Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware? ran combofix


  • Please log in to reply
6 replies to this topic

#1 westcoastflea1

westcoastflea1

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 16 February 2018 - 05:10 PM

hi 

i believe i have something that has wormed its way into a group with full permissions seems like i have way too many groups users etc for a computer used by only me. i ran combofix and it said download my log, but not sure where to download on this forum? could someone let me know?

thanks so much :)


Edited by britechguy, 17 February 2018 - 11:03 AM.
Moved to AII, as this is about an infected computer.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,112 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:05 AM

Posted 16 February 2018 - 05:52 PM

Forget the ComboFix log.

 

Follow the instructions at Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html and post a new topic in the forum which contains the Prep Guide.  Your potential malware issues will be addressed in that forum.

 

Once that is done, this topic in Win 7 will be closed to avoid confusion.

 

Louis



#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:09:05 AM

Posted 17 February 2018 - 10:55 AM

The Malware Removal Team members are always in demand in their forum which means that you will have to wait until someone can take on your topic.  Let's see about getting this topic moved to the Am I Infected, What Do I Do? forum where we can run some security scans to determine what type/s of issues you have.

 

Please run the scans suggested below in the order that they are requested, this is a must for RKill.  Post the logs generated by these scans in your topic in the order they were run.  Please do not wrap your logs in quotes or code brackets or use use spoilers.


Please download and run RKill

RKill attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections.  RKill will not remove any of the processes it stops, you will need to run security scans to remove any malware found.  These settings will remain until the computer is rebooted, for this reason you must run your security applications before the computer is rebooted.  

Please download RKill and install it.

When RKill is run it will display a console screen similar to the one below:

Z40Tp3r.png

After this has run you will see another image explaining that RKill has finished running and you should be able to run the scan.  You need to click/tap on OK.

2Q1rnlf.png

When RKill has finished running a log will be displayed showing all of the processes that were terminated by RKill.

AttentionAt this time you need to run your security applications listed below.  When the scan has finished running a lot will be posted in Notepad.  Copy and paste this log in your topic.

Importanat: There is a possibility that malware may recognize RKill and keep it from running, if this is the case do the following.

If while RKill is running you may see a message from the malware stating that the program could not be run because it is a virus or is infected.  This is the malware trying to protect itself.  Two methods that you can try to get past this and allow RKill to run are:

1)  Rename Rkill so that it has a .com extension.

2)  Download a version that is already renamed as files that are commonly white-listed by malware. The main Rkill download page contains individual links to renamed versions.  

After the application has run successfully and you have run the requested scans you should reboot the computer to restore the processes and Windows Registry entries.


Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.

The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
3.  Click Start Scan and allow the scan process to run.

yEt9i3P.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.  If threats are not found you will see a screen like the one below.

DOrb0BK.png
 
***Do NOT select Delete!

Click on Continue.
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (in most cases this is c: Drive) and paste it into your next reply.

Note:  The log may be very long.  You may need to break it into parts to post the whole log in your topic.



Please run Malwarebytes AntiMalware

Please download Malwarebytes Anti-Malware 2.2.

1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.

2)  Malwarebytes will automatically open.  You will see an image like the one below, click on Update Now.  

4YSU8ND.png

3)  Click on Settings, you will see a image like the one below.

35AFYEE.png

When Settings opens click on Detection and Protection, then under Non-Malware Protection, click on the down arrow for PUP (Potentially Unwanted Programs) detections and select Treat detections as malware.  Under Detection Options place a check in the box for Scan for rootkits

4)  Click on Scan (next to Settings), then click on Scan Now.  The scan will automatically run now.

5)  When the scan is complete the results will be displayed.  Click on Delete All.

jEVtTTK.png

6)  Please post the Malwarebytes log.

To find the Malwarebytes log do the following.  Copy and paste the log in your topic.

*Open Malwarebytes Anti-Malware.
*Click the Scan Tab at the top.
*Click the View detailed log link on the right.
*Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
*Alternatively, you can click Export and save the log as a .txt file on yout Desktop or another location.
*Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.


Please download AdwCleaner and install it.

When AdwCleaner opens click on Scan to start the scan.

ZQk62WV.png

Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.

If there are no malicious programs are found you will receive a message informing you of this.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  

CsqnoTW.png
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.  The computer will be restarted to complete the cleaning process.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.


Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run
till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need
to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that
    here
    .
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • If threats are found click on Save to text file in Documents.
  • Open Documents, find the report, copy and paste it in your topic.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,644 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:05 PM

Posted 17 February 2018 - 11:06 AM

Running ComboFix, ever, before instructed to do so by an assistant skilled in its use is the very definition of "putting the cart before the horse."

 

Westcoastflea1, if you're still reading this topic is now in the right place to start out determining what's wrong.  Please follow the requests you receive from assistants.  If it reaches the point where logs become necessary a new thread can be started in the Malware Removal Logs forum to continue the work needed.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 


#5 westcoastflea1

westcoastflea1
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 17 February 2018 - 09:23 PM

rkill http://www.bleepingcomputer.com/

Copyright 2008-2018 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/17/2018 06:16:30 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 02/17/2018 06:17:34 PM
Execution time: 0 hours(s), 1 minute(s), and 3 seconds(s)
 


#6 westcoastflea1

westcoastflea1
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:05 AM

Posted 17 February 2018 - 09:27 PM

just ran kaspersky  tdds  following are the results18:24:55.0247 5436  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

18:24:56.0268 5436  ============================================================
18:24:56.0268 5436  Current date / time: 2018/02/17 18:24:56.0268
18:24:56.0268 5436  SystemInfo:
18:24:56.0268 5436  
18:24:56.0268 5436  OS Version: 6.1.7601 ServicePack: 1.0
18:24:56.0268 5436  Product type: Workstation
18:24:56.0268 5436  ComputerName: USERADMIN-PC
18:24:56.0268 5436  UserName: User Admin
18:24:56.0268 5436  Windows directory: C:\Windows
18:24:56.0268 5436  System windows directory: C:\Windows
18:24:56.0268 5436  Running under WOW64
18:24:56.0268 5436  Processor architecture: Intel x64
18:24:56.0269 5436  Number of processors: 2
18:24:56.0269 5436  Page size: 0x1000
18:24:56.0269 5436  Boot type: Normal boot
18:24:56.0269 5436  ============================================================
18:24:56.0595 5436  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:24:56.0601 5436  ============================================================
18:24:56.0601 5436  \Device\Harddisk0\DR0:
18:24:56.0601 5436  MBR partitions:
18:24:56.0601 5436  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
18:24:56.0601 5436  ============================================================
18:24:56.0612 5436  C: <-> \Device\Harddisk0\DR0\Partition1
18:24:56.0612 5436  ============================================================
18:24:56.0612 5436  Initialize success
18:24:56.0612 5436  ============================================================
18:25:20.0897 3832  ============================================================
18:25:20.0897 3832  Scan started
18:25:20.0897 3832  Mode: Manual; 
18:25:20.0897 3832  ============================================================
18:25:21.0118 3832  ================ Scan system memory ========================
18:25:21.0118 3832  System memory - ok
18:25:21.0119 3832  ================ Scan services =============================
18:25:21.0232 3832  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:25:21.0235 3832  1394ohci - ok
18:25:21.0315 3832  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:25:21.0317 3832  ACDaemon - ok
18:25:21.0327 3832  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:25:21.0329 3832  ACPI - ok
18:25:21.0343 3832  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:25:21.0344 3832  AcpiPmi - ok
18:25:21.0363 3832  [ 3550BCEEEC4C9DAFC364440558E8AB06 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
18:25:21.0368 3832  ADIHdAudAddService - ok
18:25:21.0390 3832  AdobeARMservice - ok
18:25:21.0522 3832  [ 330D27DE5BD4EF9282326B9CCC0D2B06 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:25:21.0526 3832  AdobeFlashPlayerUpdateSvc - ok
18:25:21.0560 3832  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:25:21.0574 3832  adp94xx - ok
18:25:21.0586 3832  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:25:21.0590 3832  adpahci - ok
18:25:21.0612 3832  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:25:21.0615 3832  adpu320 - ok
18:25:21.0652 3832  [ E005682AE8F8EC4EB05F2A70A16EA1C5 ] AE1000          C:\Windows\system32\DRIVERS\ae1000w7.sys
18:25:21.0678 3832  AE1000 - ok
18:25:21.0715 3832  [ 83BFCCAC53795E8A5055A93672D0C46C ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:25:21.0716 3832  AeLookupSvc - ok
18:25:21.0746 3832  [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
18:25:21.0747 3832  Afc - ok
18:25:21.0770 3832  [ 9A4A1EEE802BF2F878EE8EAB407B21B7 ] AFD             C:\Windows\system32\drivers\afd.sys
18:25:21.0773 3832  AFD - ok
18:25:21.0786 3832  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:25:21.0787 3832  agp440 - ok
18:25:21.0865 3832  [ 58A5D48F16E89575C21C0B14A15D4383 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
18:25:21.0899 3832  AGSService - ok
18:25:21.0924 3832  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:25:21.0925 3832  ALG - ok
18:25:21.0935 3832  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:25:21.0936 3832  aliide - ok
18:25:21.0941 3832  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:25:21.0942 3832  amdide - ok
18:25:21.0962 3832  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:25:21.0964 3832  AmdK8 - ok
18:25:21.0975 3832  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:25:21.0977 3832  AmdPPM - ok
18:25:21.0987 3832  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:25:21.0989 3832  amdsata - ok
18:25:22.0004 3832  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:25:22.0007 3832  amdsbs - ok
18:25:22.0019 3832  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:25:22.0020 3832  amdxata - ok
18:25:22.0077 3832  [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
18:25:22.0078 3832  AppHostSvc - ok
18:25:22.0096 3832  [ 6474F8823C7188D2DA579F01FB6CED6B ] AppID           C:\Windows\system32\drivers\appid.sys
18:25:22.0097 3832  AppID - ok
18:25:22.0122 3832  [ 8F58BA1F7772D6D7CE45F03309608001 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:25:22.0123 3832  AppIDSvc - ok
18:25:22.0144 3832  [ 3EA5DA3F459F6ED19E10166965F6892F ] Appinfo         C:\Windows\System32\appinfo.dll
18:25:22.0145 3832  Appinfo - ok
18:25:22.0166 3832  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:25:22.0167 3832  AppMgmt - ok
18:25:22.0180 3832  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
18:25:22.0182 3832  arc - ok
18:25:22.0192 3832  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:25:22.0195 3832  arcsas - ok
18:25:22.0204 3832  [ 425A881DFFB426660A6861DC44927DD3 ] asmthub3        C:\Windows\system32\drivers\asmthub3.sys
18:25:22.0207 3832  asmthub3 - ok
18:25:22.0227 3832  [ 0B19AE36FAAE5294B19B0AD4E5F2F37E ] asmtxhci        C:\Windows\system32\drivers\asmtxhci.sys
18:25:22.0232 3832  asmtxhci - ok
18:25:22.0302 3832  [ 993881DC27AB956F92F794BC8F60FAF9 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:25:22.0303 3832  aspnet_state - ok
18:25:22.0345 3832  [ 99A8C4ADE17B9CF2B5373E5BDE354DC4 ] aswArPot        C:\Windows\system32\drivers\aswArPot.sys
18:25:22.0348 3832  aswArPot - ok
18:25:22.0552 3832  [ A13586710C5CFFD09CDB78C05A9CC0B3 ] aswbIDSAgent    C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
18:25:22.0590 3832  aswbIDSAgent - ok
18:25:22.0624 3832  [ 9E3CAA4E0E81BDC0E529BF3B32F9A08F ] aswbidsdriver   C:\Windows\system32\drivers\aswbidsdrivera.sys
18:25:22.0628 3832  aswbidsdriver - ok
18:25:22.0648 3832  [ FD31AC49D034541FF25BD6B158153035 ] aswbidsh        C:\Windows\system32\drivers\aswbidsha.sys
18:25:22.0652 3832  aswbidsh - ok
18:25:22.0666 3832  [ 47DF29AA4FBE5A290B309D7F9109233E ] aswblog         C:\Windows\system32\drivers\aswbloga.sys
18:25:22.0670 3832  aswblog - ok
18:25:22.0682 3832  [ 0C9979B3B4B8472EB4286DFBBE37DEDA ] aswbuniv        C:\Windows\system32\drivers\aswbuniva.sys
18:25:22.0684 3832  aswbuniv - ok
18:25:22.0710 3832  [ A3B07E62979505688581D55182F5E617 ] aswHdsKe        C:\Windows\system32\drivers\aswHdsKe.sys
18:25:22.0713 3832  aswHdsKe - ok
18:25:22.0726 3832  [ E4BCCBD78DB4DEC414DE4F1578328B24 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
18:25:22.0727 3832  aswHwid - ok
18:25:22.0739 3832  [ 96A7DBC6B971CBFF8322AEE66EA671F9 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:25:22.0741 3832  aswMonFlt - ok
18:25:22.0752 3832  [ A47527A8E9A5BD0C30703BD90DC5D4FF ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
18:25:22.0754 3832  aswRdr - ok
18:25:22.0771 3832  [ A9D1665A18B3C7B763C1A4CF7AB1DD09 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:25:22.0772 3832  aswRvrt - ok
18:25:22.0817 3832  [ B05F534A31CE10355A0F25DAED14CA3E ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:25:22.0834 3832  aswSnx - ok
18:25:22.0844 3832  [ 3687CDF17F8BBB6134BC1C289674564D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:25:22.0849 3832  aswSP - ok
18:25:22.0864 3832  [ CFC4326AC78CCAB412D4729DB38946DF ] aswStm          C:\Windows\system32\drivers\aswStm.sys
18:25:22.0867 3832  aswStm - ok
18:25:22.0880 3832  [ 0B2CB619C6A36A9490C251E2A15E92C4 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:25:22.0885 3832  aswVmm - ok
18:25:22.0894 3832  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:25:22.0896 3832  AsyncMac - ok
18:25:22.0910 3832  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:25:22.0912 3832  atapi - ok
18:25:22.0936 3832  [ 6968D02DC38757C3FBE7ED7C2F9670AA ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:25:22.0952 3832  AudioEndpointBuilder - ok
18:25:22.0962 3832  [ 6968D02DC38757C3FBE7ED7C2F9670AA ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:25:22.0966 3832  AudioSrv - ok
18:25:22.0983 3832  [ 2C4CED727FAC83B0FFA005421DC55FC7 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:25:22.0984 3832  avast! Antivirus - ok
18:25:23.0003 3832  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:25:23.0005 3832  AxInstSV - ok
18:25:23.0025 3832  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:25:23.0031 3832  b06bdrv - ok
18:25:23.0044 3832  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:25:23.0047 3832  b57nd60a - ok
18:25:23.0061 3832  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:25:23.0063 3832  BDESVC - ok
18:25:23.0078 3832  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:25:23.0079 3832  Beep - ok
18:25:23.0096 3832  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:25:23.0110 3832  BFE - ok
18:25:23.0145 3832  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
18:25:23.0153 3832  BITS - ok
18:25:23.0167 3832  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:25:23.0169 3832  blbdrive - ok
18:25:23.0180 3832  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:25:23.0182 3832  bowser - ok
18:25:23.0196 3832  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:25:23.0198 3832  BrFiltLo - ok
18:25:23.0202 3832  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:25:23.0203 3832  BrFiltUp - ok
18:25:23.0243 3832  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
18:25:23.0245 3832  BridgeMP - ok
18:25:23.0258 3832  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:25:23.0260 3832  Browser - ok
18:25:23.0278 3832  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:25:23.0282 3832  Brserid - ok
18:25:23.0293 3832  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:25:23.0294 3832  BrSerWdm - ok
18:25:23.0310 3832  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:25:23.0311 3832  BrUsbMdm - ok
18:25:23.0316 3832  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:25:23.0317 3832  BrUsbSer - ok
18:25:23.0326 3832  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:25:23.0327 3832  BTHMODEM - ok
18:25:23.0338 3832  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:25:23.0340 3832  bthserv - ok
18:25:23.0354 3832  catchme - ok
18:25:23.0364 3832  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:25:23.0366 3832  cdfs - ok
18:25:23.0380 3832  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:25:23.0382 3832  cdrom - ok
18:25:23.0396 3832  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:25:23.0398 3832  CertPropSvc - ok
18:25:23.0411 3832  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
18:25:23.0413 3832  circlass - ok
18:25:23.0445 3832  [ 404B7DF9CA4D1CB675045AF220FF3285 ] CLFS            C:\Windows\system32\CLFS.sys
18:25:23.0450 3832  CLFS - ok
18:25:23.0501 3832  [ F13EC8A783E0CB0D6DC26A3CA848B7B8 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:25:23.0503 3832  clr_optimization_v2.0.50727_32 - ok
18:25:23.0535 3832  [ B4D73F04E9BC076F7CDAC4327DF636BB ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:25:23.0537 3832  clr_optimization_v2.0.50727_64 - ok
18:25:23.0580 3832  [ F3C5A948079B128E70AFB38FFBD20533 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:25:23.0582 3832  clr_optimization_v4.0.30319_32 - ok
18:25:23.0605 3832  [ E5F135E045A334C389CB1A1EECF1DB31 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:25:23.0608 3832  clr_optimization_v4.0.30319_64 - ok
18:25:23.0622 3832  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:25:23.0624 3832  CmBatt - ok
18:25:23.0634 3832  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:25:23.0635 3832  cmdide - ok
18:25:23.0658 3832  [ 3323F76352B0AF14B2CDC4DFBF3E980A ] CNG             C:\Windows\system32\Drivers\cng.sys
18:25:23.0663 3832  CNG - ok
18:25:23.0682 3832  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:25:23.0683 3832  Compbatt - ok
18:25:23.0692 3832  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:25:23.0693 3832  CompositeBus - ok
18:25:23.0698 3832  COMSysApp - ok
18:25:23.0726 3832  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:25:23.0728 3832  crcdisk - ok
18:25:23.0749 3832  [ 7BC3E861F7E8EB543A630090FAE779E0 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:25:23.0751 3832  CryptSvc - ok
18:25:23.0779 3832  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
18:25:23.0793 3832  CSC - ok
18:25:23.0822 3832  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
18:25:23.0840 3832  CscService - ok
18:25:23.0868 3832  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:25:23.0874 3832  DcomLaunch - ok
18:25:23.0893 3832  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:25:23.0898 3832  defragsvc - ok
18:25:23.0910 3832  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:25:23.0913 3832  DfsC - ok
18:25:23.0922 3832  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:25:23.0927 3832  Dhcp - ok
18:25:23.0961 3832  [ EC3F433D00365F1A9BC3411BCA7C7140 ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:25:23.0986 3832  DiagTrack - ok
18:25:23.0994 3832  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:25:23.0995 3832  discache - ok
18:25:24.0009 3832  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
18:25:24.0011 3832  Disk - ok
18:25:24.0036 3832  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
18:25:24.0037 3832  dmvsc - ok
18:25:24.0047 3832  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:25:24.0050 3832  Dnscache - ok
18:25:24.0067 3832  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:25:24.0071 3832  dot3svc - ok
18:25:24.0084 3832  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:25:24.0087 3832  DPS - ok
18:25:24.0113 3832  [ 26FE888505E5A945B0536AF9A2A27A6F ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:25:24.0114 3832  drmkaud - ok
18:25:24.0147 3832  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:25:24.0164 3832  DXGKrnl - ok
18:25:24.0188 3832  [ 099E01A94167CA8BDA2CF72037AD0E28 ] e1express       C:\Windows\system32\DRIVERS\e1e6232e.sys
18:25:24.0191 3832  e1express - ok
18:25:24.0205 3832  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
18:25:24.0208 3832  E1G60 - ok
18:25:24.0232 3832  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:25:24.0234 3832  EapHost - ok
18:25:24.0293 3832  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:25:24.0344 3832  ebdrv - ok
18:25:24.0361 3832  [ C8A7F80DB5C193DD67747A1BA4B1782E ] EFS             C:\Windows\System32\lsass.exe
18:25:24.0363 3832  EFS - ok
18:25:24.0385 3832  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:25:24.0398 3832  elxstor - ok
18:25:24.0407 3832  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:25:24.0408 3832  ErrDev - ok
18:25:24.0447 3832  [ 680AF1647150CF9B061FF40E71C7396A ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
18:25:24.0448 3832  ESProtectionDriver - ok
18:25:24.0489 3832  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:25:24.0495 3832  EventSystem - ok
18:25:24.0507 3832  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:25:24.0510 3832  exfat - ok
18:25:24.0522 3832  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:25:24.0525 3832  fastfat - ok
18:25:24.0553 3832  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:25:24.0570 3832  Fax - ok
18:25:24.0577 3832  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:25:24.0579 3832  fdc - ok
18:25:24.0589 3832  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:25:24.0591 3832  fdPHost - ok
18:25:24.0602 3832  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:25:24.0604 3832  FDResPub - ok
18:25:24.0616 3832  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:25:24.0617 3832  FileInfo - ok
18:25:24.0635 3832  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:25:24.0636 3832  Filetrace - ok
18:25:24.0648 3832  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:25:24.0649 3832  flpydisk - ok
18:25:24.0666 3832  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:25:24.0670 3832  FltMgr - ok
18:25:24.0709 3832  [ BCB16AE33AA58E0042F3EF34CFB6396A ] FontCache       C:\Windows\system32\FntCache.dll
18:25:24.0735 3832  FontCache - ok
18:25:24.0751 3832  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:25:24.0752 3832  FsDepends - ok
18:25:24.0764 3832  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:25:24.0766 3832  Fs_Rec - ok
18:25:24.0780 3832  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:25:24.0784 3832  fvevol - ok
18:25:24.0793 3832  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:25:24.0794 3832  gagp30kx - ok
18:25:24.0816 3832  [ E4AE497857409127ED57562AF913A903 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:25:24.0834 3832  gpsvc - ok
18:25:24.0905 3832  [ 0545A3EB959CFA4790D267BFB8C1ACA4 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:25:24.0907 3832  gupdate - ok
18:25:24.0912 3832  [ 0545A3EB959CFA4790D267BFB8C1ACA4 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:25:24.0913 3832  gupdatem - ok
18:25:24.0933 3832  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:25:24.0935 3832  gusvc - ok
18:25:24.0951 3832  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:25:24.0952 3832  hcw85cir - ok
18:25:24.0973 3832  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:25:24.0977 3832  HdAudAddService - ok
18:25:24.0993 3832  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:25:24.0995 3832  HDAudBus - ok
18:25:25.0007 3832  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:25:25.0009 3832  HidBatt - ok
18:25:25.0021 3832  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:25:25.0024 3832  HidBth - ok
18:25:25.0032 3832  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:25:25.0033 3832  HidIr - ok
18:25:25.0056 3832  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
18:25:25.0058 3832  hidserv - ok
18:25:25.0079 3832  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:25:25.0081 3832  HidUsb - ok
18:25:25.0107 3832  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:25:25.0110 3832  hkmsvc - ok
18:25:25.0133 3832  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:25:25.0137 3832  HomeGroupListener - ok
18:25:25.0161 3832  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:25:25.0166 3832  HomeGroupProvider - ok
18:25:25.0178 3832  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:25:25.0180 3832  HpSAMD - ok
18:25:25.0215 3832  [ F61634BEC53F73702A10DE69F6DCAF57 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:25:25.0232 3832  HTTP - ok
18:25:25.0241 3832  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:25:25.0241 3832  hwpolicy - ok
18:25:25.0257 3832  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:25:25.0259 3832  i8042prt - ok
18:25:25.0290 3832  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
18:25:25.0293 3832  iaStor - ok
18:25:25.0316 3832  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:25:25.0331 3832  iaStorV - ok
18:25:25.0335 3832  IEEtwCollectorService - ok
18:25:25.0439 3832  [ 24CC43ECDEEFD4C19FBBEE4951B647F1 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:25:25.0534 3832  igfx - ok
18:25:25.0565 3832  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:25:25.0566 3832  iirsp - ok
18:25:25.0594 3832  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:25:25.0611 3832  IKEEXT - ok
18:25:25.0629 3832  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:25:25.0630 3832  intelide - ok
18:25:25.0643 3832  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:25:25.0645 3832  intelppm - ok
18:25:25.0656 3832  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:25:25.0660 3832  IPBusEnum - ok
18:25:25.0676 3832  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:25:25.0678 3832  IpFilterDriver - ok
18:25:25.0704 3832  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:25:25.0719 3832  iphlpsvc - ok
18:25:25.0735 3832  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:25:25.0736 3832  IPMIDRV - ok
18:25:25.0752 3832  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:25:25.0755 3832  IPNAT - ok
18:25:25.0767 3832  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:25:25.0769 3832  IRENUM - ok
18:25:25.0778 3832  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:25:25.0779 3832  isapnp - ok
18:25:25.0803 3832  [ 96BB922A0981BC7432C8CF52B5410FE6 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:25:25.0807 3832  iScsiPrt - ok
18:25:25.0833 3832  [ 023896E23B61543A15A230EED996D911 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
18:25:25.0837 3832  iusb3hub - ok
18:25:25.0862 3832  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
18:25:25.0879 3832  iusb3xhc - ok
18:25:25.0889 3832  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:25:25.0891 3832  kbdclass - ok
18:25:25.0901 3832  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:25:25.0902 3832  kbdhid - ok
18:25:25.0911 3832  [ C8A7F80DB5C193DD67747A1BA4B1782E ] KeyIso          C:\Windows\system32\lsass.exe
18:25:25.0914 3832  KeyIso - ok
18:25:25.0941 3832  [ 3974E5264A0481600370C5BEED061DDF ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:25:25.0943 3832  KSecDD - ok
18:25:25.0959 3832  [ 6E85615A86FE86E76DAE49BF9F227483 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:25:25.0962 3832  KSecPkg - ok
18:25:25.0970 3832  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:25:25.0971 3832  ksthunk - ok
18:25:25.0997 3832  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:25:26.0012 3832  KtmRm - ok
18:25:26.0053 3832  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
18:25:26.0059 3832  LanmanServer - ok
18:25:26.0076 3832  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:25:26.0081 3832  LanmanWorkstation - ok
18:25:26.0093 3832  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:25:26.0095 3832  lltdio - ok
18:25:26.0129 3832  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:25:26.0134 3832  lltdsvc - ok
18:25:26.0158 3832  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:25:26.0160 3832  lmhosts - ok
18:25:26.0176 3832  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:25:26.0178 3832  LSI_FC - ok
18:25:26.0191 3832  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:25:26.0194 3832  LSI_SAS - ok
18:25:26.0205 3832  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:25:26.0207 3832  LSI_SAS2 - ok
18:25:26.0220 3832  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:25:26.0222 3832  LSI_SCSI - ok
18:25:26.0238 3832  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:25:26.0241 3832  luafv - ok
18:25:26.0260 3832  [ 5C3083CDE45F25797F6B4310BF916394 ] MBAMChameleon   C:\Windows\System32\Drivers\MbamChameleon.sys
18:25:26.0263 3832  MBAMChameleon - ok
18:25:26.0283 3832  [ 20046A5DB1466EBD0DCAEB84D00C5432 ] MBAMFarflt      C:\Windows\system32\DRIVERS\farflt.sys
18:25:26.0284 3832  MBAMFarflt - ok
18:25:26.0296 3832  [ 29BD0BB2CD7E37B8C248CFA933FBD1F4 ] MBAMProtection  C:\Windows\system32\DRIVERS\mbam.sys
18:25:26.0297 3832  MBAMProtection - ok
18:25:26.0432 3832  [ 734B435E1693386213EEFD4D17A70DEB ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
18:25:26.0463 3832  MBAMService - ok
18:25:26.0483 3832  [ B047B9CE5A0D800E6D713B43D0405221 ] MBAMSwissArmy   C:\Windows\System32\Drivers\mbamswissarmy.sys
18:25:26.0487 3832  MBAMSwissArmy - ok
18:25:26.0513 3832  [ 8135271183EA7C59BD865873C972159D ] MBAMWebProtection C:\Windows\system32\DRIVERS\mwac.sys
18:25:26.0515 3832  MBAMWebProtection - ok
18:25:26.0531 3832  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:25:26.0532 3832  megasas - ok
18:25:26.0550 3832  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:25:26.0554 3832  MegaSR - ok
18:25:26.0581 3832  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:25:26.0584 3832  MMCSS - ok
18:25:26.0598 3832  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:25:26.0600 3832  Modem - ok
18:25:26.0617 3832  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:25:26.0619 3832  monitor - ok
18:25:26.0635 3832  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:25:26.0636 3832  mouclass - ok
18:25:26.0647 3832  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:25:26.0648 3832  mouhid - ok
18:25:26.0675 3832  [ 67050452C0118BAF2883928E6FCCFE47 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:25:26.0677 3832  mountmgr - ok
18:25:26.0701 3832  [ 5F891063036E069C33ACB925636413AF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:25:26.0703 3832  MozillaMaintenance - ok
18:25:26.0720 3832  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:25:26.0723 3832  mpio - ok
18:25:26.0739 3832  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:25:26.0741 3832  mpsdrv - ok
18:25:26.0779 3832  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:25:26.0797 3832  MpsSvc - ok
18:25:26.0817 3832  [ D7ADC2B83CA0B0381F75A98351F72CEE ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:25:26.0819 3832  MRxDAV - ok
18:25:26.0846 3832  [ 10112D850C844606419C79EE24EE6016 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:25:26.0849 3832  mrxsmb - ok
18:25:26.0872 3832  [ DCC4343B422A13B42C7678998449CE8A ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:25:26.0876 3832  mrxsmb10 - ok
18:25:26.0892 3832  [ 46C4F5BEE8D98BB1688752EAD0ABB7C0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:25:26.0894 3832  mrxsmb20 - ok
18:25:26.0909 3832  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:25:26.0910 3832  msahci - ok
18:25:26.0926 3832  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:25:26.0929 3832  msdsm - ok
18:25:26.0952 3832  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:25:26.0956 3832  MSDTC - ok
18:25:26.0970 3832  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:25:26.0971 3832  Msfs - ok
18:25:26.0979 3832  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:25:26.0980 3832  mshidkmdf - ok
18:25:26.0992 3832  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:25:26.0993 3832  msisadrv - ok
18:25:27.0018 3832  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:25:27.0022 3832  MSiSCSI - ok
18:25:27.0027 3832  msiserver - ok
18:25:27.0040 3832  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:25:27.0041 3832  MSKSSRV - ok
18:25:27.0054 3832  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:25:27.0055 3832  MSPCLOCK - ok
18:25:27.0066 3832  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:25:27.0068 3832  MSPQM - ok
18:25:27.0081 3832  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:25:27.0085 3832  MsRPC - ok
18:25:27.0095 3832  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:25:27.0096 3832  mssmbios - ok
18:25:27.0109 3832  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:25:27.0110 3832  MSTEE - ok
18:25:27.0123 3832  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:25:27.0124 3832  MTConfig - ok
18:25:27.0133 3832  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:25:27.0135 3832  Mup - ok
18:25:27.0146 3832  [ B54B122DCEA87B66C6DC4A364FB1453F ] mv91cons        C:\Windows\system32\drivers\mv91cons.sys
18:25:27.0148 3832  mv91cons - ok
18:25:27.0173 3832  [ 34D08C9C64F657D194961E96C47E9C69 ] mv91xx          C:\Windows\system32\drivers\mv91xx.sys
18:25:27.0177 3832  mv91xx - ok
18:25:27.0208 3832  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:25:27.0224 3832  napagent - ok
18:25:27.0246 3832  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:25:27.0249 3832  NativeWifiP - ok
18:25:27.0285 3832  [ F7309F42555F8AAB7144A51A1F2585B0 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:25:27.0302 3832  NDIS - ok
18:25:27.0312 3832  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:25:27.0314 3832  NdisCap - ok
18:25:27.0326 3832  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:25:27.0328 3832  NdisTapi - ok
18:25:27.0336 3832  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:25:27.0338 3832  Ndisuio - ok
18:25:27.0351 3832  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:25:27.0353 3832  NdisWan - ok
18:25:27.0365 3832  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:25:27.0367 3832  NDProxy - ok
18:25:27.0376 3832  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:25:27.0377 3832  NetBIOS - ok
18:25:27.0401 3832  [ E47D571FEC2C76E867935109AB2A770C ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:25:27.0405 3832  NetBT - ok
18:25:27.0419 3832  [ C8A7F80DB5C193DD67747A1BA4B1782E ] Netlogon        C:\Windows\system32\lsass.exe
18:25:27.0421 3832  Netlogon - ok
18:25:27.0444 3832  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:25:27.0459 3832  Netman - ok
18:25:27.0480 3832  [ 6EEEA0E79B5BD1163740B53B96A1F1E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:25:27.0483 3832  NetMsmqActivator - ok
18:25:27.0497 3832  [ 6EEEA0E79B5BD1163740B53B96A1F1E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:25:27.0498 3832  NetPipeActivator - ok
18:25:27.0514 3832  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:25:27.0540 3832  netprofm - ok
18:25:27.0545 3832  [ 6EEEA0E79B5BD1163740B53B96A1F1E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:25:27.0547 3832  NetTcpActivator - ok
18:25:27.0564 3832  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:25:27.0566 3832  nfrd960 - ok
18:25:27.0581 3832  [ 8B301D474B478E9A92823BAB50A7BC49 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:25:27.0587 3832  NlaSvc - ok
18:25:27.0592 3832  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:25:27.0594 3832  Npfs - ok
18:25:27.0607 3832  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:25:27.0610 3832  nsi - ok
18:25:27.0637 3832  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:25:27.0638 3832  nsiproxy - ok
18:25:27.0690 3832  [ 1A29A59A4C5BA6F8C85062A613B7E2B2 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:25:27.0699 3832  Ntfs - ok
18:25:27.0707 3832  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:25:27.0708 3832  Null - ok
18:25:27.0722 3832  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:25:27.0724 3832  nvraid - ok
18:25:27.0740 3832  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:25:27.0743 3832  nvstor - ok
18:25:27.0754 3832  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:25:27.0757 3832  nv_agp - ok
18:25:27.0766 3832  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:25:27.0769 3832  ohci1394 - ok
18:25:27.0796 3832  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:25:27.0799 3832  ose - ok
18:25:27.0825 3832  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:25:27.0840 3832  p2pimsvc - ok
18:25:27.0866 3832  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:25:27.0882 3832  p2psvc - ok
18:25:27.0897 3832  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:25:27.0899 3832  Parport - ok
18:25:27.0919 3832  Partizan - ok
18:25:27.0929 3832  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:25:27.0930 3832  partmgr - ok
18:25:27.0943 3832  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:25:27.0948 3832  PcaSvc - ok
18:25:27.0962 3832  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:25:27.0965 3832  pci - ok
18:25:27.0976 3832  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:25:27.0977 3832  pciide - ok
18:25:27.0995 3832  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:25:27.0998 3832  pcmcia - ok
18:25:28.0011 3832  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:25:28.0013 3832  pcw - ok
18:25:28.0041 3832  [ ED6E75158D28D33A2E2A020AC5B2B59D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:25:28.0059 3832  PEAUTH - ok
18:25:28.0096 3832  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:25:28.0123 3832  PeerDistSvc - ok
18:25:28.0200 3832  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:25:28.0203 3832  PerfHost - ok
18:25:28.0245 3832  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:25:28.0271 3832  pla - ok
18:25:28.0296 3832  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:25:28.0311 3832  PlugPlay - ok
18:25:28.0326 3832  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:25:28.0329 3832  PNRPAutoReg - ok
18:25:28.0350 3832  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:25:28.0354 3832  PNRPsvc - ok
18:25:28.0383 3832  [ 80D6B0563ED2BF10656B1D4748331082 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:25:28.0399 3832  PolicyAgent - ok
18:25:28.0416 3832  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:25:28.0422 3832  Power - ok
18:25:28.0448 3832  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:25:28.0450 3832  PptpMiniport - ok
18:25:28.0467 3832  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
18:25:28.0469 3832  Processor - ok
18:25:28.0495 3832  [ B6A58491307B4CADA572583D863DC602 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:25:28.0500 3832  ProfSvc - ok
18:25:28.0510 3832  [ C8A7F80DB5C193DD67747A1BA4B1782E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:25:28.0513 3832  ProtectedStorage - ok
18:25:28.0525 3832  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:25:28.0528 3832  Psched - ok
18:25:28.0561 3832  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:25:28.0587 3832  ql2300 - ok
18:25:28.0603 3832  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:25:28.0606 3832  ql40xx - ok
18:25:28.0627 3832  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:25:28.0632 3832  QWAVE - ok
18:25:28.0647 3832  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:25:28.0649 3832  QWAVEdrv - ok
18:25:28.0661 3832  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:25:28.0662 3832  RasAcd - ok
18:25:28.0679 3832  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:25:28.0680 3832  RasAgileVpn - ok
18:25:28.0695 3832  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:25:28.0699 3832  RasAuto - ok
18:25:28.0716 3832  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:25:28.0718 3832  Rasl2tp - ok
18:25:28.0731 3832  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:25:28.0738 3832  RasMan - ok
18:25:28.0748 3832  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:25:28.0750 3832  RasPppoe - ok
18:25:28.0759 3832  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:25:28.0761 3832  RasSstp - ok
18:25:28.0778 3832  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:25:28.0782 3832  rdbss - ok
18:25:28.0787 3832  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:25:28.0788 3832  rdpbus - ok
18:25:28.0799 3832  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:25:28.0800 3832  RDPCDD - ok
18:25:28.0824 3832  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:25:28.0827 3832  RDPDR - ok
18:25:28.0840 3832  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:25:28.0841 3832  RDPENCDD - ok
18:25:28.0852 3832  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:25:28.0853 3832  RDPREFMP - ok
18:25:28.0895 3832  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:25:28.0896 3832  RdpVideoMiniport - ok
18:25:28.0923 3832  [ FE571E088C2D83619D2D48D4E961BF41 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:25:28.0926 3832  RDPWD - ok
18:25:28.0938 3832  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:25:28.0942 3832  rdyboost - ok
18:25:28.0982 3832  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:25:28.0985 3832  RemoteAccess - ok
18:25:28.0998 3832  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:25:29.0003 3832  RemoteRegistry - ok
18:25:29.0028 3832  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:25:29.0032 3832  RpcEptMapper - ok
18:25:29.0051 3832  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:25:29.0053 3832  RpcLocator - ok
18:25:29.0076 3832  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:25:29.0082 3832  RpcSs - ok
18:25:29.0098 3832  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:25:29.0100 3832  rspndr - ok
18:25:29.0111 3832  [ 97B6D72C82B2632B3D1AD60DDAC38D46 ] RTL8023x64      C:\Windows\system32\DRIVERS\Rtnic64.sys
18:25:29.0113 3832  RTL8023x64 - ok
18:25:29.0130 3832  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:25:29.0131 3832  s3cap - ok
18:25:29.0136 3832  [ C8A7F80DB5C193DD67747A1BA4B1782E ] SamSs           C:\Windows\system32\lsass.exe
18:25:29.0139 3832  SamSs - ok
18:25:29.0153 3832  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:25:29.0156 3832  sbp2port - ok
18:25:29.0168 3832  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:25:29.0174 3832  SCardSvr - ok
18:25:29.0183 3832  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:25:29.0184 3832  scfilter - ok
18:25:29.0210 3832  [ 40686B59C127F0C93B4234E4A1E3472A ] Schedule        C:\Windows\system32\schedsvc.dll
18:25:29.0237 3832  Schedule - ok
18:25:29.0254 3832  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:25:29.0256 3832  SCPolicySvc - ok
18:25:29.0267 3832  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:25:29.0272 3832  SDRSVC - ok
18:25:29.0285 3832  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:25:29.0287 3832  secdrv - ok
18:25:29.0304 3832  [ A19623BDD61E66A12AB53992002B4F3A ] seclogon        C:\Windows\system32\seclogon.dll
18:25:29.0308 3832  seclogon - ok
18:25:29.0318 3832  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
18:25:29.0322 3832  SENS - ok
18:25:29.0337 3832  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:25:29.0341 3832  SensrSvc - ok
18:25:29.0357 3832  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:25:29.0358 3832  Serenum - ok
18:25:29.0371 3832  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:25:29.0373 3832  Serial - ok
18:25:29.0389 3832  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:25:29.0390 3832  sermouse - ok
18:25:29.0412 3832  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:25:29.0416 3832  SessionEnv - ok
18:25:29.0421 3832  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:25:29.0423 3832  sffdisk - ok
18:25:29.0435 3832  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:25:29.0436 3832  sffp_mmc - ok
18:25:29.0447 3832  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:25:29.0449 3832  sffp_sd - ok
18:25:29.0461 3832  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:25:29.0463 3832  sfloppy - ok
18:25:29.0481 3832  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:25:29.0488 3832  SharedAccess - ok
18:25:29.0504 3832  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:25:29.0521 3832  ShellHWDetection - ok
18:25:29.0540 3832  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:25:29.0542 3832  SiSRaid2 - ok
18:25:29.0552 3832  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:25:29.0554 3832  SiSRaid4 - ok
18:25:29.0569 3832  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:25:29.0571 3832  Smb - ok
18:25:29.0600 3832  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:25:29.0604 3832  SNMPTRAP - ok
18:25:29.0617 3832  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:25:29.0619 3832  spldr - ok
18:25:29.0651 3832  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:25:29.0665 3832  Spooler - ok
18:25:29.0729 3832  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:25:29.0790 3832  sppsvc - ok
18:25:29.0807 3832  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:25:29.0812 3832  sppuinotify - ok
18:25:29.0842 3832  [ F2F4B895296EE3ECCE781CC2A296A5D1 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:25:29.0848 3832  srv - ok
18:25:29.0867 3832  [ FD0008BEDD2723170CCA7D61837DFD52 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:25:29.0873 3832  srv2 - ok
18:25:29.0894 3832  [ 63B5845D9379262083655D5C6AB8DFC5 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:25:29.0897 3832  srvnet - ok
18:25:29.0909 3832  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:25:29.0913 3832  SSDPSRV - ok
18:25:29.0923 3832  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:25:29.0928 3832  SstpSvc - ok
18:25:29.0942 3832  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:25:29.0943 3832  stexstor - ok
18:25:29.0974 3832  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:25:29.0991 3832  stisvc - ok
18:25:30.0004 3832  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:25:30.0005 3832  storflt - ok
18:25:30.0028 3832  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
18:25:30.0032 3832  StorSvc - ok
18:25:30.0042 3832  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:25:30.0044 3832  storvsc - ok
18:25:30.0059 3832  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:25:30.0060 3832  swenum - ok
18:25:30.0075 3832  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:25:30.0091 3832  swprv - ok
18:25:30.0126 3832  [ 2E730941CC5BF6200A4F56D1E9C24AAD ] SysMain         C:\Windows\system32\sysmain.dll
18:25:30.0159 3832  SysMain - ok
18:25:30.0173 3832  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:25:30.0177 3832  TabletInputService - ok
18:25:30.0196 3832  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:25:30.0212 3832  TapiSrv - ok
18:25:30.0226 3832  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:25:30.0231 3832  TBS - ok
18:25:30.0279 3832  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:25:30.0314 3832  Tcpip - ok
18:25:30.0350 3832  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:25:30.0361 3832  TCPIP6 - ok
18:25:30.0373 3832  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:25:30.0375 3832  tcpipreg - ok
18:25:30.0392 3832  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:25:30.0393 3832  TDPIPE - ok
18:25:30.0400 3832  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:25:30.0401 3832  TDTCP - ok
18:25:30.0423 3832  [ AA77EB517D2F07A947294F260E3ACA83 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:25:30.0426 3832  tdx - ok
18:25:30.0437 3832  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:25:30.0439 3832  TermDD - ok
18:25:30.0452 3832  [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt        C:\Windows\system32\drivers\terminpt.sys
18:25:30.0453 3832  terminpt - ok
18:25:30.0485 3832  [ 008CD4EBFABCF78D0F19B3778492648C ] TermService     C:\Windows\System32\termsrv.dll
18:25:30.0503 3832  TermService - ok
18:25:30.0528 3832  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:25:30.0532 3832  Themes - ok
18:25:30.0547 3832  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:25:30.0550 3832  THREADORDER - ok
18:25:30.0561 3832  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:25:30.0566 3832  TrkWks - ok
18:25:30.0603 3832  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:25:30.0606 3832  TrustedInstaller - ok
18:25:30.0629 3832  [ E232A3B43A894BB327FC161529BD9ED1 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:25:30.0630 3832  tssecsrv - ok
18:25:30.0645 3832  [ E9981ECE8D894CEF7038FD1D040EB426 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:25:30.0647 3832  TsUsbFlt - ok
18:25:30.0657 3832  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:25:30.0659 3832  TsUsbGD - ok
18:25:30.0678 3832  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:25:30.0680 3832  tunnel - ok
18:25:30.0694 3832  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:25:30.0696 3832  uagp35 - ok
18:25:30.0710 3832  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:25:30.0715 3832  udfs - ok
18:25:30.0739 3832  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:25:30.0743 3832  UI0Detect - ok
18:25:30.0759 3832  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:25:30.0761 3832  uliagpkx - ok
18:25:30.0780 3832  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:25:30.0782 3832  umbus - ok
18:25:30.0797 3832  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:25:30.0799 3832  UmPass - ok
18:25:30.0817 3832  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
18:25:30.0823 3832  UmRdpService - ok
18:25:30.0840 3832  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:25:30.0856 3832  upnphost - ok
18:25:30.0871 3832  [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:25:30.0874 3832  usbccgp - ok
18:25:30.0883 3832  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:25:30.0885 3832  usbcir - ok
18:25:30.0897 3832  [ 18A85013A3E0F7E1755365D287443965 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:25:30.0899 3832  usbehci - ok
18:25:30.0911 3832  [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:25:30.0916 3832  usbhub - ok
18:25:30.0931 3832  [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:25:30.0932 3832  usbohci - ok
18:25:30.0949 3832  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:25:30.0950 3832  usbprint - ok
18:25:30.0966 3832  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:25:30.0967 3832  usbscan - ok
18:25:30.0979 3832  [ D029DD09E22EB24318A8FC3D8138BA43 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:25:30.0981 3832  USBSTOR - ok
18:25:30.0994 3832  [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:25:30.0996 3832  usbuhci - ok
18:25:31.0017 3832  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:25:31.0021 3832  UxSms - ok
18:25:31.0035 3832  [ C8A7F80DB5C193DD67747A1BA4B1782E ] VaultSvc        C:\Windows\system32\lsass.exe
18:25:31.0038 3832  VaultSvc - ok
18:25:31.0052 3832  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:25:31.0053 3832  vdrvroot - ok
18:25:31.0075 3832  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:25:31.0092 3832  vds - ok
18:25:31.0107 3832  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:25:31.0109 3832  vga - ok
18:25:31.0117 3832  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:25:31.0119 3832  VgaSave - ok
18:25:31.0133 3832  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:25:31.0136 3832  vhdmp - ok
18:25:31.0153 3832  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:25:31.0155 3832  viaide - ok
18:25:31.0176 3832  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:25:31.0178 3832  vmbus - ok
18:25:31.0193 3832  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:25:31.0194 3832  VMBusHID - ok
18:25:31.0206 3832  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:25:31.0208 3832  volmgr - ok
18:25:31.0227 3832  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:25:31.0232 3832  volmgrx - ok
18:25:31.0247 3832  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:25:31.0251 3832  volsnap - ok
18:25:31.0270 3832  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:25:31.0272 3832  vsmraid - ok
18:25:31.0318 3832  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:25:31.0352 3832  VSS - ok
18:25:31.0371 3832  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:25:31.0373 3832  vwifibus - ok
18:25:31.0386 3832  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:25:31.0388 3832  vwififlt - ok
18:25:31.0398 3832  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:25:31.0399 3832  vwifimp - ok
18:25:31.0420 3832  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:25:31.0438 3832  W32Time - ok
18:25:31.0474 3832  [ B32009DB1972E7F2C227499289C4384A ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
18:25:31.0488 3832  W3SVC - ok
18:25:31.0504 3832  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:25:31.0505 3832  WacomPen - ok
18:25:31.0539 3832  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:25:31.0541 3832  WANARP - ok
18:25:31.0545 3832  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:25:31.0547 3832  Wanarpv6 - ok
18:25:31.0556 3832  [ B32009DB1972E7F2C227499289C4384A ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
18:25:31.0559 3832  WAS - ok
18:25:31.0599 3832  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:25:31.0606 3832  WatAdminSvc - ok
18:25:31.0641 3832  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:25:31.0667 3832  wbengine - ok
18:25:31.0685 3832  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:25:31.0690 3832  WbioSrvc - ok
18:25:31.0706 3832  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:25:31.0723 3832  wcncsvc - ok
18:25:31.0738 3832  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:25:31.0743 3832  WcsPlugInService - ok
18:25:31.0752 3832  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
18:25:31.0753 3832  Wd - ok
18:25:31.0778 3832  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:25:31.0796 3832  Wdf01000 - ok
18:25:31.0816 3832  [ C6F7473B55510F0B93961DA03D8E3B38 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:25:31.0821 3832  WdiServiceHost - ok
18:25:31.0825 3832  [ C6F7473B55510F0B93961DA03D8E3B38 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:25:31.0830 3832  WdiSystemHost - ok
18:25:31.0857 3832  [ 4E89FC53493704BF835F0300DC201C34 ] WebClient       C:\Windows\System32\webclnt.dll
18:25:31.0865 3832  WebClient - ok
18:25:31.0881 3832  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:25:31.0889 3832  Wecsvc - ok
18:25:31.0899 3832  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:25:31.0903 3832  wercplsupport - ok
18:25:31.0920 3832  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:25:31.0925 3832  WerSvc - ok
18:25:31.0935 3832  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:25:31.0937 3832  WfpLwf - ok
18:25:31.0948 3832  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:25:31.0950 3832  WIMMount - ok
18:25:31.0967 3832  WinDefend - ok
18:25:31.0982 3832  WinHttpAutoProxySvc - ok
18:25:32.0027 3832  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:25:32.0030 3832  Winmgmt - ok
18:25:32.0082 3832  [ D929ABD465A2DED963DA8B30946A8D5C ] WinRM           C:\Windows\system32\WsmSvc.dll
18:25:32.0116 3832  WinRM - ok
18:25:32.0151 3832  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:25:32.0168 3832  Wlansvc - ok
18:25:32.0181 3832  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:25:32.0182 3832  WmiAcpi - ok
18:25:32.0212 3832  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:25:32.0215 3832  wmiApSrv - ok
18:25:32.0228 3832  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:25:32.0232 3832  WPCSvc - ok
18:25:32.0242 3832  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:25:32.0247 3832  WPDBusEnum - ok
18:25:32.0256 3832  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:25:32.0258 3832  ws2ifsl - ok
18:25:32.0279 3832  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
18:25:32.0284 3832  wscsvc - ok
18:25:32.0339 3832  [ 86F11B85102AFA6A1A6101DCE2F09386 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:25:32.0356 3832  wuauserv - ok
18:25:32.0369 3832  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:25:32.0371 3832  WudfPf - ok
18:25:32.0393 3832  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:25:32.0395 3832  WUDFRd - ok
18:25:32.0410 3832  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:25:32.0415 3832  wudfsvc - ok
18:25:32.0439 3832  [ 04F82965C09CBDF646B487E145060301 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:25:32.0444 3832  WwanSvc - ok
18:25:32.0493 3832  ================ Scan global ===============================
18:25:32.0515 3832  [ 168EA9CD9BD6056BB6F60B57D5304BBE ] C:\Windows\system32\basesrv.dll
18:25:32.0539 3832  [ E0E4D286839FC27F56A85B4710E16B6B ] C:\Windows\system32\winsrv.dll
18:25:32.0556 3832  [ E0E4D286839FC27F56A85B4710E16B6B ] C:\Windows\system32\winsrv.dll
18:25:32.0587 3832  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:25:32.0608 3832  [ 71C85477DF9347FE8E7BC55768473FCA ] C:\Windows\system32\services.exe
18:25:32.0612 3832  [Global] - ok
18:25:32.0613 3832  ================ Scan MBR ==================================
18:25:32.0619 3832  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:25:32.0820 3832  \Device\Harddisk0\DR0 - ok
18:25:32.0821 3832  ================ Scan VBR ==================================
18:25:32.0824 3832  [ 9D1C9D0DBDCB1D4EF8440C4B84EFD317 ] \Device\Harddisk0\DR0\Partition1
18:25:32.0825 3832  \Device\Harddisk0\DR0\Partition1 - ok
18:25:32.0826 3832  ============================================================
18:25:32.0826 3832  Scan finished
18:25:32.0826 3832  ============================================================
18:25:32.0837 0880  Detected object count: 0
18:25:32.0837 0880  Actual detected object count: 0


#7 britechguy

britechguy

    Been there, done that, got the T-shirt


  • Moderator
  • 8,644 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Staunton, VA
  • Local time:12:05 PM

Posted 17 February 2018 - 09:39 PM

Please keep all information related to this problem in this thread.  Any additional logs should be posted here unless you get into the tools only allowed in the Malware Removal Logs forum, and you would be under the direction of a staff member before running those.


Brian  AKA  Bri the Tech Guy (website in my user profile) - Windows 10 Home, 64-Bit, Version 1803, Build 17134 

     . . . the presumption of innocence, while essential in the legal realm, does not mean the elimination of common sense outside it.  The willing suspension of disbelief has its limits, or should.

    ~ Ruth Marcus,  November 10, 2017, in Washington Post article, Bannon is right: It’s no coincidence The Post broke the Moore story


 

 

 

              

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users