Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zero Access Rootkit


  • This topic is locked This topic is locked
4 replies to this topic

#1 p0p3y3Z

p0p3y3Z

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 04 September 2013 - 10:19 PM

Recently I've acquired this rootkit, and I have no idea how. I just installed a fresh copy of Windows 8 on this SSD that i have just purchased, and i haven't installed anything i don't usually install or have visited any websites that i don't normally visit. The first thing that tipped me off that something was off was that UAC was bugging me to update Flash Player. Usually i just put it off and update it a week later, but in this case, UAC wouldn't let me click no and go back to my desktop, it would just keep bugging me over and over again until i clicked yes. When i did click yes, it wouldn't do anything, no installer would come up. So i opened up my task manager and took a look at some of the running processes, and the FlashPlayerInstaller.exe or whatever was running along with 2 of the windows installer executable. Then i noticed something very weird, and that was a blank process running from svchost.exe. At times, it would use up to 600+MB of RAM. I also noticed that in the C:\Users\Tony\AppData\Local\Temp folder that there was some randomly named executable files in there, and one called csrss.exe. So at that point, I ran Malwarebytes to see what was there to find, and it found the ZeroAccess Rootkit on a quick scan or whatever, along with a registry entry. So i removed that, and immediately start getting some other programs together to start scanning. Next thing i scanned with was GMER, came back clean. HitmanPro came back with a few items, got rid of them. Ran a full scan on Malwarebytes, and came back with 28 assorted Trojan.Ransom, Malware, and other types of trojans, along with more registry entries. Also ran TDSSKiller, didn't come back with anything. Smitfraud fix i can't remember what all it fixed. HijackThis! didn't come back with anything out of the ordinary. Then after talking to my friend, I ran COMODO Cleaning Essentials and it came back clean. Then i ran RKill and it found the folder that the rootkit was located, which i have just deleted not too long ago to see if it will re-create itself, really hoping it doesn't. Then the last thing i just ran was Combo Fix, which deleted a bunch of executable files.

 

So, the programs i have ran so far are:

Malwarebytes AntiMalware

GMER

TDSS Killer

HitmanPro

SmitFraud

HijackThis!

Rkill

Combo Fix

 

The log files i have:

There are 7 different Malwarebytes ones, as i ran multiple scans. This was a week or so ago when i did this.

1st

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.25.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Tony :: TONY-PC [administrator]

2013-09-01 12:55:07 PM
mbam-log-2013-09-01 (12-55-07).txt

Scan type: Custom scan (C:\Users\Tony\AppData\Local\Temp\1346642106.exe|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

2nd

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.01.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Tony :: TONY-PC [administrator]

2013-09-01 12:55:37 PM
mbam-log-2013-09-01 (12-55-37).txt

Scan type: Custom scan (C:\Users\Tony\AppData\Local\Temp\1346642106.exe|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

3rd

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.01.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Tony :: TONY-PC [administrator]

2013-09-01 12:55:50 PM
mbam-log-2013-09-01 (12-55-50).txt

Scan type: Custom scan (C:\Users\Tony\AppData\Local\Temp\csrss.exe|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 1
Time elapsed: 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Microsoft Windows Hosting Service (Trojan.Agent) -> Data: C:\Users\Tony\AppData\Local\Temp\csrss.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Tony\AppData\Local\Temp\csrss.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

4th

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.01.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Tony :: TONY-PC [administrator]

2013-09-01 12:56:19 PM
mbam-log-2013-09-01 (12-56-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231307
Time elapsed: 2 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SYSTEM\CURRENTCONTROLSET\SERVICES\RUN (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|56809 (Trojan.Ransom) -> Data: c:\progra~3\dxajeoovo.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: c:\users\tony\dxagiza.exe -> Quarantined and deleted successfully.
HKCU\SYSTEM\CurrentControlSet\Services\Run|Windows RPC Host Service (Malware.Trace) -> Data: C:\Users\Tony\AppData\Local\Temp\csrss.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Bad: (c:\users\tony\dxagiza.exe) Good: () -> Quarantined and repaired successfully.

Folders Detected: 2
C:\Users\Tony\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Tony\AppData\Roaming\OpenCandy\630AC76218A44138B6514896A18667C7 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.

Files Detected: 28
C:\ProgramData\dxajeoovo.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxagiza.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\ProgramData\dxgaqdl.exe (Trojan.FakeSec.npe) -> Quarantined and deleted successfully.
C:\Users\Tony\AppData\Roaming\OpenCandy\630AC76218A44138B6514896A18667C7\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> Quarantined and deleted successfully.
C:\Users\Tony\dxadenu.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\Tony\dxalazx.exe (Trojan.Agent.UKN) -> Quarantined and deleted successfully.
C:\Users\Tony\dxauteaga.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\Tony\dxbibe.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxbnmszg.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\Tony\dxcirb.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxdoao.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxeooua.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxfuaxaa.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxglznp.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxieea.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxjaba.exe (Trojan.Ransom.UX) -> Quarantined and deleted successfully.
C:\Users\Tony\dxseijjc.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxsswdv.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxsvjr.exe (Trojan.Agent.ssv) -> Quarantined and deleted successfully.
C:\Users\Tony\dxthzde.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxtpepmn.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxtpucb.exe (Trojan.Agent.DE) -> Quarantined and deleted successfully.
C:\Users\Tony\dxtyardf.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxuokj.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Tony\dxuolits.exe (Trojan.Inject) -> Quarantined and deleted successfully.
C:\Users\Tony\dxxyha.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\Tony\dxzkwhok.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\hcsd.exe (Malware.Packer.NSIS) -> Quarantined and deleted successfully.

(end)

5th

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.01.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Tony :: TONY-PC [administrator]

2013-09-01 1:04:16 PM
mbam-log-2013-09-01 (13-04-16).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231363
Time elapsed: 2 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: c:\users\tony\dxagiza.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

6th

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.01.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Tony :: TONY-PC [administrator]

2013-09-01 1:07:16 PM
mbam-log-2013-09-01 (13-07-16).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 425490
Time elapsed: 15 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Tony\AppData\Local\Google\Desktop\Install\{1308d2a5-6b68-6b70-c8f3-b4a0f8ac049c}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{1308d2a5-6b68-6b70-c8f3-b4a0f8ac049c}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.

(end)

7th

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.01.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Tony :: TONY-PC [administrator]

2013-09-01 1:28:11 PM
mbam-log-2013-09-01 (13-28-11).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 426059
Time elapsed: 19 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Everything Malwarebytes Quarentined

pC7vxv6.png

 

SmitFraud Fix Logfile

SmitFraudFix v2.423

Scan done at 18:35:49.14, 2013-09-01
Run from F:\Users\Tony\Downloads\SmitfraudFix
OS: Microsoft Windows [Version 6.2.9200] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Windows\system32\dashost.exe
F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\OkayFreedom\VPNService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\svchost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhostex.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Tony\Local Settings\Apps\F.lux\flux.exe
C:\Users\Tony\AppData\Roaming\Hyperdesktop\hyperdesktop.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
F:\Users\Tony\Downloads\SmitfraudFix\Policies.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Windows\system32\wbem\wmiprvse.exe
F:\Users\Tony\Downloads\SmitfraudFix\Policies.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Windows\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Tony


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Tony\AppData\Local\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Tony\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\Users\Tony\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files (x86) 

Combo Fix Logfile

ComboFix 13-09-04.04 - Tony 2013-09-04  21:59:39.1.4 - x64
Microsoft Windows 8 Pro  6.2.9200.0.1252.2.1033.18.4095.2411 [GMT -4:00]
Running from: f:\users\Tony\Downloads\ComboFix.exe
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
c:\windows\SysWow64\404Fix.exe
c:\windows\SysWow64\Agent.OMZ.Fix.exe
c:\windows\SysWow64\dumphive.exe
c:\windows\SysWow64\IEDFix.C.exe
c:\windows\SysWow64\IEDFix.exe
c:\windows\SysWow64\o4Patch.exe
c:\windows\SysWow64\Process.exe
c:\windows\SysWow64\SrchSTS.exe
c:\windows\SysWow64\tmp.reg
c:\windows\SysWow64\VACFix.exe
c:\windows\SysWow64\VCCLSID.exe
c:\windows\SysWow64\WS2Fix.exe
G:\rundll32.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-05 to 2013-09-05  )))))))))))))))))))))))))))))))
.
.
2013-09-04 07:19 . 2013-07-02 08:34	9460976	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C4E752E-1F16-4CD6-AE05-C5B6B18C46B4}\mpengine.dll
2013-09-01 18:12 . 2013-09-01 18:12	12872	----a-w-	c:\windows\system32\bootdelete.exe
2013-09-01 17:43 . 2013-09-01 18:12	--------	d-----w-	c:\programdata\HitmanPro
2013-08-31 19:25 . 2013-08-31 19:25	--------	d-----w-	c:\program files\Nem's Tools
2013-08-27 19:43 . 2013-08-27 19:43	--------	d-----w-	c:\program files\Pale Moon
2013-08-26 21:59 . 2013-08-26 22:00	--------	d-----w-	c:\program files\LinkShellExtension
2013-08-26 21:52 . 2013-08-26 21:52	--------	d-----w-	c:\program files (x86)\Common Files\Java
2013-08-26 21:52 . 2013-08-26 21:52	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-08-26 21:52 . 2013-08-26 21:52	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-08-26 21:52 . 2013-08-26 21:52	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-26 21:52 . 2013-08-26 21:52	--------	d-----w-	c:\program files (x86)\Java
2013-08-26 21:35 . 2013-08-26 21:35	--------	d-----w-	c:\program files (x86)\Notepad++
2013-08-26 18:38 . 2013-08-26 18:38	--------	d-----w-	c:\program files (x86)\Common Files\InstallShield
2013-08-26 18:22 . 2013-08-26 18:22	--------	d-----w-	c:\programdata\Hi-Rez Studios
2013-08-25 16:00 . 2013-08-25 16:00	--------	d-----w-	c:\programdata\Malwarebytes
2013-08-25 16:00 . 2013-08-25 16:00	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-25 16:00 . 2013-04-04 18:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-08-25 15:56 . 2013-08-25 15:56	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2013-08-25 15:56 . 2009-01-25 17:14	17272	----a-w-	c:\windows\system32\sdnclean64.exe
2013-08-25 15:56 . 2013-08-25 15:57	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2013-08-24 16:41 . 2010-06-02 08:55	77656	----a-w-	c:\windows\system32\XAPOFX1_5.dll
2013-08-24 16:41 . 2010-06-02 08:55	518488	----a-w-	c:\windows\system32\XAudio2_7.dll
2013-08-24 16:41 . 2010-06-02 08:55	239960	----a-w-	c:\windows\SysWow64\xactengine3_7.dll
2013-08-24 16:41 . 2010-06-02 08:55	176984	----a-w-	c:\windows\system32\xactengine3_7.dll
2013-08-24 16:41 . 2010-05-26 15:41	511328	----a-w-	c:\windows\system32\d3dx10_43.dll
2013-08-24 16:41 . 2010-05-26 15:41	470880	----a-w-	c:\windows\SysWow64\d3dx10_43.dll
2013-08-24 16:41 . 2010-05-26 15:41	276832	----a-w-	c:\windows\system32\d3dx11_43.dll
2013-08-24 16:41 . 2010-05-26 15:41	2526056	----a-w-	c:\windows\system32\D3DCompiler_43.dll
2013-08-24 16:41 . 2010-05-26 15:41	1907552	----a-w-	c:\windows\system32\d3dcsx_43.dll
2013-08-24 16:41 . 2010-05-26 15:41	1868128	----a-w-	c:\windows\SysWow64\d3dcsx_43.dll
2013-08-24 16:41 . 2010-05-26 15:41	2401112	----a-w-	c:\windows\system32\D3DX9_43.dll
2013-08-23 22:20 . 2013-08-23 22:20	--------	d-----w-	c:\program files (x86)\Microsoft WSE
2013-08-23 22:20 . 2008-09-04 18:17	447752	----a-r-	c:\windows\SysWow64\vp6vfw.dll
2013-08-22 07:37 . 2013-08-22 07:37	--------	d-----w-	c:\program files (x86)\Microsoft XNA
2013-08-22 05:47 . 2013-08-22 05:47	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2013-08-19 22:01 . 2013-09-04 23:38	--------	d-----w-	C:\HammerAutosave
2013-08-19 15:49 . 2013-08-19 15:49	--------	d-----r-	c:\program files (x86)\Skype
2013-08-19 15:49 . 2013-08-19 15:49	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2013-08-19 15:49 . 2013-08-19 15:49	--------	d-----w-	c:\programdata\Skype
2013-08-18 22:17 . 2010-06-02 08:55	74072	----a-w-	c:\windows\SysWow64\XAPOFX1_5.dll
2013-08-18 22:17 . 2010-06-02 08:55	527192	----a-w-	c:\windows\SysWow64\XAudio2_7.dll
2013-08-18 22:17 . 2010-05-26 15:41	248672	----a-w-	c:\windows\SysWow64\d3dx11_43.dll
2013-08-18 22:17 . 2010-05-26 15:41	2106216	----a-w-	c:\windows\SysWow64\D3DCompiler_43.dll
2013-08-18 22:17 . 2010-05-26 15:41	1998168	----a-w-	c:\windows\SysWow64\D3DX9_43.dll
2013-08-18 16:08 . 2013-08-18 17:03	--------	d-----w-	c:\program files (x86)\Postal.3
2013-08-17 23:45 . 2013-08-17 23:45	--------	d-----w-	c:\program files\WinRAR
2013-08-17 17:51 . 2012-11-26 02:15	16114176	----a-w-	c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-17 17:51 . 2012-11-26 02:14	15541248	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-08-17 17:44 . 2012-09-20 06:32	44544	----a-w-	c:\windows\system32\perfctrs.dll
2013-08-17 17:42 . 2012-10-11 05:45	3236864	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2013-08-17 17:39 . 2012-11-27 04:19	3245568	----a-w-	c:\windows\system32\rdpcorets.dll
2013-08-17 17:38 . 2012-11-06 04:18	11459584	----a-w-	c:\windows\system32\glcndFilter.dll
2013-08-17 08:21 . 2013-05-02 15:29	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-08-17 08:10 . 2013-08-17 08:10	--------	d-----w-	c:\windows\system32\MRT
2013-08-17 07:59 . 2013-04-10 22:35	1617920	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2013-08-17 07:58 . 2013-04-23 23:13	1013248	----a-w-	c:\windows\SysWow64\certutil.exe
2013-08-17 07:58 . 2013-04-23 23:12	109056	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-08-17 07:58 . 2013-04-23 22:56	1255936	----a-w-	c:\windows\system32\certutil.exe
2013-08-17 07:58 . 2013-04-23 22:55	141312	----a-w-	c:\windows\system32\cryptnet.dll
2013-08-17 07:58 . 2013-07-09 06:07	2233168	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-08-17 07:58 . 2013-03-02 09:59	411880	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-08-17 07:56 . 2013-07-26 05:12	3958784	----a-w-	c:\windows\system32\jscript9.dll
2013-08-17 07:55 . 2013-03-06 06:31	19758592	----a-w-	c:\windows\system32\shell32.dll
2013-08-17 07:55 . 2013-03-06 06:31	222208	----a-w-	c:\windows\system32\shdocvw.dll
2013-08-17 07:55 . 2013-03-06 07:10	112872	----a-w-	c:\windows\system32\consent.exe
2013-08-17 07:55 . 2013-03-06 06:29	70144	----a-w-	c:\windows\system32\appinfo.dll
2013-08-17 07:55 . 2013-05-15 02:25	888320	----a-w-	c:\windows\system32\autochk.exe
2013-08-17 07:55 . 2013-05-15 02:25	542208	----a-w-	c:\windows\system32\untfs.dll
2013-08-17 07:55 . 2013-05-15 02:24	482816	----a-w-	c:\windows\SysWow64\untfs.dll
2013-08-17 07:55 . 2013-05-15 02:24	793088	----a-w-	c:\windows\SysWow64\autochk.exe
2013-08-17 07:55 . 2013-02-12 00:17	20992	----a-w-	c:\windows\system32\drivers\usb8023.sys
2013-08-17 07:53 . 2013-04-09 04:51	14267904	----a-w-	c:\windows\system32\wmp.dll
2013-08-17 06:42 . 2013-08-26 18:38	--------	d--h--w-	c:\program files (x86)\InstallShield Installation Information
2013-08-17 06:35 . 2013-08-17 06:42	--------	d-----w-	c:\program files (x86)\Intel
2013-08-17 06:35 . 2013-08-17 06:34	53248	----a-w-	c:\windows\SysWow64\CSVer.dll
2013-08-17 06:35 . 2013-08-17 06:35	--------	d-----w-	C:\Intel
2013-08-17 06:17 . 2013-08-17 06:18	--------	d---a-w-	C:\.Trash-1000
2013-08-17 05:09 . 2013-08-17 05:09	--------	d-----w-	c:\program files\CCleaner
2013-08-17 00:03 . 2013-01-31 09:35	35104	----a-w-	c:\windows\system32\TURegOpt.exe
2013-08-17 00:03 . 2013-01-31 09:35	26400	----a-w-	c:\windows\system32\authuitu.dll
2013-08-17 00:03 . 2013-01-31 09:35	21792	----a-w-	c:\windows\SysWow64\authuitu.dll
2013-08-17 00:03 . 2013-08-17 00:03	--------	d-sh--w-	c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-08-17 00:03 . 2013-08-17 00:03	--------	d--h--w-	c:\programdata\Common Files
2013-08-17 00:01 . 2013-08-17 00:01	--------	d-----w-	c:\program files\CrystalDiskMark
2013-08-16 23:04 . 2013-09-05 00:43	--------	d-----w-	c:\program files\PeerBlock
2013-08-16 23:04 . 2013-08-16 23:04	--------	d-----w-	c:\program files (x86)\uTorrent
2013-08-16 18:26 . 2013-08-16 18:26	--------	d-----w-	c:\program files (x86)\Common Files\BattlEye
2013-08-16 18:21 . 2013-08-16 18:21	--------	d-----w-	c:\programdata\Bohemia Interactive Studio
2013-08-16 18:12 . 2013-08-16 18:12	--------	d-----w-	c:\program files (x86)\Dotjosh Studios
2013-08-16 06:00 . 2013-08-16 06:00	--------	d-----w-	c:\program files (x86)\OkayFreedom
2013-08-16 06:00 . 2013-08-16 06:00	--------	d-----w-	c:\program files (x86)\Common Files\Steganos
2013-08-16 04:30 . 2013-08-16 04:30	--------	d-----w-	c:\program files (x86)\Reference Assemblies
2013-08-16 04:30 . 2013-08-16 04:30	--------	d-----w-	c:\program files (x86)\MSBuild
2013-08-16 04:30 . 2013-08-16 04:30	--------	d-----w-	c:\program files\Reference Assemblies
2013-08-16 04:30 . 2013-08-16 04:30	--------	d-----w-	c:\program files\MSBuild
2013-08-16 04:28 . 2012-07-06 02:02	778856	----a-w-	c:\windows\SysWow64\PresentationNative_v0300.dll
2013-08-16 04:28 . 2012-07-06 02:02	35400	----a-w-	c:\windows\SysWow64\TsWpfWrp.exe
2013-08-16 04:28 . 2012-07-06 02:02	102528	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-08-16 04:28 . 2012-07-06 02:02	35400	----a-w-	c:\windows\system32\TsWpfWrp.exe
2013-08-16 04:28 . 2012-07-06 02:02	124040	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-08-16 04:28 . 2012-07-06 02:02	1166440	----a-w-	c:\windows\system32\PresentationNative_v0300.dll
2013-08-16 04:24 . 2008-03-05 19:56	4910088	----a-w-	c:\windows\system32\D3DX9_37.dll
2013-08-16 03:48 . 2013-08-16 03:48	--------	d-----w-	c:\programdata\ATI
2013-08-16 03:45 . 2013-08-16 03:45	--------	d-----w-	c:\programdata\AMD
2013-08-16 03:45 . 2013-08-16 03:45	--------	d-----w-	c:\program files (x86)\Common Files\ATI Technologies
2013-08-16 03:45 . 2013-08-16 03:45	--------	d-----w-	c:\program files (x86)\AMD AVT
2013-08-16 03:45 . 2013-08-16 03:45	--------	d-----w-	c:\program files\Common Files\ATI Technologies
2013-08-16 03:45 . 2013-08-16 03:45	--------	d-----w-	c:\program files (x86)\ATI Technologies
2013-08-16 03:45 . 2013-08-16 03:45	--------	d-----w-	c:\program files\ATI
2013-08-16 03:44 . 2013-08-16 03:45	--------	d-----w-	c:\program files\ATI Technologies
2013-08-16 03:44 . 2013-08-16 03:44	--------	d-----w-	C:\AMD
2013-08-16 03:28 . 2013-08-17 05:47	--------	d-----w-	c:\windows\Panther
2013-08-16 03:02 . 2013-08-16 03:02	--------	d-----w-	c:\program files (x86)\Mumble
2013-08-16 00:09 . 2013-08-16 03:48	--------	d-----w-	c:\windows\AutoKMS
2013-08-15 23:53 . 2013-09-01 23:21	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2013-08-15 23:53 . 2013-09-05 01:59	--------	d-----w-	c:\program files (x86)\Steam
2013-08-15 23:50 . 2013-08-15 23:50	--------	d-----w-	c:\program files (x86)\StartIsBack
2013-08-15 23:42 . 2013-08-15 23:42	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2013-08-15 23:37 . 2013-08-15 23:37	57096	----a-w-	c:\windows\system32\certsentry.dll
2013-08-15 23:37 . 2013-08-15 23:37	48392	----a-w-	c:\windows\SysWow64\certsentry.dll
2013-08-15 23:37 . 2013-08-15 23:37	--------	d-----w-	c:\program files (x86)\Comodo
2013-08-15 23:36 . 2013-08-15 23:36	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2013-08-15 23:36 . 2013-08-15 23:36	1060864	----a-w-	c:\windows\SysWow64\mfc71.dll
2013-08-15 23:33 . 2013-08-15 23:33	17536	----a-w-	c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-08-15 23:33 . 2013-08-15 23:33	--------	d--h--r-	c:\users\Public\AccountPictures
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-15 23:32 . 2012-07-26 08:13	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-27 22:04 . 2012-07-26 08:14	78200	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04 . 2012-07-26 08:14	693112	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2009-12-06 17:18	26624	--sh--w-	c:\windows\bfcs2.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HardLinkMenu]
@="{0A479751-02BC-11d3-A855-0004AC2568AA}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568AA}]
2013-08-23 15:51	534728	----a-w-	c:\program files\LinkShellExtension\32\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHardLink]
@="{0A479751-02BC-11d3-A855-0004AC2568DD}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568DD}]
2013-08-23 15:51	534728	----a-w-	c:\program files\LinkShellExtension\32\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlaySymbolicLink]
@="{0A479751-02BC-11d3-A855-0004AC2568EE}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568EE}]
2013-08-23 15:51	534728	----a-w-	c:\program files\LinkShellExtension\32\HardlinkShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-08-28 1811880]
"F.lux"="c:\users\Tony\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Hyperdesktop"="c:\users\Tony\AppData\Roaming\Hyperdesktop\hyperdesktop.exe" [2013-08-16 316000]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20684656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-29 642656]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b0304c239b7f8068374bfb511000000400000e269f63d73594f6202c9694280cc96a28bbd63516fe3c2d5f7a2ff87ac3a990c3ec3b2ed7b07716237a0dfb1dfb651f67e31cb2e7649f98d5e55e9b25b1a579794989b176c357bdcc11226bd6ecb7de8a63ea2165f6b31ead6b0a2a96a6e9d04b9b39f194ef52d48b088d4b6597f685a70ff6912914f86d8235681747da26cfd83223d3d248872c51095484634ebf976e4595f734bd35caf42b38dcf9e878af0be0a5e84b22940f721e8bbcdcbaa3e53607359252db16c0d6c38a142261bb4896d12a48c006cc3c21fdf717c155b2af0375d2545ee286c2aecb2955206ef25c82dc686f7eb83bb3072e94e1e59254b11a2e3628e1d98e177375b54e682a1c77f986e1907ffcb784accacb124189751d7ebbafc91d3a127f134a85e27f8c201d9082f621f5fffac09d2aab94a62f90bd74d6c96a8db6d42e4e98316449d202a4e24857673e2a50b7dfd9d5af72a21a19a922acc9675ba933a1c6ad4e0a11470fbb82eed7a79c5ca2dbb0bec5b2b43baa37373d3ef494726d7cf4a4aa8a3d6a5c206ced49148c0100bfa96b707be91b855151d8da8e0723dd1303325011b3951c9df7b10e9b153bced98376c4d7517f2e0e23a986914b2b0f978454441c47b5797d924ce9cd186d74d308099ee52f226e92de6b50e4a0691f75cfa9ce733494b8cafaeb4be4c65f6c9dffa34a3c2ed9d14f5844164be79b7a90495290350177b03aefa777ff519b624e3c75c219260ac447bba9a6db56f34b340a5f75837fab3c33831a3bc39c2914aeb87a39545bd7ed52450eb7e94d5380e2babce3f8ee6e3cdc9d4ed54d9889d9dbd0dc879caa2b121048a308a7f873252dad24ea8f8911ea0a3b202de930a9fc882cf1349ffe229016b2ebfd7821b8986d31deccbc296ba54fd6d864c915f1d77ac0734d96fe0ba43a669fab128026c7f90e9e1e0a7047f5a2378e4de0966eb6c217b3483194b2b21a3fa8a1cbef1d66a3fc8a5c863bcea6157981a11449bae3357f3287501cb9c24e0afb156f5ddfd6855cd8b7b43feabd9412c1c208b5de2330c469a59de5b490cc06bfd5a4900cb121eb967bc7185a9f00112a5b1e8d8028ca02b0f2b194af03cc1e172b70c9b88643e3c064b5406cf184ad9eba26736ef6feb30dac8ba400933a32a3c03230bd732fcbe16c4b3bdcc0b501616ce956d968b8da68b4a9a64238601e81e78095961580431361a4dd9fe963d3ceba5c21bba416c1cc9d94bb842c25b2fd12c8bf42c35948272965a3fecf6e9b92d32d7e84a402a0b6214a412a23427e4852ce607fd9f7ff8559bbb96a9ae577df0c19d108587d372470be0d3e27ed61feb442c2d65e55bac81c2786cf6b837eebc1b5af35634b29fd5d96347b5f9c747c8a9a83e7cb3c188d9042f08fbd4edeebd65de7c04b275b7fd74067a0ae3033752aa55a45a05355811416ea4a5101511e99305b700bd44742cbd6a9272b5cf4001505c4057866b57e4de5ef0ee9f88b41986a80119c962594972011fc0c39b4a74b74747f5116d896a0ebcbb4387685672899af54b80ae07008971ea1c997a898e33aab769e4e52fbbec97ebf199ce76454badbd4eab272f1d1caabb3b49b3aafc1e67d09ee8feb0580e414eb45f3f0c25fe88872312fec2341e7a6100b2e04ed25fce13a146098dce98446b2f3875ecb269a886795698619d337da612f19bf8d4fe3028e79a26548128d1595af0bf98ff320dc73d873f05ebd07c87cae28df067c00de3e53cc77e801e1304192ca7bf78ab28db40564328a108f9f0ddd8e1b0baeccf16bf1deb3cc5c4b5f5140f6b8a256e9128c203418aa3d93e3f08078977667dc02d830bb6869de92f29a65ac6d2689d0a5a90887a8643119dc9a68b5b00bd59d45da9d7ed5dae6ee6da6119243f77f51b263200f90abbb61cce9a951781ea2012a2c8d7200906439b08e7e76cf9c9536b2e6b560afd7cbaa5044791ee17ded45adfd9d359dac0a9f4ed15bf2cb2ea9b12b7cb11b597cf2e6e750a6c636fe2c4b144f6ff43ccffddae787be160b0a8b4282b35a6aeece165814e95ce7adbe416ef4e51860cb4f5d50af2a86aa4ee602a30aa54850e0cb4a38dc3a1c711b5d03b6a53ee102ac68e553d11e5fb3d0a8e0ef34266263ca4a3e0b76c55a92f75f921cd61a5363e5db7737874d57c653d63457260b67b1df330827b2921c29fda0045bbe7404e40985039f7db153f52b2c941a56e922dcfb60b89dbee327ed6f5c1e438270f766a6ed1730fc581a4aebcfe3b7726b27d6b092cf5a0b6954196cb4cc2788b8722338ee189d9e22692595f0d5b333b0f715cb8d94a08afb631dbb1be79a773e8f1a4eaf7220c24222dda431b91d9175dfa0c6ae81e8c4c879d64446cf56faefe1487ca6739a776aee42ef8be40a612f95cde3b1feeac1e1e41a24c92ed8b0152e247239e5a8bc903679ca8c7b94659ad5b1d10551f460d924fb60882fc90508c3723420f86f4cf100387e808133cc429883c0e3ace91651c075cd19d106e0b437b0363048ca1feaaf929b87aed90afde281edca0fa0cc7b5a7f03807fa5ac41b1ed73130eac1117c631c1818142f24d420f6776cb53d4d0326b9fc3008c3ca03fc649d87d37fa617b74f2865c75298bed54b7d8dc676e2210374d8bf194ae2feda62b4798933c764ccddf845330721fc21e68c0695ca73285103e22ae68da440326dfef9a80d17d0a7c3f920e7b0aa806ee9b7549ed9878b6cfb505ac69e8e8d3cfa718675764cfb03861d32afaae1d918be87f6a9ac0d815c57ad3e167d642f5fcddc25d4ba3ac3e67c26a4deaa17797b3c0654f271eaaa442a71cbe19372adcbde3df8b3fe491e5a76a79d1291a0de317ffbf927f42782fa48270f2c969563b183a4b0112f3497dd3c2a423ec83498bdbaac928910a9fb7fe5788e454c027a28f4a91af2bf09e261f85b0eee4f7929e63c4062496cb09534bb6d03ff69ed2915d0ea215b4fb3d1044e86eb87dfb4898bcbd50e5c4ddfbdb83b9410e1adf91446c43c959e0e341d67a5a7ef8712586de3b8b9c5b6f80f42f235bf68900ebfe6304bb0d9f67408b76201ec26180b4bd76500de4f0df86df4a063aececca69ddf8a162b67a4b9800fa7570d5b551ac2703adc0ffced00650a96cd81ec4187b90c6b2140ce99c1937c40587ea72899897e628115bcab73b3d9f425860b109a67347b8a121f65d0968d56a3dde6b8171cea61b08ae568b9d03c398977ce86f75055230ef370cabf67c9cf97c3223719555403f3e0bd2af0e1e8742decb05fadb0227f15d40ee2d6dc5a49fe1e6bc9e6cedde74294c3bb6fd5c5fedfad672df1dffd219bd8bc1ec39158eab507998755f553441d01cd26a5501f6fb2db4f3597510f85b93a542514c8013eedbbfc913dcce8b20a5759665bdfd9919eb22a89163d8656386d857c5bfc7c241c1d726cd94ab0f92d5b0fefcf1d4abdd26fbc6c17a4ccacf2d31e5e713059de93c59d3b8d3e8d03b5d663f9dfadb03e093cb84fcf500a1f0e2e5ba1c9d81db12cc799c6539af0cc35682d95cb789c745a452bd8b38e6cf08e0579da1ab43ad0858d0305f961b15a79c1090f4867040ea2bd36cf6512aab44ce5a1098efe039134f23bf057777fef3e68e45827b0487924cad4e5f0b1c3b4f5a0e3853b39640eb0782d78888fe92c3b68624e84ff6a5eded87be62d34ce858f34e5fffbba75f014df0f648988b51a72de1ff54d5c7a4b8ecb10c5e9ef51de98c01ef8c406f9824a0c15a29e16b5a53e3643b0065a4263ecae50d2cb976d3d2ea6255a65f1c6cc86167f1784a27b832037db4ce1e262475334f3b2430f86c7a24456eea82ab678aba91bb4c0cc82c877b80b6d3574007257272c3e126c17a8b36aa8aa9431ff01bf658f82d8153eddea6804cdc564a3f5e9967b08feeb823d3db9356a4acdd80e883ca58a1c661d01d145f80a3ab67e8036c0bae1bb7bc43204eb0cf38214bc74a9aef036a31d5a9c552d93a25c0e84057bce5437b1634680d04a77472d631432d2baa7a3acd64220efcf9e7848f8fd9801bef7561a470a1822032160eb59edc0f977882dce4fb2872d89d27ff076dba74a9672f86909956579c28853fa8de7002cc8458d09256d42a39f1a4bdb6b56d36d51488e7368686e54c1bbbfff48884e0d536be362e59bd7f18329a4b82aed396e4f92865f594d0da38f7cace7a4603af60c1a53bdfd19476094aac6e4a8f31fc1257d48d03bb0ef515d8460b9441532c8b5043d0531d5881adb6d997bb184fd8caf4d8e6c759c3f7143b9e32bc7a0ec6234b68adf4111ca1d136721438e5e6d7125d480ce982d84aea7703b4010cd27867d6ddc5e0c970385196f020e48eddb24c56972f9e61e6cc29c1712551583828f899534aacfffc66f99999ea2ba2731d52a7fd2fa262a22b075da52a5aa58f5b41aa9cdc9181406717f3f75e7c475090121966838125236e4dc6291ae3874968e8208b983aadb03ca60acd935e6da1b829407f70a77340e4439f22fdc2fc4218de0f25d2f886c0aaeb693c2b23db0eab9953bf806c2173e0bc9d0d7ef0e763775bc1432ff48d6035b1214294c81b71cd98c42831014090cd99cb74929ae853f88132e559104d4fea98ad40f17da4100a909a6981bad9efb240a79520927aa12232a56f4d8893bff92bfc2bd42cf3dc09bdc484dfdba3a10c609186104ce33e3024f44000be34814ff5dc9872d44b4157fb3a6655b985f6cc5ef4586f2abfee12dcbdb90181b396f95fe3213f094d1f3dd3d7fed800f4ed21290f613b62048e0fc1f1328d9f87a5653b489d36f727be9d755523def0472f1c1d5ac90ee665379ff39d06e863c244890f5333a0b89b92022c1a8198029fe5f8c203b3dd211d4398958ee190108dd50b7850e20d8abe2b927d53d28f3b8ca26be81bc6b83c0e2b3b1dda28066c63860cea89df82708ef21d4d36b84663e87b4385a3e37bd3ff1eb2bf64184c44723490669af4da092d45ba21a569a352e513d9a9b43e9cd4b812055822626efc55f950009232b8b3bb2d63d44a8b0bd9bd4e84c5a724496a2326f63c97dbcb235366ec0cf6096b5f4988d073c34bd3a084130cea8d6ee22e542b411c1e18599667b3fd6dde0669ad82c85a1c10ca5862213cb1bb277e6c4f6564f20a9bcea1b48170504c47235d78ed0a0441987c8c17d90d7b56cf487c46733ba4a6848fec42b97ce4048f3c6d9c493322f052ef93f02f142b3940a10921bd15c911e7a97aa4a20dc383c62cd288d252ba937b3f60761e6653568a01241bb573664de04811cf3f59b4c2d7e8a6c55da16f468383456aa751697697397c2a5e5abfa0f1099d80447d49da509aa1347f3943ee9baa1fdad2a0e69410b34253ad4991282d0e952260f52ab9f02a3d00b37098cf60354424f862066e45e92ac475c99a00e7380766e589abf66271619142795cf7a7fbd138a6cc5bd7e135122341d1f06eb5b436c59be0adedc71bc03d7c63c16751ad56c69e36decfe9e8214c719fcdf2e9fe2dc971f03c1c2ad6b6d368fe8b11d0389650c73d1c7e73708145fa05992a150e6a909656ea786e244bdf1cd71f4b0fd05b1335d703182ffa9d96c99108297b1fe327a83bf4f69d2a9c3d1eb73a9dd8cee2b3220904ac31011fd6407a5ba427facb46227fdedb13d1ca6443ded3dc3b6cf06a59dc9b9226fbf357334abf58412605fd206e7b6125fa19e5d68f75783fa08205b05c0a12d1830068317f6105958c4eb37bcb1beae6a401c267641aa58274a410d76b4d2a03e418020869b6886bb81964761b3fcd8ea68050ad6cff99649cde8fa53f04b0c96e271c0b092e24d81ea2d723775799e713ea9da6967ef57aaafe1c6732f2f047556027f021c65fc20c1c3bcb392acf8ff7a9e14d9728a5aaacd255fc3866b041e9c96dcf592083d78c9e405ddd7991d2e2536d2eb1ba0f0ece3dfb6a34c2665cfac2d1850fd478f617fdd4e9dd4492c553bd375cfd33f4744d642006f3a5216a1ff7d73643ed751caecdfdcb56247aa2f66fbcb8315daaa86006a99e0350a72d5d5260d6bb77ac53cdd7abacb859586c279b7facdf076c922ac27f3e907fb3b4ec977ca634a28df064162165222dcce674dab60a4e9d48e7fcea267abb1f8e0a2012aa6db532a4ce74fbaf583e2c292fa1b56be585d14ee073cdafe3fc0c19050e698ec41b9d27f5db41a779208118a5d3f8f74333b2ad2fe3cee273bbfea485ead817effedf1260c1a125070589b6f0f31984ed498cbd273e84a718f54c82cbc2747e678f8437dde23c9ea3c877823034b7c70731c2d01cc09d11d3364e7945b6480b9b416acb54cd1194b46c6d2e147619ac1c1fa915af80a5098647247ebcf0449634f69c96afc740bce61993228183d98d0f85406d8ffd934
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;f:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;f:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 OkayFreedom VPN Starter Service;OkayFreedom VPN Starter Service;c:\program files (x86)\OkayFreedom\VPNService.exe;c:\program files (x86)\OkayFreedom\VPNService.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S3 amdkmafd;AMD Audio Bus Lower Filter;c:\windows\System32\drivers\amdkmafd.sys;c:\windows\SYSNATIVE\drivers\amdkmafd.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\HardLinkMenu]
@="{0A479751-02BC-11d3-A855-0004AC2568AA}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568AA}]
2013-08-23 15:51	687816	----a-w-	c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlayHardLink]
@="{0A479751-02BC-11d3-A855-0004AC2568DD}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568DD}]
2013-08-23 15:51	687816	----a-w-	c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlaySymbolicLink]
@="{0A479751-02BC-11d3-A855-0004AC2568EE}"
[HKEY_CLASSES_ROOT\CLSID\{0A479751-02BC-11d3-A855-0004AC2568EE}]
2013-08-23 15:51	687816	----a-w-	c:\program files\LinkShellExtension\HardlinkShellExt.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-09-04  22:09:11
ComboFix-quarantined-files.txt  2013-09-05 02:09
.
Pre-Run: 8,097,120,256 bytes free
Post-Run: 7,960,240,128 bytes free
.
- - End Of File - - 9AD9E4EAF0F013D2F644139ECDB8EB78
8E734BD7AA1D4F7E9AF58DF495F6CF9E

TDSSKiller Logfile

14:17:20.0842 5640  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:17:21.0406 5640  ============================================================
14:17:21.0406 5640  Current date / time: 2013/09/01 14:17:21.0406
14:17:21.0406 5640  SystemInfo:
14:17:21.0406 5640  
14:17:21.0406 5640  OS Version: 6.2.9200 ServicePack: 0.0
14:17:21.0406 5640  Product type: Workstation
14:17:21.0406 5640  ComputerName: TONY-PC
14:17:21.0406 5640  UserName: Tony
14:17:21.0406 5640  Windows directory: C:\Windows
14:17:21.0406 5640  System windows directory: C:\Windows
14:17:21.0406 5640  Running under WOW64
14:17:21.0406 5640  Processor architecture: Intel x64
14:17:21.0406 5640  Number of processors: 4
14:17:21.0406 5640  Page size: 0x1000
14:17:21.0406 5640  Boot type: Normal boot
14:17:21.0406 5640  ============================================================
14:17:21.0612 5640  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x8AB97, SectorsPerTrack: 0x12, TracksPerCylinder: 0xBF, Type 'K0', Flags 0x00000040
14:17:21.0633 5640  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:17:21.0634 5640  Drive \Device\Harddisk2\DR2 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x10A5F, SectorsPerTrack: 0x12, TracksPerCylinder: 0xBF, Type 'K0', Flags 0x00000040
14:17:21.0639 5640  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:17:21.0916 5640  ============================================================
14:17:21.0916 5640  \Device\Harddisk0\DR0:
14:17:21.0916 5640  MBR partitions:
14:17:21.0916 5640  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
14:17:21.0916 5640  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x74656800
14:17:21.0916 5640  \Device\Harddisk1\DR1:
14:17:21.0916 5640  MBR partitions:
14:17:21.0916 5640  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x32F8E
14:17:21.0916 5640  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x438F9000
14:17:21.0970 5640  \Device\Harddisk2\DR2:
14:17:21.0970 5640  MBR partitions:
14:17:21.0970 5640  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
14:17:21.0970 5640  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0xDEE4800
14:17:21.0970 5640  \Device\Harddisk3\DR3:
14:17:21.0970 5640  MBR partitions:
14:17:21.0970 5640  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E080AC
14:17:21.0970 5640  ============================================================
14:17:21.0971 5640  C: <-> \Device\Harddisk2\DR2\Partition2
14:17:21.0977 5640  D: <-> \Device\Harddisk0\DR0\Partition1
14:17:22.0009 5640  E: <-> \Device\Harddisk1\DR1\Partition1
14:17:22.0037 5640  F: <-> \Device\Harddisk0\DR0\Partition2
14:17:22.0038 5640  G: <-> \Device\Harddisk1\DR1\Partition2
14:17:22.0046 5640  I: <-> \Device\Harddisk3\DR3\Partition1
14:17:22.0046 5640  ============================================================
14:17:22.0046 5640  Initialize success
14:17:22.0046 5640  ============================================================
14:17:57.0758 5176  ============================================================
14:17:57.0758 5176  Scan started
14:17:57.0758 5176  Mode: Manual; 
14:17:57.0758 5176  ============================================================
14:17:58.0164 5176  ================ Scan system memory ========================
14:17:58.0164 5176  System memory - ok
14:17:58.0164 5176  ================ Scan services =============================
14:17:58.0226 5176  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
14:17:58.0229 5176  1394ohci - ok
14:17:58.0237 5176  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
14:17:58.0239 5176  3ware - ok
14:17:58.0250 5176  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:17:58.0255 5176  ACPI - ok
14:17:58.0262 5176  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
14:17:58.0264 5176  acpiex - ok
14:17:58.0269 5176  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
14:17:58.0270 5176  acpipagr - ok
14:17:58.0275 5176  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
14:17:58.0276 5176  AcpiPmi - ok
14:17:58.0281 5176  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
14:17:58.0282 5176  acpitime - ok
14:17:58.0293 5176  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:17:58.0299 5176  adp94xx - ok
14:17:58.0309 5176  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:17:58.0313 5176  adpahci - ok
14:17:58.0320 5176  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:17:58.0322 5176  adpu320 - ok
14:17:58.0331 5176  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:17:58.0334 5176  AeLookupSvc - ok
14:17:58.0345 5176  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
14:17:58.0351 5176  AFD - ok
14:17:58.0357 5176  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:17:58.0358 5176  agp440 - ok
14:17:58.0364 5176  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
14:17:58.0365 5176  ALG - ok
14:17:58.0371 5176  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
14:17:58.0373 5176  AllUserInstallAgent - ok
14:17:58.0380 5176  [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:17:58.0384 5176  AMD External Events Utility - ok
14:17:58.0390 5176  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
14:17:58.0391 5176  AmdK8 - ok
14:17:58.0396 5176  [ F2FF8C1B41B3784EDBD5C6D5397F403C ] amdkmafd        C:\Windows\system32\drivers\amdkmafd.sys
14:17:58.0397 5176  amdkmafd - ok
14:17:58.0531 5176  [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:17:58.0652 5176  amdkmdag - ok
14:17:58.0666 5176  [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:17:58.0672 5176  amdkmdap - ok
14:17:58.0679 5176  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
14:17:58.0680 5176  AmdPPM - ok
14:17:58.0685 5176  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:17:58.0687 5176  amdsata - ok
14:17:58.0694 5176  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:17:58.0697 5176  amdsbs - ok
14:17:58.0702 5176  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:17:58.0702 5176  amdxata - ok
14:17:58.0707 5176  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
14:17:58.0708 5176  AppID - ok
14:17:58.0713 5176  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:17:58.0714 5176  AppIDSvc - ok
14:17:58.0720 5176  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\Windows\System32\appinfo.dll
14:17:58.0721 5176  Appinfo - ok
14:17:58.0728 5176  [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:17:58.0730 5176  AppMgmt - ok
14:17:58.0736 5176  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
14:17:58.0737 5176  arc - ok
14:17:58.0743 5176  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:17:58.0744 5176  arcsas - ok
14:17:58.0749 5176  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:17:58.0750 5176  AsyncMac - ok
14:17:58.0754 5176  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:17:58.0755 5176  atapi - ok
14:17:58.0762 5176  [ 13A4B62FEE62843413724C45FD149D45 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys
14:17:58.0763 5176  AtiHDAudioService - ok
14:17:58.0771 5176  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
14:17:58.0773 5176  AudioEndpointBuilder - ok
14:17:58.0786 5176  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:17:58.0795 5176  Audiosrv - ok
14:17:58.0801 5176  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:17:58.0802 5176  AxInstSV - ok
14:17:58.0813 5176  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:17:58.0819 5176  b06bdrv - ok
14:17:58.0824 5176  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
14:17:58.0825 5176  BasicDisplay - ok
14:17:58.0830 5176  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
14:17:58.0830 5176  BasicRender - ok
14:17:58.0839 5176  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:17:58.0842 5176  BDESVC - ok
14:17:58.0846 5176  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:17:58.0847 5176  Beep - ok
14:17:58.0851 5176  [ B1359701847FF1FF415FA083F1610F48 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:17:58.0852 5176  BEService - ok
14:17:58.0865 5176  [ 73133A0C0CA63817BFF2CB9DE65B64E7 ] BFE             C:\Windows\System32\bfe.dll
14:17:58.0873 5176  BFE - ok
14:17:58.0887 5176  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
14:17:58.0897 5176  BITS - ok
14:17:58.0902 5176  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:17:58.0904 5176  bowser - ok
14:17:58.0910 5176  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
14:17:58.0913 5176  BrokerInfrastructure - ok
14:17:58.0918 5176  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
14:17:58.0921 5176  Browser - ok
14:17:58.0926 5176  [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
14:17:58.0927 5176  BthAvrcpTg - ok
14:17:58.0931 5176  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
14:17:58.0932 5176  BthHFEnum - ok
14:17:58.0937 5176  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
14:17:58.0938 5176  bthhfhid - ok
14:17:58.0943 5176  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
14:17:58.0944 5176  BTHMODEM - ok
14:17:58.0951 5176  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
14:17:58.0953 5176  bthserv - ok
14:17:58.0958 5176  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:17:58.0960 5176  cdfs - ok
14:17:58.0967 5176  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
14:17:58.0970 5176  cdrom - ok
14:17:58.0976 5176  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:17:58.0979 5176  CertPropSvc - ok
14:17:58.0984 5176  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
14:17:58.0985 5176  circlass - ok
14:17:58.0993 5176  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
14:17:58.0998 5176  CLFS - ok
14:17:59.0010 5176  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
14:17:59.0011 5176  CmBatt - ok
14:17:59.0021 5176  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:17:59.0028 5176  CNG - ok
14:17:59.0035 5176  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
14:17:59.0036 5176  CompositeBus - ok
14:17:59.0040 5176  COMSysApp - ok
14:17:59.0045 5176  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
14:17:59.0046 5176  condrv - ok
14:17:59.0053 5176  [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:17:59.0054 5176  CryptSvc - ok
14:17:59.0064 5176  [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC             C:\Windows\system32\drivers\csc.sys
14:17:59.0071 5176  CSC - ok
14:17:59.0084 5176  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService      C:\Windows\System32\cscsvc.dll
14:17:59.0093 5176  CscService - ok
14:17:59.0098 5176  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
14:17:59.0099 5176  dam - ok
14:17:59.0114 5176  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:17:59.0124 5176  DcomLaunch - ok
14:17:59.0133 5176  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:17:59.0138 5176  defragsvc - ok
14:17:59.0146 5176  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
14:17:59.0151 5176  DeviceAssociationService - ok
14:17:59.0157 5176  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
14:17:59.0160 5176  DeviceInstall - ok
14:17:59.0165 5176  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
14:17:59.0167 5176  Dfsc - ok
14:17:59.0176 5176  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:17:59.0180 5176  Dhcp - ok
14:17:59.0185 5176  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
14:17:59.0186 5176  discache - ok
14:17:59.0191 5176  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
14:17:59.0192 5176  disk - ok
14:17:59.0197 5176  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
14:17:59.0198 5176  dmvsc - ok
14:17:59.0205 5176  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:17:59.0208 5176  Dnscache - ok
14:17:59.0216 5176  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
14:17:59.0219 5176  dot3svc - ok
14:17:59.0226 5176  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
14:17:59.0229 5176  DPS - ok
14:17:59.0256 5176  [ 308195495181C8F3D51E6ED5B58D54AC ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
14:17:59.0279 5176  DragonUpdater - ok
14:17:59.0284 5176  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:17:59.0285 5176  drmkaud - ok
14:17:59.0291 5176  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
14:17:59.0294 5176  DsmSvc - ok
14:17:59.0315 5176  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:17:59.0331 5176  DXGKrnl - ok
14:17:59.0337 5176  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
14:17:59.0339 5176  Eaphost - ok
14:17:59.0378 5176  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:17:59.0413 5176  ebdrv - ok
14:17:59.0419 5176  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
14:17:59.0421 5176  EFS - ok
14:17:59.0426 5176  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
14:17:59.0427 5176  EhStorClass - ok
14:17:59.0432 5176  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
14:17:59.0434 5176  EhStorTcgDrv - ok
14:17:59.0439 5176  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
14:17:59.0439 5176  ErrDev - ok
14:17:59.0452 5176  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
14:17:59.0458 5176  EventSystem - ok
14:17:59.0465 5176  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:17:59.0467 5176  exfat - ok
14:17:59.0477 5176  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:17:59.0480 5176  fastfat - ok
14:17:59.0492 5176  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
14:17:59.0500 5176  Fax - ok
14:17:59.0505 5176  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
14:17:59.0505 5176  fdc - ok
14:17:59.0510 5176  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
14:17:59.0511 5176  fdPHost - ok
14:17:59.0516 5176  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
14:17:59.0517 5176  FDResPub - ok
14:17:59.0523 5176  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
14:17:59.0525 5176  fhsvc - ok
14:17:59.0530 5176  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:17:59.0532 5176  FileInfo - ok
14:17:59.0536 5176  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:17:59.0537 5176  Filetrace - ok
14:17:59.0541 5176  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
14:17:59.0542 5176  flpydisk - ok
14:17:59.0550 5176  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:17:59.0554 5176  FltMgr - ok
14:17:59.0573 5176  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
14:17:59.0587 5176  FontCache - ok
14:17:59.0594 5176  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:17:59.0595 5176  FontCache3.0.0.0 - ok
14:17:59.0599 5176  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:17:59.0601 5176  FsDepends - ok
14:17:59.0605 5176  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:17:59.0606 5176  Fs_Rec - ok
14:17:59.0616 5176  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:17:59.0621 5176  fvevol - ok
14:17:59.0626 5176  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
14:17:59.0627 5176  FxPPM - ok
14:17:59.0631 5176  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:17:59.0633 5176  gagp30kx - ok
14:17:59.0638 5176  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
14:17:59.0639 5176  gencounter - ok
14:17:59.0644 5176  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
14:17:59.0646 5176  GPIOClx0101 - ok
14:17:59.0667 5176  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:17:59.0682 5176  gpsvc - ok
14:17:59.0692 5176  [ 630555943E5A3FE21010CE91EC7FC84F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:17:59.0696 5176  HdAudAddService - ok
14:17:59.0702 5176  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
14:17:59.0703 5176  HDAudBus - ok
14:17:59.0708 5176  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
14:17:59.0709 5176  HidBatt - ok
14:17:59.0714 5176  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
14:17:59.0716 5176  HidBth - ok
14:17:59.0721 5176  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
14:17:59.0722 5176  hidi2c - ok
14:17:59.0726 5176  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
14:17:59.0727 5176  HidIr - ok
14:17:59.0731 5176  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
14:17:59.0733 5176  hidserv - ok
14:17:59.0737 5176  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
14:17:59.0738 5176  HidUsb - ok
14:17:59.0808 5176  [ 7B941D5D376E20C9C3B394717FCEAE15 ] HiPatchService  F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
14:17:59.0809 5176  HiPatchService - ok
14:17:59.0816 5176  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:17:59.0819 5176  hkmsvc - ok
14:17:59.0828 5176  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:17:59.0833 5176  HomeGroupListener - ok
14:17:59.0843 5176  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:17:59.0849 5176  HomeGroupProvider - ok
14:17:59.0855 5176  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:17:59.0857 5176  HpSAMD - ok
14:17:59.0870 5176  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:17:59.0880 5176  HTTP - ok
14:17:59.0885 5176  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:17:59.0886 5176  hwpolicy - ok
14:17:59.0890 5176  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
14:17:59.0891 5176  hyperkbd - ok
14:17:59.0894 5176  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
14:17:59.0895 5176  HyperVideo - ok
14:17:59.0901 5176  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
14:17:59.0902 5176  i8042prt - ok
14:17:59.0912 5176  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:17:59.0917 5176  iaStorV - ok
14:17:59.0922 5176  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:17:59.0923 5176  iirsp - ok
14:17:59.0940 5176  [ 3884117CE4FEC35E4A1A7A62918B1F34 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:17:59.0953 5176  IKEEXT - ok
14:17:59.0959 5176  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:17:59.0960 5176  intelide - ok
14:17:59.0965 5176  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
14:17:59.0966 5176  intelppm - ok
14:17:59.0972 5176  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:17:59.0973 5176  IpFilterDriver - ok
14:17:59.0988 5176  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:17:59.0998 5176  iphlpsvc - ok
14:18:00.0004 5176  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
14:18:00.0005 5176  IPMIDRV - ok
14:18:00.0012 5176  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:18:00.0013 5176  IPNAT - ok
14:18:00.0018 5176  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:18:00.0019 5176  IRENUM - ok
14:18:00.0023 5176  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:18:00.0024 5176  isapnp - ok
14:18:00.0032 5176  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
14:18:00.0035 5176  iScsiPrt - ok
14:18:00.0041 5176  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
14:18:00.0042 5176  kbdclass - ok
14:18:00.0046 5176  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
14:18:00.0047 5176  kbdhid - ok
14:18:00.0051 5176  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
14:18:00.0052 5176  kdnic - ok
14:18:00.0057 5176  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
14:18:00.0058 5176  KeyIso - ok
14:18:00.0063 5176  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:18:00.0065 5176  KSecDD - ok
14:18:00.0072 5176  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:18:00.0074 5176  KSecPkg - ok
14:18:00.0079 5176  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:18:00.0079 5176  ksthunk - ok
14:18:00.0088 5176  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:18:00.0093 5176  KtmRm - ok
14:18:00.0099 5176  [ 028F31A7CC8231661A3C9C1F7EE7160D ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
14:18:00.0100 5176  L1E - ok
14:18:00.0108 5176  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:18:00.0113 5176  LanmanServer - ok
14:18:00.0120 5176  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:18:00.0124 5176  LanmanWorkstation - ok
14:18:00.0130 5176  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:18:00.0132 5176  lltdio - ok
14:18:00.0139 5176  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:18:00.0143 5176  lltdsvc - ok
14:18:00.0148 5176  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:18:00.0149 5176  lmhosts - ok
14:18:00.0156 5176  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:18:00.0158 5176  LSI_SAS - ok
14:18:00.0163 5176  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:18:00.0164 5176  LSI_SAS2 - ok
14:18:00.0170 5176  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:18:00.0172 5176  LSI_SCSI - ok
14:18:00.0177 5176  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
14:18:00.0178 5176  LSI_SSS - ok
14:18:00.0188 5176  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
14:18:00.0193 5176  LSM - ok
14:18:00.0199 5176  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:18:00.0201 5176  luafv - ok
14:18:00.0206 5176  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
14:18:00.0207 5176  megasas - ok
14:18:00.0216 5176  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:18:00.0220 5176  MegaSR - ok
14:18:00.0226 5176  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
14:18:00.0228 5176  MMCSS - ok
14:18:00.0233 5176  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
14:18:00.0234 5176  Modem - ok
14:18:00.0239 5176  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\Windows\System32\drivers\monitor.sys
14:18:00.0240 5176  monitor - ok
14:18:00.0244 5176  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
14:18:00.0246 5176  mouclass - ok
14:18:00.0250 5176  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\Windows\System32\drivers\mouhid.sys
14:18:00.0251 5176  mouhid - ok
14:18:00.0256 5176  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:18:00.0257 5176  mountmgr - ok
14:18:00.0262 5176  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:18:00.0263 5176  mpsdrv - ok
14:18:00.0277 5176  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:18:00.0288 5176  MpsSvc - ok
14:18:00.0294 5176  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:18:00.0296 5176  MRxDAV - ok
14:18:00.0305 5176  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:18:00.0309 5176  mrxsmb - ok
14:18:00.0317 5176  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:18:00.0321 5176  mrxsmb10 - ok
14:18:00.0328 5176  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:18:00.0331 5176  mrxsmb20 - ok
14:18:00.0337 5176  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
14:18:00.0339 5176  MsBridge - ok
14:18:00.0345 5176  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
14:18:00.0348 5176  MSDTC - ok
14:18:00.0358 5176  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:18:00.0359 5176  Msfs - ok
14:18:00.0364 5176  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
14:18:00.0365 5176  msgpiowin32 - ok
14:18:00.0369 5176  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:18:00.0371 5176  mshidkmdf - ok
14:18:00.0376 5176  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
14:18:00.0376 5176  mshidumdf - ok
14:18:00.0381 5176  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:18:00.0382 5176  msisadrv - ok
14:18:00.0388 5176  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:18:00.0391 5176  MSiSCSI - ok
14:18:00.0396 5176  msiserver - ok
14:18:00.0400 5176  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:18:00.0401 5176  MSKSSRV - ok
14:18:00.0406 5176  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
14:18:00.0407 5176  MsLldp - ok
14:18:00.0411 5176  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:18:00.0412 5176  MSPCLOCK - ok
14:18:00.0416 5176  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:18:00.0417 5176  MSPQM - ok
14:18:00.0426 5176  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:18:00.0430 5176  MsRPC - ok
14:18:00.0437 5176  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
14:18:00.0438 5176  mssmbios - ok
14:18:00.0442 5176  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:18:00.0443 5176  MSTEE - ok
14:18:00.0447 5176  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
14:18:00.0448 5176  MTConfig - ok
14:18:00.0452 5176  [ 640617B6E682A150C36BE39D78547F6C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
14:18:00.0452 5176  MTsensor - ok
14:18:00.0457 5176  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:18:00.0458 5176  Mup - ok
14:18:00.0463 5176  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
14:18:00.0464 5176  mvumis - ok
14:18:00.0474 5176  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
14:18:00.0480 5176  napagent - ok
14:18:00.0491 5176  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:18:00.0496 5176  NativeWifiP - ok
14:18:00.0502 5176  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
14:18:00.0506 5176  NcaSvc - ok
14:18:00.0511 5176  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
14:18:00.0513 5176  NcdAutoSetup - ok
14:18:00.0528 5176  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:18:00.0539 5176  NDIS - ok
14:18:00.0545 5176  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:18:00.0546 5176  NdisCap - ok
14:18:00.0551 5176  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
14:18:00.0553 5176  NdisImPlatform - ok
14:18:00.0558 5176  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:18:00.0559 5176  NdisTapi - ok
14:18:00.0563 5176  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:18:00.0565 5176  Ndisuio - ok
14:18:00.0570 5176  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:18:00.0572 5176  NdisWan - ok
14:18:00.0577 5176  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
14:18:00.0578 5176  NDISWANLEGACY - ok
14:18:00.0583 5176  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:18:00.0583 5176  NDProxy - ok
14:18:00.0588 5176  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
14:18:00.0590 5176  Ndu - ok
14:18:00.0595 5176  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:18:00.0596 5176  NetBIOS - ok
14:18:00.0603 5176  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:18:00.0607 5176  NetBT - ok
14:18:00.0612 5176  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
14:18:00.0613 5176  Netlogon - ok
14:18:00.0620 5176  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
14:18:00.0625 5176  Netman - ok
14:18:00.0635 5176  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\Windows\System32\netprofmsvc.dll
14:18:00.0642 5176  netprofm - ok
14:18:00.0650 5176  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:00.0652 5176  NetTcpPortSharing - ok
14:18:00.0658 5176  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:18:00.0659 5176  nfrd960 - ok
14:18:00.0666 5176  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:18:00.0672 5176  NlaSvc - ok
14:18:00.0676 5176  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:18:00.0677 5176  Npfs - ok
14:18:00.0681 5176  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
14:18:00.0682 5176  npsvctrig - ok
14:18:00.0686 5176  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
14:18:00.0688 5176  nsi - ok
14:18:00.0692 5176  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:18:00.0693 5176  nsiproxy - ok
14:18:00.0720 5176  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:18:00.0741 5176  Ntfs - ok
14:18:00.0745 5176  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
14:18:00.0746 5176  Null - ok
14:18:00.0752 5176  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:18:00.0754 5176  nvraid - ok
14:18:00.0761 5176  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:18:00.0763 5176  nvstor - ok
14:18:00.0770 5176  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:18:00.0772 5176  nv_agp - ok
14:18:00.0780 5176  [ 074B0452D8C9092CF3EC5F3610F37428 ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\VPNService.exe
14:18:00.0784 5176  OkayFreedom VPN Starter Service - ok
14:18:00.0792 5176  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:18:00.0797 5176  p2pimsvc - ok
14:18:00.0806 5176  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:18:00.0813 5176  p2psvc - ok
14:18:00.0819 5176  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
14:18:00.0820 5176  Parport - ok
14:18:00.0826 5176  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:18:00.0827 5176  partmgr - ok
14:18:00.0835 5176  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:18:00.0841 5176  PcaSvc - ok
14:18:00.0849 5176  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
14:18:00.0852 5176  pci - ok
14:18:00.0856 5176  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:18:00.0857 5176  pciide - ok
14:18:00.0864 5176  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:18:00.0867 5176  pcmcia - ok
14:18:00.0872 5176  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:18:00.0873 5176  pcw - ok
14:18:00.0877 5176  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\Windows\system32\drivers\pdc.sys
14:18:00.0879 5176  pdc - ok
14:18:00.0892 5176  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:18:00.0901 5176  PEAUTH - ok
14:18:00.0932 5176  [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:18:00.0959 5176  PeerDistSvc - ok
14:18:00.0996 5176  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:18:00.0997 5176  PerfHost - ok
14:18:01.0023 5176  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
14:18:01.0039 5176  pla - ok
14:18:01.0046 5176  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:18:01.0048 5176  PlugPlay - ok
14:18:01.0053 5176  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:18:01.0055 5176  PNRPAutoReg - ok
14:18:01.0062 5176  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:18:01.0065 5176  PNRPsvc - ok
14:18:01.0075 5176  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:18:01.0081 5176  PolicyAgent - ok
14:18:01.0088 5176  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
14:18:01.0091 5176  Power - ok
14:18:01.0097 5176  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:18:01.0099 5176  PptpMiniport - ok
14:18:01.0133 5176  [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
14:18:01.0164 5176  PrintNotify - ok
14:18:01.0172 5176  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
14:18:01.0173 5176  Processor - ok
14:18:01.0181 5176  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
14:18:01.0185 5176  ProfSvc - ok
14:18:01.0191 5176  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:18:01.0192 5176  Psched - ok
14:18:01.0200 5176  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
14:18:01.0204 5176  QWAVE - ok
14:18:01.0210 5176  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:18:01.0211 5176  QWAVEdrv - ok
14:18:01.0215 5176  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:18:01.0215 5176  RasAcd - ok
14:18:01.0220 5176  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:18:01.0221 5176  RasAgileVpn - ok
14:18:01.0227 5176  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
14:18:01.0229 5176  RasAuto - ok
14:18:01.0235 5176  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:18:01.0237 5176  Rasl2tp - ok
14:18:01.0245 5176  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
14:18:01.0250 5176  RasMan - ok
14:18:01.0255 5176  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:18:01.0257 5176  RasPppoe - ok
14:18:01.0262 5176  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:18:01.0264 5176  RasSstp - ok
14:18:01.0273 5176  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:18:01.0278 5176  rdbss - ok
14:18:01.0285 5176  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
14:18:01.0286 5176  rdpbus - ok
14:18:01.0292 5176  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:18:01.0294 5176  RDPDR - ok
14:18:01.0302 5176  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:18:01.0303 5176  RdpVideoMiniport - ok
14:18:01.0309 5176  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:18:01.0312 5176  RDPWD - ok
14:18:01.0318 5176  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:18:01.0321 5176  rdyboost - ok
14:18:01.0328 5176  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:18:01.0330 5176  RemoteAccess - ok
14:18:01.0336 5176  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:18:01.0340 5176  RemoteRegistry - ok
14:18:01.0346 5176  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:18:01.0348 5176  RpcEptMapper - ok
14:18:01.0352 5176  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
14:18:01.0354 5176  RpcLocator - ok
14:18:01.0367 5176  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
14:18:01.0372 5176  RpcSs - ok
14:18:01.0377 5176  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:18:01.0379 5176  rspndr - ok
14:18:01.0384 5176  [ 68DD0457D18FCCEF7384AE84022F0C86 ] RTL8023x64      C:\Windows\system32\DRIVERS\Rtnic64.sys
14:18:01.0385 5176  RTL8023x64 - ok
14:18:01.0389 5176  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
14:18:01.0390 5176  s3cap - ok
14:18:01.0396 5176  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
14:18:01.0397 5176  SamSs - ok
14:18:01.0403 5176  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:18:01.0405 5176  sbp2port - ok
14:18:01.0412 5176  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:18:01.0415 5176  SCardSvr - ok
14:18:01.0420 5176  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:18:01.0421 5176  scfilter - ok
14:18:01.0439 5176  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\Windows\system32\schedsvc.dll
14:18:01.0454 5176  Schedule - ok
14:18:01.0461 5176  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:18:01.0462 5176  SCPolicySvc - ok
14:18:01.0469 5176  [ F58B030A0664385C707B8C1C63682041 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
14:18:01.0472 5176  sdbus - ok
14:18:01.0481 5176  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:18:01.0485 5176  SDRSVC - ok
14:18:01.0510 5176  [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:18:01.0519 5176  SDScannerService - ok
14:18:01.0525 5176  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
14:18:01.0526 5176  sdstor - ok
14:18:01.0540 5176  [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:18:01.0545 5176  SDUpdateService - ok
14:18:01.0550 5176  [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:18:01.0551 5176  SDWSCService - ok
14:18:01.0556 5176  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:18:01.0557 5176  secdrv - ok
14:18:01.0562 5176  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
14:18:01.0564 5176  seclogon - ok
14:18:01.0569 5176  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
14:18:01.0571 5176  SENS - ok
14:18:01.0577 5176  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:18:01.0581 5176  SensrSvc - ok
14:18:01.0586 5176  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
14:18:01.0587 5176  SerCx - ok
14:18:01.0592 5176  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
14:18:01.0593 5176  Serenum - ok
14:18:01.0598 5176  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
14:18:01.0599 5176  Serial - ok
14:18:01.0604 5176  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
14:18:01.0605 5176  sermouse - ok
14:18:01.0617 5176  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
14:18:01.0622 5176  SessionEnv - ok
14:18:01.0627 5176  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
14:18:01.0628 5176  sfloppy - ok
14:18:01.0637 5176  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:18:01.0643 5176  SharedAccess - ok
14:18:01.0654 5176  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:18:01.0662 5176  ShellHWDetection - ok
14:18:01.0666 5176  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:18:01.0668 5176  SiSRaid2 - ok
14:18:01.0673 5176  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:18:01.0674 5176  SiSRaid4 - ok
14:18:01.0679 5176  [ 9CD1BB2DB803B6AC642BD643DDB773BC ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:18:01.0681 5176  SkypeUpdate - ok
14:18:01.0690 5176  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:18:01.0692 5176  SNMPTRAP - ok
14:18:01.0699 5176  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
14:18:01.0703 5176  spaceport - ok
14:18:01.0708 5176  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
14:18:01.0709 5176  SpbCx - ok
14:18:01.0722 5176  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
14:18:01.0732 5176  Spooler - ok
14:18:01.0790 5176  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:18:01.0842 5176  sppsvc - ok
14:18:01.0853 5176  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:18:01.0858 5176  srv - ok
14:18:01.0869 5176  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:18:01.0876 5176  srv2 - ok
14:18:01.0883 5176  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:18:01.0886 5176  srvnet - ok
14:18:01.0894 5176  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:18:01.0898 5176  SSDPSRV - ok
14:18:01.0903 5176  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:18:01.0906 5176  SstpSvc - ok
14:18:01.0915 5176  [ 394BC2EEC0D81F70B80B0D951665A690 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:18:01.0921 5176  Steam Client Service - ok
14:18:01.0926 5176  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:18:01.0927 5176  stexstor - ok
14:18:01.0937 5176  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
14:18:01.0945 5176  stisvc - ok
14:18:01.0950 5176  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\Windows\system32\drivers\storahci.sys
14:18:01.0951 5176  storahci - ok
14:18:01.0955 5176  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
14:18:01.0957 5176  storflt - ok
14:18:01.0961 5176  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
14:18:01.0963 5176  StorSvc - ok
14:18:01.0967 5176  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:18:01.0968 5176  storvsc - ok
14:18:01.0972 5176  [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp         C:\Windows\System32\drivers\storvsp.sys
14:18:01.0974 5176  storvsp - ok
14:18:01.0978 5176  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
14:18:01.0980 5176  svsvc - ok
14:18:01.0984 5176  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
14:18:01.0985 5176  swenum - ok
14:18:01.0995 5176  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
14:18:02.0002 5176  swprv - ok
14:18:02.0022 5176  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\Windows\system32\sysmain.dll
14:18:02.0038 5176  SysMain - ok
14:18:02.0045 5176  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
14:18:02.0049 5176  SystemEventsBroker - ok
14:18:02.0054 5176  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
14:18:02.0057 5176  TabletInputService - ok
14:18:02.0062 5176  [ D0B07EED9DDEC5C69521C689B7BF455F ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:18:02.0063 5176  tap0901 - ok
14:18:02.0070 5176  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:18:02.0075 5176  TapiSrv - ok
14:18:02.0104 5176  [ 1794C43A000A47D92B3304FC1E3E512A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:18:02.0130 5176  Tcpip - ok
14:18:02.0159 5176  [ 1794C43A000A47D92B3304FC1E3E512A ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:18:02.0169 5176  TCPIP6 - ok
14:18:02.0177 5176  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:18:02.0178 5176  tcpipreg - ok
14:18:02.0185 5176  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:18:02.0187 5176  tdx - ok
14:18:02.0191 5176  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
14:18:02.0192 5176  terminpt - ok
14:18:02.0204 5176  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
14:18:02.0213 5176  TermService - ok
14:18:02.0218 5176  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
14:18:02.0221 5176  Themes - ok
14:18:02.0226 5176  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:18:02.0227 5176  THREADORDER - ok
14:18:02.0233 5176  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
14:18:02.0237 5176  TimeBroker - ok
14:18:02.0243 5176  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\Windows\system32\drivers\tpm.sys
14:18:02.0246 5176  TPM - ok
14:18:02.0252 5176  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
14:18:02.0255 5176  TrkWks - ok
14:18:02.0259 5176  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:18:02.0261 5176  TrustedInstaller - ok
14:18:02.0268 5176  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:18:02.0269 5176  TsUsbFlt - ok
14:18:02.0273 5176  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
14:18:02.0274 5176  TsUsbGD - ok
14:18:02.0280 5176  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:18:02.0282 5176  tunnel - ok
14:18:02.0287 5176  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:18:02.0288 5176  uagp35 - ok
14:18:02.0294 5176  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
14:18:02.0295 5176  UASPStor - ok
14:18:02.0302 5176  [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
14:18:02.0304 5176  UCX01000 - ok
14:18:02.0313 5176  [ 25C50F4EDF70D0A831E0566BD181CCF2 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:18:02.0317 5176  udfs - ok
14:18:02.0325 5176  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:18:02.0328 5176  UI0Detect - ok
14:18:02.0333 5176  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:18:02.0334 5176  uliagpkx - ok
14:18:02.0339 5176  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
14:18:02.0340 5176  umbus - ok
14:18:02.0345 5176  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
14:18:02.0346 5176  UmPass - ok
14:18:02.0353 5176  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
14:18:02.0357 5176  UmRdpService - ok
14:18:02.0367 5176  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
14:18:02.0375 5176  upnphost - ok
14:18:02.0381 5176  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
14:18:02.0383 5176  usbccgp - ok
14:18:02.0389 5176  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
14:18:02.0390 5176  usbcir - ok
14:18:02.0396 5176  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
14:18:02.0397 5176  usbehci - ok
14:18:02.0407 5176  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
14:18:02.0413 5176  usbhub - ok
14:18:02.0422 5176  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
14:18:02.0428 5176  USBHUB3 - ok
14:18:02.0433 5176  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
14:18:02.0433 5176  usbohci - ok
14:18:02.0438 5176  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
14:18:02.0438 5176  usbprint - ok
14:18:02.0443 5176  [ BFC7FE4AAEB61317A921871B4085EF4B ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
14:18:02.0445 5176  USBSTOR - ok
14:18:02.0450 5176  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
14:18:02.0451 5176  usbuhci - ok
14:18:02.0457 5176  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:18:02.0460 5176  usbvideo - ok
14:18:02.0469 5176  [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
14:18:02.0473 5176  USBXHCI - ok
14:18:02.0478 5176  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
14:18:02.0479 5176  VaultSvc - ok
14:18:02.0483 5176  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:18:02.0484 5176  vdrvroot - ok
14:18:02.0496 5176  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\Windows\System32\vds.exe
14:18:02.0505 5176  vds - ok
14:18:02.0512 5176  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
14:18:02.0513 5176  VerifierExt - ok
14:18:02.0523 5176  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
14:18:02.0529 5176  vhdmp - ok
14:18:02.0534 5176  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
14:18:02.0535 5176  viaide - ok
14:18:02.0542 5176  [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid             C:\Windows\System32\drivers\Vid.sys
14:18:02.0544 5176  Vid - ok
14:18:02.0551 5176  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:18:02.0553 5176  vmbus - ok
14:18:02.0558 5176  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
14:18:02.0559 5176  VMBusHID - ok
14:18:02.0565 5176  [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
14:18:02.0566 5176  vmbusr - ok
14:18:02.0574 5176  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
14:18:02.0579 5176  vmicheartbeat - ok
14:18:02.0585 5176  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
14:18:02.0588 5176  vmickvpexchange - ok
14:18:02.0594 5176  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
14:18:02.0596 5176  vmicrdv - ok
14:18:02.0603 5176  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
14:18:02.0605 5176  vmicshutdown - ok
14:18:02.0611 5176  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
14:18:02.0614 5176  vmictimesync - ok
14:18:02.0620 5176  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
14:18:02.0622 5176  vmicvss - ok
14:18:02.0628 5176  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:18:02.0629 5176  volmgr - ok
14:18:02.0638 5176  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:18:02.0642 5176  volmgrx - ok
14:18:02.0651 5176  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:18:02.0655 5176  volsnap - ok
14:18:02.0660 5176  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
14:18:02.0662 5176  vpci - ok
14:18:02.0666 5176  [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
14:18:02.0668 5176  vpcivsp - ok
14:18:02.0674 5176  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:18:02.0676 5176  vsmraid - ok
14:18:02.0698 5176  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\Windows\system32\vssvc.exe
14:18:02.0715 5176  VSS - ok
14:18:02.0723 5176  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
14:18:02.0727 5176  VSTXRAID - ok
14:18:02.0731 5176  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:18:02.0732 5176  vwifibus - ok
14:18:02.0741 5176  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
14:18:02.0747 5176  W32Time - ok
14:18:02.0751 5176  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
14:18:02.0752 5176  WacomPen - ok
14:18:02.0757 5176  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:18:02.0759 5176  Wanarp - ok
14:18:02.0762 5176  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:18:02.0763 5176  Wanarpv6 - ok
14:18:02.0785 5176  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
14:18:02.0804 5176  wbengine - ok
14:18:02.0812 5176  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:18:02.0817 5176  WbioSrvc - ok
14:18:02.0824 5176  [ AF1349386D4C6786EF4E34FACEF15042 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
14:18:02.0829 5176  Wcmsvc - ok
14:18:02.0838 5176  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:18:02.0845 5176  wcncsvc - ok
14:18:02.0849 5176  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:18:02.0852 5176  WcsPlugInService - ok
14:18:02.0855 5176  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
14:18:02.0856 5176  Wd - ok
14:18:02.0861 5176  [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
14:18:02.0862 5176  WdBoot - ok
14:18:02.0874 5176  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:18:02.0883 5176  Wdf01000 - ok
14:18:02.0890 5176  [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
14:18:02.0893 5176  WdFilter - ok
14:18:02.0899 5176  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:18:02.0902 5176  WdiServiceHost - ok
14:18:02.0905 5176  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:18:02.0907 5176  WdiSystemHost - ok
14:18:02.0914 5176  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
14:18:02.0918 5176  WebClient - ok
14:18:02.0924 5176  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:18:02.0929 5176  Wecsvc - ok
14:18:02.0934 5176  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:18:02.0936 5176  wercplsupport - ok
14:18:02.0941 5176  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:18:02.0944 5176  WerSvc - ok
14:18:02.0950 5176  [ 3F1F31883EAC9DDDF836ACC6D1DAC36C ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
14:18:02.0951 5176  WFPLWFS - ok
14:18:02.0956 5176  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
14:18:02.0959 5176  WiaRpc - ok
14:18:02.0964 5176  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:18:02.0966 5176  WIMMount - ok
14:18:02.0969 5176  WinDefend - ok
14:18:02.0988 5176  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
14:18:02.0997 5176  WinHttpAutoProxySvc - ok
14:18:03.0008 5176  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:18:03.0011 5176  Winmgmt - ok
14:18:03.0046 5176  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:18:03.0077 5176  WinRM - ok
14:18:03.0086 5176  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:18:03.0087 5176  WinUsb - ok
14:18:03.0106 5176  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
14:18:03.0122 5176  WlanSvc - ok
14:18:03.0148 5176  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
14:18:03.0172 5176  wlidsvc - ok
14:18:03.0178 5176  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
14:18:03.0179 5176  WmiAcpi - ok
14:18:03.0188 5176  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:18:03.0191 5176  wmiApSrv - ok
14:18:03.0194 5176  WMPNetworkSvc - ok
14:18:03.0202 5176  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
14:18:03.0203 5176  wpcfltr - ok
14:18:03.0207 5176  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:18:03.0209 5176  WPCSvc - ok
14:18:03.0215 5176  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:18:03.0218 5176  WPDBusEnum - ok
14:18:03.0222 5176  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
14:18:03.0223 5176  WpdUpFltr - ok
14:18:03.0227 5176  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:18:03.0228 5176  ws2ifsl - ok
14:18:03.0233 5176  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\Windows\System32\wscsvc.dll
14:18:03.0236 5176  wscsvc - ok
14:18:03.0240 5176  WSearch - ok
14:18:03.0272 5176  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
14:18:03.0301 5176  WSService - ok
14:18:03.0342 5176  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\Windows\system32\wuaueng.dll
14:18:03.0377 5176  wuauserv - ok
14:18:03.0383 5176  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:18:03.0385 5176  WudfPf - ok
14:18:03.0391 5176  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
14:18:03.0393 5176  WUDFRd - ok
14:18:03.0398 5176  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:18:03.0401 5176  wudfsvc - ok
14:18:03.0407 5176  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
14:18:03.0409 5176  WUDFWpdFs - ok
14:18:03.0414 5176  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
14:18:03.0415 5176  WUDFWpdMtp - ok
14:18:03.0424 5176  [ 6D9E07436B6646EC8F7EFFD39B6BA288 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:18:03.0431 5176  WwanSvc - ok
14:18:03.0439 5176  ================ Scan global ===============================
14:18:03.0444 5176  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
14:18:03.0450 5176  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
14:18:03.0458 5176  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
14:18:03.0467 5176  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
14:18:03.0473 5176  [Global] - ok
14:18:03.0473 5176  ================ Scan MBR ==================================
14:18:03.0476 5176  [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0
14:18:03.0499 5176  \Device\Harddisk0\DR0 - ok
14:18:03.0523 5176  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:18:03.0800 5176  \Device\Harddisk1\DR1 - ok
14:18:03.0805 5176  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:18:03.0913 5176  \Device\Harddisk2\DR2 - ok
14:18:03.0917 5176  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
14:18:03.0921 5176  \Device\Harddisk3\DR3 - ok
14:18:03.0922 5176  ================ Scan VBR ==================================
14:18:03.0924 5176  [ 74CEE8DAF509AF77AE1D7E9EBF56BFC3 ] \Device\Harddisk0\DR0\Partition1
14:18:03.0925 5176  \Device\Harddisk0\DR0\Partition1 - ok
14:18:03.0928 5176  [ D19E357A8D3EF9004AAEC498E795389D ] \Device\Harddisk0\DR0\Partition2
14:18:03.0929 5176  \Device\Harddisk0\DR0\Partition2 - ok
14:18:03.0932 5176  [ A321AA4A1674842DBDDAB7EF6DA32383 ] \Device\Harddisk1\DR1\Partition1
14:18:03.0933 5176  \Device\Harddisk1\DR1\Partition1 - ok
14:18:03.0935 5176  [ 1AB7F160CC7B9014BF586F3BA99B3520 ] \Device\Harddisk1\DR1\Partition2
14:18:03.0936 5176  \Device\Harddisk1\DR1\Partition2 - ok
14:18:03.0939 5176  [ 5CDC314D12B79CE33CE8FF5B80A2755E ] \Device\Harddisk2\DR2\Partition1
14:18:03.0940 5176  \Device\Harddisk2\DR2\Partition1 - ok
14:18:03.0942 5176  [ 83A8B7A947584DD117DF697D5379E478 ] \Device\Harddisk2\DR2\Partition2
14:18:03.0944 5176  \Device\Harddisk2\DR2\Partition2 - ok
14:18:03.0947 5176  [ E8BC5CAE4863995E260B108C83B18996 ] \Device\Harddisk3\DR3\Partition1
14:18:03.0949 5176  \Device\Harddisk3\DR3\Partition1 - ok
14:18:03.0950 5176  ============================================================
14:18:03.0950 5176  Scan finished
14:18:03.0950 5176  ============================================================
14:18:03.0964 3300  Detected object count: 0
14:18:03.0964 3300  Actual detected object count: 0
14:18:11.0580 3916  ============================================================
14:18:11.0580 3916  Scan started
14:18:11.0580 3916  Mode: Manual; SigCheck; TDLFS; 
14:18:11.0580 3916  ============================================================
14:18:11.0696 3916  ================ Scan system memory ========================
14:18:11.0696 3916  System memory - ok
14:18:11.0697 3916  ================ Scan services =============================
14:18:11.0755 3916  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
14:18:11.0793 3916  1394ohci - ok
14:18:11.0798 3916  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
14:18:11.0809 3916  3ware - ok
14:18:11.0819 3916  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:18:11.0834 3916  ACPI - ok
14:18:11.0840 3916  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
14:18:11.0849 3916  acpiex - ok
14:18:11.0853 3916  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
14:18:11.0863 3916  acpipagr - ok
14:18:11.0867 3916  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
14:18:11.0877 3916  AcpiPmi - ok
14:18:11.0882 3916  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
14:18:11.0892 3916  acpitime - ok
14:18:11.0901 3916  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:18:11.0917 3916  adp94xx - ok
14:18:11.0925 3916  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:18:11.0940 3916  adpahci - ok
14:18:11.0946 3916  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:18:11.0957 3916  adpu320 - ok
14:18:11.0965 3916  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:18:11.0978 3916  AeLookupSvc - ok
14:18:11.0988 3916  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
14:18:12.0003 3916  AFD - ok
14:18:12.0009 3916  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:18:12.0018 3916  agp440 - ok
14:18:12.0023 3916  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
14:18:12.0039 3916  ALG - ok
14:18:12.0045 3916  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
14:18:12.0056 3916  AllUserInstallAgent - ok
14:18:12.0063 3916  [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:18:12.0085 3916  AMD External Events Utility - ok
14:18:12.0090 3916  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
14:18:12.0101 3916  AmdK8 - ok
14:18:12.0106 3916  [ F2FF8C1B41B3784EDBD5C6D5397F403C ] amdkmafd        C:\Windows\system32\drivers\amdkmafd.sys
14:18:12.0121 3916  amdkmafd - ok
14:18:12.0260 3916  [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:18:12.0371 3916  amdkmdag - ok
14:18:12.0386 3916  [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:18:12.0404 3916  amdkmdap - ok
14:18:12.0409 3916  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
14:18:12.0419 3916  AmdPPM - ok
14:18:12.0424 3916  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:18:12.0433 3916  amdsata - ok
14:18:12.0440 3916  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:18:12.0452 3916  amdsbs - ok
14:18:12.0457 3916  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:18:12.0465 3916  amdxata - ok
14:18:12.0470 3916  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
14:18:12.0486 3916  AppID - ok
14:18:12.0491 3916  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:18:12.0503 3916  AppIDSvc - ok
14:18:12.0508 3916  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\Windows\System32\appinfo.dll
14:18:12.0519 3916  Appinfo - ok
14:18:12.0525 3916  [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:18:12.0536 3916  AppMgmt - ok
14:18:12.0542 3916  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
14:18:12.0552 3916  arc - ok
14:18:12.0557 3916  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:18:12.0566 3916  arcsas - ok
14:18:12.0570 3916  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:18:12.0583 3916  AsyncMac - ok
14:18:12.0587 3916  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:18:12.0595 3916  atapi - ok
14:18:12.0603 3916  [ 13A4B62FEE62843413724C45FD149D45 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW86.sys
14:18:12.0615 3916  AtiHDAudioService - ok
14:18:12.0622 3916  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
14:18:12.0634 3916  AudioEndpointBuilder - ok
14:18:12.0647 3916  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:18:12.0663 3916  Audiosrv - ok
14:18:12.0668 3916  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:18:12.0679 3916  AxInstSV - ok
14:18:12.0691 3916  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:18:12.0708 3916  b06bdrv - ok
14:18:12.0714 3916  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
14:18:12.0724 3916  BasicDisplay - ok
14:18:12.0728 3916  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
14:18:12.0738 3916  BasicRender - ok
14:18:12.0745 3916  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:18:12.0756 3916  BDESVC - ok
14:18:12.0761 3916  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:18:12.0771 3916  Beep - ok
14:18:12.0776 3916  [ B1359701847FF1FF415FA083F1610F48 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:18:12.0780 3916  BEService ( UnsignedFile.Multi.Generic ) - warning
14:18:12.0780 3916  BEService - detected UnsignedFile.Multi.Generic (1)
14:18:12.0792 3916  [ 73133A0C0CA63817BFF2CB9DE65B64E7 ] BFE             C:\Windows\System32\bfe.dll
14:18:12.0809 3916  BFE - ok
14:18:12.0823 3916  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
14:18:12.0844 3916  BITS - ok
14:18:12.0850 3916  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:18:12.0860 3916  bowser - ok
14:18:12.0867 3916  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
14:18:12.0878 3916  BrokerInfrastructure - ok
14:18:12.0884 3916  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
14:18:12.0897 3916  Browser - ok
14:18:12.0901 3916  [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
14:18:12.0912 3916  BthAvrcpTg - ok
14:18:12.0917 3916  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
14:18:12.0949 3916  BthHFEnum - ok
14:18:12.0954 3916  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
14:18:12.0963 3916  bthhfhid - ok
14:18:12.0969 3916  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
14:18:12.0987 3916  BTHMODEM - ok
14:18:12.0994 3916  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
14:18:13.0004 3916  bthserv - ok
14:18:13.0010 3916  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:18:13.0021 3916  cdfs - ok
14:18:13.0027 3916  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
14:18:13.0038 3916  cdrom - ok
14:18:13.0044 3916  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:18:13.0058 3916  CertPropSvc - ok
14:18:13.0062 3916  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
14:18:13.0082 3916  circlass - ok
14:18:13.0090 3916  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
14:18:13.0103 3916  CLFS - ok
14:18:13.0115 3916  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
14:18:13.0124 3916  CmBatt - ok
14:18:13.0134 3916  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:18:13.0152 3916  CNG - ok
14:18:13.0159 3916  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
14:18:13.0180 3916  CompositeBus - ok
14:18:13.0184 3916  COMSysApp - ok
14:18:13.0188 3916  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
14:18:13.0199 3916  condrv - ok
14:18:13.0206 3916  [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:18:13.0218 3916  CryptSvc - ok
14:18:13.0229 3916  [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC             C:\Windows\system32\drivers\csc.sys
14:18:13.0243 3916  CSC - ok
14:18:13.0256 3916  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService      C:\Windows\System32\cscsvc.dll
14:18:13.0272 3916  CscService - ok
14:18:13.0278 3916  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
14:18:13.0286 3916  dam - ok
14:18:13.0301 3916  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:18:13.0320 3916  DcomLaunch - ok
14:18:13.0329 3916  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:18:13.0352 3916  defragsvc - ok
14:18:13.0361 3916  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
14:18:13.0379 3916  DeviceAssociationService - ok
14:18:13.0385 3916  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
14:18:13.0396 3916  DeviceInstall - ok
14:18:13.0402 3916  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
14:18:13.0411 3916  Dfsc - ok
14:18:13.0419 3916  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:18:13.0433 3916  Dhcp - ok
14:18:13.0437 3916  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
14:18:13.0452 3916  discache - ok
14:18:13.0457 3916  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
14:18:13.0466 3916  disk - ok
14:18:13.0471 3916  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
14:18:13.0480 3916  dmvsc - ok
14:18:13.0487 3916  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:18:13.0499 3916  Dnscache - ok
14:18:13.0507 3916  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
14:18:13.0521 3916  dot3svc - ok
14:18:13.0528 3916  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
14:18:13.0545 3916  DPS - ok
14:18:13.0572 3916  [ 308195495181C8F3D51E6ED5B58D54AC ] DragonUpdater   C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
14:18:13.0604 3916  DragonUpdater - ok
14:18:13.0610 3916  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:18:13.0620 3916  drmkaud - ok
14:18:13.0627 3916  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
14:18:13.0639 3916  DsmSvc - ok
14:18:13.0660 3916  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:18:13.0693 3916  DXGKrnl - ok
14:18:13.0700 3916  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
14:18:13.0714 3916  Eaphost - ok
14:18:13.0756 3916  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:18:13.0817 3916  ebdrv - ok
14:18:13.0825 3916  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
14:18:13.0842 3916  EFS - ok
14:18:13.0847 3916  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
14:18:13.0856 3916  EhStorClass - ok
14:18:13.0861 3916  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
14:18:13.0871 3916  EhStorTcgDrv - ok
14:18:13.0875 3916  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
14:18:13.0884 3916  ErrDev - ok
14:18:13.0896 3916  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
14:18:13.0912 3916  EventSystem - ok
14:18:13.0919 3916  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:18:13.0935 3916  exfat - ok
14:18:13.0942 3916  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:18:13.0953 3916  fastfat - ok
14:18:13.0965 3916  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
14:18:13.0981 3916  Fax - ok
14:18:13.0986 3916  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
14:18:13.0995 3916  fdc - ok
14:18:14.0000 3916  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
14:18:14.0015 3916  fdPHost - ok
14:18:14.0020 3916  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
14:18:14.0035 3916  FDResPub - ok
14:18:14.0041 3916  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
14:18:14.0052 3916  fhsvc - ok
14:18:14.0057 3916  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:18:14.0066 3916  FileInfo - ok
14:18:14.0070 3916  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:18:14.0085 3916  Filetrace - ok
14:18:14.0090 3916  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
14:18:14.0100 3916  flpydisk - ok
14:18:14.0108 3916  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:18:14.0122 3916  FltMgr - ok
14:18:14.0140 3916  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
14:18:14.0161 3916  FontCache - ok
14:18:14.0167 3916  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:18:14.0177 3916  FontCache3.0.0.0 - ok
14:18:14.0182 3916  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:18:14.0190 3916  FsDepends - ok
14:18:14.0194 3916  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:18:14.0203 3916  Fs_Rec - ok
14:18:14.0212 3916  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:18:14.0228 3916  fvevol - ok
14:18:14.0234 3916  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
14:18:14.0243 3916  FxPPM - ok
14:18:14.0248 3916  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:18:14.0258 3916  gagp30kx - ok
14:18:14.0262 3916  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
14:18:14.0272 3916  gencounter - ok
14:18:14.0277 3916  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
14:18:14.0288 3916  GPIOClx0101 - ok
14:18:14.0307 3916  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:18:14.0332 3916  gpsvc - ok
14:18:14.0340 3916  [ 630555943E5A3FE21010CE91EC7FC84F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:18:14.0352 3916  HdAudAddService - ok
14:18:14.0358 3916  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
14:18:14.0368 3916  HDAudBus - ok
14:18:14.0373 3916  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
14:18:14.0382 3916  HidBatt - ok
14:18:14.0387 3916  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
14:18:14.0397 3916  HidBth - ok
14:18:14.0402 3916  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
14:18:14.0411 3916  hidi2c - ok
14:18:14.0416 3916  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
14:18:14.0435 3916  HidIr - ok
14:18:14.0440 3916  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
14:18:14.0450 3916  hidserv - ok
14:18:14.0454 3916  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
14:18:14.0465 3916  HidUsb - ok
14:18:14.0470 3916  [ 7B941D5D376E20C9C3B394717FCEAE15 ] HiPatchService  F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
14:18:14.0473 3916  HiPatchService ( UnsignedFile.Multi.Generic ) - warning
14:18:14.0473 3916  HiPatchService - detected UnsignedFile.Multi.Generic (1)
14:18:14.0478 3916  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:18:14.0492 3916  hkmsvc - ok
14:18:14.0499 3916  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:18:14.0511 3916  HomeGroupListener - ok
14:18:14.0520 3916  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:18:14.0534 3916  HomeGroupProvider - ok
14:18:14.0539 3916  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:18:14.0549 3916  HpSAMD - ok
14:18:14.0563 3916  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:18:14.0579 3916  HTTP - ok
14:18:14.0585 3916  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:18:14.0593 3916  hwpolicy - ok
14:18:14.0598 3916  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
14:18:14.0607 3916  hyperkbd - ok
14:18:14.0611 3916  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
14:18:14.0621 3916  HyperVideo - ok
14:18:14.0626 3916  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
14:18:14.0637 3916  i8042prt - ok
14:18:14.0645 3916  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:18:14.0660 3916  iaStorV - ok
14:18:14.0665 3916  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:18:14.0674 3916  iirsp - ok
14:18:14.0691 3916  [ 3884117CE4FEC35E4A1A7A62918B1F34 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:18:14.0711 3916  IKEEXT - ok
14:18:14.0717 3916  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:18:14.0726 3916  intelide - ok
14:18:14.0731 3916  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
14:18:14.0741 3916  intelppm - ok
14:18:14.0746 3916  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:18:14.0759 3916  IpFilterDriver - ok
14:18:14.0773 3916  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:18:14.0791 3916  iphlpsvc - ok
14:18:14.0796 3916  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
14:18:14.0807 3916  IPMIDRV - ok
14:18:14.0813 3916  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:18:14.0826 3916  IPNAT - ok
14:18:14.0830 3916  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:18:14.0841 3916  IRENUM - ok
14:18:14.0845 3916  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:18:14.0854 3916  isapnp - ok
14:18:14.0861 3916  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
14:18:14.0874 3916  iScsiPrt - ok
14:18:14.0879 3916  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
14:18:14.0888 3916  kbdclass - ok
14:18:14.0892 3916  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
14:18:14.0902 3916  kbdhid - ok
14:18:14.0906 3916  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
14:18:14.0916 3916  kdnic - ok
14:18:14.0920 3916  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
14:18:14.0931 3916  KeyIso - ok
14:18:14.0937 3916  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:18:14.0946 3916  KSecDD - ok
14:18:14.0952 3916  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:18:14.0963 3916  KSecPkg - ok
14:18:14.0968 3916  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:18:14.0978 3916  ksthunk - ok
14:18:14.0986 3916  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:18:15.0000 3916  KtmRm - ok
14:18:15.0005 3916  [ 028F31A7CC8231661A3C9C1F7EE7160D ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
14:18:15.0015 3916  L1E - ok
14:18:15.0024 3916  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:18:15.0037 3916  LanmanServer - ok
14:18:15.0045 3916  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:18:15.0059 3916  LanmanWorkstation - ok
14:18:15.0066 3916  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:18:15.0080 3916  lltdio - ok
14:18:15.0088 3916  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:18:15.0103 3916  lltdsvc - ok
14:18:15.0108 3916  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:18:15.0119 3916  lmhosts - ok
14:18:15.0126 3916  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:18:15.0136 3916  LSI_SAS - ok
14:18:15.0141 3916  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:18:15.0151 3916  LSI_SAS2 - ok
14:18:15.0156 3916  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:18:15.0166 3916  LSI_SCSI - ok
14:18:15.0172 3916  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
14:18:15.0181 3916  LSI_SSS - ok
14:18:15.0190 3916  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
14:18:15.0204 3916  LSM - ok
14:18:15.0210 3916  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:18:15.0226 3916  luafv - ok
14:18:15.0231 3916  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
14:18:15.0240 3916  megasas - ok
14:18:15.0248 3916  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:18:15.0262 3916  MegaSR - ok
14:18:15.0267 3916  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
14:18:15.0278 3916  MMCSS - ok
14:18:15.0282 3916  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
14:18:15.0294 3916  Modem - ok
14:18:15.0299 3916  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\Windows\System32\drivers\monitor.sys
14:18:15.0309 3916  monitor - ok
14:18:15.0313 3916  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
14:18:15.0322 3916  mouclass - ok
14:18:15.0327 3916  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\Windows\System32\drivers\mouhid.sys
14:18:15.0337 3916  mouhid - ok
14:18:15.0343 3916  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:18:15.0353 3916  mountmgr - ok
14:18:15.0358 3916  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:18:15.0368 3916  mpsdrv - ok
14:18:15.0383 3916  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:18:15.0401 3916  MpsSvc - ok
14:18:15.0407 3916  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:18:15.0421 3916  MRxDAV - ok
14:18:15.0429 3916  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:18:15.0442 3916  mrxsmb - ok
14:18:15.0449 3916  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:18:15.0460 3916  mrxsmb10 - ok
14:18:15.0467 3916  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:18:15.0477 3916  mrxsmb20 - ok
14:18:15.0483 3916  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
14:18:15.0496 3916  MsBridge - ok
14:18:15.0501 3916  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
14:18:15.0513 3916  MSDTC - ok
14:18:15.0520 3916  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:18:15.0530 3916  Msfs - ok
14:18:15.0535 3916  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
14:18:15.0543 3916  msgpiowin32 - ok
14:18:15.0548 3916  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:18:15.0558 3916  mshidkmdf - ok
14:18:15.0562 3916  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
14:18:15.0571 3916  mshidumdf - ok
14:18:15.0575 3916  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:18:15.0583 3916  msisadrv - ok
14:18:15.0589 3916  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:18:15.0600 3916  MSiSCSI - ok
14:18:15.0605 3916  msiserver - ok
14:18:15.0608 3916  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:18:15.0618 3916  MSKSSRV - ok
14:18:15.0623 3916  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
14:18:15.0633 3916  MsLldp - ok
14:18:15.0638 3916  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:18:15.0647 3916  MSPCLOCK - ok
14:18:15.0651 3916  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:18:15.0661 3916  MSPQM - ok
14:18:15.0670 3916  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:18:15.0684 3916  MsRPC - ok
14:18:15.0690 3916  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
14:18:15.0698 3916  mssmbios - ok
14:18:15.0703 3916  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:18:15.0712 3916  MSTEE - ok
14:18:15.0717 3916  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
14:18:15.0726 3916  MTConfig - ok
14:18:15.0730 3916  [ 640617B6E682A150C36BE39D78547F6C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
14:18:15.0737 3916  MTsensor - ok
14:18:15.0741 3916  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:18:15.0750 3916  Mup - ok
14:18:15.0758 3916  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
14:18:15.0768 3916  mvumis - ok
14:18:15.0777 3916  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
14:18:15.0794 3916  napagent - ok
14:18:15.0803 3916  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:18:15.0817 3916  NativeWifiP - ok
14:18:15.0824 3916  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
14:18:15.0836 3916  NcaSvc - ok
14:18:15.0841 3916  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
14:18:15.0853 3916  NcdAutoSetup - ok
14:18:15.0869 3916  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:18:15.0893 3916  NDIS - ok
14:18:15.0898 3916  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:18:15.0910 3916  NdisCap - ok
14:18:15.0916 3916  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
14:18:15.0926 3916  NdisImPlatform - ok
14:18:15.0930 3916  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:18:15.0940 3916  NdisTapi - ok
14:18:15.0945 3916  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:18:15.0954 3916  Ndisuio - ok
14:18:15.0960 3916  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:18:15.0973 3916  NdisWan - ok
14:18:15.0978 3916  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
14:18:15.0991 3916  NDISWANLEGACY - ok
14:18:15.0995 3916  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:18:16.0005 3916  NDProxy - ok
14:18:16.0010 3916  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
14:18:16.0021 3916  Ndu - ok
14:18:16.0025 3916  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:18:16.0037 3916  NetBIOS - ok
14:18:16.0045 3916  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:18:16.0057 3916  NetBT - ok
14:18:16.0062 3916  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
14:18:16.0072 3916  Netlogon - ok
14:18:16.0079 3916  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
14:18:16.0094 3916  Netman - ok
14:18:16.0104 3916  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\Windows\System32\netprofmsvc.dll
14:18:16.0118 3916  netprofm - ok
14:18:16.0127 3916  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:16.0137 3916  NetTcpPortSharing - ok
14:18:16.0142 3916  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:18:16.0151 3916  nfrd960 - ok
14:18:16.0159 3916  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:18:16.0172 3916  NlaSvc - ok
14:18:16.0177 3916  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:18:16.0187 3916  Npfs - ok
14:18:16.0192 3916  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
14:18:16.0206 3916  npsvctrig - ok
14:18:16.0211 3916  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
14:18:16.0222 3916  nsi - ok
14:18:16.0226 3916  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:18:16.0236 3916  nsiproxy - ok
14:18:16.0265 3916  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:18:16.0305 3916  Ntfs - ok
14:18:16.0311 3916  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
14:18:16.0321 3916  Null - ok
14:18:16.0328 3916  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:18:16.0339 3916  nvraid - ok
14:18:16.0345 3916  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:18:16.0356 3916  nvstor - ok
14:18:16.0362 3916  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:18:16.0372 3916  nv_agp - ok
14:18:16.0381 3916  [ 074B0452D8C9092CF3EC5F3610F37428 ] OkayFreedom VPN Starter Service C:\Program Files (x86)\OkayFreedom\VPNService.exe
14:18:16.0392 3916  OkayFreedom VPN Starter Service - ok
14:18:16.0401 3916  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:18:16.0414 3916  p2pimsvc - ok
14:18:16.0424 3916  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:18:16.0438 3916  p2psvc - ok
14:18:16.0444 3916  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
14:18:16.0455 3916  Parport - ok
14:18:16.0461 3916  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:18:16.0470 3916  partmgr - ok
14:18:16.0481 3916  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:18:16.0494 3916  PcaSvc - ok
14:18:16.0503 3916  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
14:18:16.0515 3916  pci - ok
14:18:16.0521 3916  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:18:16.0529 3916  pciide - ok
14:18:16.0537 3916  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:18:16.0549 3916  pcmcia - ok
14:18:16.0554 3916  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:18:16.0564 3916  pcw - ok
14:18:16.0569 3916  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\Windows\system32\drivers\pdc.sys
14:18:16.0579 3916  pdc - ok
14:18:16.0594 3916  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:18:16.0610 3916  PEAUTH - ok
14:18:16.0642 3916  [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:18:16.0673 3916  PeerDistSvc - ok
14:18:16.0719 3916  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:18:16.0729 3916  PerfHost - ok
14:18:16.0755 3916  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
14:18:16.0783 3916  pla - ok
14:18:16.0789 3916  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:18:16.0800 3916  PlugPlay - ok
14:18:16.0805 3916  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:18:16.0815 3916  PNRPAutoReg - ok
14:18:16.0823 3916  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:18:16.0836 3916  PNRPsvc - ok
14:18:16.0846 3916  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:18:16.0862 3916  PolicyAgent - ok
14:18:16.0869 3916  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
14:18:16.0881 3916  Power - ok
14:18:16.0886 3916  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:18:16.0899 3916  PptpMiniport - ok
14:18:16.0934 3916  [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
14:18:16.0967 3916  PrintNotify - ok
14:18:16.0973 3916  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
14:18:16.0982 3916  Processor - ok
14:18:16.0990 3916  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
14:18:17.0001 3916  ProfSvc - ok
14:18:17.0008 3916  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:18:17.0020 3916  Psched - ok
14:18:17.0029 3916  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
14:18:17.0042 3916  QWAVE - ok
14:18:17.0046 3916  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:18:17.0057 3916  QWAVEdrv - ok
14:18:17.0061 3916  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:18:17.0073 3916  RasAcd - ok
14:18:17.0078 3916  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:18:17.0091 3916  RasAgileVpn - ok
14:18:17.0096 3916  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
14:18:17.0109 3916  RasAuto - ok
14:18:17.0115 3916  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:18:17.0128 3916  Rasl2tp - ok
14:18:17.0136 3916  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
14:18:17.0152 3916  RasMan - ok
14:18:17.0157 3916  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:18:17.0170 3916  RasPppoe - ok
14:18:17.0175 3916  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:18:17.0187 3916  RasSstp - ok
14:18:17.0197 3916  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:18:17.0209 3916  rdbss - ok
14:18:17.0216 3916  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
14:18:17.0225 3916  rdpbus - ok
14:18:17.0231 3916  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:18:17.0242 3916  RDPDR - ok
14:18:17.0250 3916  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:18:17.0258 3916  RdpVideoMiniport - ok
14:18:17.0265 3916  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:18:17.0275 3916  RDPWD - ok
14:18:17.0282 3916  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:18:17.0294 3916  rdyboost - ok
14:18:17.0300 3916  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:18:17.0313 3916  RemoteAccess - ok
14:18:17.0320 3916  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:18:17.0337 3916  RemoteRegistry - ok
14:18:17.0343 3916  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:18:17.0354 3916  RpcEptMapper - ok
14:18:17.0359 3916  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
14:18:17.0370 3916  RpcLocator - ok
14:18:17.0384 3916  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
14:18:17.0401 3916  RpcSs - ok
14:18:17.0406 3916  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:18:17.0419 3916  rspndr - ok
14:18:17.0424 3916  [ 68DD0457D18FCCEF7384AE84022F0C86 ] RTL8023x64      C:\Windows\system32\DRIVERS\Rtnic64.sys
14:18:17.0434 3916  RTL8023x64 - ok
14:18:17.0438 3916  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
14:18:17.0448 3916  s3cap - ok
14:18:17.0452 3916  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
14:18:17.0462 3916  SamSs - ok
14:18:17.0467 3916  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:18:17.0477 3916  sbp2port - ok
14:18:17.0484 3916  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:18:17.0498 3916  SCardSvr - ok
14:18:17.0503 3916  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:18:17.0515 3916  scfilter - ok
14:18:17.0534 3916  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\Windows\system32\schedsvc.dll
14:18:17.0554 3916  Schedule - ok
14:18:17.0561 3916  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:18:17.0573 3916  SCPolicySvc - ok
14:18:17.0580 3916  [ F58B030A0664385C707B8C1C63682041 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
14:18:17.0591 3916  sdbus - ok
14:18:17.0597 3916  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:18:17.0609 3916  SDRSVC - ok
14:18:17.0637 3916  [ 95AA9E165C7DE1B64A11E8B18E91E499 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:18:17.0666 3916  SDScannerService - ok
14:18:17.0672 3916  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
14:18:17.0681 3916  sdstor - ok
14:18:17.0694 3916  [ D31398D4BB4907B517B6E784C2100C4A ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:18:17.0712 3916  SDUpdateService - ok
14:18:17.0718 3916  [ 6AE8E702D1027A9627DDE2B77BB9992B ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:18:17.0725 3916  SDWSCService - ok
14:18:17.0730 3916  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:18:17.0739 3916  secdrv - ok
14:18:17.0744 3916  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
14:18:17.0757 3916  seclogon - ok
14:18:17.0762 3916  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
14:18:17.0778 3916  SENS - ok
14:18:17.0795 3916  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:18:17.0807 3916  SensrSvc - ok
14:18:17.0812 3916  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
14:18:17.0821 3916  SerCx - ok
14:18:17.0826 3916  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
14:18:17.0836 3916  Serenum - ok
14:18:17.0841 3916  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
14:18:17.0851 3916  Serial - ok
14:18:17.0855 3916  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
14:18:17.0865 3916  sermouse - ok
14:18:17.0877 3916  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
14:18:17.0890 3916  SessionEnv - ok
14:18:17.0894 3916  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
14:18:17.0904 3916  sfloppy - ok
14:18:17.0913 3916  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:18:17.0929 3916  SharedAccess - ok
14:18:17.0940 3916  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:18:17.0969 3916  ShellHWDetection - ok
14:18:17.0974 3916  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:18:17.0982 3916  SiSRaid2 - ok
14:18:17.0987 3916  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:18:17.0997 3916  SiSRaid4 - ok
14:18:18.0002 3916  [ 9CD1BB2DB803B6AC642BD643DDB773BC ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:18:18.0009 3916  SkypeUpdate - ok
14:18:18.0017 3916  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:18:18.0030 3916  SNMPTRAP - ok
14:18:18.0038 3916  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
14:18:18.0051 3916  spaceport - ok
14:18:18.0055 3916  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
14:18:18.0065 3916  SpbCx - ok
14:18:18.0079 3916  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
14:18:18.0098 3916  Spooler - ok
14:18:18.0155 3916  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:18:18.0210 3916  sppsvc - ok
14:18:18.0221 3916  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:18:18.0233 3916  srv - ok
14:18:18.0244 3916  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:18:18.0260 3916  srv2 - ok
14:18:18.0267 3916  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:18:18.0277 3916  srvnet - ok
14:18:18.0285 3916  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:18:18.0300 3916  SSDPSRV - ok
14:18:18.0305 3916  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:18:18.0319 3916  SstpSvc - ok
14:18:18.0329 3916  [ 394BC2EEC0D81F70B80B0D951665A690 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:18:18.0342 3916  Steam Client Service - ok
14:18:18.0347 3916  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:18:18.0355 3916  stexstor - ok
14:18:18.0366 3916  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
14:18:18.0381 3916  stisvc - ok
14:18:18.0387 3916  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\Windows\system32\drivers\storahci.sys
14:18:18.0396 3916  storahci - ok
14:18:18.0401 3916  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
14:18:18.0410 3916  storflt - ok
14:18:18.0415 3916  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
14:18:18.0425 3916  StorSvc - ok
14:18:18.0430 3916  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:18:18.0439 3916  storvsc - ok
14:18:18.0445 3916  [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp         C:\Windows\System32\drivers\storvsp.sys
14:18:18.0455 3916  storvsp - ok
14:18:18.0459 3916  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
14:18:18.0475 3916  svsvc - ok
14:18:18.0479 3916  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
14:18:18.0487 3916  swenum - ok
14:18:18.0497 3916  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
14:18:18.0518 3916  swprv - ok
14:18:18.0537 3916  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\Windows\system32\sysmain.dll
14:18:18.0557 3916  SysMain - ok
14:18:18.0564 3916  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
14:18:18.0576 3916  SystemEventsBroker - ok
14:18:18.0581 3916  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
14:18:18.0593 3916  TabletInputService - ok
14:18:18.0598 3916  [ D0B07EED9DDEC5C69521C689B7BF455F ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
14:18:18.0606 3916  tap0901 ( UnsignedFile.Multi.Generic ) - warning
14:18:18.0606 3916  tap0901 - detected UnsignedFile.Multi.Generic (1)
14:18:18.0615 3916  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:18:18.0628 3916  TapiSrv - ok
14:18:18.0657 3916  [ 1794C43A000A47D92B3304FC1E3E512A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:18:18.0701 3916  Tcpip - ok
14:18:18.0732 3916  [ 1794C43A000A47D92B3304FC1E3E512A ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:18:18.0775 3916  TCPIP6 - ok
14:18:18.0784 3916  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:18:18.0796 3916  tcpipreg - ok
14:18:18.0803 3916  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:18:18.0814 3916  tdx - ok
14:18:18.0819 3916  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
14:18:18.0828 3916  terminpt - ok
14:18:18.0840 3916  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
14:18:18.0857 3916  TermService - ok
14:18:18.0862 3916  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
14:18:18.0878 3916  Themes - ok
14:18:18.0883 3916  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:18:18.0893 3916  THREADORDER - ok
14:18:18.0899 3916  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
14:18:18.0911 3916  TimeBroker - ok
14:18:18.0917 3916  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\Windows\system32\drivers\tpm.sys
14:18:18.0927 3916  TPM - ok
14:18:18.0932 3916  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
14:18:18.0944 3916  TrkWks - ok
14:18:18.0948 3916  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:18:18.0957 3916  TrustedInstaller - ok
14:18:18.0964 3916  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:18:18.0973 3916  TsUsbFlt - ok
14:18:18.0978 3916  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
14:18:18.0987 3916  TsUsbGD - ok
14:18:18.0993 3916  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:18:19.0005 3916  tunnel - ok
14:18:19.0010 3916  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:18:19.0019 3916  uagp35 - ok
14:18:19.0024 3916  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
14:18:19.0033 3916  UASPStor - ok
14:18:19.0040 3916  [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
14:18:19.0051 3916  UCX01000 - ok
14:18:19.0060 3916  [ 25C50F4EDF70D0A831E0566BD181CCF2 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:18:19.0072 3916  udfs - ok
14:18:19.0081 3916  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:18:19.0095 3916  UI0Detect - ok
14:18:19.0099 3916  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:18:19.0108 3916  uliagpkx - ok
14:18:19.0113 3916  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
14:18:19.0123 3916  umbus - ok
14:18:19.0127 3916  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
14:18:19.0136 3916  UmPass - ok
14:18:19.0143 3916  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
14:18:19.0155 3916  UmRdpService - ok
14:18:19.0165 3916  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
14:18:19.0183 3916  upnphost - ok
14:18:19.0189 3916  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
14:18:19.0199 3916  usbccgp - ok
14:18:19.0204 3916  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
14:18:19.0223 3916  usbcir - ok
14:18:19.0228 3916  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
14:18:19.0237 3916  usbehci - ok
14:18:19.0247 3916  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
14:18:19.0263 3916  usbhub - ok
14:18:19.0273 3916  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
14:18:19.0288 3916  USBHUB3 - ok
14:18:19.0293 3916  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
14:18:19.0302 3916  usbohci - ok
14:18:19.0306 3916  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
14:18:19.0316 3916  usbprint - ok
14:18:19.0321 3916  [ BFC7FE4AAEB61317A921871B4085EF4B ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
14:18:19.0331 3916  USBSTOR - ok
14:18:19.0336 3916  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
14:18:19.0345 3916  usbuhci - ok
14:18:19.0351 3916  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:18:19.0361 3916  usbvideo - ok
14:18:19.0370 3916  [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
14:18:19.0383 3916  USBXHCI - ok
14:18:19.0387 3916  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
14:18:19.0397 3916  VaultSvc - ok
14:18:19.0402 3916  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:18:19.0410 3916  vdrvroot - ok
14:18:19.0422 3916  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\Windows\System32\vds.exe
14:18:19.0505 3916  vds - ok
14:18:19.0511 3916  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
14:18:19.0523 3916  VerifierExt - ok
14:18:19.0535 3916  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
14:18:19.0552 3916  vhdmp - ok
14:18:19.0557 3916  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
14:18:19.0565 3916  viaide - ok
14:18:19.0572 3916  [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid             C:\Windows\System32\drivers\Vid.sys
14:18:19.0583 3916  Vid - ok
14:18:19.0590 3916  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:18:19.0602 3916  vmbus - ok
14:18:19.0607 3916  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
14:18:19.0617 3916  VMBusHID - ok
14:18:19.0623 3916  [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
14:18:19.0633 3916  vmbusr - ok
14:18:19.0641 3916  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
14:18:19.0654 3916  vmicheartbeat - ok
14:18:19.0660 3916  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
14:18:19.0672 3916  vmickvpexchange - ok
14:18:19.0678 3916  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
14:18:19.0690 3916  vmicrdv - ok
14:18:19.0696 3916  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
14:18:19.0708 3916  vmicshutdown - ok
14:18:19.0714 3916  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
14:18:19.0726 3916  vmictimesync - ok
14:18:19.0733 3916  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
14:18:19.0744 3916  vmicvss - ok
14:18:19.0749 3916  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:18:19.0758 3916  volmgr - ok
14:18:19.0768 3916  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:18:19.0782 3916  volmgrx - ok
14:18:19.0790 3916  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:18:19.0803 3916  volsnap - ok
14:18:19.0808 3916  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
14:18:19.0817 3916  vpci - ok
14:18:19.0832 3916  [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
14:18:19.0842 3916  vpcivsp - ok
14:18:19.0848 3916  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:18:19.0859 3916  vsmraid - ok
14:18:19.0881 3916  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\Windows\system32\vssvc.exe
14:18:19.0904 3916  VSS - ok
14:18:19.0913 3916  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
14:18:19.0925 3916  VSTXRAID - ok
14:18:19.0931 3916  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:18:19.0941 3916  vwifibus - ok
14:18:19.0949 3916  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
14:18:19.0965 3916  W32Time - ok
14:18:19.0970 3916  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
14:18:19.0979 3916  WacomPen - ok
14:18:19.0984 3916  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:18:19.0994 3916  Wanarp - ok
14:18:19.0997 3916  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:18:20.0006 3916  Wanarpv6 - ok
14:18:20.0029 3916  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
14:18:20.0052 3916  wbengine - ok
14:18:20.0060 3916  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:18:20.0074 3916  WbioSrvc - ok
14:18:20.0082 3916  [ AF1349386D4C6786EF4E34FACEF15042 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
14:18:20.0095 3916  Wcmsvc - ok
14:18:20.0104 3916  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:18:20.0119 3916  wcncsvc - ok
14:18:20.0124 3916  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:18:20.0135 3916  WcsPlugInService - ok
14:18:20.0139 3916  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
14:18:20.0148 3916  Wd - ok
14:18:20.0152 3916  [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
14:18:20.0161 3916  WdBoot - ok
14:18:20.0175 3916  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:18:20.0194 3916  Wdf01000 - ok
14:18:20.0201 3916  [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
14:18:20.0214 3916  WdFilter - ok
14:18:20.0220 3916  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:18:20.0236 3916  WdiServiceHost - ok
14:18:20.0239 3916  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:18:20.0256 3916  WdiSystemHost - ok
14:18:20.0263 3916  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
14:18:20.0276 3916  WebClient - ok
14:18:20.0284 3916  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:18:20.0297 3916  Wecsvc - ok
14:18:20.0302 3916  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:18:20.0333 3916  wercplsupport - ok
14:18:20.0338 3916  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:18:20.0357 3916  WerSvc - ok
14:18:20.0363 3916  [ 3F1F31883EAC9DDDF836ACC6D1DAC36C ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
14:18:20.0372 3916  WFPLWFS - ok
14:18:20.0377 3916  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
14:18:20.0388 3916  WiaRpc - ok
14:18:20.0393 3916  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:18:20.0401 3916  WIMMount - ok
14:18:20.0404 3916  WinDefend - ok
14:18:20.0421 3916  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
14:18:20.0438 3916  WinHttpAutoProxySvc - ok
14:18:20.0449 3916  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:18:20.0461 3916  Winmgmt - ok
14:18:20.0496 3916  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:18:20.0532 3916  WinRM - ok
14:18:20.0541 3916  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:18:20.0559 3916  WinUsb - ok
14:18:20.0579 3916  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
14:18:20.0601 3916  WlanSvc - ok
14:18:20.0627 3916  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
14:18:20.0655 3916  wlidsvc - ok
14:18:20.0660 3916  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
14:18:20.0668 3916  WmiAcpi - ok
14:18:20.0677 3916  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:18:20.0689 3916  wmiApSrv - ok
14:18:20.0692 3916  WMPNetworkSvc - ok
14:18:20.0699 3916  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
14:18:20.0709 3916  wpcfltr - ok
14:18:20.0714 3916  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:18:20.0725 3916  WPCSvc - ok
14:18:20.0730 3916  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:18:20.0741 3916  WPDBusEnum - ok
14:18:20.0746 3916  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
14:18:20.0755 3916  WpdUpFltr - ok
14:18:20.0760 3916  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:18:20.0768 3916  ws2ifsl - ok
14:18:20.0774 3916  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\Windows\System32\wscsvc.dll
14:18:20.0785 3916  wscsvc - ok
14:18:20.0789 3916  WSearch - ok
14:18:20.0822 3916  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
14:18:20.0873 3916  WSService - ok
14:18:20.0914 3916  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\Windows\system32\wuaueng.dll
14:18:20.0952 3916  wuauserv - ok
14:18:20.0958 3916  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:18:20.0968 3916  WudfPf - ok
14:18:20.0974 3916  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
14:18:20.0985 3916  WUDFRd - ok
14:18:20.0990 3916  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:18:21.0002 3916  wudfsvc - ok
14:18:21.0008 3916  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
14:18:21.0018 3916  WUDFWpdFs - ok
14:18:21.0023 3916  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
14:18:21.0034 3916  WUDFWpdMtp - ok
14:18:21.0043 3916  [ 6D9E07436B6646EC8F7EFFD39B6BA288 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:18:21.0057 3916  WwanSvc - ok
14:18:21.0067 3916  ================ Scan global ===============================
14:18:21.0072 3916  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
14:18:21.0078 3916  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
14:18:21.0084 3916  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
14:18:21.0095 3916  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
14:18:21.0098 3916  [Global] - ok
14:18:21.0099 3916  ================ Scan MBR ==================================
14:18:21.0101 3916  [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0
14:18:21.0152 3916  \Device\Harddisk0\DR0 - ok
14:18:21.0162 3916  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:18:21.0504 3916  \Device\Harddisk1\DR1 - ok
14:18:21.0508 3916  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
14:18:21.0619 3916  \Device\Harddisk2\DR2 - ok
14:18:21.0623 3916  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3
14:18:21.0739 3916  \Device\Harddisk3\DR3 - ok
14:18:21.0739 3916  ================ Scan VBR ==================================
14:18:21.0742 3916  [ 74CEE8DAF509AF77AE1D7E9EBF56BFC3 ] \Device\Harddisk0\DR0\Partition1
14:18:21.0743 3916  \Device\Harddisk0\DR0\Partition1 - ok
14:18:21.0746 3916  [ D19E357A8D3EF9004AAEC498E795389D ] \Device\Harddisk0\DR0\Partition2
14:18:21.0748 3916  \Device\Harddisk0\DR0\Partition2 - ok
14:18:21.0751 3916  [ A321AA4A1674842DBDDAB7EF6DA32383 ] \Device\Harddisk1\DR1\Partition1
14:18:21.0752 3916  \Device\Harddisk1\DR1\Partition1 - ok
14:18:21.0765 3916  [ 1AB7F160CC7B9014BF586F3BA99B3520 ] \Device\Harddisk1\DR1\Partition2
14:18:21.0766 3916  \Device\Harddisk1\DR1\Partition2 - ok
14:18:21.0770 3916  [ 5CDC314D12B79CE33CE8FF5B80A2755E ] \Device\Harddisk2\DR2\Partition1
14:18:21.0771 3916  \Device\Harddisk2\DR2\Partition1 - ok
14:18:21.0773 3916  [ 83A8B7A947584DD117DF697D5379E478 ] \Device\Harddisk2\DR2\Partition2
14:18:21.0774 3916  \Device\Harddisk2\DR2\Partition2 - ok
14:18:21.0778 3916  [ E8BC5CAE4863995E260B108C83B18996 ] \Device\Harddisk3\DR3\Partition1
14:18:21.0780 3916  \Device\Harddisk3\DR3\Partition1 - ok
14:18:21.0780 3916  ============================================================
14:18:21.0780 3916  Scan finished
14:18:21.0780 3916  ============================================================
14:18:21.0787 1180  Detected object count: 3
14:18:21.0787 1180  Actual detected object count: 3
14:18:56.0043 1180  BEService ( UnsignedFile.Multi.Generic ) - skipped by user
14:18:56.0043 1180  BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:18:56.0043 1180  HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
14:18:56.0043 1180  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:18:56.0045 1180  tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
14:18:56.0045 1180  tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:18:58.0382 3640  Deinitialize success



BC AdBot (Login to Remove)

 


#2 p0p3y3Z

p0p3y3Z
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 05 September 2013 - 11:02 AM

Need to bump this... Need to know what else i should be doing to ensure it's gone. Don't really want to format, but if it comes down to it, i will.



#3 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:13 AM

Posted 08 September 2013 - 04:47 PM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Regards,
Georgi


cXfZ4wS.png


#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:13 AM

Posted 12 September 2013 - 11:50 PM

Hi,

It's been several days. Do you still need help on this?
This thread will be closed if you don't respond within 72 hours.


Regards,
Georgi


cXfZ4wS.png


#5 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:13 AM

Posted 18 September 2013 - 03:37 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users