Ukash virus simply won't go away - help pleeeaase

Page 2 of 3 FirstFirst 123 LastLast

  1. darrenj1471
    Posts : 75
    windows 7 64 bit
    Thread Starter
       New #11

    tried again ensuring no unrequired carriage returns and booted ....to the white screen of death

    Re entering safe mode and accessing fixlog shows even less. Just says:

    Run2
    Running from h:\
    =======================
    ====End of Fixlog====
      My Computer
    Quote Quote

  3. shawn77
    Posts : 143
    32 bit
       New #12

    Sorry ,edited the FIX,please run it again
      My Computer
    Quote Quote

  4. darrenj1471
    Posts : 75
    windows 7 64 bit
    Thread Starter
       New #13

    Hi
    Created new fixlist.txt file with the revised code, run frst64 again and run fix, output of log below:

    Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 28-08-2012
    Ran by SYSTEM at 2012-08-29 19:50:39 Run:3
    Running from H:\
    ==============================================
    HKEY_USERS\darren\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell Value deleted successfully.
    C:\Users\darren\AppData\Roaming\msconfig.ini moved successfully.
    ==== End of Fixlog ====


    I HAVE MY PC BACK !!! IT SEEMS FIXED , you are an absolute legend !! Do I need to do anything more ?
      My Computer
    Quote Quote

  6. shawn77
    Posts : 143
    32 bit
       New #14

    Please download aswMBR ( 511KB ) to your desktop.
    Double click the aswMBR.exe icon to run it[*]Click the Scan button to start the scan On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


    Please download TDSSKiller.zip and and extract it.

    • Run TDSSKiller.exe.
    • Click on Change Parameters
    • Put a check in the box of Detect TDLFS file system
    • Click Start scan.
    • When it is finished the utility outputs a list of detected objects with description.
      The utility automatically selects an action (Cure or Delete) for malicious objects.
      The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
    • Let reboot if needed and tell me if the tool needed a reboot.
    • Click on Report and post the contents of the text file that will open.

      Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.


    Please go here to run the scan. Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install. All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.Select the option YES, I accept the Terms of Use then click on: When prompted allow the Add-On/Active X to install. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked. Now click on Advanced Settings and select the following:


    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    Now click on: The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection. When completed the Online Scan will begin automatically. [*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall. [*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first! [*]Now click on: Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt. Copy and paste that log as a reply to this topic.
      My Computer
    Quote Quote

  7. darrenj1471
    Posts : 75
    windows 7 64 bit
    Thread Starter
       New #15

    First log from Avast scan:

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-08-30 19:09:03
    -----------------------------
    19:09:03.627 OS Version: Windows x64 6.1.7601 Service Pack 1
    19:09:03.627 Number of processors: 4 586 0x2505
    19:09:03.628 ComputerName: DARREN-PC UserName: darren
    19:09:05.376 Initialize success
    19:09:49.847 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    19:09:49.851 Disk 0 Vendor: Hitachi_ ES2O Size: 305245MB BusType: 3
    19:09:49.865 Disk 0 MBR read successfully
    19:09:49.869 Disk 0 MBR scan
    19:09:49.872 Disk 0 unknown MBR code
    19:09:49.878 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    19:09:49.889 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 113664 MB offset 206848
    19:09:49.893 Disk 0 Partition - 00 0F Extended LBA 169800 MB offset 232990720
    19:09:49.928 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 21678 MB offset 580741120
    19:09:49.962 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 169799 MB offset 232992768
    19:09:49.988 Disk 0 scanning C:\windows\system32\drivers
    19:09:58.754 Service scanning
    19:10:29.391 Modules scanning
    19:10:29.404 Disk 0 trace - called modules:
    19:10:29.755 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
    19:10:29.763 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800486c060]
    19:10:29.771 3 CLASSPNP.SYS[fffff88001c3943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004665050]
    19:10:29.779 Scan finished successfully
    19:10:50.635 Disk 0 MBR has been saved successfully to "C:\Users\darren\Desktop\MBR.dat"
    19:10:50.643 The log file has been saved successfully to "C:\Users\darren\Desktop\aswMBR.txt"
      My Computer
    Quote Quote

  8. darrenj1471
    Posts : 75
    windows 7 64 bit
    Thread Starter
       New #16

    19:12:21.0913 1460 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
    19:12:22.0137 1460 ============================================================
    19:12:22.0137 1460 Current date / time: 2012/08/30 19:12:22.0137
    19:12:22.0137 1460 SystemInfo:
    19:12:22.0137 1460
    19:12:22.0137 1460 OS Version: 6.1.7601 ServicePack: 1.0
    19:12:22.0137 1460 Product type: Workstation
    19:12:22.0137 1460 ComputerName: DARREN-PC
    19:12:22.0137 1460 UserName: darren
    19:12:22.0137 1460 Windows directory: C:\windows
    19:12:22.0137 1460 System windows directory: C:\windows
    19:12:22.0137 1460 Running under WOW64
    19:12:22.0137 1460 Processor architecture: Intel x64
    19:12:22.0137 1460 Number of processors: 4
    19:12:22.0137 1460 Page size: 0x1000
    19:12:22.0137 1460 Boot type: Normal boot
    19:12:22.0137 1460 ============================================================
    19:12:22.0672 1460 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    19:12:22.0678 1460 Drive \Device\Harddisk1\DR3 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    19:12:27.0510 1460 ============================================================
    19:12:27.0510 1460 \Device\Harddisk0\DR0:
    19:12:27.0549 1460 MBR partitions:
    19:12:27.0550 1460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    19:12:27.0550 1460 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDE00000
    19:12:27.0587 1460 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xDE33000, BlocksNum 0x14BA3800
    19:12:27.0587 1460 \Device\Harddisk1\DR3:
    19:12:27.0588 1460 MBR partitions:
    19:12:27.0588 1460 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982
    19:12:27.0588 1460 ============================================================
    19:12:27.0628 1460 C: <-> \Device\Harddisk0\DR0\Partition2
    19:12:27.0686 1460 D: <-> \Device\Harddisk0\DR0\Partition3
    19:12:27.0687 1460 F: <-> \Device\Harddisk1\DR3\Partition1
    19:12:27.0687 1460 ============================================================
    19:12:27.0687 1460 Initialize success
    19:12:27.0687 1460 ============================================================
    19:12:43.0989 5496 ============================================================
    19:12:43.0989 5496 Scan started
    19:12:43.0989 5496 Mode: Manual; TDLFS;
    19:12:43.0989 5496 ============================================================
    19:12:44.0436 5496 ================ Scan system memory ========================
    19:12:44.0436 5496 System memory - ok
    19:12:44.0437 5496 ================ Scan services =============================
    19:12:44.0791 5496 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
    19:12:44.0794 5496 1394ohci - ok
    19:12:44.0831 5496 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
    19:12:44.0836 5496 ACPI - ok
    19:12:44.0877 5496 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
    19:12:44.0880 5496 AcpiPmi - ok
    19:12:45.0148 5496 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    19:12:45.0156 5496 AdobeFlashPlayerUpdateSvc - ok
    19:12:45.0215 5496 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
    19:12:45.0222 5496 adp94xx - ok
    19:12:45.0260 5496 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
    19:12:45.0264 5496 adpahci - ok
    19:12:45.0278 5496 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
    19:12:45.0280 5496 adpu320 - ok
    19:12:45.0308 5496 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
    19:12:45.0309 5496 AeLookupSvc - ok
    19:12:45.0356 5496 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
    19:12:45.0362 5496 AFD - ok
    19:12:45.0412 5496 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
    19:12:45.0413 5496 agp440 - ok
    19:12:45.0452 5496 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
    19:12:45.0455 5496 ALG - ok
    19:12:45.0483 5496 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
    19:12:45.0484 5496 aliide - ok
    19:12:45.0520 5496 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
    19:12:45.0521 5496 amdide - ok
    19:12:45.0556 5496 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
    19:12:45.0558 5496 AmdK8 - ok
    19:12:45.0578 5496 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
    19:12:45.0579 5496 AmdPPM - ok
    19:12:45.0626 5496 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
    19:12:45.0627 5496 amdsata - ok
    19:12:45.0650 5496 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
    19:12:45.0652 5496 amdsbs - ok
    19:12:45.0670 5496 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
    19:12:45.0671 5496 amdxata - ok
    19:12:45.0722 5496 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
    19:12:45.0724 5496 AppID - ok
    19:12:45.0749 5496 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
    19:12:45.0752 5496 AppIDSvc - ok
    19:12:45.0795 5496 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
    19:12:45.0797 5496 Appinfo - ok
    19:12:45.0937 5496 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    19:12:45.0940 5496 Apple Mobile Device - ok
    19:12:45.0974 5496 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
    19:12:45.0976 5496 arc - ok
    19:12:45.0983 5496 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
    19:12:45.0985 5496 arcsas - ok
    19:12:46.0083 5496 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    19:12:46.0101 5496 aspnet_state - ok
    19:12:46.0146 5496 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
    19:12:46.0147 5496 AsyncMac - ok
    19:12:46.0190 5496 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
    19:12:46.0191 5496 atapi - ok
    19:12:46.0239 5496 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
    19:12:46.0250 5496 AudioEndpointBuilder - ok
    19:12:46.0263 5496 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
    19:12:46.0268 5496 AudioSrv - ok
    19:12:46.0446 5496 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    19:12:46.0563 5496 AVGIDSAgent - ok
    19:12:46.0592 5496 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys
    19:12:46.0593 5496 AVGIDSDriver - ok
    19:12:46.0607 5496 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\windows\system32\DRIVERS\avgidsfiltera.sys
    19:12:46.0608 5496 AVGIDSFilter - ok
    19:12:46.0659 5496 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
    19:12:46.0660 5496 AVGIDSHA - ok
    19:12:46.0696 5496 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
    19:12:46.0699 5496 Avgldx64 - ok
    19:12:46.0717 5496 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
    19:12:46.0718 5496 Avgmfx64 - ok
    19:12:46.0760 5496 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
    19:12:46.0761 5496 Avgrkx64 - ok
    19:12:46.0799 5496 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
    19:12:46.0803 5496 Avgtdia - ok
    19:12:46.0841 5496 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    19:12:46.0844 5496 avgwd - ok
    19:12:46.0902 5496 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
    19:12:46.0905 5496 AxInstSV - ok
    19:12:46.0958 5496 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
    19:12:46.0964 5496 b06bdrv - ok
    19:12:46.0998 5496 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
    19:12:47.0002 5496 b57nd60a - ok
    19:12:47.0115 5496 [ 63DD9C990883709053DD2C427DF0DB6F ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
    19:12:47.0157 5496 BCM43XX - ok
    19:12:47.0190 5496 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
    19:12:47.0192 5496 BDESVC - ok
    19:12:47.0224 5496 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
    19:12:47.0225 5496 Beep - ok
    19:12:47.0303 5496 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
    19:12:47.0315 5496 BFE - ok
    19:12:47.0347 5496 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
    19:12:47.0410 5496 BITS - ok
    19:12:47.0454 5496 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
    19:12:47.0455 5496 blbdrive - ok
    19:12:47.0550 5496 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    19:12:47.0556 5496 Bonjour Service - ok
    19:12:47.0616 5496 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
    19:12:47.0617 5496 bowser - ok
    19:12:47.0646 5496 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
    19:12:47.0648 5496 BrFiltLo - ok
    19:12:47.0672 5496 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
    19:12:47.0672 5496 BrFiltUp - ok
    19:12:47.0717 5496 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
    19:12:47.0721 5496 Browser - ok
    19:12:47.0741 5496 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
    19:12:47.0745 5496 Brserid - ok
    19:12:47.0765 5496 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
    19:12:47.0766 5496 BrSerWdm - ok
    19:12:47.0800 5496 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
    19:12:47.0801 5496 BrUsbMdm - ok
    19:12:47.0811 5496 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
    19:12:47.0812 5496 BrUsbSer - ok
    19:12:47.0871 5496 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
    19:12:47.0872 5496 BthEnum - ok
    19:12:47.0898 5496 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
    19:12:47.0900 5496 BTHMODEM - ok
    19:12:47.0935 5496 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
    19:12:47.0938 5496 BthPan - ok
    19:12:48.0011 5496 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
    19:12:48.0019 5496 BTHPORT - ok
    19:12:48.0059 5496 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
    19:12:48.0062 5496 bthserv - ok
    19:12:48.0103 5496 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
    19:12:48.0105 5496 BTHUSB - ok
    19:12:48.0156 5496 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\windows\system32\drivers\btwampfl.sys
    19:12:48.0161 5496 btwampfl - ok
    19:12:48.0173 5496 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
    19:12:48.0175 5496 btwaudio - ok
    19:12:48.0215 5496 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
    19:12:48.0217 5496 btwavdt - ok
    19:12:48.0276 5496 [ 6A667ADAD3C2151131E6A478850762BE ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    19:12:48.0290 5496 btwdins - ok
    19:12:48.0319 5496 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
    19:12:48.0320 5496 btwl2cap - ok
    19:12:48.0330 5496 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
    19:12:48.0331 5496 btwrchid - ok
    19:12:48.0353 5496 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
    19:12:48.0355 5496 cdfs - ok
    19:12:48.0414 5496 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
    19:12:48.0417 5496 cdrom - ok
    19:12:48.0469 5496 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
    19:12:48.0471 5496 CertPropSvc - ok
    19:12:48.0512 5496 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
    19:12:48.0514 5496 circlass - ok
    19:12:48.0544 5496 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
    19:12:48.0550 5496 CLFS - ok
    19:12:48.0606 5496 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    19:12:48.0620 5496 clr_optimization_v2.0.50727_32 - ok
    19:12:48.0644 5496 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    19:12:48.0647 5496 clr_optimization_v2.0.50727_64 - ok
    19:12:48.0743 5496 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    19:12:48.0783 5496 clr_optimization_v4.0.30319_32 - ok
    19:12:48.0805 5496 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    19:12:48.0821 5496 clr_optimization_v4.0.30319_64 - ok
    19:12:48.0853 5496 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
    19:12:48.0854 5496 CmBatt - ok
    19:12:48.0870 5496 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
    19:12:48.0871 5496 cmdide - ok
    19:12:48.0918 5496 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
    19:12:48.0925 5496 CNG - ok
    19:12:48.0953 5496 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
    19:12:48.0954 5496 Compbatt - ok
    19:12:48.0996 5496 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
    19:12:48.0997 5496 CompositeBus - ok
    19:12:49.0008 5496 COMSysApp - ok
    19:12:49.0029 5496 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
    19:12:49.0030 5496 crcdisk - ok
    19:12:49.0089 5496 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
    19:12:49.0094 5496 CryptSvc - ok
    19:12:49.0153 5496 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
    19:12:49.0163 5496 DcomLaunch - ok
    19:12:49.0189 5496 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
    19:12:49.0194 5496 defragsvc - ok
    19:12:49.0247 5496 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
    19:12:49.0249 5496 DfsC - ok
    19:12:49.0297 5496 [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
    19:12:49.0299 5496 dg_ssudbus - ok
    19:12:49.0370 5496 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
    19:12:49.0376 5496 Dhcp - ok
    19:12:49.0409 5496 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
    19:12:49.0410 5496 discache - ok
    19:12:49.0427 5496 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
    19:12:49.0429 5496 Disk - ok
    19:12:49.0465 5496 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
    19:12:49.0470 5496 Dnscache - ok
    19:12:49.0508 5496 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
    19:12:49.0513 5496 dot3svc - ok
    19:12:49.0562 5496 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
    19:12:49.0566 5496 DPS - ok
    19:12:49.0603 5496 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
    19:12:49.0604 5496 drmkaud - ok
    19:12:49.0669 5496 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
    19:12:49.0685 5496 DXGKrnl - ok
    19:12:49.0706 5496 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
    19:12:49.0710 5496 EapHost - ok
    19:12:49.0820 5496 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
    19:12:49.0854 5496 ebdrv - ok
    19:12:49.0893 5496 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
    19:12:49.0896 5496 EFS - ok
    19:12:49.0974 5496 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
    19:12:49.0985 5496 ehRecvr - ok
    19:12:50.0016 5496 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
    19:12:50.0020 5496 ehSched - ok
    19:12:50.0090 5496 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
    19:12:50.0097 5496 elxstor - ok
    19:12:50.0111 5496 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
    19:12:50.0112 5496 ErrDev - ok
    19:12:50.0184 5496 [ ACE57D5012B00971CCE04C61CFEEFAE6 ] ETD C:\windows\system32\DRIVERS\ETD.sys
    19:12:50.0186 5496 ETD - ok
    19:12:50.0234 5496 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
    19:12:50.0241 5496 EventSystem - ok
    19:12:50.0263 5496 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
    19:12:50.0265 5496 exfat - ok
    19:12:50.0303 5496 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
    19:12:50.0306 5496 fastfat - ok
    19:12:50.0365 5496 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
    19:12:50.0377 5496 Fax - ok
    19:12:50.0392 5496 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
    19:12:50.0393 5496 fdc - ok
    19:12:50.0437 5496 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
    19:12:50.0439 5496 fdPHost - ok
    19:12:50.0454 5496 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
    19:12:50.0456 5496 FDResPub - ok
    19:12:50.0485 5496 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
    19:12:50.0486 5496 FileInfo - ok
    19:12:50.0505 5496 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
    19:12:50.0506 5496 Filetrace - ok
    19:12:50.0523 5496 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
    19:12:50.0524 5496 flpydisk - ok
    19:12:50.0575 5496 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
    19:12:50.0579 5496 FltMgr - ok
    19:12:50.0646 5496 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
    19:12:50.0664 5496 FontCache - ok
    19:12:50.0730 5496 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    19:12:50.0733 5496 FontCache3.0.0.0 - ok
    19:12:50.0750 5496 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
    19:12:50.0751 5496 FsDepends - ok
    19:12:50.0778 5496 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
    19:12:50.0779 5496 Fs_Rec - ok
    19:12:50.0830 5496 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
    19:12:50.0833 5496 fvevol - ok
    19:12:50.0865 5496 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
    19:12:50.0866 5496 gagp30kx - ok
    19:12:50.0929 5496 [ 521A469CAF61F00E1DE081CC2099C1D6 ] GameConsoleService C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
    19:12:50.0933 5496 GameConsoleService - ok
    19:12:50.0985 5496 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
    19:12:50.0986 5496 GEARAspiWDM - ok
    19:12:51.0047 5496 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
    19:12:51.0060 5496 gpsvc - ok
    19:12:51.0089 5496 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
    19:12:51.0090 5496 hcw85cir - ok
    19:12:51.0145 5496 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
    19:12:51.0150 5496 HdAudAddService - ok
    19:12:51.0207 5496 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
    19:12:51.0210 5496 HDAudBus - ok
    19:12:51.0243 5496 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
    19:12:51.0244 5496 HECIx64 - ok
    19:12:51.0279 5496 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
    19:12:51.0280 5496 HidBatt - ok
    19:12:51.0298 5496 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
    19:12:51.0299 5496 HidBth - ok
    19:12:51.0321 5496 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
    19:12:51.0323 5496 HidIr - ok
    19:12:51.0340 5496 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
    19:12:51.0343 5496 hidserv - ok
    19:12:51.0389 5496 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
    19:12:51.0390 5496 HidUsb - ok
    19:12:51.0432 5496 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
    19:12:51.0436 5496 hkmsvc - ok
    19:12:51.0497 5496 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
    19:12:51.0503 5496 HomeGroupListener - ok
    19:12:51.0540 5496 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
    19:12:51.0546 5496 HomeGroupProvider - ok
    19:12:51.0591 5496 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
    19:12:51.0592 5496 HpSAMD - ok
    19:12:51.0657 5496 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
    19:12:51.0668 5496 HTTP - ok
    19:12:51.0710 5496 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
    19:12:51.0711 5496 hwpolicy - ok
    19:12:51.0753 5496 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
    19:12:51.0755 5496 i8042prt - ok
    19:12:51.0806 5496 [ A5F72BB0D024E7E463344105BE613AE4 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
    19:12:51.0812 5496 iaStor - ok
    19:12:51.0862 5496 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
    19:12:51.0868 5496 iaStorV - ok
    19:12:51.0930 5496 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    19:12:51.0943 5496 idsvc - ok
    19:12:52.0173 5496 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
    19:12:52.0377 5496 igfx - ok
    19:12:52.0400 5496 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
    19:12:52.0400 5496 iirsp - ok
    19:12:52.0457 5496 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
    19:12:52.0471 5496 IKEEXT - ok
    19:12:52.0515 5496 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
    19:12:52.0517 5496 Impcd - ok
    19:12:52.0611 5496 [ BBDA43F02A2C642A2DF191FA8C0B0052 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
    19:12:52.0636 5496 IntcAzAudAddService - ok
    19:12:52.0694 5496 [ C6C1F19205DA83C801BE7C25F4E2EE07 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
    19:12:52.0698 5496 IntcDAud - ok
    19:12:52.0739 5496 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
    19:12:52.0740 5496 intelide - ok
    19:12:52.0775 5496 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
    19:12:52.0777 5496 intelppm - ok
    19:12:52.0809 5496 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
    19:12:52.0812 5496 IPBusEnum - ok
    19:12:52.0855 5496 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
    19:12:52.0856 5496 IpFilterDriver - ok
    19:12:52.0914 5496 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
    19:12:52.0923 5496 iphlpsvc - ok
    19:12:52.0973 5496 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
    19:12:52.0974 5496 IPMIDRV - ok
    19:12:53.0008 5496 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
    19:12:53.0009 5496 IPNAT - ok
    19:12:53.0072 5496 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    19:12:53.0085 5496 iPod Service - ok
    19:12:53.0128 5496 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
    19:12:53.0128 5496 IRENUM - ok
    19:12:53.0162 5496 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
    19:12:53.0163 5496 isapnp - ok
    19:12:53.0206 5496 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
    19:12:53.0210 5496 iScsiPrt - ok
    19:12:53.0236 5496 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
    19:12:53.0237 5496 kbdclass - ok
    19:12:53.0290 5496 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
    19:12:53.0291 5496 kbdhid - ok
    19:12:53.0305 5496 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
    19:12:53.0307 5496 KeyIso - ok
    19:12:53.0349 5496 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
    19:12:53.0351 5496 KSecDD - ok
    19:12:53.0373 5496 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
    19:12:53.0375 5496 KSecPkg - ok
    19:12:53.0411 5496 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
    19:12:53.0412 5496 ksthunk - ok
    19:12:53.0444 5496 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
    19:12:53.0451 5496 KtmRm - ok
    19:12:53.0506 5496 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
    19:12:53.0513 5496 LanmanServer - ok
    19:12:53.0567 5496 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
    19:12:53.0571 5496 LanmanWorkstation - ok
    19:12:53.0608 5496 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
    19:12:53.0608 5496 lltdio - ok
    19:12:53.0635 5496 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
    19:12:53.0640 5496 lltdsvc - ok
    19:12:53.0670 5496 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
    19:12:53.0672 5496 lmhosts - ok
    19:12:53.0792 5496 [ 85C7497997BA8B7C1728B12199616747 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    19:12:53.0797 5496 LMS - ok
    19:12:53.0828 5496 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
    19:12:53.0831 5496 LSI_FC - ok
    19:12:53.0845 5496 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
    19:12:53.0847 5496 LSI_SAS - ok
    19:12:53.0866 5496 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
    19:12:53.0867 5496 LSI_SAS2 - ok
    19:12:53.0888 5496 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
    19:12:53.0889 5496 LSI_SCSI - ok
    19:12:53.0914 5496 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
    19:12:53.0916 5496 luafv - ok
    19:12:53.0965 5496 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
    19:12:53.0969 5496 Mcx2Svc - ok
    19:12:53.0982 5496 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
    19:12:53.0983 5496 megasas - ok
    19:12:54.0023 5496 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
    19:12:54.0027 5496 MegaSR - ok
    19:12:54.0060 5496 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
    19:12:54.0064 5496 MMCSS - ok
    19:12:54.0077 5496 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
    19:12:54.0078 5496 Modem - ok
    19:12:54.0111 5496 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
    19:12:54.0112 5496 monitor - ok
    19:12:54.0156 5496 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
    19:12:54.0158 5496 mouclass - ok
    19:12:54.0188 5496 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
    19:12:54.0189 5496 mouhid - ok
    19:12:54.0229 5496 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
    19:12:54.0231 5496 mountmgr - ok
    19:12:54.0255 5496 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
    19:12:54.0257 5496 mpio - ok
    19:12:54.0264 5496 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
    19:12:54.0266 5496 mpsdrv - ok
    19:12:54.0312 5496 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
    19:12:54.0326 5496 MpsSvc - ok
    19:12:54.0374 5496 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
    19:12:54.0376 5496 MRxDAV - ok
    19:12:54.0413 5496 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
    19:12:54.0416 5496 mrxsmb - ok
    19:12:54.0443 5496 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
    19:12:54.0447 5496 mrxsmb10 - ok
    19:12:54.0482 5496 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
    19:12:54.0484 5496 mrxsmb20 - ok
    19:12:54.0528 5496 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
    19:12:54.0529 5496 msahci - ok
    19:12:54.0553 5496 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
    19:12:54.0555 5496 msdsm - ok
    19:12:54.0569 5496 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
    19:12:54.0573 5496 MSDTC - ok
    19:12:54.0603 5496 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
    19:12:54.0604 5496 Msfs - ok
    19:12:54.0625 5496 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
    19:12:54.0626 5496 mshidkmdf - ok
    19:12:54.0668 5496 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
    19:12:54.0669 5496 msisadrv - ok
    19:12:54.0697 5496 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
    19:12:54.0702 5496 MSiSCSI - ok
    19:12:54.0707 5496 msiserver - ok
    19:12:54.0744 5496 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
    19:12:54.0745 5496 MSKSSRV - ok
    19:12:54.0761 5496 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
    19:12:54.0762 5496 MSPCLOCK - ok
    19:12:54.0766 5496 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
    19:12:54.0767 5496 MSPQM - ok
    19:12:54.0809 5496 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
    19:12:54.0814 5496 MsRPC - ok
    19:12:54.0861 5496 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
    19:12:54.0862 5496 mssmbios - ok
    19:12:54.0943 5496 MSSQL$SQLEXPRESS - ok
    19:12:55.0024 5496 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
    19:12:55.0027 5496 MSSQLServerADHelper100 - ok
    19:12:55.0071 5496 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
    19:12:55.0072 5496 MSTEE - ok
    19:12:55.0088 5496 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
    19:12:55.0089 5496 MTConfig - ok
    19:12:55.0114 5496 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
    19:12:55.0115 5496 Mup - ok
    19:12:55.0159 5496 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
    19:12:55.0169 5496 napagent - ok
    19:12:55.0235 5496 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
    19:12:55.0240 5496 NativeWifiP - ok
    19:12:55.0311 5496 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
    19:12:55.0325 5496 NDIS - ok
    19:12:55.0354 5496 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
    19:12:55.0355 5496 NdisCap - ok
    19:12:55.0388 5496 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
    19:12:55.0389 5496 NdisTapi - ok
    19:12:55.0426 5496 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
    19:12:55.0427 5496 Ndisuio - ok
    19:12:55.0475 5496 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
    19:12:55.0478 5496 NdisWan - ok
    19:12:55.0509 5496 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
    19:12:55.0510 5496 NDProxy - ok
    19:12:55.0544 5496 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
    19:12:55.0545 5496 NetBIOS - ok
    19:12:55.0611 5496 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
    19:12:55.0615 5496 NetBT - ok
    19:12:55.0627 5496 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
    19:12:55.0629 5496 Netlogon - ok
    19:12:55.0684 5496 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
    19:12:55.0692 5496 Netman - ok
    19:12:55.0753 5496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    19:12:55.0757 5496 NetMsmqActivator - ok
    19:12:55.0763 5496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    19:12:55.0765 5496 NetPipeActivator - ok
    19:12:55.0803 5496 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
    19:12:55.0812 5496 netprofm - ok
    19:12:55.0842 5496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    19:12:55.0844 5496 NetTcpActivator - ok
    19:12:55.0851 5496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    19:12:55.0854 5496 NetTcpPortSharing - ok
    19:12:55.0883 5496 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
    19:12:55.0884 5496 nfrd960 - ok
    19:12:55.0947 5496 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
    19:12:55.0954 5496 NlaSvc - ok
    19:12:55.0966 5496 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
    19:12:55.0967 5496 Npfs - ok
    19:12:55.0986 5496 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
    19:12:55.0989 5496 nsi - ok
    19:12:55.0997 5496 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
    19:12:55.0998 5496 nsiproxy - ok
    19:12:56.0071 5496 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
    19:12:56.0093 5496 Ntfs - ok
    19:12:56.0126 5496 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
    19:12:56.0126 5496 Null - ok
    19:12:56.0405 5496 [ FBE6AC1C3591CB67543FAD15ABD26BCB ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
    19:12:56.0678 5496 nvlddmkm - ok
    19:12:56.0712 5496 [ 680C5BAF7D0190B1485068FC4BA75F1C ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
    19:12:56.0713 5496 nvpciflt - ok
    19:12:56.0740 5496 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
    19:12:56.0743 5496 nvraid - ok
    19:12:56.0765 5496 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
    19:12:56.0768 5496 nvstor - ok
    19:12:56.0821 5496 [ 147B0D17255FD796F990CC6F745605C5 ] nvsvc C:\windows\system32\nvvsvc.exe
    19:12:56.0837 5496 nvsvc - ok
    19:12:56.0928 5496 [ 812BF9531C827E1D8029843CDDB2B5D6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    19:12:56.0951 5496 nvUpdatusService - ok
    19:12:57.0004 5496 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
    19:12:57.0006 5496 nv_agp - ok
    19:12:57.0025 5496 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
    19:12:57.0027 5496 ohci1394 - ok
    19:12:57.0148 5496 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    19:12:57.0169 5496 ose64 - ok
    19:12:57.0315 5496 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    19:12:57.0425 5496 osppsvc - ok
    19:12:57.0457 5496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
    19:12:57.0462 5496 p2pimsvc - ok
    19:12:57.0480 5496 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
    19:12:57.0485 5496 p2psvc - ok
    19:12:57.0525 5496 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
    19:12:57.0525 5496 Parport - ok
    19:12:57.0549 5496 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
    19:12:57.0549 5496 partmgr - ok
    19:12:57.0594 5496 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
    19:12:57.0600 5496 PcaSvc - ok
    19:12:57.0635 5496 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
    19:12:57.0638 5496 pci - ok
    19:12:57.0656 5496 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
    19:12:57.0657 5496 pciide - ok
    19:12:57.0681 5496 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
    19:12:57.0684 5496 pcmcia - ok
    19:12:57.0708 5496 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
    19:12:57.0710 5496 pcw - ok
    19:12:57.0738 5496 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
    19:12:57.0747 5496 PEAUTH - ok
    19:12:57.0826 5496 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
    19:12:57.0830 5496 PerfHost - ok
    19:12:57.0906 5496 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
    19:12:57.0927 5496 pla - ok
    19:12:57.0975 5496 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
    19:12:57.0984 5496 PlugPlay - ok
    19:12:58.0018 5496 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
    19:12:58.0021 5496 PNRPAutoReg - ok
    19:12:58.0058 5496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
    19:12:58.0062 5496 PNRPsvc - ok
    19:12:58.0106 5496 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
    19:12:58.0113 5496 PolicyAgent - ok
    19:12:58.0142 5496 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
    19:12:58.0147 5496 Power - ok
    19:12:58.0208 5496 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
    19:12:58.0210 5496 PptpMiniport - ok
    19:12:58.0235 5496 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
    19:12:58.0237 5496 Processor - ok
    19:12:58.0288 5496 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
    19:12:58.0294 5496 ProfSvc - ok
    19:12:58.0305 5496 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
    19:12:58.0307 5496 ProtectedStorage - ok
    19:12:58.0361 5496 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
    19:12:58.0364 5496 Psched - ok
    19:12:58.0415 5496 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
    19:12:58.0436 5496 ql2300 - ok
    19:12:58.0476 5496 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
    19:12:58.0479 5496 ql40xx - ok
    19:12:58.0510 5496 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
    19:12:58.0517 5496 QWAVE - ok
    19:12:58.0532 5496 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
    19:12:58.0534 5496 QWAVEdrv - ok
    19:12:58.0550 5496 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
    19:12:58.0551 5496 RasAcd - ok
    19:12:58.0589 5496 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
    19:12:58.0590 5496 RasAgileVpn - ok
    19:12:58.0618 5496 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
    19:12:58.0623 5496 RasAuto - ok
    19:12:58.0666 5496 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
    19:12:58.0668 5496 Rasl2tp - ok
    19:12:58.0687 5496 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
    19:12:58.0695 5496 RasMan - ok
    19:12:58.0721 5496 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
    19:12:58.0723 5496 RasPppoe - ok
    19:12:58.0735 5496 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
    19:12:58.0737 5496 RasSstp - ok
    19:12:58.0782 5496 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
    19:12:58.0786 5496 rdbss - ok
    19:12:58.0797 5496 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
    19:12:58.0798 5496 rdpbus - ok
    19:12:58.0828 5496 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
    19:12:58.0829 5496 RDPCDD - ok
    19:12:58.0847 5496 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
    19:12:58.0848 5496 RDPENCDD - ok
    19:12:58.0871 5496 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
    19:12:58.0872 5496 RDPREFMP - ok
    19:12:58.0919 5496 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
    19:12:58.0922 5496 RDPWD - ok
    19:12:58.0983 5496 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
    19:12:58.0986 5496 rdyboost - ok
    19:12:59.0018 5496 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
    19:12:59.0022 5496 RemoteAccess - ok
    19:12:59.0049 5496 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
    19:12:59.0055 5496 RemoteRegistry - ok
    19:12:59.0100 5496 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
    19:12:59.0102 5496 RFCOMM - ok
    19:12:59.0175 5496 [ 7CCAEBCAB6FC1ED0206C07E083E79207 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    19:12:59.0181 5496 RichVideo - ok
    19:12:59.0219 5496 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
    19:12:59.0223 5496 RpcEptMapper - ok
    19:12:59.0247 5496 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
    19:12:59.0250 5496 RpcLocator - ok
    19:12:59.0298 5496 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
    19:12:59.0306 5496 RpcSs - ok
    19:12:59.0356 5496 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\windows\system32\DRIVERS\RsFx0103.sys
    19:12:59.0361 5496 RsFx0103 - ok
    19:12:59.0407 5496 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
    19:12:59.0409 5496 rspndr - ok
    19:12:59.0436 5496 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
    19:12:59.0439 5496 RTL8167 - ok
    19:12:59.0473 5496 [ 62DB6CC4B0818F1B5F3441241B098F12 ] SABI C:\windows\system32\Drivers\SABI.sys
    19:12:59.0474 5496 SABI - ok
    19:12:59.0483 5496 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
    19:12:59.0485 5496 SamSs - ok
    19:12:59.0538 5496 [ D641337B75B9A9D5AE10687AA1097755 ] Samsung UPD Service C:\windows\System32\SUPDSvc.exe
    19:12:59.0544 5496 Samsung UPD Service - ok
    19:12:59.0600 5496 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
    19:12:59.0601 5496 sbp2port - ok
    19:12:59.0645 5496 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
    19:12:59.0651 5496 SCardSvr - ok
    19:12:59.0684 5496 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
    19:12:59.0686 5496 scfilter - ok
    19:12:59.0738 5496 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
    19:12:59.0757 5496 Schedule - ok
    19:12:59.0803 5496 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
    19:12:59.0804 5496 SCPolicySvc - ok
    19:12:59.0846 5496 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
    19:12:59.0852 5496 SDRSVC - ok
    19:12:59.0896 5496 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
    19:12:59.0898 5496 secdrv - ok
    19:12:59.0940 5496 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
    19:12:59.0944 5496 seclogon - ok
    19:12:59.0976 5496 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
    19:12:59.0980 5496 SENS - ok
    19:13:00.0013 5496 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
    19:13:00.0017 5496 SensrSvc - ok
    19:13:00.0064 5496 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
    19:13:00.0065 5496 Serenum - ok
    19:13:00.0087 5496 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
    19:13:00.0089 5496 Serial - ok
    19:13:00.0102 5496 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
    19:13:00.0103 5496 sermouse - ok
    19:13:00.0146 5496 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
    19:13:00.0149 5496 SessionEnv - ok
    19:13:00.0187 5496 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
    19:13:00.0188 5496 sffdisk - ok
    19:13:00.0206 5496 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
    19:13:00.0207 5496 sffp_mmc - ok
    19:13:00.0217 5496 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
    19:13:00.0218 5496 sffp_sd - ok
    19:13:00.0249 5496 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
    19:13:00.0250 5496 sfloppy - ok
    19:13:00.0338 5496 [ 43ADBE70270DFD40EBDA4DD0E492B5FB ] SgtSch2Svc C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
    19:13:00.0348 5496 SgtSch2Svc - ok
    19:13:00.0375 5496 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
    19:13:00.0380 5496 SharedAccess - ok
    19:13:00.0432 5496 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
    19:13:00.0441 5496 ShellHWDetection - ok
    19:13:00.0461 5496 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
    19:13:00.0462 5496 SiSRaid2 - ok
    19:13:00.0495 5496 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
    19:13:00.0497 5496 SiSRaid4 - ok
    19:13:00.0554 5496 [ 6128E98EAAED364ED1A32708D2FD22CB ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    19:13:00.0558 5496 SkypeUpdate - ok
    19:13:00.0592 5496 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
    19:13:00.0594 5496 Smb - ok
    19:13:00.0653 5496 [ 8AC15211EB4BF019AAB0022781CC8AD0 ] snapman C:\windows\system32\DRIVERS\snapman.sys
    19:13:00.0656 5496 snapman - ok
    19:13:00.0689 5496 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
    19:13:00.0692 5496 SNMPTRAP - ok
    19:13:00.0722 5496 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
    19:13:00.0724 5496 spldr - ok
    19:13:00.0780 5496 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
    19:13:00.0791 5496 Spooler - ok
    19:13:00.0902 5496 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
    19:13:00.0994 5496 sppsvc - ok
    19:13:01.0019 5496 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
    19:13:01.0021 5496 sppuinotify - ok
    19:13:01.0063 5496 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
    19:13:01.0076 5496 SQLAgent$SQLEXPRESS - ok
    19:13:01.0187 5496 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    19:13:01.0192 5496 SQLBrowser - ok
    19:13:01.0278 5496 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    19:13:01.0282 5496 SQLWriter - ok
    19:13:01.0318 5496 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
    19:13:01.0325 5496 srv - ok
    19:13:01.0344 5496 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
    19:13:01.0350 5496 srv2 - ok
    19:13:01.0363 5496 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
    19:13:01.0366 5496 srvnet - ok
    19:13:01.0417 5496 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
    19:13:01.0423 5496 SSDPSRV - ok
    19:13:01.0434 5496 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
    19:13:01.0439 5496 SstpSvc - ok
    19:13:01.0486 5496 [ 855335BF5792E56164F98C012E3D92DD ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
    19:13:01.0489 5496 ssudmdm - ok
    19:13:01.0513 5496 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
    19:13:01.0514 5496 stexstor - ok
    19:13:01.0541 5496 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
    19:13:01.0542 5496 StillCam - ok
    19:13:01.0622 5496 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
    19:13:01.0634 5496 stisvc - ok
    19:13:01.0672 5496 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
    19:13:01.0673 5496 swenum - ok
    19:13:01.0706 5496 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
    19:13:01.0717 5496 swprv - ok
    19:13:01.0794 5496 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
    19:13:01.0822 5496 SysMain - ok
    19:13:01.0858 5496 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
    19:13:01.0861 5496 TabletInputService - ok
    19:13:01.0884 5496 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
    19:13:01.0892 5496 TapiSrv - ok
    19:13:01.0924 5496 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
    19:13:01.0929 5496 TBS - ok
    19:13:02.0039 5496 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
    19:13:02.0061 5496 Tcpip - ok
    19:13:02.0127 5496 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
    19:13:02.0141 5496 TCPIP6 - ok
    19:13:02.0179 5496 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
    19:13:02.0180 5496 tcpipreg - ok
    19:13:02.0220 5496 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
    19:13:02.0221 5496 TDPIPE - ok
    19:13:02.0263 5496 [ AC1FC18D04B92BAC16CBD85DE2A08A0B ] tdrpman C:\windows\system32\DRIVERS\tdrpman.sys
    19:13:02.0270 5496 tdrpman - ok
    19:13:02.0306 5496 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
    19:13:02.0307 5496 TDTCP - ok
    19:13:02.0350 5496 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
    19:13:02.0352 5496 tdx - ok
    19:13:02.0391 5496 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
    19:13:02.0392 5496 TermDD - ok
    19:13:02.0444 5496 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
    19:13:02.0456 5496 TermService - ok
    19:13:02.0490 5496 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
    19:13:02.0493 5496 Themes - ok
    19:13:02.0516 5496 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
    19:13:02.0518 5496 THREADORDER - ok
    19:13:02.0559 5496 [ 3E24B7FE52BC455DA8D6E2CC2B4CA23F ] tifsfilter C:\windows\system32\DRIVERS\tifsfilt.sys
    19:13:02.0560 5496 tifsfilter - ok
    19:13:02.0590 5496 [ EC4FD4D147985A97E881729E808E6F34 ] timounter C:\windows\system32\DRIVERS\timntr.sys
    19:13:02.0600 5496 timounter - ok
    19:13:02.0630 5496 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
    19:13:02.0633 5496 TrkWks - ok
    19:13:02.0714 5496 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
    19:13:02.0718 5496 TrustedInstaller - ok
    19:13:02.0759 5496 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
    19:13:02.0760 5496 tssecsrv - ok
    19:13:02.0811 5496 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
    19:13:02.0812 5496 TsUsbFlt - ok
    19:13:02.0865 5496 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
    19:13:02.0867 5496 tunnel - ok
    19:13:02.0929 5496 [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys
    19:13:02.0930 5496 TurboB - ok
    19:13:03.0016 5496 [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    19:13:03.0019 5496 TurboBoost - ok
    19:13:03.0045 5496 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
    19:13:03.0047 5496 uagp35 - ok
    19:13:03.0095 5496 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
    19:13:03.0100 5496 udfs - ok
    19:13:03.0133 5496 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
    19:13:03.0137 5496 UI0Detect - ok
    19:13:03.0160 5496 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
    19:13:03.0161 5496 uliagpkx - ok
    19:13:03.0212 5496 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
    19:13:03.0213 5496 umbus - ok
    19:13:03.0239 5496 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
    19:13:03.0240 5496 UmPass - ok
    19:13:03.0367 5496 [ 4735B3050C0D6F9DC571451298C54FA0 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    19:13:03.0398 5496 UNS - ok
    19:13:03.0431 5496 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
    19:13:03.0437 5496 upnphost - ok
    19:13:03.0481 5496 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
    19:13:03.0482 5496 USBAAPL64 - ok
    19:13:03.0511 5496 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
    19:13:03.0513 5496 usbccgp - ok
    19:13:03.0567 5496 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
    19:13:03.0568 5496 usbcir - ok
    19:13:03.0586 5496 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
    19:13:03.0588 5496 usbehci - ok
    19:13:03.0632 5496 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
    19:13:03.0636 5496 usbhub - ok
    19:13:03.0666 5496 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
    19:13:03.0667 5496 usbohci - ok
    19:13:03.0693 5496 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
    19:13:03.0694 5496 usbprint - ok
    19:13:03.0714 5496 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
    19:13:03.0716 5496 USBSTOR - ok
    19:13:03.0734 5496 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
    19:13:03.0735 5496 usbuhci - ok
    19:13:03.0793 5496 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
    19:13:03.0795 5496 usbvideo - ok
    19:13:03.0818 5496 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
    19:13:03.0821 5496 UxSms - ok
    19:13:03.0849 5496 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
    19:13:03.0851 5496 VaultSvc - ok
    19:13:03.0878 5496 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
    19:13:03.0879 5496 vdrvroot - ok
    19:13:03.0924 5496 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
    19:13:03.0934 5496 vds - ok
    19:13:03.0962 5496 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
    19:13:03.0963 5496 vga - ok
    19:13:03.0979 5496 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
    19:13:03.0980 5496 VgaSave - ok
    19:13:04.0031 5496 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
    19:13:04.0034 5496 vhdmp - ok
    19:13:04.0066 5496 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
    19:13:04.0067 5496 viaide - ok
    19:13:04.0087 5496 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
    19:13:04.0089 5496 volmgr - ok
    19:13:04.0143 5496 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
    19:13:04.0149 5496 volmgrx - ok
    19:13:04.0194 5496 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
    19:13:04.0199 5496 volsnap - ok
    19:13:04.0229 5496 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
    19:13:04.0232 5496 vsmraid - ok
    19:13:04.0305 5496 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
    19:13:04.0331 5496 VSS - ok
    19:13:04.0345 5496 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
    19:13:04.0346 5496 vwifibus - ok
    19:13:04.0373 5496 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
    19:13:04.0374 5496 vwififlt - ok
    19:13:04.0408 5496 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
    19:13:04.0414 5496 W32Time - ok
    19:13:04.0433 5496 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
    19:13:04.0434 5496 WacomPen - ok
    19:13:04.0491 5496 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
    19:13:04.0492 5496 WANARP - ok
    19:13:04.0497 5496 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
    19:13:04.0498 5496 Wanarpv6 - ok
    19:13:04.0554 5496 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
    19:13:04.0573 5496 WatAdminSvc - ok
    19:13:04.0650 5496 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
    19:13:04.0674 5496 wbengine - ok
    19:13:04.0701 5496 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
    19:13:04.0706 5496 WbioSrvc - ok
    19:13:04.0746 5496 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
    19:13:04.0755 5496 wcncsvc - ok
    19:13:04.0769 5496 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
    19:13:04.0773 5496 WcsPlugInService - ok
    19:13:04.0809 5496 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
    19:13:04.0810 5496 Wd - ok
    19:13:04.0846 5496 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
    19:13:04.0855 5496 Wdf01000 - ok
    19:13:04.0868 5496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
    19:13:04.0872 5496 WdiServiceHost - ok
    19:13:04.0878 5496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
    19:13:04.0883 5496 WdiSystemHost - ok
    19:13:04.0933 5496 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
    19:13:04.0940 5496 WebClient - ok
    19:13:04.0977 5496 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
    19:13:04.0984 5496 Wecsvc - ok
    19:13:05.0005 5496 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
    19:13:05.0010 5496 wercplsupport - ok
    19:13:05.0047 5496 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
    19:13:05.0051 5496 WerSvc - ok
    19:13:05.0096 5496 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
    19:13:05.0097 5496 WfpLwf - ok
    19:13:05.0115 5496 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
    19:13:05.0116 5496 WIMMount - ok
    19:13:05.0143 5496 WinDefend - ok
    19:13:05.0154 5496 WinHttpAutoProxySvc - ok
    19:13:05.0220 5496 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
    19:13:05.0224 5496 Winmgmt - ok
    19:13:05.0311 5496 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
    19:13:05.0342 5496 WinRM - ok
    19:13:05.0385 5496 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
    19:13:05.0386 5496 WinUsb - ok
    19:13:05.0437 5496 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
    19:13:05.0453 5496 Wlansvc - ok
    19:13:05.0506 5496 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    19:13:05.0508 5496 wlcrasvc - ok
    19:13:05.0646 5496 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    19:13:05.0677 5496 wlidsvc - ok
    19:13:05.0727 5496 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
    19:13:05.0728 5496 WmiAcpi - ok
    19:13:05.0764 5496 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
    19:13:05.0768 5496 wmiApSrv - ok
    19:13:05.0799 5496 WMPNetworkSvc - ok
    19:13:05.0838 5496 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
    19:13:05.0843 5496 WPCSvc - ok
    19:13:05.0882 5496 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
    19:13:05.0887 5496 WPDBusEnum - ok
    19:13:05.0909 5496 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
    19:13:05.0910 5496 ws2ifsl - ok
    19:13:05.0937 5496 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
    19:13:05.0942 5496 wscsvc - ok
    19:13:05.0947 5496 WSearch - ok
    19:13:06.0043 5496 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
    19:13:06.0077 5496 wuauserv - ok
    19:13:06.0091 5496 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
    19:13:06.0093 5496 WudfPf - ok
    19:13:06.0149 5496 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
    19:13:06.0152 5496 WUDFRd - ok
    19:13:06.0190 5496 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
    19:13:06.0194 5496 wudfsvc - ok
    19:13:06.0234 5496 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
    19:13:06.0240 5496 WwanSvc - ok
    19:13:06.0286 5496 [ 918CFCDBB6C297C53788B926954DA907 ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys
    19:13:06.0292 5496 yukonw7 - ok
    19:13:06.0335 5496 ================ Scan global ===============================
    19:13:06.0353 5496 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
    19:13:06.0383 5496 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
    19:13:06.0395 5496 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
    19:13:06.0416 5496 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
    19:13:06.0445 5496 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
    19:13:06.0452 5496 [Global] - ok
    19:13:06.0453 5496 ================ Scan MBR ==================================
    19:13:06.0473 5496 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
    19:13:06.0961 5496 \Device\Harddisk0\DR0 - ok
    19:13:06.0966 5496 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
    19:13:07.0170 5496 \Device\Harddisk1\DR3 - ok
    19:13:07.0171 5496 ================ Scan VBR ==================================
    19:13:07.0197 5496 [ FE4B52C0C4A335F8C4E8BDE08F92ED7A ] \Device\Harddisk0\DR0\Partition1
    19:13:07.0199 5496 \Device\Harddisk0\DR0\Partition1 - ok
    19:13:07.0242 5496 [ CC97CF250262CCD8836B22A8EAD4DABB ] \Device\Harddisk0\DR0\Partition2
    19:13:07.0244 5496 \Device\Harddisk0\DR0\Partition2 - ok
    19:13:07.0271 5496 [ 2A50D13E156B5C6AA2447238AAEE6E1C ] \Device\Harddisk0\DR0\Partition3
    19:13:07.0273 5496 \Device\Harddisk0\DR0\Partition3 - ok
    19:13:07.0278 5496 [ 61FB8E2C3681A840BA9D46617D6E8FC4 ] \Device\Harddisk1\DR3\Partition1
    19:13:07.0280 5496 \Device\Harddisk1\DR3\Partition1 - ok
    19:13:07.0280 5496 ============================================================
    19:13:07.0280 5496 Scan finished
    19:13:07.0281 5496 ============================================================
    19:13:07.0294 4584 Detected object count: 0
    19:13:07.0294 4584 Actual detected object count: 0
      My Computer
    Quote Quote

  10. darrenj1471
    Posts : 75
    windows 7 64 bit
    Thread Starter
       New #17

    I ran the online eset scan (took about 3 hours) and ensured remove threats wasnt checked and also didnt check uninstall program (eset).
    I saw on screen that infected files had been found and Ive navigated to log.txt file in C Program files (86) as above and all it says is:


    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner64.ocx - registred OK
    OnlineScanner.ocx - registred OK

    Guessing this hasnt written correctly ?
      My Computer
    Quote Quote

  11. Jacee
    Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       New #18

    Do this:
    1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the icon on your desktop.
    4. Check
    5. Click the button.
    6. Accept any security warnings from your browser.
    7. Check
    8. Push the Start button.
    9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    10. When the scan completes, push
    11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    12. Push the button.
    13. Push
      My Computer
    Quote Quote

  12. darrenj1471
    Posts : 75
    windows 7 64 bit
    Thread Starter
       New #19

    C:\Program Files (x86)\Vuze\.install4j\i4j_extf_27_5p83tu.dll a variant of Win32/Bunndle application
    C:\Program Files (x86)\Vuze\.install4j\i4j_extf_32_5p83tu.dll a variant of Win32/Bunndle application
    C:\Users\darren\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\3cf74096-6967d5e6 Java/Exploit.Agent.AH trojan
    C:\Users\darren\AppData\Roaming\msconfig.dat Win32/LockScreen.ALY trojan
      My Computer
    Quote Quote

  13. darrenj1471
    Posts : 75
    windows 7 64 bit
    Thread Starter
       New #20

    Note: I run it with Remove Threats UNCHECKED as per first set of instructions....

    Please advise if I should run again to remove?
      My Computer
    Quote Quote

 
Page 2 of 3 FirstFirst 123 LastLast

  Related Discussions
UKASH Virus .....again :(
in System Security

Hi there I have the dreaded Ukash virus again, exactly as per last time and last time I was kindly helped in this thread: https://www.sevenforums.com/system-security/249497-ukash-virus-simply-wont-go-away-help-pleeeaase.html Can you advise what I need to do to remove it as I guess the...
Hi. My laptop has recently gotten the Ukash Virus. It won’t let me start the laptop in any version of Safe Mode (either With Networking or With Command Prompt). By reading some of the other posts on this site I think I need to download something called Windows Defender Offline? Is this right?...
HELP > ukash virus :(
in System Security

:cry: Followed the instructions from this thread https://www.sevenforums.com/system-security/249497-ukash-virus-simply-wont-go-away-help-pleeeaase.html Need a little help Please and thanks
Im fixing a laptop here that is infected by the Ukash virus. After some research there seems to be a few different versions. They all do the same thing tho. They lock your computer and show a screen sayin your PC has been locked because you where on some illegal websites. They give you a link...
UKASH virus
in System Security

Hi all, I have downloaded defender to a usb stick, problem is it wont boot from the stick. I have the UKASH virus and can't even get into safe mode it just throws me out. If my machine is not formatted to boot from usb and I can't get in to change it what options do I have. Is there a way of...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 14:51.
Find Us