931 7964  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
06:07:37.0054 7964  NlaSvc - ok
06:07:37.0136 7964  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
06:07:37.0145 7964  NPF - ok
06:07:37.0157 7964  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
06:07:37.0186 7964  Npfs - ok
06:07:37.0220 7964  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
06:07:37.0265 7964  nsi - ok
06:07:37.0283 7964  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
06:07:37.0319 7964  nsiproxy - ok
06:07:37.0360 7964  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
06:07:37.0397 7964  Ntfs - ok
06:07:37.0412 7964  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
06:07:37.0448 7964  Null - ok
06:07:37.0516 7964  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
06:07:37.0528 7964  nvraid - ok
06:07:37.0544 7964  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
06:07:37.0558 7964  nvstor - ok
06:07:37.0579 7964  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
06:07:37.0590 7964  nv_agp - ok
06:07:37.0609 7964  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
06:07:37.0621 7964  ohci1394 - ok
06:07:37.0665 7964  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:07:37.0692 7964  ose - ok
06:07:37.0817 7964  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
06:07:37.0910 7964  osppsvc - ok
06:07:37.0945 7964  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
06:07:37.0992 7964  p2pimsvc - ok
06:07:38.0006 7964  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
06:07:38.0038 7964  p2psvc - ok
06:07:38.0054 7964  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
06:07:38.0066 7964  Parport - ok
06:07:38.0090 7964  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
06:07:38.0101 7964  partmgr - ok
06:07:38.0112 7964  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
06:07:38.0139 7964  PcaSvc - ok
06:07:38.0155 7964  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
06:07:38.0168 7964  pci - ok
06:07:38.0178 7964  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
06:07:38.0188 7964  pciide - ok
06:07:38.0219 7964  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
06:07:38.0232 7964  pcmcia - ok
06:07:38.0248 7964  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
06:07:38.0259 7964  pcw - ok
06:07:38.0275 7964  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
06:07:38.0371 7964  PEAUTH - ok
06:07:38.0487 7964  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
06:07:38.0563 7964  PeerDistSvc - ok
06:07:38.0647 7964  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
06:07:38.0659 7964  PerfHost - ok
06:07:38.0705 7964  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
06:07:38.0768 7964  pla - ok
06:07:38.0808 7964  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
06:07:38.0847 7964  PlugPlay - ok
06:07:38.0857 7964  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
06:07:38.0881 7964  PNRPAutoReg - ok
06:07:38.0899 7964  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
06:07:38.0913 7964  PNRPsvc - ok
06:07:38.0982 7964  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
06:07:39.0029 7964  PolicyAgent - ok
06:07:39.0050 7964  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
06:07:39.0094 7964  Power - ok
06:07:39.0129 7964  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
06:07:39.0173 7964  PptpMiniport - ok
06:07:39.0189 7964  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
06:07:39.0212 7964  Processor - ok
06:07:39.0248 7964  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
06:07:39.0294 7964  ProfSvc - ok
06:07:39.0308 7964  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:07:39.0318 7964  ProtectedStorage - ok
06:07:39.0357 7964  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
06:07:39.0385 7964  Psched - ok
06:07:39.0421 7964  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
06:07:39.0457 7964  ql2300 - ok
06:07:39.0468 7964  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
06:07:39.0479 7964  ql40xx - ok
06:07:39.0511 7964  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
06:07:39.0532 7964  QWAVE - ok
06:07:39.0563 7964  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
06:07:39.0588 7964  QWAVEdrv - ok
06:07:39.0604 7964  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
06:07:39.0668 7964  RasAcd - ok
06:07:39.0704 7964  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
06:07:39.0749 7964  RasAgileVpn - ok
06:07:39.0768 7964  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
06:07:39.0798 7964  RasAuto - ok
06:07:39.0829 7964  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
06:07:39.0876 7964  Rasl2tp - ok
06:07:39.0903 7964  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
06:07:39.0954 7964  RasMan - ok
06:07:39.0977 7964  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
06:07:40.0022 7964  RasPppoe - ok
06:07:40.0042 7964  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
06:07:40.0072 7964  RasSstp - ok
06:07:40.0090 7964  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
06:07:40.0122 7964  rdbss - ok
06:07:40.0134 7964  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
06:07:40.0159 7964  rdpbus - ok
06:07:40.0175 7964  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
06:07:40.0204 7964  RDPCDD - ok
06:07:40.0235 7964  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
06:07:40.0257 7964  RDPDR - ok
06:07:40.0280 7964  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
06:07:40.0319 7964  RDPENCDD - ok
06:07:40.0336 7964  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
06:07:40.0382 7964  RDPREFMP - ok
06:07:40.0441 7964  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:07:40.0498 7964  RdpVideoMiniport - ok
06:07:40.0523 7964  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
06:07:40.0568 7964  RDPWD - ok
06:07:40.0596 7964  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
06:07:40.0610 7964  rdyboost - ok
06:07:40.0646 7964  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
06:07:40.0690 7964  RemoteAccess - ok
06:07:40.0712 7964  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
06:07:40.0752 7964  RemoteRegistry - ok
06:07:40.0774 7964  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
06:07:40.0784 7964  rpcapd - ok
06:07:40.0798 7964  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
06:07:40.0841 7964  RpcEptMapper - ok
06:07:40.0863 7964  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
06:07:40.0884 7964  RpcLocator - ok
06:07:40.0914 7964  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
06:07:40.0950 7964  RpcSs - ok
06:07:40.0982 7964  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
06:07:41.0014 7964  rspndr - ok
06:07:41.0057 7964  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
06:07:41.0070 7964  RTL8167 - ok
06:07:41.0080 7964  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
06:07:41.0114 7964  s3cap - ok
06:07:41.0125 7964  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
06:07:41.0135 7964  SamSs - ok
06:07:41.0156 7964  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
06:07:41.0168 7964  sbp2port - ok
06:07:41.0195 7964  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
06:07:41.0239 7964  SCardSvr - ok
06:07:41.0270 7964  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
06:07:41.0309 7964  scfilter - ok
06:07:41.0343 7964  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
06:07:41.0413 7964  Schedule - ok
06:07:41.0442 7964  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
06:07:41.0469 7964  SCPolicySvc - ok
06:07:41.0504 7964  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
06:07:41.0517 7964  SDRSVC - ok
06:07:41.0533 7964  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
06:07:41.0562 7964  secdrv - ok
06:07:41.0592 7964  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
06:07:41.0632 7964  seclogon - ok
06:07:41.0664 7964  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
06:07:41.0695 7964  SENS - ok
06:07:41.0707 7964  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
06:07:41.0719 7964  SensrSvc - ok
06:07:41.0728 7964  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
06:07:41.0771 7964  Serenum - ok
06:07:41.0794 7964  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
06:07:41.0805 7964  Serial - ok
06:07:41.0813 7964  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
06:07:41.0839 7964  sermouse - ok
06:07:41.0870 7964  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
06:07:41.0917 7964  SessionEnv - ok
06:07:41.0954 7964  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
06:07:41.0980 7964  sffdisk - ok
06:07:41.0999 7964  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
06:07:42.0024 7964  sffp_mmc - ok
06:07:42.0036 7964  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
06:07:42.0064 7964  sffp_sd - ok
06:07:42.0076 7964  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
06:07:42.0105 7964  sfloppy - ok
06:07:42.0133 7964  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
06:07:42.0176 7964  SharedAccess - ok
06:07:42.0198 7964  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:07:42.0232 7964  ShellHWDetection - ok
06:07:42.0241 7964  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:07:42.0252 7964  SiSRaid2 - ok
06:07:42.0266 7964  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
06:07:42.0277 7964  SiSRaid4 - ok
06:07:42.0329 7964  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
06:07:42.0340 7964  SkypeUpdate - ok
06:07:42.0353 7964  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
06:07:42.0389 7964  Smb - ok
06:07:42.0426 7964  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
06:07:42.0451 7964  SNMPTRAP - ok
06:07:42.0469 7964  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
06:07:42.0479 7964  spldr - ok
06:07:42.0496 7964  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
06:07:42.0532 7964  Spooler - ok
06:07:42.0610 7964  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
06:07:42.0698 7964  sppsvc - ok
06:07:42.0717 7964  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
06:07:42.0757 7964  sppuinotify - ok
06:07:42.0783 7964  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
06:07:42.0831 7964  srv - ok
06:07:42.0844 7964  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
06:07:42.0860 7964  srv2 - ok
06:07:42.0871 7964  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
06:07:42.0898 7964  srvnet - ok
06:07:42.0938 7964  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
06:07:42.0982 7964  SSDPSRV - ok
06:07:42.0997 7964  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
06:07:43.0030 7964  SstpSvc - ok
06:07:43.0057 7964  Steam Client Service - ok
06:07:43.0075 7964  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
06:07:43.0085 7964  stexstor - ok
06:07:43.0126 7964  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
06:07:43.0177 7964  stisvc - ok
06:07:43.0213 7964  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
06:07:43.0224 7964  storflt - ok
06:07:43.0252 7964  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
06:07:43.0262 7964  storvsc - ok
06:07:43.0290 7964  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
06:07:43.0300 7964  swenum - ok
06:07:43.0320 7964  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
06:07:43.0366 7964  swprv - ok
06:07:43.0389 7964  Synth3dVsc - ok
06:07:43.0440 7964  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
06:07:43.0494 7964  SysMain - ok
06:07:43.0558 7964  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:07:43.0614 7964  TabletInputService - ok
06:07:43.0700 7964  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
06:07:43.0805 7964  TapiSrv - ok
06:07:43.0830 7964  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
06:07:43.0860 7964  TBS - ok
06:07:43.0916 7964  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
06:07:43.0957 7964  Tcpip - ok
06:07:43.0985 7964  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
06:07:44.0018 7964  TCPIP6 - ok
06:07:44.0049 7964  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
06:07:44.0092 7964  tcpipreg - ok
06:07:44.0120 7964  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
06:07:44.0174 7964  TDPIPE - ok
06:07:44.0206 7964  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
06:07:44.0216 7964  TDTCP - ok
06:07:44.0246 7964  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
06:07:44.0274 7964  tdx - ok
06:07:44.0298 7964  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
06:07:44.0309 7964  TermDD - ok
06:07:44.0345 7964  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
06:07:44.0383 7964  TermService - ok
06:07:44.0413 7964  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
06:07:44.0435 7964  Themes - ok
06:07:44.0462 7964  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
06:07:44.0492 7964  THREADORDER - ok
06:07:44.0503 7964  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
06:07:44.0545 7964  TrkWks - ok
06:07:44.0602 7964  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:07:44.0632 7964  TrustedInstaller - ok
06:07:44.0665 7964  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
06:07:44.0706 7964  tssecsrv - ok
06:07:44.0738 7964  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
06:07:44.0753 7964  TsUsbFlt - ok
06:07:44.0764 7964  tsusbhub - ok
06:07:44.0801 7964  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
06:07:44.0842 7964  tunnel - ok
06:07:44.0853 7964  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
06:07:44.0863 7964  uagp35 - ok
06:07:44.0902 7964  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
06:07:44.0951 7964  udfs - ok
06:07:44.0977 7964  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
06:07:44.0989 7964  UI0Detect - ok
06:07:45.0005 7964  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
06:07:45.0016 7964  uliagpkx - ok
06:07:45.0063 7964  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
06:07:45.0085 7964  umbus - ok
06:07:45.0101 7964  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
06:07:45.0124 7964  UmPass - ok
06:07:45.0144 7964  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
06:07:45.0157 7964  UmRdpService - ok
06:07:45.0171 7964  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
06:07:45.0222 7964  upnphost - ok
06:07:45.0254 7964  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
06:07:45.0287 7964  USBAAPL64 - ok
06:07:45.0321 7964  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
06:07:45.0344 7964  usbaudio - ok
06:07:45.0358 7964  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
06:07:45.0378 7964  usbccgp - ok
06:07:45.0407 7964  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
06:07:45.0420 7964  usbcir - ok
06:07:45.0435 7964  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
06:07:45.0454 7964  usbehci - ok
06:07:45.0485 7964  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
06:07:45.0500 7964  usbhub - ok
06:07:45.0509 7964  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
06:07:45.0519 7964  usbohci - ok
06:07:45.0548 7964  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
06:07:45.0573 7964  usbprint - ok
06:07:45.0593 7964  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
06:07:45.0615 7964  USBSTOR - ok
06:07:45.0631 7964  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
06:07:45.0655 7964  usbuhci - ok
06:07:45.0679 7964  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
06:07:45.0710 7964  UxSms - ok
06:07:45.0719 7964  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
06:07:45.0729 7964  VaultSvc - ok
06:07:45.0737 7964  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
06:07:45.0748 7964  vdrvroot - ok
06:07:45.0782 7964  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
06:07:45.0829 7964  vds - ok
06:07:45.0848 7964  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
06:07:45.0860 7964  vga - ok
06:07:45.0871 7964  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
06:07:45.0911 7964  VgaSave - ok
06:07:45.0924 7964  VGPU - ok
06:07:45.0940 7964  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
06:07:45.0953 7964  vhdmp - ok
06:07:45.0969 7964  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
06:07:45.0979 7964  viaide - ok
06:07:46.0004 7964  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
06:07:46.0019 7964  vmbus - ok
06:07:46.0029 7964  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
06:07:46.0053 7964  VMBusHID - ok
06:07:46.0071 7964  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
06:07:46.0082 7964  volmgr - ok
06:07:46.0117 7964  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
06:07:46.0132 7964  volmgrx - ok
06:07:46.0146 7964  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
06:07:46.0161 7964  volsnap - ok
06:07:46.0176 7964  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
06:07:46.0189 7964  vsmraid - ok
06:07:46.0236 7964  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
06:07:46.0299 7964  VSS - ok
06:07:46.0314 7964  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
06:07:46.0342 7964  vwifibus - ok
06:07:46.0363 7964  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
06:07:46.0377 7964  vwififlt - ok
06:07:46.0410 7964  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
06:07:46.0445 7964  W32Time - ok
06:07:46.0462 7964  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
06:07:46.0486 7964  WacomPen - ok
06:07:46.0512 7964  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
06:07:46.0560 7964  WANARP - ok
06:07:46.0575 7964  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
06:07:46.0602 7964  Wanarpv6 - ok
06:07:46.0650 7964  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
06:07:46.0689 7964  WatAdminSvc - ok
06:07:46.0729 7964  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
06:07:46.0765 7964  wbengine - ok
06:07:46.0784 7964  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
06:07:46.0800 7964  WbioSrvc - ok
06:07:46.0816 7964  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
06:07:46.0836 7964  wcncsvc - ok
06:07:46.0843 7964  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:07:46.0859 7964  WcsPlugInService - ok
06:07:46.0872 7964  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
06:07:46.0882 7964  Wd - ok
06:07:46.0907 7964  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
06:07:46.0942 7964  Wdf01000 - ok
06:07:46.0960 7964  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
06:07:47.0016 7964  WdiServiceHost - ok
06:07:47.0019 7964  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
06:07:47.0046 7964  WdiSystemHost - ok
06:07:47.0085 7964  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
06:07:47.0119 7964  WebClient - ok
06:07:47.0138 7964  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
06:07:47.0184 7964  Wecsvc - ok
06:07:47.0200 7964  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
06:07:47.0238 7964  wercplsupport - ok
06:07:47.0266 7964  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
06:07:47.0295 7964  WerSvc - ok
06:07:47.0317 7964  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
06:07:47.0346 7964  WfpLwf - ok
06:07:47.0358 7964  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
06:07:47.0368 7964  WIMMount - ok
06:07:47.0393 7964  WinDefend - ok
06:07:47.0407 7964  WinHttpAutoProxySvc - ok
06:07:47.0465 7964  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
06:07:47.0496 7964  Winmgmt - ok
06:07:47.0538 7964  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
06:07:47.0593 7964  WinRM - ok
06:07:47.0617 7964  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
06:07:47.0629 7964  WinUsb - ok
06:07:47.0664 7964  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
06:07:47.0705 7964  Wlansvc - ok
06:07:47.0722 7964  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
06:07:47.0743 7964  WmiAcpi - ok
06:07:47.0758 7964  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
06:07:47.0787 7964  wmiApSrv - ok
06:07:47.0803 7964  WMPNetworkSvc - ok
06:07:47.0816 7964  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
06:07:47.0833 7964  WPCSvc - ok
06:07:47.0858 7964  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
06:07:47.0885 7964  WPDBusEnum - ok
06:07:47.0899 7964  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
06:07:47.0935 7964  ws2ifsl - ok
06:07:47.0949 7964  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
06:07:48.0036 7964  wscsvc - ok
06:07:48.0040 7964  WSearch - ok
06:07:48.0113 7964  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
06:07:48.0164 7964  wuauserv - ok
06:07:48.0180 7964  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
06:07:48.0216 7964  WudfPf - ok
06:07:48.0250 7964  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
06:07:48.0289 7964  WUDFRd - ok
06:07:48.0327 7964  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
06:07:48.0355 7964  wudfsvc - ok
06:07:48.0370 7964  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
06:07:48.0397 7964  WwanSvc - ok
06:07:48.0505 7964  X6va012 - ok
06:07:48.0543 7964  [ 110F1BC710AD99423114CAE79F83C0F7 ] {09BB444F-B2E2-4009-BAF2-7B727681223E} C:\Program Files (x86)\VMLaunch\BuddyVM.sys
06:07:48.0561 7964  {09BB444F-B2E2-4009-BAF2-7B727681223E} ( UnsignedFile.Multi.Generic ) - warning
06:07:48.0561 7964  {09BB444F-B2E2-4009-BAF2-7B727681223E} - detected UnsignedFile.Multi.Generic (1)
06:07:48.0580 7964  ================ Scan global ===============================
06:07:48.0605 7964  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
06:07:48.0633 7964  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
06:07:48.0647 7964  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
06:07:48.0678 7964  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
06:07:48.0695 7964  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
06:07:48.0700 7964  [Global] - ok
06:07:48.0700 7964  ================ Scan MBR ==================================
06:07:48.0708 7964  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
06:07:49.0070 7964  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
06:07:49.0070 7964  \Device\Harddisk0\DR0 - detected TDSS File System (1)
06:07:49.0070 7964  ================ Scan VBR ==================================
06:07:49.0073 7964  [ 117AD0D09F06727BC770A56F219BAD52 ] \Device\Harddisk0\DR0\Partition1
06:07:49.0074 7964  \Device\Harddisk0\DR0\Partition1 - ok
06:07:49.0075 7964  ============================================================
06:07:49.0075 7964  Scan finished
06:07:49.0075 7964  ============================================================
06:07:49.0085 7956  Detected object count: 3
06:07:49.0085 7956  Actual detected object count: 3
 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16611  BrowserJavaVersion: 10.21.2
Run by Thibauld at 6:00:36 on 2013-07-05
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.4094.1821 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\WhatPulse2\whatpulse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.171\deploy\LoLLauncher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.30\deploy\LolClient.exe
C:\Windows\System32\perfmon.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\System32\taskmgr.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Thibauld\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.nl/
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [WhatPulse] "C:\Program Files (x86)\WhatPulse2\whatpulse.exe"
uRun: [Google Update] "C:\Users\Thibauld\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 212.54.40.25 212.54.35.25
TCP: Interfaces\{944DBE73-785A-4066-A034-8E839E8A0354} : DHCPNameServer = 212.54.40.25 212.54.35.25
TCP: Interfaces\{D1134DBF-95C4-4298-9A13-86D951ADE5C1} : NameServer = 8.8.8.8
TCP: Interfaces\{D1134DBF-95C4-4298-9A13-86D951ADE5C1} : DHCPNameServer = 212.54.40.25 212.54.35.25
TCP: Interfaces\{D1134DBF-95C4-4298-9A13-86D951ADE5C1}\C496E67656 : NameServer = 8.8.8.8
TCP: Interfaces\{D1134DBF-95C4-4298-9A13-86D951ADE5C1}\C496E67656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D1134DBF-95C4-4298-9A13-86D951ADE5C1}\C496E676568383 : NameServer = 8.8.8.8
TCP: Interfaces\{D1134DBF-95C4-4298-9A13-86D951ADE5C1}\C496E676568383 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Thibauld\AppData\Roaming\Mozilla\Firefox\Profiles\z4wg9mlw.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.reddit.com/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Users\Thibauld\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Windows\System32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2012-9-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2012-11-16 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-9-14 40800]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-10-2 185696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-9-21 200032]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-1-3 283200]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-4 238080]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-7-4 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-6-28 2470736]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-8 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-8 701512]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-1-2 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\System32\drivers\ladfGSCamd64.sys [2011-4-11 410184]
R3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\System32\drivers\ladfGSRamd64.sys [2011-4-11 341832]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-8 25928]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2009-6-19 712704]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;C:\Program Files (x86)\VMLaunch\BuddyVM.sys [2004-12-3 15872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-9-11 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-9-14 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
.
=============== Created Last 30 ================
.
3114-08-26 21:44:53 -------- d-----w- C:\CPPFILES
2013-07-02 18:51:10 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2013-07-02 18:51:00 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2013-07-02 04:16:19 -------- d-----w- C:\Users\Thibauld\AppData\Roaming\LolClient
2013-07-02 02:31:22 -------- d-----w- C:\Users\Thibauld\AppData\Local\PMB Files
2013-07-02 02:31:19 -------- d-----w- C:\ProgramData\PMB Files
2013-07-02 01:40:52 -------- d-----w- C:\Riot Games
2013-06-30 03:27:04 -------- d-----w- C:\Program Files\CCleaner
2013-06-30 03:11:51 -------- d-----w- C:\Program Files (x86)\Riot Games Two
2013-06-30 03:04:13 0 ----a-w- C:\Windows\ativpsrm.bin
2013-06-29 20:36:07 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2013-06-29 20:34:05 -------- d-----w- C:\Users\Thibauld\AppData\Roaming\Riot Games
2013-06-29 20:09:33 811928 ----a-w- C:\Program Files (x86)\Mozilla Firefox\sqlite3.dll
2013-06-29 20:04:18 -------- d-----w- C:\Users\Thibauld\AppData\Local\Acelogix
2013-06-29 19:52:04 -------- d-----w- C:\Program Files\Ace Utilities
2013-06-28 03:35:13 -------- d-----w- C:\Users\Thibauld\AppData\Roaming\MinMaxGames
2013-06-18 18:35:23 -------- d-----w- C:\Program Files (x86)\osu!
2013-06-18 18:34:31 -------- d-----w- C:\Users\Thibauld\AppData\Roaming\Downloaded Installations
2013-06-18 16:45:48 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-13 03:28:43 701952 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2013-06-12 14:23:31 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-06-12 14:23:31 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-06-12 14:23:31 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-12 14:23:29 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-06-12 14:23:29 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-06-12 14:23:28 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-06-12 14:23:28 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-06-12 14:23:28 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-06-12 14:23:28 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-06-12 14:23:28 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-06-12 14:23:28 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-06-12 14:23:28 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-06-12 14:23:28 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-06-06 03:11:05 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-06 03:10:59 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-06-05 14:30:03 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-06-05 14:30:03 -------- d-----w- C:\Program Files (x86)\World of Warcraft
2013-06-05 14:30:03 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-06-05 14:29:28 -------- d-----w- C:\ProgramData\Battle.net
.
==================== Find3M  ====================
.
2013-06-18 16:45:43 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-18 16:45:43 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-11 23:29:27 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 23:29:27 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-08 12:28:46 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-08 11:13:19 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-06 03:11:05 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-06-06 03:10:59 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH:  6:01:39.46 ===============
 
[attachment=139551:Attach.zip]
 

 

Added attached file to post so it would show. ~ OB


Edited by Orange Blossom, 04 July 2013 - 11:37 PM.


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 PM

Posted 05 July 2013 - 01:40 AM

Hi there,
my name is Marius and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Please read and follow these instructions carefully.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • When the scan is finished, select cure for the following entry.

    Rootkit.Win32.TDSS.tdl3
    (or similar)
  • Hit continue.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.

 

 

 

Combofix


Combofix should only be run when adviced by a team member!


Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 thibauld

thibauld
  • Topic Starter

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Local time:07:35 PM

Posted 05 July 2013 - 03:42 PM

I runned 2 scans with TDSS. The first one was with the standard options, which found no threats. When I checked "detect TDFS file system" it found one threat. There was mp cure option, I skipped. Here is the log:
 
22:37:21.0966 5848  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:37:22.0173 5848  ============================================================
22:37:22.0173 5848  Current date / time: 2013/07/05 22:37:22.0173
22:37:22.0173 5848  SystemInfo:
22:37:22.0173 5848  
22:37:22.0173 5848  OS Version: 6.1.7601 ServicePack: 1.0
22:37:22.0173 5848  Product type: Workstation
22:37:22.0174 5848  ComputerName: THIBAULD-PC
22:37:22.0174 5848  UserName: Thibauld
22:37:22.0174 5848  Windows directory: C:\Windows
22:37:22.0174 5848  System windows directory: C:\Windows
22:37:22.0174 5848  Running under WOW64
22:37:22.0174 5848  Processor architecture: Intel x64
22:37:22.0174 5848  Number of processors: 3
22:37:22.0174 5848  Page size: 0x1000
22:37:22.0174 5848  Boot type: Normal boot
22:37:22.0174 5848  ============================================================
22:37:24.0318 5848  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:37:24.0398 5848  ============================================================
22:37:24.0398 5848  \Device\Harddisk0\DR0:
22:37:24.0398 5848  MBR partitions:
22:37:24.0398 5848  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74704800
22:37:24.0398 5848  ============================================================
22:37:24.0438 5848  C: <-> \Device\Harddisk0\DR0\Partition1
22:37:24.0438 5848  ============================================================
22:37:24.0438 5848  Initialize success
22:37:24.0438 5848  ============================================================
22:37:46.0192 3688  ============================================================
22:37:46.0192 3688  Scan started
22:37:46.0192 3688  Mode: Manual; 
22:37:46.0192 3688  ============================================================
22:37:48.0495 3688  ================ Scan system memory ========================
22:37:48.0496 3688  System memory - ok
22:37:48.0496 3688  ================ Scan services =============================
22:37:48.0741 3688  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:37:48.0744 3688  1394ohci - ok
22:37:48.0779 3688  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:37:48.0783 3688  ACPI - ok
22:37:48.0803 3688  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:37:48.0804 3688  AcpiPmi - ok
22:37:48.0877 3688  [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:37:48.0879 3688  AdobeARMservice - ok
22:37:48.0962 3688  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:37:48.0965 3688  AdobeFlashPlayerUpdateSvc - ok
22:37:49.0007 3688  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:37:49.0013 3688  adp94xx - ok
22:37:49.0043 3688  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:37:49.0047 3688  adpahci - ok
22:37:49.0062 3688  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:37:49.0065 3688  adpu320 - ok
22:37:49.0090 3688  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:37:49.0091 3688  AeLookupSvc - ok
22:37:49.0121 3688  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
22:37:49.0126 3688  AFD - ok
22:37:49.0143 3688  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:37:49.0145 3688  agp440 - ok
22:37:49.0156 3688  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:37:49.0158 3688  ALG - ok
22:37:49.0173 3688  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:37:49.0174 3688  aliide - ok
22:37:49.0214 3688  [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:37:49.0217 3688  AMD External Events Utility - ok
22:37:49.0246 3688  AMD FUEL Service - ok
22:37:49.0260 3688  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
22:37:49.0261 3688  amdide - ok
22:37:49.0297 3688  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
22:37:49.0298 3688  amdiox64 - ok
22:37:49.0309 3688  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:37:49.0311 3688  AmdK8 - ok
22:37:49.0486 3688  [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:37:49.0610 3688  amdkmdag - ok
22:37:49.0631 3688  [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:37:49.0636 3688  amdkmdap - ok
22:37:49.0657 3688  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:37:49.0658 3688  AmdPPM - ok
22:37:49.0695 3688  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:37:49.0697 3688  amdsata - ok
22:37:49.0711 3688  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:37:49.0714 3688  amdsbs - ok
22:37:49.0726 3688  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:37:49.0727 3688  amdxata - ok
22:37:49.0756 3688  [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
22:37:49.0764 3688  AODDriver4.1 - ok
22:37:49.0806 3688  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
22:37:49.0808 3688  AppID - ok
22:37:49.0829 3688  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:37:49.0830 3688  AppIDSvc - ok
22:37:49.0856 3688  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
22:37:49.0857 3688  Appinfo - ok
22:37:49.0919 3688  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:37:49.0928 3688  Apple Mobile Device - ok
22:37:49.0955 3688  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:37:49.0958 3688  AppMgmt - ok
22:37:49.0967 3688  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:37:49.0969 3688  arc - ok
22:37:49.0991 3688  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:37:49.0993 3688  arcsas - ok
22:37:50.0098 3688  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:37:50.0100 3688  aspnet_state - ok
22:37:50.0120 3688  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:37:50.0121 3688  AsyncMac - ok
22:37:50.0130 3688  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
22:37:50.0130 3688  atapi - ok
22:37:50.0157 3688  [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:37:50.0159 3688  AtiHDAudioService - ok
22:37:50.0330 3688  [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:37:50.0389 3688  atikmdag - ok
22:37:50.0437 3688  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:37:50.0444 3688  AudioEndpointBuilder - ok
22:37:50.0453 3688  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:37:50.0456 3688  AudioSrv - ok
22:37:50.0582 3688  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
22:37:50.0644 3688  AVGIDSAgent - ok
22:37:50.0689 3688  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
22:37:50.0733 3688  AVGIDSDriver - ok
22:37:50.0766 3688  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
22:37:50.0783 3688  AVGIDSHA - ok
22:37:50.0796 3688  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
22:37:50.0798 3688  Avgldx64 - ok
22:37:50.0835 3688  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
22:37:50.0839 3688  Avgloga - ok
22:37:50.0851 3688  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
22:37:50.0853 3688  Avgmfx64 - ok
22:37:50.0864 3688  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
22:37:50.0865 3688  Avgrkx64 - ok
22:37:50.0875 3688  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
22:37:50.0877 3688  Avgtdia - ok
22:37:50.0897 3688  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
22:37:50.0900 3688  avgwd - ok
22:37:50.0934 3688  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:37:50.0937 3688  AxInstSV - ok
22:37:50.0974 3688  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:37:50.0980 3688  b06bdrv - ok
22:37:51.0021 3688  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:37:51.0025 3688  b57nd60a - ok
22:37:51.0067 3688  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:37:51.0068 3688  BDESVC - ok
22:37:51.0086 3688  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:37:51.0087 3688  Beep - ok
22:37:51.0135 3688  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
22:37:51.0143 3688  BFE - ok
22:37:51.0183 3688  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
22:37:51.0202 3688  BITS - ok
22:37:51.0220 3688  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:37:51.0221 3688  blbdrive - ok
22:37:51.0290 3688  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:37:51.0295 3688  Bonjour Service - ok
22:37:51.0315 3688  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:37:51.0317 3688  bowser - ok
22:37:51.0336 3688  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:37:51.0337 3688  BrFiltLo - ok
22:37:51.0349 3688  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:37:51.0349 3688  BrFiltUp - ok
22:37:51.0374 3688  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
22:37:51.0377 3688  Browser - ok
22:37:51.0397 3688  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:37:51.0401 3688  Brserid - ok
22:37:51.0419 3688  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:37:51.0421 3688  BrSerWdm - ok
22:37:51.0433 3688  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:37:51.0434 3688  BrUsbMdm - ok
22:37:51.0439 3688  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:37:51.0440 3688  BrUsbSer - ok
22:37:51.0452 3688  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:37:51.0453 3688  BTHMODEM - ok
22:37:51.0466 3688  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:37:51.0468 3688  bthserv - ok
22:37:51.0485 3688  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:37:51.0487 3688  cdfs - ok
22:37:51.0516 3688  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
22:37:51.0518 3688  cdrom - ok
22:37:51.0546 3688  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:37:51.0548 3688  CertPropSvc - ok
22:37:51.0552 3688  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:37:51.0553 3688  circlass - ok
22:37:51.0584 3688  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:37:51.0588 3688  CLFS - ok
22:37:51.0650 3688  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:37:51.0653 3688  clr_optimization_v2.0.50727_32 - ok
22:37:51.0689 3688  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:37:51.0692 3688  clr_optimization_v2.0.50727_64 - ok
22:37:51.0747 3688  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:37:51.0758 3688  clr_optimization_v4.0.30319_32 - ok
22:37:51.0775 3688  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:37:51.0777 3688  clr_optimization_v4.0.30319_64 - ok
22:37:51.0781 3688  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:37:51.0785 3688  CmBatt - ok
22:37:51.0814 3688  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:37:51.0815 3688  cmdide - ok
22:37:51.0840 3688  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
22:37:51.0845 3688  CNG - ok
22:37:51.0857 3688  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:37:51.0858 3688  Compbatt - ok
22:37:51.0868 3688  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:37:51.0870 3688  CompositeBus - ok
22:37:51.0873 3688  COMSysApp - ok
22:37:51.0877 3688  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:37:51.0878 3688  crcdisk - ok
22:37:51.0891 3688  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:37:51.0894 3688  CryptSvc - ok
22:37:51.0921 3688  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
22:37:51.0927 3688  CSC - ok
22:37:51.0966 3688  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
22:37:51.0974 3688  CscService - ok
22:37:52.0012 3688  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:37:52.0019 3688  DcomLaunch - ok
22:37:52.0051 3688  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:37:52.0055 3688  defragsvc - ok
22:37:52.0080 3688  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:37:52.0082 3688  DfsC - ok
22:37:52.0099 3688  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:37:52.0103 3688  Dhcp - ok
22:37:52.0115 3688  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:37:52.0116 3688  discache - ok
22:37:52.0135 3688  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:37:52.0137 3688  Disk - ok
22:37:52.0151 3688  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:37:52.0154 3688  Dnscache - ok
22:37:52.0187 3688  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:37:52.0190 3688  dot3svc - ok
22:37:52.0220 3688  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
22:37:52.0222 3688  DPS - ok
22:37:52.0240 3688  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:37:52.0254 3688  drmkaud - ok
22:37:52.0289 3688  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:37:52.0297 3688  dtsoftbus01 - ok
22:37:52.0342 3688  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:37:52.0353 3688  DXGKrnl - ok
22:37:52.0383 3688  EagleX64 - ok
22:37:52.0413 3688  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:37:52.0415 3688  EapHost - ok
22:37:52.0479 3688  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:37:52.0510 3688  ebdrv - ok
22:37:52.0539 3688  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
22:37:52.0540 3688  EFS - ok
22:37:52.0560 3688  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:37:52.0566 3688  elxstor - ok
22:37:52.0578 3688  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:37:52.0579 3688  ErrDev - ok
22:37:52.0600 3688  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:37:52.0604 3688  EventSystem - ok
22:37:52.0626 3688  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:37:52.0628 3688  exfat - ok
22:37:52.0652 3688  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:37:52.0655 3688  fastfat - ok
22:37:52.0661 3688  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:37:52.0663 3688  fdc - ok
22:37:52.0690 3688  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:37:52.0692 3688  fdPHost - ok
22:37:52.0703 3688  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:37:52.0704 3688  FDResPub - ok
22:37:52.0741 3688  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:37:52.0743 3688  FileInfo - ok
22:37:52.0751 3688  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:37:52.0752 3688  Filetrace - ok
22:37:52.0760 3688  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:37:52.0761 3688  flpydisk - ok
22:37:52.0798 3688  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:37:52.0801 3688  FltMgr - ok
22:37:52.0847 3688  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
22:37:52.0860 3688  FontCache - ok
22:37:52.0912 3688  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:37:52.0929 3688  FontCache3.0.0.0 - ok
22:37:52.0943 3688  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:37:52.0945 3688  FsDepends - ok
22:37:52.0959 3688  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:37:52.0960 3688  Fs_Rec - ok
22:37:52.0979 3688  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:37:52.0982 3688  fvevol - ok
22:37:52.0992 3688  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:37:52.0993 3688  gagp30kx - ok
22:37:53.0016 3688  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:37:53.0017 3688  GEARAspiWDM - ok
22:37:53.0064 3688  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
22:37:53.0072 3688  gpsvc - ok
22:37:53.0111 3688  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
22:37:53.0116 3688  hamachi - ok
22:37:53.0183 3688  [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
22:37:53.0207 3688  Hamachi2Svc - ok
22:37:53.0222 3688  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:37:53.0224 3688  hcw85cir - ok
22:37:53.0279 3688  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:37:53.0284 3688  HdAudAddService - ok
22:37:53.0315 3688  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:37:53.0317 3688  HDAudBus - ok
22:37:53.0330 3688  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:37:53.0332 3688  HidBatt - ok
22:37:53.0344 3688  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:37:53.0346 3688  HidBth - ok
22:37:53.0371 3688  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:37:53.0373 3688  HidIr - ok
22:37:53.0400 3688  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
22:37:53.0402 3688  hidserv - ok
22:37:53.0441 3688  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:37:53.0442 3688  HidUsb - ok
22:37:53.0470 3688  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:37:53.0472 3688  hkmsvc - ok
22:37:53.0505 3688  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:37:53.0508 3688  HomeGroupListener - ok
22:37:53.0535 3688  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:37:53.0538 3688  HomeGroupProvider - ok
22:37:53.0556 3688  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:37:53.0557 3688  HpSAMD - ok
22:37:53.0601 3688  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:37:53.0609 3688  HTTP - ok
22:37:53.0625 3688  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:37:53.0626 3688  hwpolicy - ok
22:37:53.0656 3688  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:37:53.0658 3688  i8042prt - ok
22:37:53.0694 3688  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:37:53.0699 3688  iaStorV - ok
22:37:53.0751 3688  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:37:53.0755 3688  IDriverT - ok
22:37:53.0790 3688  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:37:53.0799 3688  idsvc - ok
22:37:53.0833 3688  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:37:53.0834 3688  iirsp - ok
22:37:53.0862 3688  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:37:53.0871 3688  IKEEXT - ok
22:37:53.0884 3688  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
22:37:53.0885 3688  intelide - ok
22:37:53.0894 3688  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:37:53.0896 3688  intelppm - ok
22:37:53.0924 3688  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:37:53.0926 3688  IPBusEnum - ok
22:37:53.0936 3688  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:37:53.0937 3688  IpFilterDriver - ok
22:37:53.0962 3688  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:37:53.0969 3688  iphlpsvc - ok
22:37:53.0986 3688  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:37:53.0988 3688  IPMIDRV - ok
22:37:54.0007 3688  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:37:54.0009 3688  IPNAT - ok
22:37:54.0049 3688  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:37:54.0068 3688  iPod Service - ok
22:37:54.0087 3688  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:37:54.0088 3688  IRENUM - ok
22:37:54.0097 3688  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:37:54.0098 3688  isapnp - ok
22:37:54.0114 3688  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:37:54.0117 3688  iScsiPrt - ok
22:37:54.0132 3688  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:37:54.0134 3688  kbdclass - ok
22:37:54.0144 3688  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:37:54.0145 3688  kbdhid - ok
22:37:54.0156 3688  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
22:37:54.0157 3688  KeyIso - ok
22:37:54.0180 3688  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:37:54.0182 3688  KSecDD - ok
22:37:54.0199 3688  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:37:54.0202 3688  KSecPkg - ok
22:37:54.0207 3688  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:37:54.0208 3688  ksthunk - ok
22:37:54.0242 3688  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:37:54.0247 3688  KtmRm - ok
22:37:54.0302 3688  [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
22:37:54.0307 3688  LADF_CaptureOnly - ok
22:37:54.0320 3688  [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
22:37:54.0324 3688  LADF_RenderOnly - ok
22:37:54.0349 3688  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:37:54.0352 3688  LanmanServer - ok
22:37:54.0385 3688  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:37:54.0402 3688  LanmanWorkstation - ok
22:37:54.0445 3688  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
22:37:54.0454 3688  LGBusEnum - ok
22:37:54.0463 3688  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
22:37:54.0464 3688  LGVirHid - ok
22:37:54.0473 3688  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:37:54.0475 3688  lltdio - ok
22:37:54.0508 3688  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:37:54.0512 3688  lltdsvc - ok
22:37:54.0531 3688  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:37:54.0532 3688  lmhosts - ok
22:37:54.0556 3688  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:37:54.0558 3688  LSI_FC - ok
22:37:54.0571 3688  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:37:54.0573 3688  LSI_SAS - ok
22:37:54.0583 3688  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:37:54.0584 3688  LSI_SAS2 - ok
22:37:54.0597 3688  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:37:54.0599 3688  LSI_SCSI - ok
22:37:54.0612 3688  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:37:54.0614 3688  luafv - ok
22:37:54.0646 3688  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:37:54.0647 3688  MBAMProtector - ok
22:37:54.0685 3688  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:37:54.0690 3688  MBAMScheduler - ok
22:37:54.0709 3688  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:37:54.0717 3688  MBAMService - ok
22:37:54.0726 3688  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:37:54.0727 3688  megasas - ok
22:37:54.0739 3688  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:37:54.0743 3688  MegaSR - ok
22:37:54.0784 3688  Microsoft SharePoint Workspace Audit Service - ok
22:37:54.0798 3688  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:37:54.0799 3688  MMCSS - ok
22:37:54.0805 3688  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:37:54.0807 3688  Modem - ok
22:37:54.0826 3688  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:37:54.0827 3688  monitor - ok
22:37:54.0865 3688  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:37:54.0866 3688  mouclass - ok
22:37:54.0881 3688  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:37:54.0882 3688  mouhid - ok
22:37:54.0912 3688  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:37:54.0914 3688  mountmgr - ok
22:37:54.0942 3688  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:37:54.0944 3688  MozillaMaintenance - ok
22:37:54.0975 3688  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:37:54.0977 3688  mpio - ok
22:37:54.0991 3688  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:37:54.0993 3688  mpsdrv - ok
22:37:55.0036 3688  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:37:55.0045 3688  MpsSvc - ok
22:37:55.0077 3688  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:37:55.0079 3688  MRxDAV - ok
22:37:55.0108 3688  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:37:55.0110 3688  mrxsmb - ok
22:37:55.0123 3688  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:37:55.0127 3688  mrxsmb10 - ok
22:37:55.0142 3688  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:37:55.0144 3688  mrxsmb20 - ok
22:37:55.0179 3688  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:37:55.0181 3688  msahci - ok
22:37:55.0196 3688  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:37:55.0198 3688  msdsm - ok
22:37:55.0208 3688  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:37:55.0210 3688  MSDTC - ok
22:37:55.0240 3688  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:37:55.0241 3688  Msfs - ok
22:37:55.0254 3688  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:37:55.0255 3688  mshidkmdf - ok
22:37:55.0286 3688  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:37:55.0287 3688  msisadrv - ok
22:37:55.0332 3688  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:37:55.0335 3688  MSiSCSI - ok
22:37:55.0338 3688  msiserver - ok
22:37:55.0355 3688  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:37:55.0356 3688  MSKSSRV - ok
22:37:55.0367 3688  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:37:55.0368 3688  MSPCLOCK - ok
22:37:55.0372 3688  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:37:55.0391 3688  MSPQM - ok
22:37:55.0437 3688  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:37:55.0441 3688  MsRPC - ok
22:37:55.0447 3688  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:37:55.0448 3688  mssmbios - ok
22:37:55.0451 3688  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:37:55.0452 3688  MSTEE - ok
22:37:55.0467 3688  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:37:55.0469 3688  MTConfig - ok
22:37:55.0489 3688  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:37:55.0491 3688  Mup - ok
22:37:55.0509 3688  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
22:37:55.0515 3688  napagent - ok
22:37:55.0539 3688  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:37:55.0543 3688  NativeWifiP - ok
22:37:55.0570 3688  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:37:55.0580 3688  NDIS - ok
22:37:55.0592 3688  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:37:55.0593 3688  NdisCap - ok
22:37:55.0604 3688  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:37:55.0606 3688  NdisTapi - ok
22:37:55.0641 3688  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:37:55.0643 3688  Ndisuio - ok
22:37:55.0675 3688  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:37:55.0677 3688  NdisWan - ok
22:37:55.0695 3688  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:37:55.0697 3688  NDProxy - ok
22:37:55.0712 3688  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:37:55.0713 3688  NetBIOS - ok
22:37:55.0730 3688  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:37:55.0733 3688  NetBT - ok
22:37:55.0748 3688  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:37:55.0749 3688  Netlogon - ok
22:37:55.0796 3688  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:37:55.0844 3688  Netman - ok
22:37:55.0888 3688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:37:55.0897 3688  NetMsmqActivator - ok
22:37:55.0901 3688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:37:55.0902 3688  NetPipeActivator - ok
22:37:55.0923 3688  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:37:55.0928 3688  netprofm - ok
22:37:55.0975 3688  [ D66596DB0A0739A89C25B590CE36D628 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
22:37:55.0994 3688  netr28x - ok
22:37:56.0008 3688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:37:56.0009 3688  NetTcpActivator - ok
22:37:56.0012 3688  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:37:56.0013 3688  NetTcpPortSharing - ok
22:37:56.0022 3688  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:37:56.0024 3688  nfrd960 - ok
22:37:56.0050 3688  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:37:56.0054 3688  NlaSvc - ok
22:37:56.0090 3688  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
22:37:56.0095 3688  NPF - ok
22:37:56.0102 3688  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:37:56.0104 3688  Npfs - ok
22:37:56.0132 3688  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:37:56.0134 3688  nsi - ok
22:37:56.0146 3688  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:37:56.0147 3688  nsiproxy - ok
22:37:56.0189 3688  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:37:56.0206 3688  Ntfs - ok
22:37:56.0216 3688  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:37:56.0218 3688  Null - ok
22:37:56.0245 3688  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:37:56.0247 3688  nvraid - ok
22:37:56.0265 3688  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:37:56.0268 3688  nvstor - ok
22:37:56.0291 3688  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:37:56.0293 3688  nv_agp - ok
22:37:56.0313 3688  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:37:56.0315 3688  ohci1394 - ok
22:37:56.0361 3688  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:37:56.0363 3688  ose - ok
22:37:56.0480 3688  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:37:56.0549 3688  osppsvc - ok
22:37:56.0583 3688  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:37:56.0587 3688  p2pimsvc - ok
22:37:56.0602 3688  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:37:56.0608 3688  p2psvc - ok
22:37:56.0626 3688  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:37:56.0628 3688  Parport - ok
22:37:56.0653 3688  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:37:56.0655 3688  partmgr - ok
22:37:56.0667 3688  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:37:56.0670 3688  PcaSvc - ok
22:37:56.0685 3688  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
22:37:56.0688 3688  pci - ok
22:37:56.0700 3688  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:37:56.0701 3688  pciide - ok
22:37:56.0724 3688  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:37:56.0727 3688  pcmcia - ok
22:37:56.0744 3688  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:37:56.0746 3688  pcw - ok
22:37:56.0764 3688  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:37:56.0771 3688  PEAUTH - ok
22:37:56.0801 3688  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:37:56.0815 3688  PeerDistSvc - ok
22:37:56.0894 3688  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:37:56.0896 3688  PerfHost - ok
22:37:56.0945 3688  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
22:37:56.0960 3688  pla - ok
22:37:56.0989 3688  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:37:56.0994 3688  PlugPlay - ok
22:37:57.0006 3688  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:37:57.0008 3688  PNRPAutoReg - ok
22:37:57.0014 3688  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:37:57.0017 3688  PNRPsvc - ok
22:37:57.0081 3688  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:37:57.0087 3688  PolicyAgent - ok
22:37:57.0116 3688  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:37:57.0119 3688  Power - ok
22:37:57.0152 3688  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:37:57.0154 3688  PptpMiniport - ok
22:37:57.0172 3688  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:37:57.0173 3688  Processor - ok
22:37:57.0189 3688  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
22:37:57.0192 3688  ProfSvc - ok
22:37:57.0200 3688  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:37:57.0201 3688  ProtectedStorage - ok
22:37:57.0240 3688  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:37:57.0241 3688  Psched - ok
22:37:57.0279 3688  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:37:57.0294 3688  ql2300 - ok
22:37:57.0309 3688  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:37:57.0311 3688  ql40xx - ok
22:37:57.0328 3688  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:37:57.0332 3688  QWAVE - ok
22:37:57.0346 3688  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:37:57.0347 3688  QWAVEdrv - ok
22:37:57.0363 3688  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:37:57.0364 3688  RasAcd - ok
22:37:57.0388 3688  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:37:57.0389 3688  RasAgileVpn - ok
22:37:57.0402 3688  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:37:57.0404 3688  RasAuto - ok
22:37:57.0438 3688  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:37:57.0440 3688  Rasl2tp - ok
22:37:57.0454 3688  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:37:57.0459 3688  RasMan - ok
22:37:57.0470 3688  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:37:57.0472 3688  RasPppoe - ok
22:37:57.0486 3688  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:37:57.0488 3688  RasSstp - ok
22:37:57.0517 3688  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:37:57.0521 3688  rdbss - ok
22:37:57.0536 3688  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:37:57.0537 3688  rdpbus - ok
22:37:57.0552 3688  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:37:57.0553 3688  RDPCDD - ok
22:37:57.0587 3688  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:37:57.0589 3688  RDPDR - ok
22:37:57.0599 3688  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:37:57.0600 3688  RDPENCDD - ok
22:37:57.0613 3688  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:37:57.0614 3688  RDPREFMP - ok
22:37:57.0652 3688  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:37:57.0653 3688  RdpVideoMiniport - ok
22:37:57.0676 3688  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:37:57.0679 3688  RDPWD - ok
22:37:57.0708 3688  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:37:57.0711 3688  rdyboost - ok
22:37:57.0758 3688  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:37:57.0773 3688  RemoteAccess - ok
22:37:57.0798 3688  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:37:57.0801 3688  RemoteRegistry - ok
22:37:57.0836 3688  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
22:37:57.0838 3688  rpcapd - ok
22:37:57.0851 3688  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:37:57.0853 3688  RpcEptMapper - ok
22:37:57.0883 3688  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:37:57.0884 3688  RpcLocator - ok
22:37:57.0917 3688  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
22:37:57.0921 3688  RpcSs - ok
22:37:57.0944 3688  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:37:57.0946 3688  rspndr - ok
22:37:57.0986 3688  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:37:57.0989 3688  RTL8167 - ok
22:37:58.0035 3688  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:37:58.0036 3688  s3cap - ok
22:37:58.0046 3688  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
22:37:58.0047 3688  SamSs - ok
22:37:58.0069 3688  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:37:58.0071 3688  sbp2port - ok
22:37:58.0100 3688  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:37:58.0103 3688  SCardSvr - ok
22:37:58.0149 3688  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:37:58.0151 3688  scfilter - ok
22:37:58.0189 3688  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
22:37:58.0201 3688  Schedule - ok
22:37:58.0230 3688  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:37:58.0231 3688  SCPolicySvc - ok
22:37:58.0259 3688  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:37:58.0262 3688  SDRSVC - ok
22:37:58.0271 3688  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:37:58.0272 3688  secdrv - ok
22:37:58.0305 3688  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:37:58.0308 3688  seclogon - ok
22:37:58.0320 3688  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:37:58.0322 3688  SENS - ok
22:37:58.0338 3688  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:37:58.0340 3688  SensrSvc - ok
22:37:58.0350 3688  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:37:58.0351 3688  Serenum - ok
22:37:58.0366 3688  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:37:58.0368 3688  Serial - ok
22:37:58.0377 3688  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:37:58.0379 3688  sermouse - ok
22:37:58.0410 3688  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:37:58.0412 3688  SessionEnv - ok
22:37:58.0452 3688  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:37:58.0453 3688  sffdisk - ok
22:37:58.0464 3688  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:37:58.0465 3688  sffp_mmc - ok
22:37:58.0476 3688  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:37:58.0477 3688  sffp_sd - ok
22:37:58.0491 3688  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:37:58.0492 3688  sfloppy - ok
22:37:58.0531 3688  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:37:58.0536 3688  SharedAccess - ok
22:37:58.0596 3688  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:37:58.0601 3688  ShellHWDetection - ok
22:37:58.0623 3688  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:37:58.0625 3688  SiSRaid2 - ok
22:37:58.0639 3688  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:37:58.0641 3688  SiSRaid4 - ok
22:37:58.0694 3688  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:37:58.0697 3688  SkypeUpdate - ok
22:37:58.0718 3688  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:37:58.0733 3688  Smb - ok
22:37:58.0767 3688  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:37:58.0769 3688  SNMPTRAP - ok
22:37:58.0776 3688  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:37:58.0777 3688  spldr - ok
22:37:58.0795 3688  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
22:37:58.0802 3688  Spooler - ok
22:37:58.0876 3688  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:37:58.0910 3688  sppsvc - ok
22:37:58.0925 3688  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:37:58.0926 3688  sppuinotify - ok
22:37:58.0949 3688  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:37:58.0954 3688  srv - ok
22:37:58.0969 3688  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:37:58.0974 3688  srv2 - ok
22:37:58.0988 3688  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:37:58.0990 3688  srvnet - ok
22:37:59.0021 3688  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:37:59.0024 3688  SSDPSRV - ok
22:37:59.0039 3688  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:37:59.0041 3688  SstpSvc - ok
22:37:59.0058 3688  Steam Client Service - ok
22:37:59.0075 3688  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:37:59.0077 3688  stexstor - ok
22:37:59.0118 3688  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:37:59.0125 3688  stisvc - ok
22:37:59.0156 3688  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:37:59.0157 3688  storflt - ok
22:37:59.0170 3688  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:37:59.0171 3688  storvsc - ok
22:37:59.0199 3688  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:37:59.0218 3688  swenum - ok
22:37:59.0238 3688  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:37:59.0244 3688  swprv - ok
22:37:59.0265 3688  Synth3dVsc - ok
22:37:59.0316 3688  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
22:37:59.0334 3688  SysMain - ok
22:37:59.0368 3688  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:37:59.0370 3688  TabletInputService - ok
22:37:59.0401 3688  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:37:59.0406 3688  TapiSrv - ok
22:37:59.0441 3688  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:37:59.0443 3688  TBS - ok
22:37:59.0493 3688  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:37:59.0511 3688  Tcpip - ok
22:37:59.0545 3688  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:37:59.0554 3688  TCPIP6 - ok
22:37:59.0585 3688  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:37:59.0587 3688  tcpipreg - ok
22:37:59.0598 3688  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:37:59.0599 3688  TDPIPE - ok
22:37:59.0626 3688  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:37:59.0627 3688  TDTCP - ok
22:37:59.0657 3688  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:37:59.0659 3688  tdx - ok
22:37:59.0693 3688  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:37:59.0695 3688  TermDD - ok
22:37:59.0731 3688  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
22:37:59.0740 3688  TermService - ok
22:37:59.0758 3688  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:37:59.0760 3688  Themes - ok
22:37:59.0790 3688  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:37:59.0792 3688  THREADORDER - ok
22:37:59.0806 3688  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:37:59.0809 3688  TrkWks - ok
22:37:59.0848 3688  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:37:59.0850 3688  TrustedInstaller - ok
22:37:59.0886 3688  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:37:59.0887 3688  tssecsrv - ok
22:37:59.0918 3688  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:37:59.0919 3688  TsUsbFlt - ok
22:37:59.0935 3688  tsusbhub - ok
22:37:59.0972 3688  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:37:59.0974 3688  tunnel - ok
22:37:59.0990 3688  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:37:59.0992 3688  uagp35 - ok
22:38:00.0023 3688  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:38:00.0028 3688  udfs - ok
22:38:00.0048 3688  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:38:00.0050 3688  UI0Detect - ok
22:38:00.0068 3688  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:38:00.0070 3688  uliagpkx - ok
22:38:00.0118 3688  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
22:38:00.0120 3688  umbus - ok
22:38:00.0131 3688  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:38:00.0132 3688  UmPass - ok
22:38:00.0149 3688  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
22:38:00.0153 3688  UmRdpService - ok
22:38:00.0168 3688  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:38:00.0173 3688  upnphost - ok
22:38:00.0201 3688  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
22:38:00.0202 3688  USBAAPL64 - ok
22:38:00.0234 3688  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:38:00.0236 3688  usbaudio - ok
22:38:00.0247 3688  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:38:00.0249 3688  usbccgp - ok
22:38:00.0279 3688  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:38:00.0281 3688  usbcir - ok
22:38:00.0299 3688  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:38:00.0313 3688  usbehci - ok
22:38:00.0333 3688  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
22:38:00.0348 3688  usbhub - ok
22:38:00.0365 3688  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:38:00.0366 3688  usbohci - ok
22:38:00.0379 3688  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:38:00.0380 3688  usbprint - ok
22:38:00.0398 3688  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
22:38:00.0400 3688  USBSTOR - ok
22:38:00.0412 3688  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:38:00.0413 3688  usbuhci - ok
22:38:00.0427 3688  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:38:00.0429 3688  UxSms - ok
22:38:00.0442 3688  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:38:00.0443 3688  VaultSvc - ok
22:38:00.0452 3688  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:38:00.0454 3688  vdrvroot - ok
22:38:00.0480 3688  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
22:38:00.0487 3688  vds - ok
22:38:00.0504 3688  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:38:00.0506 3688  vga - ok
22:38:00.0512 3688  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:38:00.0513 3688  VgaSave - ok
22:38:00.0516 3688  VGPU - ok
22:38:00.0539 3688  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:38:00.0553 3688  vhdmp - ok
22:38:00.0576 3688  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:38:00.0577 3688  viaide - ok
22:38:00.0586 3688  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:38:00.0590 3688  vmbus - ok
22:38:00.0602 3688  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:38:00.0604 3688  VMBusHID - ok
22:38:00.0620 3688  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:38:00.0622 3688  volmgr - ok
22:38:00.0674 3688  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:38:00.0679 3688  volmgrx - ok
22:38:00.0695 3688  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:38:00.0699 3688  volsnap - ok
22:38:00.0716 3688  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:38:00.0719 3688  vsmraid - ok
22:38:00.0769 3688  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
22:38:00.0786 3688  VSS - ok
22:38:00.0796 3688  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:38:00.0798 3688  vwifibus - ok
22:38:00.0821 3688  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:38:00.0822 3688  vwififlt - ok
22:38:00.0852 3688  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:38:00.0857 3688  W32Time - ok
22:38:00.0878 3688  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:38:00.0880 3688  WacomPen - ok
22:38:00.0920 3688  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:38:00.0922 3688  WANARP - ok
22:38:00.0925 3688  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:38:00.0926 3688  Wanarpv6 - ok
22:38:00.0967 3688  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:38:01.0002 3688  WatAdminSvc - ok
22:38:01.0037 3688  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:38:01.0053 3688  wbengine - ok
22:38:01.0067 3688  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:38:01.0071 3688  WbioSrvc - ok
22:38:01.0100 3688  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:38:01.0105 3688  wcncsvc - ok
22:38:01.0118 3688  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:38:01.0120 3688  WcsPlugInService - ok
22:38:01.0124 3688  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:38:01.0125 3688  Wd - ok
22:38:01.0149 3688  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:38:01.0156 3688  Wdf01000 - ok
22:38:01.0169 3688  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:38:01.0171 3688  WdiServiceHost - ok
22:38:01.0174 3688  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:38:01.0176 3688  WdiSystemHost - ok
22:38:01.0211 3688  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
22:38:01.0215 3688  WebClient - ok
22:38:01.0231 3688  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:38:01.0235 3688  Wecsvc - ok
22:38:01.0251 3688  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:38:01.0254 3688  wercplsupport - ok
22:38:01.0276 3688  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:38:01.0278 3688  WerSvc - ok
22:38:01.0285 3688  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:38:01.0286 3688  WfpLwf - ok
22:38:01.0293 3688  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:38:01.0295 3688  WIMMount - ok
22:38:01.0319 3688  WinDefend - ok
22:38:01.0325 3688  WinHttpAutoProxySvc - ok
22:38:01.0383 3688  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:38:01.0387 3688  Winmgmt - ok
22:38:01.0424 3688  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
22:38:01.0444 3688  WinRM - ok
22:38:01.0469 3688  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:38:01.0470 3688  WinUsb - ok
22:38:01.0508 3688  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:38:01.0518 3688  Wlansvc - ok
22:38:01.0541 3688  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:38:01.0542 3688  WmiAcpi - ok
22:38:01.0561 3688  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:38:01.0564 3688  wmiApSrv - ok
22:38:01.0572 3688  WMPNetworkSvc - ok
22:38:01.0585 3688  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:38:01.0587 3688  WPCSvc - ok
22:38:01.0611 3688  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:38:01.0614 3688  WPDBusEnum - ok
22:38:01.0627 3688  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:38:01.0628 3688  ws2ifsl - ok
22:38:01.0644 3688  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
22:38:01.0647 3688  wscsvc - ok
22:38:01.0650 3688  WSearch - ok
22:38:01.0709 3688  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:38:01.0739 3688  wuauserv - ok
22:38:01.0750 3688  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:38:01.0752 3688  WudfPf - ok
22:38:01.0787 3688  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:38:01.0790 3688  WUDFRd - ok
22:38:01.0822 3688  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:38:01.0825 3688  wudfsvc - ok
22:38:01.0841 3688  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:38:01.0844 3688  WwanSvc - ok
22:38:01.0934 3688  X6va012 - ok
22:38:01.0972 3688  [ 110F1BC710AD99423114CAE79F83C0F7 ] {09BB444F-B2E2-4009-BAF2-7B727681223E} C:\Program Files (x86)\VMLaunch\BuddyVM.sys
22:38:01.0980 3688  {09BB444F-B2E2-4009-BAF2-7B727681223E} - ok
22:38:01.0994 3688  ================ Scan global ===============================
22:38:02.0027 3688  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:38:02.0055 3688  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:38:02.0066 3688  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:38:02.0100 3688  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:38:02.0117 3688  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:38:02.0122 3688  [Global] - ok
22:38:02.0122 3688  ================ Scan MBR ==================================
22:38:02.0131 3688  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:38:02.0273 3688  \Device\Harddisk0\DR0 - ok
22:38:02.0273 3688  ================ Scan VBR ==================================
22:38:02.0276 3688  [ 117AD0D09F06727BC770A56F219BAD52 ] \Device\Harddisk0\DR0\Partition1
22:38:02.0286 3688  \Device\Harddisk0\DR0\Partition1 - ok
22:38:02.0286 3688  ============================================================
22:38:02.0286 3688  Scan finished
22:38:02.0286 3688  ============================================================
22:38:02.0293 6868  Detected object count: 0
22:38:02.0293 6868  Actual detected object count: 0
22:38:32.0990 6908  ============================================================
22:38:32.0991 6908  Scan started
22:38:32.0991 6908  Mode: Manual; TDLFS; 
22:38:32.0991 6908  ============================================================
22:38:33.0176 6908  ================ Scan system memory ========================
22:38:33.0176 6908  System memory - ok
22:38:33.0176 6908  ================ Scan services =============================
22:38:33.0295 6908  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:38:33.0296 6908  1394ohci - ok
22:38:33.0333 6908  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:38:33.0335 6908  ACPI - ok
22:38:33.0349 6908  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:38:33.0349 6908  AcpiPmi - ok
22:38:33.0415 6908  [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:38:33.0416 6908  AdobeARMservice - ok
22:38:33.0499 6908  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:38:33.0501 6908  AdobeFlashPlayerUpdateSvc - ok
22:38:33.0536 6908  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:38:33.0539 6908  adp94xx - ok
22:38:33.0556 6908  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:38:33.0558 6908  adpahci - ok
22:38:33.0567 6908  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:38:33.0568 6908  adpu320 - ok
22:38:33.0595 6908  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:38:33.0595 6908  AeLookupSvc - ok
22:38:33.0625 6908  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
22:38:33.0628 6908  AFD - ok
22:38:33.0648 6908  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:38:33.0648 6908  agp440 - ok
22:38:33.0661 6908  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
22:38:33.0662 6908  ALG - ok
22:38:33.0677 6908  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:38:33.0677 6908  aliide - ok
22:38:33.0702 6908  [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:38:33.0703 6908  AMD External Events Utility - ok
22:38:33.0734 6908  AMD FUEL Service - ok
22:38:33.0748 6908  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
22:38:33.0748 6908  amdide - ok
22:38:33.0776 6908  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
22:38:33.0777 6908  amdiox64 - ok
22:38:33.0788 6908  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:38:33.0789 6908  AmdK8 - ok
22:38:33.0971 6908  [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:38:34.0029 6908  amdkmdag - ok
22:38:34.0053 6908  [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:38:34.0055 6908  amdkmdap - ok
22:38:34.0070 6908  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:38:34.0071 6908  AmdPPM - ok
22:38:34.0099 6908  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:38:34.0100 6908  amdsata - ok
22:38:34.0116 6908  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:38:34.0117 6908  amdsbs - ok
22:38:34.0131 6908  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:38:34.0131 6908  amdxata - ok
22:38:34.0145 6908  [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
22:38:34.0145 6908  AODDriver4.1 - ok
22:38:34.0169 6908  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
22:38:34.0170 6908  AppID - ok
22:38:34.0192 6908  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:38:34.0193 6908  AppIDSvc - ok
22:38:34.0219 6908  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
22:38:34.0220 6908  Appinfo - ok
22:38:34.0258 6908  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:38:34.0259 6908  Apple Mobile Device - ok
22:38:34.0277 6908  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:38:34.0278 6908  AppMgmt - ok
22:38:34.0289 6908  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:38:34.0290 6908  arc - ok
22:38:34.0297 6908  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:38:34.0298 6908  arcsas - ok
22:38:34.0395 6908  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:38:34.0396 6908  aspnet_state - ok
22:38:34.0409 6908  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:38:34.0409 6908  AsyncMac - ok
22:38:34.0418 6908  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
22:38:34.0419 6908  atapi - ok
22:38:34.0429 6908  [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:38:34.0430 6908  AtiHDAudioService - ok
22:38:34.0601 6908  [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:38:34.0659 6908  atikmdag - ok
22:38:34.0700 6908  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:38:34.0704 6908  AudioEndpointBuilder - ok
22:38:34.0713 6908  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:38:34.0717 6908  AudioSrv - ok
22:38:34.0837 6908  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
22:38:34.0866 6908  AVGIDSAgent - ok
22:38:34.0887 6908  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
22:38:34.0888 6908  AVGIDSDriver - ok
22:38:34.0897 6908  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
22:38:34.0898 6908  AVGIDSHA - ok
22:38:34.0918 6908  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
22:38:34.0920 6908  Avgldx64 - ok
22:38:34.0941 6908  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
22:38:34.0943 6908  Avgloga - ok
22:38:34.0958 6908  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
22:38:34.0958 6908  Avgmfx64 - ok
22:38:34.0970 6908  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
22:38:34.0971 6908  Avgrkx64 - ok
22:38:34.0981 6908  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
22:38:34.0982 6908  Avgtdia - ok
22:38:35.0003 6908  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
22:38:35.0004 6908  avgwd - ok
22:38:35.0032 6908  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:38:35.0033 6908  AxInstSV - ok
22:38:35.0064 6908  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
22:38:35.0066 6908  b06bdrv - ok
22:38:35.0086 6908  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:38:35.0088 6908  b57nd60a - ok
22:38:35.0115 6908  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:38:35.0116 6908  BDESVC - ok
22:38:35.0126 6908  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:38:35.0126 6908  Beep - ok
22:38:35.0150 6908  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
22:38:35.0154 6908  BFE - ok
22:38:35.0181 6908  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
22:38:35.0186 6908  BITS - ok
22:38:35.0202 6908  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:38:35.0203 6908  blbdrive - ok
22:38:35.0255 6908  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:38:35.0257 6908  Bonjour Service - ok
22:38:35.0272 6908  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:38:35.0273 6908  bowser - ok
22:38:35.0293 6908  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:38:35.0293 6908  BrFiltLo - ok
22:38:35.0305 6908  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:38:35.0306 6908  BrFiltUp - ok
22:38:35.0331 6908  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
22:38:35.0332 6908  Browser - ok
22:38:35.0354 6908  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:38:35.0356 6908  Brserid - ok
22:38:35.0376 6908  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:38:35.0377 6908  BrSerWdm - ok
22:38:35.0390 6908  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:38:35.0390 6908  BrUsbMdm - ok
22:38:35.0396 6908  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:38:35.0397 6908  BrUsbSer - ok
22:38:35.0409 6908  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:38:35.0409 6908  BTHMODEM - ok
22:38:35.0423 6908  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
22:38:35.0424 6908  bthserv - ok
22:38:35.0434 6908  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:38:35.0434 6908  cdfs - ok
22:38:35.0465 6908  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
22:38:35.0466 6908  cdrom - ok
22:38:35.0494 6908  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:38:35.0495 6908  CertPropSvc - ok
22:38:35.0499 6908  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:38:35.0500 6908  circlass - ok
22:38:35.0532 6908  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
22:38:35.0535 6908  CLFS - ok
22:38:35.0599 6908  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:38:35.0600 6908  clr_optimization_v2.0.50727_32 - ok
22:38:35.0630 6908  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:38:35.0631 6908  clr_optimization_v2.0.50727_64 - ok
22:38:35.0679 6908  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:38:35.0680 6908  clr_optimization_v4.0.30319_32 - ok
22:38:35.0690 6908  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:38:35.0691 6908  clr_optimization_v4.0.30319_64 - ok
22:38:35.0695 6908  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:38:35.0696 6908  CmBatt - ok
22:38:35.0721 6908  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:38:35.0722 6908  cmdide - ok
22:38:35.0747 6908  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
22:38:35.0750 6908  CNG - ok
22:38:35.0764 6908  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:38:35.0765 6908  Compbatt - ok
22:38:35.0776 6908  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:38:35.0776 6908  CompositeBus - ok
22:38:35.0780 6908  COMSysApp - ok
22:38:35.0787 6908  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:38:35.0788 6908  crcdisk - ok
22:38:35.0807 6908  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:38:35.0808 6908  CryptSvc - ok
22:38:35.0845 6908  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
22:38:35.0848 6908  CSC - ok
22:38:35.0882 6908  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
22:38:35.0885 6908  CscService - ok
22:38:35.0928 6908  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:38:35.0931 6908  DcomLaunch - ok
22:38:35.0967 6908  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
22:38:35.0969 6908  defragsvc - ok
22:38:35.0996 6908  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:38:35.0997 6908  DfsC - ok
22:38:36.0014 6908  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:38:36.0017 6908  Dhcp - ok
22:38:36.0030 6908  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
22:38:36.0031 6908  discache - ok
22:38:36.0042 6908  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:38:36.0043 6908  Disk - ok
22:38:36.0075 6908  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:38:36.0077 6908  Dnscache - ok
22:38:36.0111 6908  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:38:36.0112 6908  dot3svc - ok
22:38:36.0143 6908  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
22:38:36.0145 6908  DPS - ok
22:38:36.0164 6908  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:38:36.0164 6908  drmkaud - ok
22:38:36.0196 6908  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:38:36.0198 6908  dtsoftbus01 - ok
22:38:36.0241 6908  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:38:36.0246 6908  DXGKrnl - ok
22:38:36.0249 6908  EagleX64 - ok
22:38:36.0279 6908  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
22:38:36.0280 6908  EapHost - ok
22:38:36.0344 6908  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
22:38:36.0360 6908  ebdrv - ok
22:38:36.0380 6908  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
22:38:36.0381 6908  EFS - ok
22:38:36.0401 6908  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:38:36.0403 6908  elxstor - ok
22:38:36.0411 6908  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:38:36.0411 6908  ErrDev - ok
22:38:36.0432 6908  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
22:38:36.0435 6908  EventSystem - ok
22:38:36.0458 6908  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
22:38:36.0460 6908  exfat - ok
22:38:36.0476 6908  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:38:36.0478 6908  fastfat - ok
22:38:36.0486 6908  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:38:36.0486 6908  fdc - ok
22:38:36.0515 6908  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:38:36.0516 6908  fdPHost - ok
22:38:36.0527 6908  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:38:36.0528 6908  FDResPub - ok
22:38:36.0557 6908  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:38:36.0558 6908  FileInfo - ok
22:38:36.0567 6908  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:38:36.0568 6908  Filetrace - ok
22:38:36.0576 6908  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:38:36.0577 6908  flpydisk - ok
22:38:36.0614 6908  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:38:36.0615 6908  FltMgr - ok
22:38:36.0663 6908  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
22:38:36.0670 6908  FontCache - ok
22:38:36.0719 6908  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:38:36.0720 6908  FontCache3.0.0.0 - ok
22:38:36.0726 6908  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:38:36.0727 6908  FsDepends - ok
22:38:36.0742 6908  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:38:36.0742 6908  Fs_Rec - ok
22:38:36.0753 6908  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:38:36.0755 6908  fvevol - ok
22:38:36.0766 6908  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:38:36.0767 6908  gagp30kx - ok
22:38:36.0790 6908  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:38:36.0791 6908  GEARAspiWDM - ok
22:38:36.0831 6908  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
22:38:36.0835 6908  gpsvc - ok
22:38:36.0861 6908  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
22:38:36.0861 6908  hamachi - ok
22:38:36.0916 6908  [ B1E3F445943F06E36DC079AF28D0F86B ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
22:38:36.0928 6908  Hamachi2Svc - ok
22:38:36.0947 6908  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:38:36.0947 6908  hcw85cir - ok
22:38:36.0980 6908  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:38:36.0982 6908  HdAudAddService - ok
22:38:36.0991 6908  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:38:36.0991 6908  HDAudBus - ok
22:38:37.0006 6908  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:38:37.0007 6908  HidBatt - ok
22:38:37.0020 6908  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:38:37.0021 6908  HidBth - ok
22:38:37.0025 6908  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:38:37.0025 6908  HidIr - ok
22:38:37.0051 6908  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
22:38:37.0052 6908  hidserv - ok
22:38:37.0071 6908  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:38:37.0071 6908  HidUsb - ok
22:38:37.0097 6908  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:38:37.0098 6908  hkmsvc - ok
22:38:37.0131 6908  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:38:37.0132 6908  HomeGroupListener - ok
22:38:37.0161 6908  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:38:37.0163 6908  HomeGroupProvider - ok
22:38:37.0182 6908  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:38:37.0183 6908  HpSAMD - ok
22:38:37.0219 6908  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:38:37.0222 6908  HTTP - ok
22:38:37.0235 6908  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:38:37.0235 6908  hwpolicy - ok
22:38:37.0257 6908  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:38:37.0258 6908  i8042prt - ok
22:38:37.0304 6908  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:38:37.0306 6908  iaStorV - ok
22:38:37.0336 6908  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:38:37.0337 6908  IDriverT - ok
22:38:37.0382 6908  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:38:37.0387 6908  idsvc - ok
22:38:37.0401 6908  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:38:37.0401 6908  iirsp - ok
22:38:37.0422 6908  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:38:37.0426 6908  IKEEXT - ok
22:38:37.0435 6908  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
22:38:37.0436 6908  intelide - ok
22:38:37.0446 6908  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:38:37.0447 6908  intelppm - ok
22:38:37.0475 6908  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:38:37.0477 6908  IPBusEnum - ok
22:38:37.0481 6908  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:38:37.0482 6908  IpFilterDriver - ok
22:38:37.0497 6908  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:38:37.0501 6908  iphlpsvc - ok
22:38:37.0513 6908  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:38:37.0514 6908  IPMIDRV - ok
22:38:37.0541 6908  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:38:37.0542 6908  IPNAT - ok
22:38:37.0576 6908  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:38:37.0579 6908  iPod Service - ok
22:38:37.0589 6908  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:38:37.0589 6908  IRENUM - ok
22:38:37.0599 6908  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:38:37.0599 6908  isapnp - ok
22:38:37.0615 6908  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:38:37.0617 6908  iScsiPrt - ok
22:38:37.0634 6908  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:38:37.0635 6908  kbdclass - ok
22:38:37.0646 6908  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:38:37.0646 6908  kbdhid - ok
22:38:37.0658 6908  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
22:38:37.0659 6908  KeyIso - ok
22:38:37.0682 6908  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:38:37.0683 6908  KSecDD - ok
22:38:37.0693 6908  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:38:37.0694 6908  KSecPkg - ok
22:38:37.0700 6908  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:38:37.0701 6908  ksthunk - ok
22:38:37.0736 6908  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:38:37.0738 6908  KtmRm - ok
22:38:37.0771 6908  [ CE4347E2D90DB2E5517B6F2BC720A862 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
22:38:37.0773 6908  LADF_CaptureOnly - ok
22:38:37.0789 6908  [ 85A9D21D3AE2EA963E111CB150895877 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
22:38:37.0791 6908  LADF_RenderOnly - ok
22:38:37.0801 6908  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:38:37.0803 6908  LanmanServer - ok
22:38:37.0812 6908  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:38:37.0814 6908  LanmanWorkstation - ok
22:38:37.0848 6908  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
22:38:37.0849 6908  LGBusEnum - ok
22:38:37.0857 6908  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
22:38:37.0858 6908  LGVirHid - ok
22:38:37.0867 6908  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:38:37.0868 6908  lltdio - ok
22:38:37.0893 6908  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:38:37.0896 6908  lltdsvc - ok
22:38:37.0917 6908  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:38:37.0918 6908  lmhosts - ok
22:38:37.0934 6908  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:38:37.0934 6908  LSI_FC - ok
22:38:37.0949 6908  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:38:37.0949 6908  LSI_SAS - ok
22:38:37.0960 6908  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:38:37.0961 6908  LSI_SAS2 - ok
22:38:37.0974 6908  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:38:37.0975 6908  LSI_SCSI - ok
22:38:37.0989 6908  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:38:37.0990 6908  luafv - ok
22:38:38.0015 6908  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:38:38.0016 6908  MBAMProtector - ok
22:38:38.0039 6908  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:38:38.0041 6908  MBAMScheduler - ok
22:38:38.0062 6908  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:38:38.0065 6908  MBAMService - ok
22:38:38.0087 6908  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:38:38.0088 6908  megasas - ok
22:38:38.0100 6908  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:38:38.0102 6908  MegaSR - ok
22:38:38.0137 6908  Microsoft SharePoint Workspace Audit Service - ok
22:38:38.0158 6908  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
22:38:38.0160 6908  MMCSS - ok
22:38:38.0166 6908  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
22:38:38.0167 6908  Modem - ok
22:38:38.0170 6908  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:38:38.0171 6908  monitor - ok
22:38:38.0217 6908  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:38:38.0218 6908  mouclass - ok
22:38:38.0225 6908  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:38:38.0225 6908  mouhid - ok
22:38:38.0257 6908  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:38:38.0258 6908  mountmgr - ok
22:38:38.0287 6908  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:38:38.0287 6908  MozillaMaintenance - ok
22:38:38.0319 6908  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:38:38.0320 6908  mpio - ok
22:38:38.0335 6908  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:38:38.0336 6908  mpsdrv - ok
22:38:38.0380 6908  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:38:38.0384 6908  MpsSvc - ok
22:38:38.0413 6908  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:38:38.0414 6908  MRxDAV - ok
22:38:38.0444 6908  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:38:38.0445 6908  mrxsmb - ok
22:38:38.0459 6908  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:38:38.0461 6908  mrxsmb10 - ok
22:38:38.0470 6908  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:38:38.0471 6908  mrxsmb20 - ok
22:38:38.0482 6908  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:38:38.0483 6908  msahci - ok
22:38:38.0498 6908  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:38:38.0499 6908  msdsm - ok
22:38:38.0510 6908  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
22:38:38.0512 6908  MSDTC - ok
22:38:38.0543 6908  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:38:38.0543 6908  Msfs - ok
22:38:38.0557 6908  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:38:38.0558 6908  mshidkmdf - ok
22:38:38.0589 6908  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:38:38.0590 6908  msisadrv - ok
22:38:38.0618 6908  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:38:38.0620 6908  MSiSCSI - ok
22:38:38.0623 6908  msiserver - ok
22:38:38.0633 6908  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:38:38.0634 6908  MSKSSRV - ok
22:38:38.0645 6908  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:38:38.0646 6908  MSPCLOCK - ok
22:38:38.0650 6908  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:38:38.0650 6908  MSPQM - ok
22:38:38.0681 6908  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:38:38.0683 6908  MsRPC - ok
22:38:38.0689 6908  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:38:38.0690 6908  mssmbios - ok
22:38:38.0693 6908  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:38:38.0693 6908  MSTEE - ok
22:38:38.0704 6908  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:38:38.0704 6908  MTConfig - ok
22:38:38.0709 6908  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:38:38.0710 6908  Mup - ok
22:38:38.0729 6908  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
22:38:38.0732 6908  napagent - ok
22:38:38.0767 6908  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:38:38.0769 6908  NativeWifiP - ok
22:38:38.0790 6908  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:38:38.0794 6908  NDIS - ok
22:38:38.0803 6908  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:38:38.0804 6908  NdisCap - ok
22:38:38.0816 6908  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:38:38.0816 6908  NdisTapi - ok
22:38:38.0844 6908  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:38:38.0845 6908  Ndisuio - ok
22:38:38.0862 6908  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:38:38.0863 6908  NdisWan - ok
22:38:38.0882 6908  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:38:38.0883 6908  NDProxy - ok
22:38:38.0899 6908  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:38:38.0899 6908  NetBIOS - ok
22:38:38.0917 6908  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:38:38.0918 6908  NetBT - ok
22:38:38.0927 6908  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
22:38:38.0928 6908  Netlogon - ok
22:38:39.0015 6908  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
22:38:39.0018 6908  Netman - ok
22:38:39.0050 6908  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:38:39.0051 6908  NetMsmqActivator - ok
22:38:39.0055 6908  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:38:39.0056 6908  NetPipeActivator - ok
22:38:39.0076 6908  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
22:38:39.0079 6908  netprofm - ok
22:38:39.0112 6908  [ D66596DB0A0739A89C25B590CE36D628 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
22:38:39.0116 6908  netr28x - ok
22:38:39.0120 6908  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:38:39.0121 6908  NetTcpActivator - ok
22:38:39.0125 6908  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:38:39.0126 6908  NetTcpPortSharing - ok
22:38:39.0143 6908  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:38:39.0143 6908  nfrd960 - ok
22:38:39.0170 6908  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:38:39.0173 6908  NlaSvc - ok
22:38:39.0189 6908  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
22:38:39.0190 6908  NPF - ok
22:38:39.0193 6908  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:38:39.0194 6908  Npfs - ok
22:38:39.0220 6908  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
22:38:39.0221 6908  nsi - ok
22:38:39.0233 6908  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:38:39.0234 6908  nsiproxy - ok
22:38:39.0276 6908  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:38:39.0284 6908  Ntfs - ok
22:38:39.0295 6908  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
22:38:39.0296 6908  Null - ok
22:38:39.0324 6908  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:38:39.0325 6908  nvraid - ok
22:38:39.0344 6908  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:38:39.0345 6908  nvstor - ok
22:38:39.0370 6908  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:38:39.0371 6908  nv_agp - ok
22:38:39.0384 6908  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:38:39.0385 6908  ohci1394 - ok
22:38:39.0431 6908  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:38:39.0432 6908  ose - ok
22:38:39.0543 6908  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:38:39.0566 6908  osppsvc - ok
22:38:39.0604 6908  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:38:39.0606 6908  p2pimsvc - ok
22:38:39.0623 6908  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:38:39.0626 6908  p2psvc - ok
22:38:39.0646 6908  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:38:39.0647 6908  Parport - ok
22:38:39.0674 6908  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:38:39.0675 6908  partmgr - ok
22:38:39.0687 6908  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:38:39.0689 6908  PcaSvc - ok
22:38:39.0705 6908  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
22:38:39.0707 6908  pci - ok
22:38:39.0729 6908  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
22:38:39.0730 6908  pciide - ok
22:38:39.0753 6908  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:38:39.0755 6908  pcmcia - ok
22:38:39.0774 6908  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:38:39.0774 6908  pcw - ok
22:38:39.0793 6908  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:38:39.0796 6908  PEAUTH - ok
22:38:39.0830 6908  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:38:39.0838 6908  PeerDistSvc - ok
22:38:39.0915 6908  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:38:39.0916 6908  PerfHost - ok
22:38:39.0965 6908  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
22:38:39.0973 6908  pla - ok
22:38:40.0001 6908  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:38:40.0004 6908  PlugPlay - ok
22:38:40.0018 6908  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:38:40.0019 6908  PNRPAutoReg - ok
22:38:40.0025 6908  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:38:40.0028 6908  PNRPsvc - ok
22:38:40.0060 6908  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:38:40.0063 6908  PolicyAgent - ok
22:38:40.0095 6908  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
22:38:40.0097 6908  Power - ok
22:38:40.0132 6908  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:38:40.0133 6908  PptpMiniport - ok
22:38:40.0151 6908  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:38:40.0152 6908  Processor - ok
22:38:40.0168 6908  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
22:38:40.0170 6908  ProfSvc - ok
22:38:40.0179 6908  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:38:40.0180 6908  ProtectedStorage - ok
22:38:40.0211 6908  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:38:40.0212 6908  Psched - ok
22:38:40.0242 6908  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:38:40.0250 6908  ql2300 - ok
22:38:40.0263 6908  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:38:40.0264 6908  ql40xx - ok
22:38:40.0291 6908  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
22:38:40.0293 6908  QWAVE - ok
22:38:40.0309 6908  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:38:40.0310 6908  QWAVEdrv - ok
22:38:40.0326 6908  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:38:40.0326 6908  RasAcd - ok
22:38:40.0351 6908  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:38:40.0352 6908  RasAgileVpn - ok
22:38:40.0364 6908  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
22:38:40.0366 6908  RasAuto - ok
22:38:40.0385 6908  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:38:40.0386 6908  Rasl2tp - ok
22:38:40.0417 6908  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
22:38:40.0419 6908  RasMan - ok
22:38:40.0433 6908  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:38:40.0434 6908  RasPppoe - ok
22:38:40.0448 6908  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:38:40.0449 6908  RasSstp - ok
22:38:40.0463 6908  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:38:40.0465 6908  rdbss - ok
22:38:40.0474 6908  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:38:40.0474 6908  rdpbus - ok
22:38:40.0482 6908  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:38:40.0482 6908  RDPCDD - ok
22:38:40.0516 6908  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:38:40.0518 6908  RDPDR - ok
22:38:40.0529 6908  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:38:40.0529 6908  RDPENCDD - ok
22:38:40.0543 6908  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:38:40.0543 6908  RDPREFMP - ok
22:38:40.0581 6908  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:38:40.0582 6908  RdpVideoMiniport - ok
22:38:40.0606 6908  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:38:40.0607 6908  RDPWD - ok
22:38:40.0621 6908  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:38:40.0622 6908  rdyboost - ok
22:38:40.0654 6908  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:38:40.0655 6908  RemoteAccess - ok
22:38:40.0670 6908  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:38:40.0672 6908  RemoteRegistry - ok
22:38:40.0699 6908  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
22:38:40.0700 6908  rpcapd - ok
22:38:40.0731 6908  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:38:40.0732 6908  RpcEptMapper - ok
22:38:40.0763 6908  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
22:38:40.0764 6908  RpcLocator - ok
22:38:40.0814 6908  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
22:38:40.0817 6908  RpcSs - ok
22:38:40.0832 6908  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:38:40.0833 6908  rspndr - ok
22:38:40.0866 6908  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:38:40.0867 6908  RTL8167 - ok
22:38:40.0898 6908  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:38:40.0898 6908  s3cap - ok
22:38:40.0909 6908  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
22:38:40.0910 6908  SamSs - ok
22:38:40.0932 6908  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:38:40.0933 6908  sbp2port - ok
22:38:40.0955 6908  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:38:40.0957 6908  SCardSvr - ok
22:38:40.0988 6908  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:38:40.0989 6908  scfilter - ok
22:38:41.0028 6908  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
22:38:41.0034 6908  Schedule - ok
22:38:41.0068 6908  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:38:41.0069 6908  SCPolicySvc - ok
22:38:41.0081 6908  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:38:41.0083 6908  SDRSVC - ok
22:38:41.0093 6908  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:38:41.0094 6908  secdrv - ok
22:38:41.0127 6908  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
22:38:41.0129 6908  seclogon - ok
22:38:41.0158 6908  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
22:38:41.0160 6908  SENS - ok
22:38:41.0176 6908  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:38:41.0177 6908  SensrSvc - ok
22:38:41.0189 6908  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:38:41.0189 6908  Serenum - ok
22:38:41.0196 6908  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:38:41.0197 6908  Serial - ok
22:38:41.0207 6908  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:38:41.0208 6908  sermouse - ok
22:38:41.0240 6908  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:38:41.0241 6908  SessionEnv - ok
22:38:41.0282 6908  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:38:41.0283 6908  sffdisk - ok
22:38:41.0294 6908  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:38:41.0294 6908  sffp_mmc - ok
22:38:41.0306 6908  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:38:41.0306 6908  sffp_sd - ok
22:38:41.0321 6908  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:38:41.0321 6908  sfloppy - ok
22:38:41.0353 6908  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:38:41.0355 6908  SharedAccess - ok
22:38:41.0393 6908  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:38:41.0396 6908  ShellHWDetection - ok
22:38:41.0412 6908  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:38:41.0412 6908  SiSRaid2 - ok
22:38:41.0428 6908  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:38:41.0429 6908  SiSRaid4 - ok
22:38:41.0458 6908  [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:38:41.0459 6908  SkypeUpdate - ok
22:38:41.0474 6908  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:38:41.0474 6908  Smb - ok
22:38:41.0506 6908  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:38:41.0507 6908  SNMPTRAP - ok
22:38:41.0515 6908  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:38:41.0515 6908  spldr - ok
22:38:41.0534 6908  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
22:38:41.0538 6908  Spooler - ok
22:38:41.0590 6908  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
22:38:41.0608 6908  sppsvc - ok
22:38:41.0622 6908  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:38:41.0623 6908  sppuinotify - ok
22:38:41.0646 6908  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:38:41.0649 6908  srv - ok
22:38:41.0666 6908  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:38:41.0669 6908  srv2 - ok
22:38:41.0693 6908  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:38:41.0695 6908  srvnet - ok
22:38:41.0727 6908  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:38:41.0729 6908  SSDPSRV - ok
22:38:41.0737 6908  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:38:41.0738 6908  SstpSvc - ok
22:38:41.0755 6908  Steam Client Service - ok
22:38:41.0773 6908  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:38:41.0773 6908  stexstor - ok
22:38:41.0790 6908  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
22:38:41.0794 6908  stisvc - ok
22:38:41.0836 6908  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:38:41.0837 6908  storflt - ok
22:38:41.0851 6908  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:38:41.0851 6908  storvsc - ok
22:38:41.0879 6908  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:38:41.0880 6908  swenum - ok
22:38:41.0893 6908  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
22:38:41.0897 6908  swprv - ok
22:38:41.0900 6908  Synth3dVsc - ok
22:38:41.0955 6908  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
22:38:41.0965 6908  SysMain - ok
22:38:41.0999 6908  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:38:42.0000 6908  TabletInputService - ok
22:38:42.0032 6908  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:38:42.0035 6908  TapiSrv - ok
22:38:42.0064 6908  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
22:38:42.0065 6908  TBS - ok
22:38:42.0116 6908  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:38:42.0125 6908  Tcpip - ok
22:38:42.0147 6908  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:38:42.0156 6908  TCPIP6 - ok
22:38:42.0183 6908  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:38:42.0184 6908  tcpipreg - ok
22:38:42.0212 6908  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:38:42.0213 6908  TDPIPE - ok
22:38:42.0240 6908  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:38:42.0241 6908  TDTCP - ok
22:38:42.0271 6908  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:38:42.0272 6908  tdx - ok
22:38:42.0299 6908  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:38:42.0300 6908  TermDD - ok
22:38:42.0337 6908  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
22:38:42.0341 6908  TermService - ok
22:38:42.0356 6908  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
22:38:42.0357 6908  Themes - ok
22:38:42.0388 6908  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:38:42.0389 6908  THREADORDER - ok
22:38:42.0404 6908  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
22:38:42.0406 6908  TrkWks - ok
22:38:42.0446 6908  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:38:42.0447 6908  TrustedInstaller - ok
22:38:42.0475 6908  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:38:42.0476 6908  tssecsrv - ok
22:38:42.0507 6908  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:38:42.0508 6908  TsUsbFlt - ok
22:38:42.0511 6908  tsusbhub - ok
22:38:42.0570 6908  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:38:42.0571 6908  tunnel - ok
22:38:42.0580 6908  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:38:42.0581 6908  uagp35 - ok
22:38:42.0596 6908  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:38:42.0598 6908  udfs - ok
22:38:42.0613 6908  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:38:42.0614 6908  UI0Detect - ok
22:38:42.0633 6908  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:38:42.0634 6908  uliagpkx - ok
22:38:42.0658 6908  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
22:38:42.0659 6908  umbus - ok
22:38:42.0671 6908  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:38:42.0671 6908  UmPass - ok
22:38:42.0689 6908  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
22:38:42.0691 6908  UmRdpService - ok
22:38:42.0708 6908  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
22:38:42.0711 6908  upnphost - ok
22:38:42.0732 6908  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
22:38:42.0733 6908  USBAAPL64 - ok
22:38:42.0766 6908  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:38:42.0767 6908  usbaudio - ok
22:38:42.0795 6908  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:38:42.0796 6908  usbccgp - ok
22:38:42.0811 6908  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:38:42.0812 6908  usbcir - ok
22:38:42.0831 6908  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:38:42.0831 6908  usbehci - ok
22:38:42.0847 6908  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\drivers\usbhub.sys
22:38:42.0849 6908  usbhub - ok
22:38:42.0863 6908  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:38:42.0863 6908  usbohci - ok
22:38:42.0893 6908  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:38:42.0894 6908  usbprint - ok
22:38:42.0913 6908  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
22:38:42.0914 6908  USBSTOR - ok
22:38:42.0927 6908  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:38:42.0928 6908  usbuhci - ok
22:38:42.0942 6908  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
22:38:42.0943 6908  UxSms - ok
22:38:42.0949 6908  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
22:38:42.0950 6908  VaultSvc - ok
22:38:42.0959 6908  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:38:42.0960 6908  vdrvroot - ok
22:38:42.0978 6908  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
22:38:42.0982 6908  vds - ok
22:38:42.0994 6908  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:38:42.0995 6908  vga - ok
22:38:43.0010 6908  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:38:43.0010 6908  VgaSave - ok
22:38:43.0013 6908  VGPU - ok
22:38:43.0029 6908  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:38:43.0030 6908  vhdmp - ok
22:38:43.0049 6908  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:38:43.0050 6908  viaide - ok
22:38:43.0060 6908  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:38:43.0061 6908  vmbus - ok
22:38:43.0076 6908  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:38:43.0076 6908  VMBusHID - ok
22:38:43.0085 6908  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:38:43.0086 6908  volmgr - ok
22:38:43.0123 6908  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:38:43.0125 6908  volmgrx - ok
22:38:43.0136 6908  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:38:43.0137 6908  volsnap - ok
22:38:43.0148 6908  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:38:43.0150 6908  vsmraid - ok
22:38:43.0184 6908  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
22:38:43.0193 6908  VSS - ok
22:38:43.0203 6908  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:38:43.0204 6908  vwifibus - ok
22:38:43.0211 6908  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:38:43.0212 6908  vwififlt - ok
22:38:43.0242 6908  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
22:38:43.0245 6908  W32Time - ok
22:38:43.0251 6908  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:38:43.0252 6908  WacomPen - ok
22:38:43.0269 6908  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:38:43.0270 6908  WANARP - ok
22:38:43.0273 6908  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:38:43.0274 6908  Wanarpv6 - ok
22:38:43.0316 6908  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:38:43.0323 6908  WatAdminSvc - ok
22:38:43.0370 6908  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
22:38:43.0378 6908  wbengine - ok
22:38:43.0391 6908  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:38:43.0393 6908  WbioSrvc - ok
22:38:43.0424 6908  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:38:43.0427 6908  wcncsvc - ok
22:38:43.0434 6908  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:38:43.0435 6908  WcsPlugInService - ok
22:38:43.0447 6908  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:38:43.0447 6908  Wd - ok
22:38:43.0473 6908  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:38:43.0476 6908  Wdf01000 - ok
22:38:43.0485 6908  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:38:43.0486 6908  WdiServiceHost - ok
22:38:43.0489 6908  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:38:43.0491 6908  WdiSystemHost - ok
22:38:43.0527 6908  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
22:38:43.0529 6908  WebClient - ok
22:38:43.0547 6908  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:38:43.0549 6908  Wecsvc - ok
22:38:43.0559 6908  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:38:43.0561 6908  wercplsupport - ok
22:38:43.0575 6908  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:38:43.0576 6908  WerSvc - ok
22:38:43.0584 6908  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:38:43.0585 6908  WfpLwf - ok
22:38:43.0593 6908  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:38:43.0593 6908  WIMMount - ok
22:38:43.0619 6908  WinDefend - ok
22:38:43.0624 6908  WinHttpAutoProxySvc - ok
22:38:43.0682 6908  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:38:43.0684 6908  Winmgmt - ok
22:38:43.0740 6908  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
22:38:43.0751 6908  WinRM - ok
22:38:43.0768 6908  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:38:43.0769 6908  WinUsb - ok
22:38:43.0807 6908  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:38:43.0812 6908  Wlansvc - ok
22:38:43.0841 6908  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:38:43.0841 6908  WmiAcpi - ok
22:38:43.0852 6908  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:38:43.0853 6908  wmiApSrv - ok
22:38:43.0863 6908  WMPNetworkSvc - ok
22:38:43.0876 6908  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:38:43.0878 6908  WPCSvc - ok
22:38:43.0894 6908  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:38:43.0896 6908  WPDBusEnum - ok
22:38:43.0909 6908  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:38:43.0910 6908  ws2ifsl - ok
22:38:43.0927 6908  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
22:38:43.0929 6908  wscsvc - ok
22:38:43.0931 6908  WSearch - ok
22:38:43.0991 6908  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:38:44.0004 6908  wuauserv - ok
22:38:44.0016 6908  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:38:44.0017 6908  WudfPf - ok
22:38:44.0054 6908  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:38:44.0055 6908  WUDFRd - ok
22:38:44.0088 6908  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:38:44.0090 6908  wudfsvc - ok
22:38:44.0123 6908  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:38:44.0126 6908  WwanSvc - ok
22:38:44.0192 6908  X6va012 - ok
22:38:44.0222 6908  [ 110F1BC710AD99423114CAE79F83C0F7 ] {09BB444F-B2E2-4009-BAF2-7B727681223E} C:\Program Files (x86)\VMLaunch\BuddyVM.sys
22:38:44.0222 6908  {09BB444F-B2E2-4009-BAF2-7B727681223E} - ok
22:38:44.0228 6908  ================ Scan global ===============================
22:38:44.0267 6908  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:38:44.0296 6908  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:38:44.0302 6908  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:38:44.0341 6908  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:38:44.0357 6908  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:38:44.0360 6908  [Global] - ok
22:38:44.0361 6908  ================ Scan MBR ==================================
22:38:44.0387 6908  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:38:44.0566 6908  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
22:38:44.0566 6908  \Device\Harddisk0\DR0 - detected TDSS File System (1)
22:38:44.0567 6908  ================ Scan VBR ==================================
22:38:44.0569 6908  [ 117AD0D09F06727BC770A56F219BAD52 ] \Device\Harddisk0\DR0\Partition1
22:38:44.0570 6908  \Device\Harddisk0\DR0\Partition1 - ok
22:38:44.0571 6908  ============================================================
22:38:44.0571 6908  Scan finished
22:38:44.0571 6908  ============================================================
22:38:44.0577 6924  Detected object count: 1
22:38:44.0577 6924  Actual detected object count: 1
 
 
I did not run combofix yet.

Edited by thibauld, 05 July 2013 - 03:45 PM.


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 PM

Posted 08 July 2013 - 02:04 AM

Run a new scan with TDSSKiller, enable TDLFS detection and remove the threat. Then run combofix and post up both logs.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 PM

Posted 11 July 2013 - 12:11 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users