Inactive-A Virus:DOS/Rovnix.gen!A Help.

[Misairo]

I've tried 2 days in a row to attempt to get rid of this virus that will slow my computer down so much to the point where I can't do anything.

If anyone could help me with this problem, I would much appriciate the assistance.

 

[Broni]

Welcome aboard


Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

Download TDSSKiller and save it to your desktop.

• Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[Misairo]

Okay it's done.

The text was too long to copy paste. so heres the log itself.

 

[Broni]

All logs have to be pasted. Use several replies if needed.

 

[Misairo]

15:45:49.0918 0x1bc0 TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
15:45:53.0499 0x1bc0 ============================================================
15:45:53.0499 0x1bc0 Current date / time: 2014/05/02 15:45:53.0499
15:45:53.0499 0x1bc0 SystemInfo:
15:45:53.0499 0x1bc0
15:45:53.0499 0x1bc0 OS Version: 6.1.7601 ServicePack: 1.0
15:45:53.0499 0x1bc0 Product type: Workstation
15:45:53.0499 0x1bc0 ComputerName: USER-PC
15:45:53.0502 0x1bc0 UserName: User
15:45:53.0502 0x1bc0 Windows directory: C:\Windows
15:45:53.0502 0x1bc0 System windows directory: C:\Windows
15:45:53.0502 0x1bc0 Running under WOW64
15:45:53.0502 0x1bc0 Processor architecture: Intel x64
15:45:53.0502 0x1bc0 Number of processors: 4
15:45:53.0502 0x1bc0 Page size: 0x1000
15:45:53.0502 0x1bc0 Boot type: Normal boot
15:45:53.0502 0x1bc0 ============================================================
15:45:54.0103 0x1bc0 KLMD registered as C:\Windows\system32\drivers\97752545.sys
15:45:54.0491 0x1bc0 System UUID: {D4F08181-89A5-00A9-0E7E-5A4D71CDB120}
15:45:58.0357 0x1bc0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:45:58.0374 0x1bc0 ============================================================
15:45:58.0374 0x1bc0 \Device\Harddisk0\DR0:
15:45:58.0374 0x1bc0 MBR partitions:
15:45:58.0374 0x1bc0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
15:45:58.0374 0x1bc0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x720D3DB0
15:45:58.0374 0x1bc0 ============================================================
15:45:58.0397 0x1bc0 C: <-> \Device\Harddisk0\DR0\Partition2
15:45:58.0399 0x1bc0 ============================================================
15:45:58.0399 0x1bc0 Initialize success
15:45:58.0399 0x1bc0 ============================================================
15:46:00.0080 0x1700 ============================================================
15:46:00.0083 0x1700 Scan started
15:46:00.0083 0x1700 Mode: Manual;
15:46:00.0083 0x1700 ============================================================
15:46:00.0083 0x1700 KSN ping started
15:46:02.0954 0x1700 KSN ping finished: true
15:46:03.0569 0x1700 ================ Scan system memory ========================
15:46:03.0569 0x1700 System memory - ok
15:46:03.0572 0x1700 ================ Scan services =============================
15:46:03.0740 0x1700 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:46:03.0748 0x1700 1394ohci - ok
15:46:03.0790 0x1700 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:46:03.0803 0x1700 ACPI - ok
15:46:03.0840 0x1700 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:46:03.0845 0x1700 AcpiPmi - ok
15:46:03.0990 0x1700 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:46:04.0038 0x1700 AdobeARMservice - ok
15:46:04.0168 0x1700 [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:46:04.0310 0x1700 AdobeFlashPlayerUpdateSvc - ok
15:46:04.0347 0x1700 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:46:04.0360 0x1700 adp94xx - ok
15:46:04.0385 0x1700 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:46:04.0402 0x1700 adpahci - ok
15:46:04.0427 0x1700 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:46:04.0435 0x1700 adpu320 - ok
15:46:04.0477 0x1700 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:46:04.0480 0x1700 AeLookupSvc - ok
15:46:04.0545 0x1700 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
15:46:04.0570 0x1700 AFD - ok
15:46:04.0604 0x1700 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:46:04.0607 0x1700 agp440 - ok
15:46:04.0622 0x1700 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:46:04.0632 0x1700 ALG - ok
15:46:04.0679 0x1700 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:46:04.0682 0x1700 aliide - ok
15:46:04.0762 0x1700 [ 27A1F78B4F9375B717AFEC3E17080F35, FF7DD4AF6619DE6EBF6D05E9414DAAE5914BCC2679656C0D1D787AC50874EE7B ] ALYac_RTSrv C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
15:46:04.0772 0x1700 ALYac_RTSrv - ok
15:46:04.0837 0x1700 [ E676F4DB5FA250CE51FBF585F248CAB8, 81D4BE28748695E2A520902FEC020F402590A5496A01DE3A5FEDF01A87D2B2EE ] ALYac_UpdSrv C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
15:46:04.0859 0x1700 ALYac_UpdSrv - ok
15:46:04.0904 0x1700 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:46:04.0909 0x1700 amdide - ok
15:46:04.0942 0x1700 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:46:04.0947 0x1700 AmdK8 - ok
15:46:04.0964 0x1700 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:46:04.0969 0x1700 AmdPPM - ok
15:46:04.0987 0x1700 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:46:04.0994 0x1700 amdsata - ok
15:46:05.0014 0x1700 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:46:05.0024 0x1700 amdsbs - ok
15:46:05.0047 0x1700 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:46:05.0049 0x1700 amdxata - ok
15:46:05.0064 0x1700 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
15:46:05.0069 0x1700 AppID - ok
15:46:05.0097 0x1700 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:46:05.0099 0x1700 AppIDSvc - ok
15:46:05.0159 0x1700 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
15:46:05.0159 0x1700 Appinfo - ok
15:46:05.0259 0x1700 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:05.0406 0x1700 Apple Mobile Device - ok
15:46:05.0444 0x1700 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:46:05.0449 0x1700 arc - ok
15:46:05.0501 0x1700 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:46:05.0506 0x1700 arcsas - ok
15:46:05.0609 0x1700 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:46:05.0641 0x1700 aspnet_state - ok
15:46:05.0663 0x1700 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:46:05.0689 0x1700 AsyncMac - ok
15:46:05.0728 0x1700 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:46:05.0738 0x1700 atapi - ok
15:46:05.0812 0x1700 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:46:05.0838 0x1700 AudioEndpointBuilder - ok
15:46:05.0867 0x1700 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:46:05.0883 0x1700 AudioSrv - ok
15:46:05.0919 0x1700 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:46:05.0924 0x1700 AxInstSV - ok
15:46:05.0954 0x1700 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:46:05.0964 0x1700 b06bdrv - ok
15:46:05.0984 0x1700 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:46:05.0994 0x1700 b57nd60a - ok
15:46:06.0022 0x1700 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:46:06.0047 0x1700 BDESVC - ok
15:46:06.0059 0x1700 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:46:06.0062 0x1700 Beep - ok
15:46:06.0114 0x1700 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:46:06.0129 0x1700 BFE - ok
15:46:06.0192 0x1700 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
15:46:06.0212 0x1700 BITS - ok
15:46:06.0234 0x1700 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:46:06.0237 0x1700 blbdrive - ok
15:46:06.0254 0x1700 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:46:06.0259 0x1700 bowser - ok
15:46:06.0272 0x1700 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:46:06.0279 0x1700 BrFiltLo - ok
15:46:06.0292 0x1700 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:46:06.0297 0x1700 BrFiltUp - ok
15:46:06.0319 0x1700 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:46:06.0322 0x1700 BridgeMP - ok
15:46:06.0342 0x1700 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:46:06.0349 0x1700 Browser - ok
15:46:06.0387 0x1700 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:46:06.0399 0x1700 Brserid - ok
15:46:06.0412 0x1700 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:46:06.0414 0x1700 BrSerWdm - ok
15:46:06.0432 0x1700 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:46:06.0434 0x1700 BrUsbMdm - ok
15:46:06.0459 0x1700 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:46:06.0462 0x1700 BrUsbSer - ok
15:46:06.0479 0x1700 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:46:06.0487 0x1700 BTHMODEM - ok
15:46:06.0514 0x1700 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:46:06.0519 0x1700 bthserv - ok
15:46:06.0689 0x1700 [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
15:46:06.0739 0x1700 c2cautoupdatesvc - ok
15:46:06.0859 0x1700 [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
15:46:06.0971 0x1700 c2cpnrsvc - ok
15:46:06.0979 0x1700 catchme - ok
15:46:07.0004 0x1700 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:46:07.0009 0x1700 cdfs - ok
15:46:07.0026 0x1700 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:46:07.0034 0x1700 cdrom - ok
15:46:07.0041 0x1700 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:46:07.0046 0x1700 CertPropSvc - ok
15:46:07.0059 0x1700 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:46:07.0071 0x1700 circlass - ok
15:46:07.0099 0x1700 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
15:46:07.0111 0x1700 CLFS - ok
15:46:07.0151 0x1700 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:07.0156 0x1700 clr_optimization_v2.0.50727_32 - ok
15:46:07.0191 0x1700 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:46:07.0196 0x1700 clr_optimization_v2.0.50727_64 - ok
15:46:07.0351 0x1700 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:07.0509 0x1700 clr_optimization_v4.0.30319_32 - ok
15:46:07.0521 0x1700 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:46:07.0566 0x1700 clr_optimization_v4.0.30319_64 - ok
15:46:07.0604 0x1700 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:46:07.0606 0x1700 CmBatt - ok
15:46:07.0634 0x1700 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:46:07.0637 0x1700 cmdide - ok
15:46:07.0710 0x1700 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
15:46:07.0720 0x1700 CNG - ok
15:46:07.0727 0x1700 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:46:07.0730 0x1700 Compbatt - ok
15:46:07.0745 0x1700 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:46:07.0750 0x1700 CompositeBus - ok
15:46:07.0757 0x1700 COMSysApp - ok
15:46:07.0822 0x1700 [ A0050420B91E097C178DFC3C0598F67B, 950AEBE4BD42D943BD2E7F5AFBB4C47A2502694EB671BBA34468B214169C198C ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:46:07.0832 0x1700 cphs - ok
15:46:07.0850 0x1700 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:46:07.0855 0x1700 crcdisk - ok
15:46:07.0900 0x1700 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:46:07.0905 0x1700 CryptSvc - ok
15:46:07.0935 0x1700 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:46:07.0947 0x1700 DcomLaunch - ok
15:46:07.0997 0x1700 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:46:08.0007 0x1700 defragsvc - ok
15:46:08.0015 0x1700 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:46:08.0020 0x1700 DfsC - ok
15:46:08.0055 0x1700 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:46:08.0065 0x1700 Dhcp - ok
15:46:08.0085 0x1700 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:46:08.0092 0x1700 discache - ok
15:46:08.0107 0x1700 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:46:08.0117 0x1700 Disk - ok
15:46:08.0137 0x1700 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:46:08.0147 0x1700 Dnscache - ok
15:46:08.0159 0x1700 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:46:08.0169 0x1700 dot3svc - ok
15:46:08.0201 0x1700 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:46:08.0204 0x1700 DPS - ok
15:46:08.0244 0x1700 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:46:08.0249 0x1700 drmkaud - ok
15:46:08.0309 0x1700 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:46:08.0334 0x1700 DXGKrnl - ok
15:46:08.0379 0x1700 [ 5DB7CEB8FB44ABF01614E33BAD2056E0, BF4A66F57340183B731F0C4409930E35AB44A5CA4A6BB9EA78BCDBAF558B53D9 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
15:46:08.0391 0x1700 e1cexpress - ok
15:46:08.0401 0x1700 EagleX64 - ok
15:46:08.0419 0x1700 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:46:08.0424 0x1700 EapHost - ok
15:46:08.0539 0x1700 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:46:08.0697 0x1700 ebdrv - ok
15:46:08.0745 0x1700 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
15:46:08.0747 0x1700 EFS - ok
15:46:08.0846 0x1700 [ 5332EC2BA1C112BD4BB1F38127848FEF, 156585CE4011546B20EDD20D04E639A0788B1DE6455B23B94E2CD31BA725FE3C ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
15:46:08.0853 0x1700 EgisTec Ticket Service - ok
15:46:08.0923 0x1700 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:46:09.0041 0x1700 ehRecvr - ok
15:46:09.0061 0x1700 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:46:09.0096 0x1700 ehSched - ok
15:46:09.0138 0x1700 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:46:09.0153 0x1700 elxstor - ok
15:46:09.0166 0x1700 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:46:09.0168 0x1700 ErrDev - ok
15:46:09.0198 0x1700 [ CE71674332B6CF1127D333A59FCA8DDB, AA7DAF3649FD5D91683775FDE6D14D3A9D2E8D5567F530C76AF49705A7ADADB7 ] EstRtwIFDrv C:\Windows\system32\drivers\EstRtw.sys
15:46:09.0208 0x1700 EstRtwIFDrv - ok
15:46:09.0275 0x1700 [ CE71674332B6CF1127D333A59FCA8DDB, AA7DAF3649FD5D91683775FDE6D14D3A9D2E8D5567F530C76AF49705A7ADADB7 ] EstRtwIFDrvTemp c:\program files\estsoft\alyac\plugin\realtime\EstRtw.sys
15:46:09.0305 0x1700 EstRtwIFDrvTemp - ok
15:46:09.0348 0x1700 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:46:09.0358 0x1700 EventSystem - ok
15:46:09.0400 0x1700 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:46:09.0408 0x1700 exfat - ok
15:46:09.0420 0x1700 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:46:09.0428 0x1700 fastfat - ok
15:46:09.0468 0x1700 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:46:09.0485 0x1700 Fax - ok
15:46:09.0513 0x1700 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:46:09.0515 0x1700 fdc - ok
15:46:09.0528 0x1700 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:46:09.0535 0x1700 fdPHost - ok
15:46:09.0548 0x1700 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:46:09.0555 0x1700 FDResPub - ok
15:46:09.0573 0x1700 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:46:09.0575 0x1700 FileInfo - ok
15:46:09.0585 0x1700 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:46:09.0588 0x1700 Filetrace - ok
15:46:09.0608 0x1700 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:46:09.0610 0x1700 flpydisk - ok
15:46:09.0633 0x1700 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:46:09.0644 0x1700 FltMgr - ok
15:46:09.0701 0x1700 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
15:46:09.0759 0x1700 FontCache - ok
15:46:09.0816 0x1700 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:46:09.0819 0x1700 FontCache3.0.0.0 - ok
15:46:09.0826 0x1700 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:46:09.0831 0x1700 FsDepends - ok
15:46:09.0849 0x1700 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:46:09.0851 0x1700 Fs_Rec - ok
15:46:09.0891 0x1700 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:46:09.0906 0x1700 fvevol - ok
15:46:09.0921 0x1700 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:46:09.0924 0x1700 gagp30kx - ok
15:46:09.0986 0x1700 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:46:10.0006 0x1700 GEARAspiWDM - ok
15:46:10.0064 0x1700 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:46:10.0081 0x1700 gpsvc - ok
15:46:10.0143 0x1700 [ 32096F187020A54D29C95B3A1467D963, 2A50686C1FC921B02F6B7472AC09B2CFD9DE290D22DD0342A94AB8E95AC3DC6C ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
15:46:10.0148 0x1700 GREGService - ok
15:46:10.0228 0x1700 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:46:10.0233 0x1700 gupdate - ok
15:46:10.0256 0x1700 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:46:10.0261 0x1700 gupdatem - ok
15:46:10.0306 0x1700 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:46:10.0331 0x1700 gusvc - ok
15:46:10.0346 0x1700 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:46:10.0353 0x1700 hcw85cir - ok
15:46:10.0386 0x1700 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:46:10.0396 0x1700 HdAudAddService - ok
15:46:10.0411 0x1700 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:46:10.0418 0x1700 HDAudBus - ok
15:46:10.0433 0x1700 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:46:10.0436 0x1700 HidBatt - ok
15:46:10.0458 0x1700 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:46:10.0461 0x1700 HidBth - ok
15:46:10.0481 0x1700 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:46:10.0483 0x1700 HidIr - ok
15:46:10.0508 0x1700 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
15:46:10.0511 0x1700 hidserv - ok
15:46:10.0553 0x1700 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:46:10.0556 0x1700 HidUsb - ok
15:46:10.0573 0x1700 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:46:10.0578 0x1700 hkmsvc - ok
15:46:10.0598 0x1700 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:46:10.0606 0x1700 HomeGroupListener - ok
15:46:10.0640 0x1700 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:46:10.0645 0x1700 HomeGroupProvider - ok
15:46:10.0660 0x1700 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:46:10.0668 0x1700 HpSAMD - ok
15:46:10.0700 0x1700 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:46:10.0723 0x1700 HTTP - ok
15:46:10.0750 0x1700 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:46:10.0753 0x1700 hwpolicy - ok
15:46:10.0773 0x1700 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:46:10.0778 0x1700 i8042prt - ok
15:46:10.0820 0x1700 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:46:10.0833 0x1700 iaStor - ok
15:46:10.0903 0x1700 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:46:10.0910 0x1700 IAStorDataMgrSvc - ok
15:46:10.0970 0x1700 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:46:11.0005 0x1700 iaStorV - ok
15:46:11.0063 0x1700 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:46:11.0088 0x1700 idsvc - ok
15:46:11.0105 0x1700 IEEtwCollectorService - ok
15:46:11.0655 0x1700 [ 0638D16029B1C800908D965AC78970C7, C88F026D04B8FD351F397103478E013450F302DA072ACA92C8C822F6654BD0B3 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:46:12.0157 0x1700 igfx - ok
15:46:12.0203 0x1700 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:46:12.0211 0x1700 iirsp - ok
15:46:12.0286 0x1700 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:46:12.0308 0x1700 IKEEXT - ok
15:46:12.0432 0x1700 [ ABA41EE6F5EEFC034F3BBD025506B37E, 06751C79C4390555292FAB994B7D4CB8B55DDF0846D0CC8900215A65758332EC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:46:12.0540 0x1700 IntcAzAudAddService - ok
15:46:12.0587 0x1700 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:46:12.0597 0x1700 IntcDAud - ok
15:46:12.0642 0x1700 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:46:13.0695 0x1700 Intel(R) Capability Licensing Service Interface - ok
15:46:13.0732 0x1700 [ F46458404BA3728430ACB7EC1E371E59, 1C5A68BFBBAD7FB426A30D6AC151B6C41CE1ECB76A097A84B3A2B218311FF1B4 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
15:46:13.0735 0x1700 Intel(R) ME Service - ok

 

[Misairo]

15:46:13.0765 0x1700 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:46:13.0772 0x1700 intelide - ok
15:46:13.0807 0x1700 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:46:13.0810 0x1700 intelppm - ok
15:46:13.0890 0x1700 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:46:13.0897 0x1700 IPBusEnum - ok
15:46:13.0920 0x1700 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:46:13.0925 0x1700 IpFilterDriver - ok
15:46:13.0960 0x1700 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:46:13.0975 0x1700 iphlpsvc - ok
15:46:14.0012 0x1700 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:46:14.0015 0x1700 IPMIDRV - ok
15:46:14.0052 0x1700 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:46:14.0057 0x1700 IPNAT - ok
15:46:14.0122 0x1700 [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:46:14.0140 0x1700 iPod Service - ok
15:46:14.0169 0x1700 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:46:14.0172 0x1700 IRENUM - ok
15:46:14.0182 0x1700 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:46:14.0184 0x1700 isapnp - ok
15:46:14.0219 0x1700 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:46:14.0227 0x1700 iScsiPrt - ok
15:46:14.0244 0x1700 [ 8E4577C6E0D3114170509159DE658907, 2FC7F96766537716503AB1BAD7EBDB2F16F3CE1584AF4261D57C6A4E00E1A417 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
15:46:14.0247 0x1700 iusb3hcs - ok
15:46:14.0272 0x1700 [ FE76346E9B57DA575BD1B3BD0CCAD7FF, 8961A08326F66E9FDF63912797C605FEEC23F9B0453D132AB6897DA98BC9AEAB ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
15:46:14.0282 0x1700 iusb3hub - ok
15:46:14.0362 0x1700 [ 1008CD90DA2198FFD250298DEB9DF160, 2CBA5FF2369861E8F8A55799AFFFC8E5B331A8BD17B559641E87A4C6C0D70206 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
15:46:14.0384 0x1700 iusb3xhc - ok
15:46:14.0416 0x1700 [ 468F7516B4030603BA9D1427CCEACDF9, 939A0DF80F5E1B63A5B4703971F22E6FC079CC2135BA229DB88CB0425A2903BB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:46:14.0421 0x1700 jhi_service - ok
15:46:14.0436 0x1700 JRSKD24 - ok
15:46:14.0511 0x1700 [ FF349AFA241F4AE0F6C37F5E8803BFAC, 35576A55E3B47257B79092E22130F846C306F80797CA60E722319E0E32EE0A51 ] JRSUKD25 C:\Windows\system32\JRSUKD25.SYS
15:46:14.0514 0x1700 JRSUKD25 - ok
15:46:14.0531 0x1700 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:46:14.0534 0x1700 kbdclass - ok
15:46:14.0551 0x1700 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:46:14.0561 0x1700 kbdhid - ok
15:46:14.0590 0x1700 [ B2023B8C0ACA7A4FF75A69E877DFB2D4, D8628B1C2B9103F80447B28082D7E59AAB1D763C740AB9C4A5269B49651A300B ] kcrtx64 C:\Windows\system32\kcrtx64.sys
15:46:14.0596 0x1700 kcrtx64 - ok
15:46:14.0631 0x1700 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
15:46:14.0633 0x1700 KeyIso - ok
15:46:14.0668 0x1700 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:46:14.0673 0x1700 KSecDD - ok
15:46:14.0696 0x1700 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:46:14.0703 0x1700 KSecPkg - ok
15:46:14.0713 0x1700 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:46:14.0716 0x1700 ksthunk - ok
15:46:14.0756 0x1700 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:46:14.0768 0x1700 KtmRm - ok
15:46:14.0791 0x1700 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:46:14.0798 0x1700 LanmanServer - ok
15:46:14.0838 0x1700 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:46:14.0846 0x1700 LanmanWorkstation - ok
15:46:14.0883 0x1700 [ 6BB516A31DE232DAB436FF3A117E1E80, 1B91633C9D2FDD27B1712557E95D5642973105F0161D57E074A0601B666F1221 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:46:14.0891 0x1700 Live Updater Service - ok
15:46:14.0918 0x1700 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:46:14.0921 0x1700 lltdio - ok
15:46:14.0971 0x1700 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:46:14.0981 0x1700 lltdsvc - ok
15:46:15.0020 0x1700 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:46:15.0023 0x1700 lmhosts - ok
15:46:15.0048 0x1700 [ B114B200CCDEBC7EBD8EF5D783819386, BB717C97EB058D01F34A08AE64265FBF13580404184624EA2249ACBCFC163F76 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:46:15.0058 0x1700 LMS - ok
15:46:15.0105 0x1700 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:46:15.0108 0x1700 LSI_FC - ok
15:46:15.0130 0x1700 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:46:15.0135 0x1700 LSI_SAS - ok
15:46:15.0153 0x1700 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:46:15.0158 0x1700 LSI_SAS2 - ok
15:46:15.0180 0x1700 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:46:15.0183 0x1700 LSI_SCSI - ok
15:46:15.0218 0x1700 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:46:15.0223 0x1700 luafv - ok
15:46:15.0245 0x1700 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:46:15.0253 0x1700 Mcx2Svc - ok
15:46:15.0284 0x1700 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:46:15.0288 0x1700 megasas - ok
15:46:15.0330 0x1700 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:46:15.0340 0x1700 MegaSR - ok
15:46:15.0367 0x1700 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:46:15.0370 0x1700 MEIx64 - ok
15:46:15.0442 0x1700 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:46:15.0447 0x1700 Microsoft Office Groove Audit Service - ok
15:46:15.0467 0x1700 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:46:15.0475 0x1700 MMCSS - ok
15:46:15.0490 0x1700 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:46:15.0492 0x1700 Modem - ok
15:46:15.0510 0x1700 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:46:15.0512 0x1700 monitor - ok
15:46:15.0522 0x1700 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:46:15.0525 0x1700 mouclass - ok
15:46:15.0562 0x1700 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:46:15.0565 0x1700 mouhid - ok
15:46:15.0582 0x1700 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:46:15.0602 0x1700 mountmgr - ok
15:46:15.0678 0x1700 [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:46:15.0688 0x1700 MpFilter - ok
15:46:15.0713 0x1700 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:46:15.0718 0x1700 mpio - ok
15:46:15.0838 0x1700 [ 6DDB2BEFF00EA756FF0F65132330D4F4, A50749C3FDB57B686F91109CC55DF05300A6DF224B58649CE514506D074EADC9 ] MpKsl7c95812c c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{811ABD22-602C-4684-9FFE-699C19A0E43F}\MpKsl7c95812c.sys
15:46:15.0840 0x1700 MpKsl7c95812c - ok
15:46:15.0858 0x1700 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:46:15.0863 0x1700 mpsdrv - ok
15:46:15.0908 0x1700 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:46:15.0928 0x1700 MpsSvc - ok
15:46:15.0975 0x1700 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:46:15.0980 0x1700 MRxDAV - ok
15:46:16.0003 0x1700 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:46:16.0011 0x1700 mrxsmb - ok
15:46:16.0033 0x1700 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:46:16.0045 0x1700 mrxsmb10 - ok
15:46:16.0060 0x1700 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:46:16.0065 0x1700 mrxsmb20 - ok
15:46:16.0126 0x1700 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:46:16.0132 0x1700 msahci - ok
15:46:16.0162 0x1700 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:46:16.0169 0x1700 msdsm - ok
15:46:16.0191 0x1700 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:46:16.0199 0x1700 MSDTC - ok
15:46:16.0226 0x1700 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:46:16.0231 0x1700 Msfs - ok
15:46:16.0246 0x1700 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:46:16.0264 0x1700 mshidkmdf - ok
15:46:16.0281 0x1700 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:46:16.0290 0x1700 msisadrv - ok
15:46:16.0318 0x1700 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:46:16.0328 0x1700 MSiSCSI - ok
15:46:16.0336 0x1700 msiserver - ok
15:46:16.0366 0x1700 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:46:16.0370 0x1700 MSKSSRV - ok
15:46:16.0420 0x1700 [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:46:16.0421 0x1700 MsMpSvc - ok
15:46:16.0435 0x1700 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:46:16.0440 0x1700 MSPCLOCK - ok
15:46:16.0455 0x1700 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:46:16.0458 0x1700 MSPQM - ok
15:46:16.0488 0x1700 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:46:16.0503 0x1700 MsRPC - ok
15:46:16.0523 0x1700 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:46:16.0523 0x1700 mssmbios - ok
15:46:16.0540 0x1700 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:46:16.0548 0x1700 MSTEE - ok
15:46:16.0563 0x1700 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:46:16.0570 0x1700 MTConfig - ok
15:46:16.0588 0x1700 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:46:16.0593 0x1700 Mup - ok
15:46:16.0600 0x1700 [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:46:16.0603 0x1700 mwlPSDFilter - ok
15:46:16.0610 0x1700 [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:46:16.0613 0x1700 mwlPSDNServ - ok
15:46:16.0648 0x1700 [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:46:16.0650 0x1700 mwlPSDVDisk - ok
15:46:16.0655 0x1700 MySQL56 - ok
15:46:16.0688 0x1700 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:46:16.0700 0x1700 napagent - ok
15:46:16.0745 0x1700 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:46:16.0753 0x1700 NativeWifiP - ok
15:46:16.0815 0x1700 [ 7F79DA9E719D0774BDBC3622ABD3AFD9, BA45D9D5C983D85999BF18C6D7F985A8D2E2CA5B2A86FF2B8B0928565E789D61 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:46:16.0838 0x1700 NAUpdate - ok
15:46:16.0896 0x1700 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:46:16.0921 0x1700 NDIS - ok
15:46:16.0955 0x1700 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:46:16.0957 0x1700 NdisCap - ok
15:46:16.0980 0x1700 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:46:16.0985 0x1700 NdisTapi - ok
15:46:17.0006 0x1700 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:46:17.0010 0x1700 Ndisuio - ok
15:46:17.0029 0x1700 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:46:17.0039 0x1700 NdisWan - ok
15:46:17.0072 0x1700 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:46:17.0092 0x1700 NDProxy - ok
15:46:17.0112 0x1700 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:46:17.0117 0x1700 NetBIOS - ok
15:46:17.0137 0x1700 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:46:17.0144 0x1700 NetBT - ok
15:46:17.0162 0x1700 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
15:46:17.0164 0x1700 Netlogon - ok
15:46:17.0199 0x1700 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:46:17.0214 0x1700 Netman - ok
15:46:17.0292 0x1700 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:17.0322 0x1700 NetMsmqActivator - ok
15:46:17.0329 0x1700 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:17.0334 0x1700 NetPipeActivator - ok
15:46:17.0354 0x1700 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:46:17.0369 0x1700 netprofm - ok
15:46:17.0489 0x1700 [ AF5F224A600F50B7D2B77F4AE59C1ABE, 73FDAE8E630BB6BF2C4D92CB80E477914D489482D9DF0B1F932025C9DDFF0C57 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
15:46:17.0538 0x1700 netr28x - ok
15:46:17.0548 0x1700 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:17.0552 0x1700 NetTcpActivator - ok
15:46:17.0602 0x1700 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:46:17.0606 0x1700 NetTcpPortSharing - ok
15:46:17.0826 0x1700 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
15:46:18.0332 0x1700 netw5v64 - ok
15:46:18.0372 0x1700 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:46:18.0377 0x1700 nfrd960 - ok
15:46:18.0429 0x1700 [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:46:18.0434 0x1700 NisDrv - ok
15:46:18.0474 0x1700 [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:46:18.0504 0x1700 NisSrv - ok
15:46:18.0537 0x1700 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:46:18.0544 0x1700 NlaSvc - ok
15:46:18.0597 0x1700 [ A328A46D87BB92CE4D8A4528E9D84787, D3245ED700151111592BA82FB675B284DA7FCE52B07A7F68352F64A402CAB37C ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
15:46:18.0669 0x1700 NMIndexingService - ok
15:46:18.0711 0x1700 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:46:18.0716 0x1700 Npfs - ok
15:46:18.0751 0x1700 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:46:18.0756 0x1700 nsi - ok
15:46:18.0791 0x1700 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:46:18.0796 0x1700 nsiproxy - ok
15:46:18.0894 0x1700 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:46:18.0943 0x1700 Ntfs - ok
15:46:18.0973 0x1700 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:46:18.0976 0x1700 Null - ok
15:46:18.0996 0x1700 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:46:19.0003 0x1700 nvraid - ok
15:46:19.0096 0x1700 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:46:19.0103 0x1700 nvstor - ok
15:46:19.0216 0x1700 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:46:19.0226 0x1700 nv_agp - ok
15:46:19.0303 0x1700 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:46:19.0358 0x1700 odserv - ok
15:46:19.0378 0x1700 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:46:19.0383 0x1700 ohci1394 - ok
15:46:19.0400 0x1700 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:46:19.0443 0x1700 ose - ok
15:46:19.0583 0x1700 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:46:19.0595 0x1700 p2pimsvc - ok
15:46:19.0789 0x1700 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:46:19.0801 0x1700 p2psvc - ok
15:46:19.0824 0x1700 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:46:19.0829 0x1700 Parport - ok
15:46:19.0861 0x1700 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:46:19.0866 0x1700 partmgr - ok
15:46:19.0884 0x1700 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
15:46:19.0889 0x1700 PcaSvc - ok
15:46:19.0909 0x1700 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:46:19.0914 0x1700 pci - ok
15:46:19.0949 0x1700 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:46:19.0954 0x1700 pciide - ok
15:46:19.0974 0x1700 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:46:19.0984 0x1700 pcmcia - ok
15:46:20.0006 0x1700 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:46:20.0014 0x1700 pcw - ok
15:46:20.0061 0x1700 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:46:20.0084 0x1700 PEAUTH - ok
15:46:20.0203 0x1700 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:46:20.0208 0x1700 PerfHost - ok
15:46:20.0281 0x1700 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:46:20.0334 0x1700 pla - ok
15:46:20.0433 0x1700 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:46:20.0453 0x1700 PlugPlay - ok
15:46:20.0480 0x1700 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:46:20.0487 0x1700 PNRPAutoReg - ok
15:46:20.0520 0x1700 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:46:20.0536 0x1700 PNRPsvc - ok
15:46:20.0582 0x1700 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:46:20.0602 0x1700 PolicyAgent - ok
15:46:20.0635 0x1700 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:46:20.0640 0x1700 Power - ok
15:46:20.0657 0x1700 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:46:20.0662 0x1700 PptpMiniport - ok
15:46:20.0685 0x1700 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:46:20.0692 0x1700 Processor - ok
15:46:20.0740 0x1700 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
15:46:20.0747 0x1700 ProfSvc - ok
15:46:20.0767 0x1700 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
15:46:20.0770 0x1700 ProtectedStorage - ok
15:46:20.0787 0x1700 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:46:20.0792 0x1700 Psched - ok
15:46:20.0850 0x1700 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:46:20.0920 0x1700 ql2300 - ok
15:46:20.0982 0x1700 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:46:20.0992 0x1700 ql40xx - ok
15:46:21.0141 0x1700 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:46:21.0151 0x1700 QWAVE - ok
15:46:21.0166 0x1700 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:46:21.0176 0x1700 QWAVEdrv - ok
15:46:21.0194 0x1700 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:46:21.0196 0x1700 RasAcd - ok
15:46:21.0214 0x1700 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:46:21.0216 0x1700 RasAgileVpn - ok
15:46:21.0231 0x1700 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:46:21.0239 0x1700 RasAuto - ok
15:46:21.0256 0x1700 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:46:21.0264 0x1700 Rasl2tp - ok
15:46:21.0286 0x1700 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:46:21.0299 0x1700 RasMan - ok
15:46:21.0316 0x1700 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:46:21.0324 0x1700 RasPppoe - ok
15:46:21.0341 0x1700 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:46:21.0346 0x1700 RasSstp - ok
15:46:21.0374 0x1700 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:46:21.0384 0x1700 rdbss - ok
15:46:21.0394 0x1700 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:46:21.0399 0x1700 rdpbus - ok
15:46:21.0416 0x1700 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:46:21.0421 0x1700 RDPCDD - ok
15:46:21.0436 0x1700 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:46:21.0441 0x1700 RDPENCDD - ok
15:46:21.0459 0x1700 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:46:21.0469 0x1700 RDPREFMP - ok
15:46:21.0499 0x1700 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:46:21.0504 0x1700 RDPWD - ok
15:46:21.0524 0x1700 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:46:21.0531 0x1700 rdyboost - ok
15:46:21.0569 0x1700 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:46:21.0576 0x1700 RemoteRegistry - ok
15:46:21.0596 0x1700 [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:46:21.0616 0x1700 RimUsb - ok
15:46:21.0631 0x1700 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:46:21.0639 0x1700 RpcEptMapper - ok
15:46:21.0669 0x1700 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:46:21.0686 0x1700 RpcLocator - ok
15:46:21.0733 0x1700 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:46:21.0748 0x1700 RpcSs - ok
15:46:21.0766 0x1700 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:46:21.0770 0x1700 rspndr - ok
15:46:21.0783 0x1700 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
15:46:21.0790 0x1700 SamSs - ok
15:46:21.0805 0x1700 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:46:21.0813 0x1700 sbp2port - ok
15:46:21.0848 0x1700 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:46:21.0855 0x1700 SCardSvr - ok
15:46:21.0873 0x1700 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:46:21.0878 0x1700 scfilter - ok
15:46:21.0927 0x1700 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
15:46:22.0001 0x1700 Schedule - ok
15:46:22.0020 0x1700 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:46:22.0025 0x1700 SCPolicySvc - ok
15:46:22.0050 0x1700 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:46:22.0057 0x1700 SDRSVC - ok
15:46:22.0082 0x1700 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:46:22.0087 0x1700 secdrv - ok
15:46:22.0102 0x1700 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:46:22.0125 0x1700 seclogon - ok
15:46:22.0149 0x1700 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
15:46:22.0153 0x1700 SENS - ok
15:46:22.0167 0x1700 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:46:22.0176 0x1700 SensrSvc - ok
15:46:22.0195 0x1700 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
15:46:22.0198 0x1700 Serenum - ok
15:46:22.0209 0x1700 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
15:46:22.0214 0x1700 Serial - ok
15:46:22.0227 0x1700 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:46:22.0232 0x1700 sermouse - ok
15:46:22.0274 0x1700 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:46:22.0282 0x1700 SessionEnv - ok
15:46:22.0304 0x1700 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:46:22.0309 0x1700 sffdisk - ok
15:46:22.0337 0x1700 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:46:22.0347 0x1700 sffp_mmc - ok
15:46:22.0359 0x1700 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:46:22.0362 0x1700 sffp_sd - ok
15:46:22.0394 0x1700 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:46:22.0402 0x1700 sfloppy - ok
15:46:22.0482 0x1700 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:46:22.0494 0x1700 SharedAccess - ok
15:46:22.0532 0x1700 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:46:22.0544 0x1700 ShellHWDetection - ok
15:46:22.0557 0x1700 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:46:22.0564 0x1700 SiSRaid2 - ok
15:46:22.0584 0x1700 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:46:22.0589 0x1700 SiSRaid4 - ok
15:46:22.0667 0x1700 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:46:22.0670 0x1700 SkypeUpdate - ok
15:46:22.0690 0x1700 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:46:22.0697 0x1700 Smb - ok
15:46:22.0715 0x1700 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:46:22.0717 0x1700 SNMPTRAP - ok
15:46:22.0727 0x1700 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:46:22.0732 0x1700 spldr - ok
15:46:22.0785 0x1700 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:46:22.0802 0x1700 Spooler - ok
15:46:23.0631 0x1700 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:46:23.0751 0x1700 sppsvc - ok
15:46:23.0791 0x1700 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:46:23.0796 0x1700 sppuinotify - ok
15:46:23.0829 0x1700 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:46:23.0844 0x1700 srv - ok
15:46:23.0881 0x1700 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:46:23.0894 0x1700 srv2 - ok
15:46:23.0924 0x1700 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:46:23.0929 0x1700 srvnet - ok
15:46:23.0969 0x1700 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:46:23.0976 0x1700 SSDPSRV - ok
15:46:23.0999 0x1700 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:46:24.0024 0x1700 SstpSvc - ok
15:46:24.0046 0x1700 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:46:24.0054 0x1700 stexstor - ok

 

[Misairo]

15:46:24.0091 0x1700 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:46:24.0116 0x1700 stisvc - ok
15:46:24.0138 0x1700 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
15:46:24.0161 0x1700 swenum - ok
15:46:24.0191 0x1700 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:46:24.0208 0x1700 swprv - ok
15:46:24.0278 0x1700 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
15:46:24.0368 0x1700 SysMain - ok
15:46:24.0385 0x1700 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:46:24.0413 0x1700 TabletInputService - ok
15:46:24.0440 0x1700 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:46:24.0453 0x1700 TapiSrv - ok
15:46:24.0495 0x1700 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:46:24.0500 0x1700 TBS - ok
15:46:24.0640 0x1700 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:46:24.0707 0x1700 Tcpip - ok
15:46:24.0767 0x1700 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:46:24.0820 0x1700 TCPIP6 - ok
15:46:24.0857 0x1700 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:46:24.0862 0x1700 tcpipreg - ok
15:46:24.0887 0x1700 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:46:24.0892 0x1700 TDPIPE - ok
15:46:24.0930 0x1700 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:46:24.0932 0x1700 TDTCP - ok
15:46:24.0952 0x1700 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:46:24.0960 0x1700 tdx - ok
15:46:24.0975 0x1700 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
15:46:24.0980 0x1700 TermDD - ok
15:46:25.0039 0x1700 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
15:46:25.0067 0x1700 TermService - ok
15:46:25.0102 0x1700 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:46:25.0107 0x1700 Themes - ok
15:46:25.0134 0x1700 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:46:25.0137 0x1700 THREADORDER - ok
15:46:25.0152 0x1700 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:46:25.0162 0x1700 TrkWks - ok
15:46:25.0207 0x1700 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:46:25.0264 0x1700 TrustedInstaller - ok
15:46:25.0309 0x1700 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:46:25.0314 0x1700 tssecsrv - ok
15:46:25.0329 0x1700 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:46:25.0334 0x1700 TsUsbFlt - ok
15:46:25.0344 0x1700 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:46:25.0347 0x1700 TsUsbGD - ok
15:46:25.0379 0x1700 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:46:25.0382 0x1700 tunnel - ok
15:46:25.0392 0x1700 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:46:25.0397 0x1700 uagp35 - ok
15:46:25.0419 0x1700 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:46:25.0432 0x1700 udfs - ok
15:46:25.0459 0x1700 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:46:25.0464 0x1700 UI0Detect - ok
15:46:25.0484 0x1700 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:46:25.0489 0x1700 uliagpkx - ok
15:46:25.0502 0x1700 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:46:25.0509 0x1700 umbus - ok
15:46:25.0542 0x1700 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:46:25.0547 0x1700 UmPass - ok
15:46:25.0637 0x1700 [ 6617E7CC9DC6729A11BFF54C47CEA7D0, 637DC1E3F18DF40592ED7E16979097E4A4F3E9F735B9CA3E6DB139DED898BB8B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:46:25.0663 0x1700 UNS - ok
15:46:25.0728 0x1700 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:46:25.0760 0x1700 upnphost - ok
15:46:25.0823 0x1700 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:46:25.0853 0x1700 USBAAPL64 - ok
15:46:25.0890 0x1700 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:46:25.0898 0x1700 usbaudio - ok
15:46:25.0930 0x1700 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:46:25.0935 0x1700 usbccgp - ok
15:46:25.0973 0x1700 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:46:25.0978 0x1700 usbcir - ok
15:46:26.0013 0x1700 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:46:26.0025 0x1700 usbehci - ok
15:46:26.0048 0x1700 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:46:26.0060 0x1700 usbhub - ok
15:46:26.0107 0x1700 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:46:26.0112 0x1700 usbohci - ok
15:46:26.0127 0x1700 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:46:26.0135 0x1700 usbprint - ok
15:46:26.0160 0x1700 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:46:26.0170 0x1700 USBSTOR - ok
15:46:26.0187 0x1700 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:46:26.0187 0x1700 usbuhci - ok
15:46:26.0260 0x1700 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:46:26.0270 0x1700 UxSms - ok
15:46:26.0277 0x1700 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
15:46:26.0282 0x1700 VaultSvc - ok
15:46:26.0290 0x1700 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:46:26.0295 0x1700 vdrvroot - ok
15:46:26.0327 0x1700 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:46:26.0347 0x1700 vds - ok
15:46:26.0362 0x1700 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:46:26.0367 0x1700 vga - ok
15:46:26.0385 0x1700 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:46:26.0390 0x1700 VgaSave - ok
15:46:26.0450 0x1700 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:46:26.0462 0x1700 vhdmp - ok
15:46:26.0500 0x1700 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:46:26.0502 0x1700 viaide - ok
15:46:26.0549 0x1700 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:46:26.0557 0x1700 volmgr - ok
15:46:26.0592 0x1700 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:46:26.0617 0x1700 volmgrx - ok
15:46:26.0659 0x1700 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:46:26.0666 0x1700 volsnap - ok
15:46:26.0684 0x1700 [ 84F6C2F896C288A0DF489EF52E095EA0, A992BE457D18A87B70A8CC577A674243F97BFDA4BC34416549861F9301084675 ] voxaldriver C:\Windows\system32\DRIVERS\voxaldriverx64.sys
15:46:26.0689 0x1700 voxaldriver - ok
15:46:26.0719 0x1700 [ B5BCA2429658C9CDB16900AA358030CE, 02F2B705D7A1F2FEF00E1307EE0E4A5CBA9D37F07A33273CD9C818711F6E0F2B ] VRVD302 C:\Windows\system32\DRIVERS\VRVD302.sys
15:46:26.0721 0x1700 VRVD302 - ok
15:46:26.0739 0x1700 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:46:26.0744 0x1700 vsmraid - ok
15:46:26.0809 0x1700 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:46:26.0866 0x1700 VSS - ok
15:46:26.0884 0x1700 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:46:26.0886 0x1700 vwifibus - ok
15:46:26.0899 0x1700 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:46:26.0906 0x1700 vwififlt - ok
15:46:26.0929 0x1700 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:46:26.0944 0x1700 W32Time - ok
15:46:26.0954 0x1700 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:46:26.0956 0x1700 WacomPen - ok
15:46:26.0986 0x1700 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:46:26.0999 0x1700 WANARP - ok
15:46:27.0009 0x1700 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:46:27.0011 0x1700 Wanarpv6 - ok
15:46:27.0101 0x1700 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:46:27.0146 0x1700 WatAdminSvc - ok
15:46:27.0241 0x1700 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:46:27.0286 0x1700 wbengine - ok
15:46:27.0321 0x1700 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:46:27.0328 0x1700 WbioSrvc - ok
15:46:27.0361 0x1700 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:46:27.0373 0x1700 wcncsvc - ok
15:46:27.0401 0x1700 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:46:27.0403 0x1700 WcsPlugInService - ok
15:46:27.0423 0x1700 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:46:27.0428 0x1700 Wd - ok
15:46:27.0516 0x1700 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:46:27.0588 0x1700 Wdf01000 - ok
15:46:27.0626 0x1700 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:46:27.0628 0x1700 WdiServiceHost - ok
15:46:27.0638 0x1700 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:46:27.0643 0x1700 WdiSystemHost - ok
15:46:27.0797 0x1700 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
15:46:27.0807 0x1700 WebClient - ok
15:46:27.0829 0x1700 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:46:27.0839 0x1700 Wecsvc - ok
15:46:27.0854 0x1700 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:46:27.0859 0x1700 wercplsupport - ok
15:46:27.0877 0x1700 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:46:27.0884 0x1700 WerSvc - ok
15:46:27.0894 0x1700 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:46:27.0897 0x1700 WfpLwf - ok
15:46:27.0912 0x1700 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:46:27.0914 0x1700 WIMMount - ok
15:46:27.0932 0x1700 WinDefend - ok
15:46:27.0944 0x1700 WinHttpAutoProxySvc - ok
15:46:28.0002 0x1700 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:46:28.0062 0x1700 Winmgmt - ok
15:46:28.0159 0x1700 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
15:46:28.0242 0x1700 WinRM - ok
15:46:28.0272 0x1700 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:46:28.0274 0x1700 WinUsb - ok
15:46:28.0322 0x1700 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:46:28.0351 0x1700 Wlansvc - ok
15:46:28.0391 0x1700 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe
15:46:28.0414 0x1700 wlcrasvc - ok
15:46:28.0543 0x1700 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:46:28.0648 0x1700 wlidsvc - ok
15:46:28.0691 0x1700 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:46:28.0693 0x1700 WmiAcpi - ok
15:46:28.0723 0x1700 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:46:28.0783 0x1700 wmiApSrv - ok
15:46:28.0798 0x1700 WMPNetworkSvc - ok
15:46:28.0816 0x1700 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:46:28.0856 0x1700 WPCSvc - ok
15:46:28.0881 0x1700 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:46:28.0888 0x1700 WPDBusEnum - ok
15:46:28.0906 0x1700 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:46:28.0913 0x1700 ws2ifsl - ok
15:46:28.0956 0x1700 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
15:46:28.0961 0x1700 wscsvc - ok
15:46:28.0968 0x1700 WSearch - ok
15:46:29.0130 0x1700 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
15:46:29.0216 0x1700 wuauserv - ok
15:46:29.0249 0x1700 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:46:29.0254 0x1700 WudfPf - ok
15:46:29.0277 0x1700 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:46:29.0287 0x1700 WUDFRd - ok
15:46:29.0309 0x1700 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:46:29.0315 0x1700 wudfsvc - ok
15:46:29.0354 0x1700 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:46:29.0364 0x1700 WwanSvc - ok
15:46:29.0391 0x1700 ================ Scan global ===============================
15:46:29.0456 0x1700 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:46:29.0511 0x1700 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:46:29.0528 0x1700 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:46:29.0553 0x1700 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:46:29.0601 0x1700 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:46:29.0611 0x1700 [ Global ] - ok
15:46:29.0613 0x1700 ================ Scan MBR ==================================
15:46:29.0626 0x1700 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:46:29.0863 0x1700 \Device\Harddisk0\DR0 - ok
15:46:29.0863 0x1700 ================ Scan VBR ==================================
15:46:29.0891 0x1700 [ CC86B34635F069F77BCC6D29C13B0C83 ] \Device\Harddisk0\DR0\Partition1
15:46:29.0916 0x1700 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
15:46:29.0916 0x1700 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
15:46:32.0788 0x1700 [ DDEAFDDF5B9351C18C6A5A4A390DF659 ] \Device\Harddisk0\DR0\Partition2
15:46:32.0816 0x1700 \Device\Harddisk0\DR0\Partition2 - ok
15:46:32.0816 0x1700 Waiting for KSN requests completion. In queue: 32
15:46:33.0816 0x1700 Waiting for KSN requests completion. In queue: 32
15:46:35.0486 0x1700 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
15:46:35.0511 0x1700 AV detected via SS2: 알약, C:\Program Files\ESTsoft\ALYac\AYRunSC.exe ( 2.5.1.3 ), 0x41000 ( enabled : updated )
15:46:35.0676 0x1700 Win FW state via NFP2: enabled
15:46:38.0543 0x1700 ============================================================
15:46:38.0543 0x1700 Scan finished
15:46:38.0543 0x1700 ============================================================
15:46:38.0560 0x1ed4 Detected object count: 1
15:46:38.0560 0x1ed4 Actual detected object count: 1
15:46:48.0758 0x1ed4 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
15:46:49.0415 0x1ed4 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
15:46:49.0443 0x1ed4 \Device\Harddisk0\DR0\Partition1 - ok
15:46:49.0443 0x1ed4 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
15:46:49.0715 0x1ed4 KLMD registered as C:\Windows\system32\drivers\63580879.sys
15:47:17.0656 0x0408 Deinitialize success

 

[Broni]

Good

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

 

[Misairo]

Hi Broni! Thanks for the first link, my computer works fine now, and I couldnt say thanks enough!

 

[Broni]

This is not how things work around here.
You were infected with a rootkit so we need to run more tools to make sure your computer is totally clean.
As I stated at the very beginning:

• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.

Please follow my previous reply.

 

[Broni]

Still with me?

 

[Misairo]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.05.01.12
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17105
User :: USER-PC [administrator]
11/05/2014 1:22:11 AM
mbam-log-2014-05-11 (01-22-11).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 258438
Time elapsed: 10 minute(s), 11 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

 

[Misairo]

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041
Run by User at 1:32:47 on 2014-05-11
Microsoft Windows 7 Home Premium 6.1.7601.1.949.82.1033.18.6021.3690 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: 알약 *Enabled/Updated* {C3A632BD-BAFF-A4B2-F1E3-F1E89581CC8B}
SP: 알약 *Enabled/Updated* {78C7D359-9CC5-AB3C-CB53-CA9AEE068636}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye
C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ESTsoft\ALYac\AYAgent.aye
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\User\AppData\Roaming\Curse Client\Bin\Curse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Nexon\MapleStory\MapleStory.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_13_0_0_206_ActiveX.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\EgisTec IPS\PMMUpdate.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Windows\notepad.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mStart Page = hxxp://www.google.com
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: F12 Developer Tools: {28BCCB9A-E66B-463C-82A4-09F320DE94D7} - C:\Program Files (x86)\Internet Explorer\F12Tools.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\User\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Curse.lnk - C:\Users\User\AppData\Roaming\Curse Client\Bin\Curse.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {0FA97F46-8BCD-456F-89C4-9845133DEE94} - hxxp://bank.keb.co.kr/activex/I3G/I3GManager.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1CD4FAEE-09F6-4B77-8A49-EF2A9EBC8D46} - hxxp://203.234.132.15/cab/rsupctrl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {477D5B9A-6479-44F8-9718-9340119B0308} - hxxp://bank.keb.co.kr/veraport/down/veraport20.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {6CE20149-ABE3-462E-A1B4-5B549971AA38} - C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\APZ0OS42\TouchEnKey_Installer_32bit_3.1.0.21_allkill.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {967386A1-409E-431A-A93A-FB5FEFF86A58} - hxxp://bank.keb.co.kr/veraport/veraport.cab
DPF: {99C709C7-4F58-46C1-855B-90213C760395} - hxxps://v3d.kcp.co.kr/file/kcp_ansimclick.cab
DPF: {B0A75875-3622-48BA-B5FF-45AD77AC2D0E} - hxxps://download.auction.co.kr/activexpay/20130916/BankPayEFT.cab
DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab
DPF: {E42F7FEB-DE20-43F4-A342-47F1DA77F667} - hxxps://pgdownload.uplus.co.kr/lguplus/XPayPlugin_3.0.0.2.cab
DPF: {E78928A6-3D2A-4BF7-A100-F3FBAA351B49} - hxxps://www.vpay.co.kr/kvpfiles_new/KVPISPCTLD_VISTA64.cab
DPF: {F3FEAAF1-E1F6-4B30-80FA-42DE1F691AEE} - hxxp://www.inlive.co.kr/download/IDPlayer.cab
DPF: {F939FEB8-9518-4A4A-BE60-D10FFB9557F2} - hxxp://update.nprotect.net/netizenv55/bank/keb/npenkIEInstall5.cab
TCP: NameServer = 192.168.1.254 75.153.176.1
TCP: Interfaces\{00B74C16-FB3E-4466-8A0F-67ACC37DD759} : DHCPNameServer = 192.168.1.254 75.153.176.1
TCP: Interfaces\{809C35F4-9433-46AD-B0F0-1FE9BDCECCE3} : DHCPNameServer = 192.168.1.254 75.153.176.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-BHO: Freeven pro: {11111111-1111-1111-1111-110511421148} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: {EA34C851-D481-49F5-A356-3A8B0A8F3B7E} - <orphaned>
x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [ALYac] "C:\Program Files\ESTsoft\ALYac\AYLaunch.exe" /run
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-3-22 16152]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R1 EstRtwIFDrv;EstRtwIFDrv;C:\Windows\System32\drivers\EstRtw.sys [2012-12-17 265496]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2012-3-22 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2012-3-22 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2012-3-22 62776]
R2 ALYac_RTSrv;ALYac RealTime Service;C:\Program Files\ESTsoft\ALYac\AYRTSrv.aye [2012-11-6 539968]
R2 ALYac_UpdSrv;ALYac Update Service;C:\Program Files\ESTsoft\ALYac\AYUpdSrv.aye [2012-11-6 995136]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 133928]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-22 331264]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-3-22 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-3-22 786200]
R3 JRSUKD25;JRSUKD25;C:\Windows\System32\JRSUKD25.SYS [2013-11-1 20384]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-3-22 1014624]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 voxaldriver;Voxal Filter Driver 2.12.01;C:\Windows\System32\drivers\voxaldriverx64.sys [2014-1-1 33488]
R3 VRVD302;VRVD302;C:\Windows\System32\drivers\VRVD302.sys [2013-5-21 11808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MySQL56;MySQL56;"C:/Program Files/MySQL/MySQL Server 5.6/bin\mysqld" --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.6\my.ini" MySQL56 --> C:/Program Files/MySQL/MySQL Server 5.6/bin\mysqld [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 EstRtwIFDrvTemp;EstRtwIFDrvTemp;C:\Program Files\ESTsoft\ALYac\plugin\realtime\EstRtw.sys [2012-11-6 265496]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-29 111616]
S3 kcrtx64;kcrtx64;C:\Windows\System32\kcrtx64.sys [2012-11-25 141848]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-23 1255736]
S4 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424]
S4 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2012-2-29 28264]
S4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-10-12 13592]
S4 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
S4 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-10-12 128280]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-10-12 161560]
S4 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-3-22 255376]
S4 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-7-22 690472]
S4 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-12 363800]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .js: Applications\iexplore.exe="C:\Program Files\Internet Explorer\iexplore.exe" %1 [UserChoice]
ShellExec: Hwp.exe: print=C:\HNC\Hwp70\HwpPrnMng.exe /p "%1"
.
=============== Created Last 30 ================
.
2014-05-11 06:52:51 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BFA8EF40-13A9-4A0C-AB62-BA910ACE4C32}\mpengine.dll
2014-05-09 23:38:23 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-08 23:36:22 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{11DEDDB0-3A07-4A0B-923D-77ED03AA743C}\gapaengine.dll
2014-05-08 00:02:17 -------- d--h--w- C:\Windows\msdownld.tmp
2014-05-08 00:02:17 -------- d-----w- C:\Windows\SysWow64\directx
2014-05-08 00:00:58 -------- d-----w- C:\Users\User\AppData\Roaming\Curse Client
2014-05-08 00:00:47 -------- d-----w- C:\Users\User\AppData\Roaming\Curse
2014-05-06 10:00:12 -------- d-s---w- C:\Windows\System32\CompatTel
2014-05-06 06:39:53 465408 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-06 06:39:53 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-05 17:48:40 151048 ----a-w- C:\Windows\System32\CKAgent_t.exe
2014-05-05 17:48:38 151048 ----a-r- C:\Windows\SysWow64\CKAgent.exe
2014-05-05 17:48:38 151048 ----a-r- C:\Windows\SysWow64\CKAgent.dat
2014-05-04 18:08:27 -------- d-----w- C:\Users\User\AppData\Local\{E5D911E4-4721-442C-809E-3CE5A366FE2C}
2014-05-04 17:49:49 -------- d-----w- C:\Users\User\AppData\Roaming\NCH Software
2014-05-04 17:49:46 -------- d-----w- C:\Program Files (x86)\NCH Software
2014-05-03 10:00:13 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-03 10:00:13 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-02 22:46:48 -------- d-----w- C:\TDSSKiller_Quarantine
2014-05-02 02:15:40 -------- d-----w- C:\Windows\Microsoft Antimalware
2014-05-02 00:02:55 -------- d-----w- C:\Program Files\Adblock Plus for IE
2014-05-02 00:02:54 -------- d-----w- C:\ProgramData\Package Cache
2014-05-01 04:25:46 -------- d-----w- C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
2014-05-01 02:20:57 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2014-05-01 02:03:00 -------- d-sh--w- C:\$RECYCLE.BIN
2014-05-01 00:17:17 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C37E239-28B5-447A-9F1B-5D7E1E69C436}\offreg.dll
2014-05-01 00:08:34 -------- d-----w- C:\Windows\ERUNT
2014-04-29 20:29:47 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C37E239-28B5-447A-9F1B-5D7E1E69C436}\mpengine.dll
2014-04-29 19:03:21 -------- d-sh--w- C:\Users\User\AppData\Local\EmieUserList
2014-04-29 19:03:21 -------- d-sh--w- C:\Users\User\AppData\Local\EmieSiteList
2014-04-23 22:40:24 -------- d-----w- C:\Users\User\AppData\Local\Skype
2014-04-19 21:50:02 151048 ----a-r- C:\Windows\System32\CKAgent.exe
2014-04-19 21:11:36 58600 ----a-w- C:\Windows\SysWow64\I3Gescp.dll
2014-04-19 21:11:36 551552 ----a-w- C:\Windows\SysWow64\I3GManager.dll
2014-04-19 21:11:36 227968 ----a-w- C:\Windows\SysWow64\I3GEX.exe
2014-04-19 21:11:02 -------- d-----w- C:\Program Files (x86)\Wizvera
2014-04-18 03:21:57 -------- d-----w- C:\Users\User\AppData\Roaming\raidcall
2014-04-18 03:21:43 -------- d-----w- C:\Program Files (x86)\RaidCall
.
==================== Find3M ====================
.
2014-05-05 17:48:42 141848 ----a-w- C:\Windows\System32\kcrtx64.sys
2014-05-02 00:01:31 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-02 00:01:31 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-19 21:11:36 72272 ----a-w- C:\Windows\SysWow64\cosa.dll
2014-04-16 16:29:59 65536 ----a-w- C:\Windows\IFinst27.exe
2014-04-02 07:11:55 154312 ----a-w- C:\Windows\SysWow64\NpfwVt64.sys
2014-04-02 07:11:55 154312 ----a-w- C:\Windows\System32\NpfwVt64.sys
2014-04-02 07:11:55 133712 ----a-w- C:\Windows\SysWow64\NpfwVt.sys
2014-04-02 07:11:55 133712 ----a-w- C:\Windows\System32\NpfwVt.sys
2014-03-31 16:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-17 08:43:58 265496 ----a-w- C:\Windows\System32\drivers\EstRtw.sys
2014-03-17 08:43:58 21824 ----a-w- C:\Windows\System32\bootalyac.exe
2014-03-11 22:20:12 5765664 ----a-w- C:\Windows\SysWow64\ISPPopUpDlg.exe
2014-03-11 16:52:30 133928 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-03-07 23:17:44 708096 ----a-w- C:\Windows\SysWow64\INIcrypto20.dll
2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
.
============= FINISH: 1:33:37.04 ===============

 

[Broni]

You posted DDS.txt twice.
I still need Attach.txt log from DDS.

You're running two AV programs, MSE and ALYac (I believe).
You must uninstall one of them.

 

[Broni]

Still with me?

 

[Broni]

This topic is marked as abandoned and closed due to inactivity.

This member will NOT be eligible to receive any more help in malware removal forum.