1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Stubborn trojan, help appreciated

Discussion in 'Virus & Other Malware Removal' started by infectedwalker, Nov 27, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. infectedwalker

    infectedwalker Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    3
    Hi,

    I'm running Windows 7 Ultimate (64-bit) and somehow got a trojan onto my system through IE9 today. It was very obvious (about a hundred popups claiming that my hard drive was failing, a fake "System Fix" program, it disabled task manager, cleared out the start menu and taskbar, hid Program Files folders, etc.) but my antivirus (Microsoft Security Essentials) didn't seem to notice it.

    I disabled MSE and downloaded AVG, and also changed most of the registry keys back so I could use Task Manager, etc. However, the trojan is still on my system. Every so often it starts an iexplore.exe instance (even when no IE windows are open) and eats up memory and bandwidth. Also, occasionally links in Google results redirect to other websites in Firefox, but there's nothing in my hosts file. And every time I boot up, ATI Catalyst Control Center (CCC.exe) crashes, so I can't configure my video card driver.

    I also installed and ran MBAM, which identified the trojan in explorer.exe ("Trojan horse Generic25.BXXH") and claimed to fix it, but it keeps coming back. Meanwhile, I've disabled MBAM resident and am just using AVG. There isn't much in my HijackThis log. I tried running TDSSKiller but it wouldn't start. I also tried ComboFix to no avail. I'd really like to avoid reinstalling Windows so any help would be appreciated!

    HijackThis log:
    DDS log:
     

    Attached Files:

  2. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,383
    First Name:
    Kevin
    OK, do the following :-

    Select Start > right click on "Computer" > select "Manage" > Select "Disk Management" under "Storage" Make that window "Full screen" Take a screen shot of that window and attach to next reply. You can use the snipping tool available in the accessories folder. Start > All Programs > Accessories. I`ve attached an example screen shot of an infected system

    Kevin.
     

    Attached Files:

  3. infectedwalker

    infectedwalker Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    3
    I don't think I have that issue - see attached. I created the Data and Win8 partitions and L is a USB drive.
     

    Attached Files:

  4. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,383
    First Name:
    Kevin
    Do you know what the partition is that I have highlighted in the attached shot...

    Run the following, just copy and paste the log to your reply, do not put in code or quote boxes....

    Please read carefully and follow these steps.
    • Download TDSSKiller and save it to your Desktop.
    • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK


      [​IMG]

    • If an infected file is detected, the default action will be Cure, click on Continue.


      [​IMG]

    • If a suspicious file is detected, the default action will be Skip, click on Continue.


      [​IMG]

    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


      [​IMG]

    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
     

    Attached Files:

  5. infectedwalker

    infectedwalker Thread Starter

    Joined:
    Nov 27, 2011
    Messages:
    3
    I think that's my boot sector:

    02/26/2011 12:47 PM <DIR> Boot
    11/20/2010 07:40 AM 383,786 bootmgr
    09/18/2010 02:08 AM 8,192 BOOTSECT.BAK
    09/18/2010 12:19 AM <DIR> System Volume Information

    The only file that's been updated recently is Boot\BCD and boot\BCD.log.

    TDSS found two suspicious files, which were skipped:

    21:12:12.0932 5340 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
    21:12:13.0151 5340 ============================================================
    21:12:13.0151 5340 Current date / time: 2011/11/27 21:12:13.0151
    21:12:13.0151 5340 SystemInfo:
    21:12:13.0151 5340
    21:12:13.0151 5340 OS Version: 6.1.7601 ServicePack: 1.0
    21:12:13.0151 5340 Product type: Workstation
    21:12:13.0151 5340 ComputerName: MyNameHOME
    21:12:13.0151 5340 UserName: MyName
    21:12:13.0151 5340 Windows directory: C:\Windows
    21:12:13.0151 5340 System windows directory: C:\Windows
    21:12:13.0151 5340 Running under WOW64
    21:12:13.0151 5340 Processor architecture: Intel x64
    21:12:13.0151 5340 Number of processors: 8
    21:12:13.0151 5340 Page size: 0x1000
    21:12:13.0151 5340 Boot type: Normal boot
    21:12:13.0151 5340 ============================================================
    21:12:13.0666 5340 Initialize success
    21:12:19.0890 6648 ============================================================
    21:12:19.0890 6648 Scan started
    21:12:19.0890 6648 Mode: Manual;
    21:12:19.0890 6648 ============================================================
    21:12:20.0374 6648 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    21:12:20.0374 6648 1394ohci - ok
    21:12:20.0420 6648 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    21:12:20.0420 6648 ACPI - ok
    21:12:20.0452 6648 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    21:12:20.0452 6648 AcpiPmi - ok
    21:12:20.0498 6648 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    21:12:20.0498 6648 adp94xx - ok
    21:12:20.0530 6648 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    21:12:20.0530 6648 adpahci - ok
    21:12:20.0561 6648 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    21:12:20.0561 6648 adpu320 - ok
    21:12:20.0608 6648 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    21:12:20.0608 6648 AFD - ok
    21:12:20.0639 6648 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    21:12:20.0639 6648 agp440 - ok
    21:12:20.0670 6648 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    21:12:20.0670 6648 aliide - ok
    21:12:20.0779 6648 ALSysIO - ok
    21:12:20.0826 6648 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    21:12:20.0826 6648 amdide - ok
    21:12:20.0857 6648 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    21:12:20.0857 6648 AmdK8 - ok
    21:12:21.0044 6648 amdkmdag (446a1aad34191665a8df6092bd8eb5a8) C:\Windows\system32\DRIVERS\atikmdag.sys
    21:12:21.0200 6648 amdkmdag - ok
    21:12:21.0232 6648 amdkmdap (f8f8a908fdb005a65ddf7238c814eea5) C:\Windows\system32\DRIVERS\atikmpag.sys
    21:12:21.0232 6648 amdkmdap - ok
    21:12:21.0263 6648 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    21:12:21.0263 6648 AmdPPM - ok
    21:12:21.0278 6648 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    21:12:21.0294 6648 amdsata - ok
    21:12:21.0310 6648 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    21:12:21.0310 6648 amdsbs - ok
    21:12:21.0341 6648 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    21:12:21.0341 6648 amdxata - ok
    21:12:21.0388 6648 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    21:12:21.0388 6648 AppID - ok
    21:12:21.0419 6648 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    21:12:21.0434 6648 arc - ok
    21:12:21.0450 6648 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    21:12:21.0450 6648 arcsas - ok
    21:12:21.0497 6648 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    21:12:21.0497 6648 AsyncMac - ok
    21:12:21.0528 6648 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    21:12:21.0528 6648 atapi - ok
    21:12:21.0575 6648 AtiHDAudioService (cbe5f8b3e54198f5dfe403a55a95de08) C:\Windows\system32\drivers\AtihdW76.sys
    21:12:21.0575 6648 AtiHDAudioService - ok
    21:12:21.0606 6648 ATITool (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\ATITool64.sys
    21:12:21.0622 6648 ATITool - ok
    21:12:21.0668 6648 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    21:12:21.0684 6648 AVGIDSDriver - ok
    21:12:21.0715 6648 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    21:12:21.0715 6648 AVGIDSEH - ok
    21:12:21.0746 6648 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    21:12:21.0746 6648 AVGIDSFilter - ok
    21:12:21.0778 6648 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
    21:12:21.0778 6648 Avgldx64 - ok
    21:12:21.0824 6648 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
    21:12:21.0824 6648 Avgmfx64 - ok
    21:12:21.0856 6648 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
    21:12:21.0856 6648 Avgrkx64 - ok
    21:12:21.0887 6648 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
    21:12:21.0887 6648 Avgtdia - ok
    21:12:21.0934 6648 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    21:12:21.0934 6648 b06bdrv - ok
    21:12:21.0965 6648 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    21:12:21.0965 6648 b57nd60a - ok
    21:12:21.0980 6648 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    21:12:21.0996 6648 Beep - ok
    21:12:22.0027 6648 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    21:12:22.0027 6648 blbdrive - ok
    21:12:22.0058 6648 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    21:12:22.0074 6648 bowser - ok
    21:12:22.0090 6648 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    21:12:22.0090 6648 BrFiltLo - ok
    21:12:22.0105 6648 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    21:12:22.0105 6648 BrFiltUp - ok
    21:12:22.0121 6648 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    21:12:22.0136 6648 Brserid - ok
    21:12:22.0152 6648 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    21:12:22.0152 6648 BrSerWdm - ok
    21:12:22.0168 6648 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    21:12:22.0168 6648 BrUsbMdm - ok
    21:12:22.0199 6648 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    21:12:22.0199 6648 BrUsbSer - ok
    21:12:22.0214 6648 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    21:12:22.0214 6648 BTHMODEM - ok
    21:12:22.0261 6648 catchme - ok
    21:12:22.0292 6648 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    21:12:22.0292 6648 cdfs - ok
    21:12:22.0355 6648 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    21:12:22.0355 6648 cdrom - ok
    21:12:22.0386 6648 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    21:12:22.0386 6648 circlass - ok
    21:12:22.0433 6648 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    21:12:22.0433 6648 CLFS - ok
    21:12:22.0480 6648 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    21:12:22.0480 6648 CmBatt - ok
    21:12:22.0511 6648 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    21:12:22.0511 6648 cmdide - ok
    21:12:22.0558 6648 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
    21:12:22.0573 6648 CNG - ok
    21:12:22.0589 6648 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    21:12:22.0589 6648 Compbatt - ok
    21:12:22.0604 6648 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    21:12:22.0620 6648 CompositeBus - ok
    21:12:22.0636 6648 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    21:12:22.0636 6648 crcdisk - ok
    21:12:22.0667 6648 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
    21:12:22.0682 6648 CSC - ok
    21:12:22.0714 6648 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    21:12:22.0729 6648 DfsC - ok
    21:12:22.0745 6648 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    21:12:22.0745 6648 discache - ok
    21:12:22.0776 6648 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    21:12:22.0776 6648 Disk - ok
    21:12:22.0823 6648 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    21:12:22.0823 6648 drmkaud - ok
    21:12:22.0854 6648 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    21:12:22.0870 6648 DXGKrnl - ok
    21:12:22.0963 6648 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    21:12:23.0010 6648 ebdrv - ok
    21:12:23.0072 6648 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
    21:12:23.0072 6648 ElbyCDIO - ok
    21:12:23.0104 6648 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    21:12:23.0104 6648 elxstor - ok
    21:12:23.0135 6648 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    21:12:23.0135 6648 ErrDev - ok
    21:12:23.0197 6648 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    21:12:23.0197 6648 exfat - ok
    21:12:23.0213 6648 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    21:12:23.0228 6648 fastfat - ok
    21:12:23.0244 6648 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    21:12:23.0244 6648 fdc - ok
    21:12:23.0275 6648 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    21:12:23.0275 6648 FileInfo - ok
    21:12:23.0291 6648 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    21:12:23.0291 6648 Filetrace - ok
    21:12:23.0322 6648 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    21:12:23.0338 6648 flpydisk - ok
    21:12:23.0369 6648 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    21:12:23.0369 6648 FltMgr - ok
    21:12:23.0400 6648 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    21:12:23.0400 6648 FsDepends - ok
    21:12:23.0431 6648 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    21:12:23.0431 6648 Fs_Rec - ok
    21:12:23.0462 6648 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    21:12:23.0462 6648 fvevol - ok
    21:12:23.0478 6648 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    21:12:23.0478 6648 gagp30kx - ok
    21:12:23.0509 6648 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    21:12:23.0509 6648 GEARAspiWDM - ok
    21:12:23.0572 6648 HCW85BDA (6d0f56d217545e2d0addbf301b35260f) C:\Windows\system32\drivers\HCW85BDA.sys
    21:12:23.0603 6648 HCW85BDA - ok
    21:12:23.0634 6648 hcw85cir (25581dcfe6cb06cc0e48fa5b63f67532) C:\Windows\system32\drivers\hcw85cir3.sys
    21:12:23.0634 6648 hcw85cir - ok
    21:12:23.0665 6648 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    21:12:23.0681 6648 HdAudAddService - ok
    21:12:23.0696 6648 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    21:12:23.0696 6648 HDAudBus - ok
    21:12:23.0743 6648 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
    21:12:23.0743 6648 HECIx64 - ok
    21:12:23.0759 6648 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    21:12:23.0759 6648 HidBatt - ok
    21:12:23.0790 6648 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    21:12:23.0790 6648 HidBth - ok
    21:12:23.0821 6648 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    21:12:23.0821 6648 HidIr - ok
    21:12:23.0837 6648 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    21:12:23.0837 6648 HidUsb - ok
    21:12:23.0868 6648 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    21:12:23.0868 6648 HpSAMD - ok
    21:12:23.0915 6648 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    21:12:23.0930 6648 HTTP - ok
    21:12:23.0977 6648 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    21:12:23.0977 6648 hwpolicy - ok
    21:12:23.0993 6648 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    21:12:23.0993 6648 i8042prt - ok
    21:12:24.0040 6648 iaStor (85977cd13fc16069ce0af7943a811775) C:\Windows\system32\DRIVERS\iaStor.sys
    21:12:24.0040 6648 iaStor - ok
    21:12:24.0071 6648 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    21:12:24.0071 6648 iaStorV - ok
    21:12:24.0102 6648 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    21:12:24.0102 6648 iirsp - ok
    21:12:24.0180 6648 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
    21:12:24.0227 6648 IntcAzAudAddService - ok
    21:12:24.0242 6648 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    21:12:24.0258 6648 intelide - ok
    21:12:24.0289 6648 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    21:12:24.0289 6648 intelppm - ok
    21:12:24.0305 6648 IOCBIOS - ok
    21:12:24.0352 6648 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:12:24.0352 6648 IpFilterDriver - ok
    21:12:24.0383 6648 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    21:12:24.0383 6648 IPMIDRV - ok
    21:12:24.0430 6648 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    21:12:24.0430 6648 IPNAT - ok
    21:12:24.0461 6648 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    21:12:24.0461 6648 IRENUM - ok
    21:12:24.0492 6648 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    21:12:24.0492 6648 isapnp - ok
    21:12:24.0523 6648 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    21:12:24.0523 6648 iScsiPrt - ok
    21:12:24.0554 6648 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    21:12:24.0554 6648 kbdclass - ok
    21:12:24.0570 6648 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
    21:12:24.0570 6648 kbdhid - ok
    21:12:24.0586 6648 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
    21:12:24.0586 6648 KSecDD - ok
    21:12:24.0601 6648 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
    21:12:24.0617 6648 KSecPkg - ok
    21:12:24.0632 6648 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    21:12:24.0632 6648 ksthunk - ok
    21:12:24.0695 6648 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
    21:12:24.0695 6648 LHidFilt - ok
    21:12:24.0710 6648 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    21:12:24.0726 6648 lltdio - ok
    21:12:24.0742 6648 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
    21:12:24.0742 6648 LMouFilt - ok
    21:12:24.0773 6648 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    21:12:24.0773 6648 LSI_FC - ok
    21:12:24.0788 6648 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    21:12:24.0788 6648 LSI_SAS - ok
    21:12:24.0820 6648 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    21:12:24.0820 6648 LSI_SAS2 - ok
    21:12:24.0835 6648 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    21:12:24.0835 6648 LSI_SCSI - ok
    21:12:24.0882 6648 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    21:12:24.0882 6648 luafv - ok
    21:12:24.0913 6648 LUsbFilt (da3494df01c62d821911ed91ce5e1642) C:\Windows\system32\Drivers\LUsbFilt.Sys
    21:12:24.0913 6648 LUsbFilt - ok
    21:12:24.0976 6648 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
    21:12:24.0976 6648 MBAMProtector - ok
    21:12:24.0991 6648 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    21:12:24.0991 6648 megasas - ok
    21:12:25.0022 6648 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    21:12:25.0022 6648 MegaSR - ok
    21:12:25.0054 6648 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\9944.tmp
    21:12:25.0054 6648 MEMSWEEP2 - ok
    21:12:25.0085 6648 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    21:12:25.0085 6648 Modem - ok
    21:12:25.0100 6648 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    21:12:25.0100 6648 monitor - ok
    21:12:25.0132 6648 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    21:12:25.0132 6648 mouclass - ok
    21:12:25.0147 6648 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    21:12:25.0163 6648 mouhid - ok
    21:12:25.0178 6648 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    21:12:25.0194 6648 mountmgr - ok
    21:12:25.0225 6648 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
    21:12:25.0241 6648 MpFilter - ok
    21:12:25.0272 6648 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    21:12:25.0272 6648 mpio - ok
    21:12:25.0350 6648 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
    21:12:25.0350 6648 MpNWMon - ok
    21:12:25.0366 6648 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    21:12:25.0366 6648 mpsdrv - ok
    21:12:25.0397 6648 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    21:12:25.0412 6648 MRxDAV - ok
    21:12:25.0444 6648 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:12:25.0444 6648 mrxsmb - ok
    21:12:25.0475 6648 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:12:25.0490 6648 mrxsmb10 - ok
    21:12:25.0506 6648 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:12:25.0506 6648 mrxsmb20 - ok
    21:12:25.0537 6648 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    21:12:25.0537 6648 msahci - ok
    21:12:25.0584 6648 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    21:12:25.0584 6648 msdsm - ok
    21:12:25.0615 6648 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    21:12:25.0615 6648 Msfs - ok
    21:12:25.0631 6648 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    21:12:25.0631 6648 mshidkmdf - ok
    21:12:25.0678 6648 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    21:12:25.0678 6648 msisadrv - ok
    21:12:25.0709 6648 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    21:12:25.0709 6648 MSKSSRV - ok
    21:12:25.0740 6648 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    21:12:25.0740 6648 MSPCLOCK - ok
    21:12:25.0787 6648 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    21:12:25.0787 6648 MSPQM - ok
    21:12:25.0818 6648 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    21:12:25.0834 6648 MsRPC - ok
    21:12:25.0849 6648 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    21:12:25.0849 6648 mssmbios - ok
    21:12:25.0865 6648 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    21:12:25.0865 6648 MSTEE - ok
    21:12:25.0896 6648 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    21:12:25.0896 6648 MTConfig - ok
    21:12:25.0912 6648 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    21:12:25.0912 6648 Mup - ok
    21:12:25.0943 6648 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    21:12:25.0958 6648 NativeWifiP - ok
    21:12:25.0990 6648 Nbdrv (0b5d0dd9fa104ef87801c8f58f068b3e) C:\Windows\system32\DRIVERS\nbdrv.sys
    21:12:25.0990 6648 Nbdrv - ok
    21:12:26.0036 6648 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    21:12:26.0052 6648 NDIS - ok
    21:12:26.0083 6648 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    21:12:26.0083 6648 NdisCap - ok
    21:12:26.0114 6648 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    21:12:26.0114 6648 NdisTapi - ok
    21:12:26.0146 6648 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    21:12:26.0161 6648 Ndisuio - ok
    21:12:26.0192 6648 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    21:12:26.0192 6648 NdisWan - ok
    21:12:26.0224 6648 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    21:12:26.0224 6648 NDProxy - ok
    21:12:26.0255 6648 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    21:12:26.0255 6648 NetBIOS - ok
    21:12:26.0286 6648 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    21:12:26.0286 6648 NetBT - ok
    21:12:26.0348 6648 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    21:12:26.0364 6648 nfrd960 - ok
    21:12:26.0395 6648 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    21:12:26.0395 6648 NisDrv - ok
    21:12:26.0442 6648 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    21:12:26.0442 6648 Npfs - ok
    21:12:26.0458 6648 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    21:12:26.0458 6648 nsiproxy - ok
    21:12:26.0520 6648 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    21:12:26.0551 6648 Ntfs - ok
    21:12:26.0567 6648 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    21:12:26.0567 6648 Null - ok
    21:12:26.0598 6648 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    21:12:26.0598 6648 nvraid - ok
    21:12:26.0629 6648 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    21:12:26.0645 6648 nvstor - ok
    21:12:26.0676 6648 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    21:12:26.0676 6648 nv_agp - ok
    21:12:26.0692 6648 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    21:12:26.0692 6648 ohci1394 - ok
    21:12:26.0738 6648 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    21:12:26.0738 6648 Parport - ok
    21:12:26.0785 6648 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    21:12:26.0801 6648 partmgr - ok
    21:12:26.0801 6648 PcdrNdisuio - ok
    21:12:26.0832 6648 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    21:12:26.0832 6648 pci - ok
    21:12:26.0848 6648 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    21:12:26.0863 6648 pciide - ok
    21:12:26.0879 6648 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    21:12:26.0879 6648 pcmcia - ok
    21:12:26.0910 6648 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    21:12:26.0910 6648 pcw - ok
    21:12:26.0926 6648 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    21:12:26.0941 6648 PEAUTH - ok
    21:12:27.0035 6648 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    21:12:27.0035 6648 PptpMiniport - ok
    21:12:27.0050 6648 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    21:12:27.0066 6648 Processor - ok
    21:12:27.0097 6648 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    21:12:27.0097 6648 Psched - ok
    21:12:27.0128 6648 pwdrvio (da3964d8fb8798dc741abaca9ed1b99d) C:\Windows\system32\pwdrvio.sys
    21:12:27.0144 6648 pwdrvio - ok
    21:12:27.0160 6648 pwdspio (a55ed5a63d0178a41ea05ac50a60f89a) C:\Windows\system32\pwdspio.sys
    21:12:27.0160 6648 pwdspio - ok
    21:12:27.0206 6648 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    21:12:27.0238 6648 ql2300 - ok
    21:12:27.0253 6648 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    21:12:27.0253 6648 ql40xx - ok
    21:12:27.0284 6648 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    21:12:27.0300 6648 QWAVEdrv - ok
    21:12:27.0331 6648 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    21:12:27.0331 6648 RasAcd - ok
    21:12:27.0362 6648 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    21:12:27.0362 6648 RasAgileVpn - ok
    21:12:27.0409 6648 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:12:27.0409 6648 Rasl2tp - ok
    21:12:27.0440 6648 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    21:12:27.0440 6648 RasPppoe - ok
    21:12:27.0472 6648 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    21:12:27.0472 6648 RasSstp - ok
    21:12:27.0503 6648 rcmirror (96597c96d5acf4a3ef0b24d396853879) C:\Windows\system32\DRIVERS\rcmirror.sys
    21:12:27.0503 6648 rcmirror - ok
    21:12:27.0550 6648 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    21:12:27.0550 6648 rdbss - ok
    21:12:27.0596 6648 RDID1046 (aa46dc7ed6bda35e30734fe0e9f6cb43) C:\Windows\system32\Drivers\rdwm1046.sys
    21:12:27.0596 6648 RDID1046 - ok
    21:12:27.0628 6648 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    21:12:27.0628 6648 rdpbus - ok
    21:12:27.0643 6648 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:12:27.0659 6648 RDPCDD - ok
    21:12:27.0690 6648 RDPDISPM (bdf2db2f19945afaf102a2c03062efb1) C:\Windows\system32\DRIVERS\rdpdispm.sys
    21:12:27.0690 6648 RDPDISPM - ok
    21:12:27.0737 6648 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
    21:12:27.0737 6648 RDPDR - ok
    21:12:27.0752 6648 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    21:12:27.0752 6648 RDPENCDD - ok
    21:12:27.0784 6648 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    21:12:27.0784 6648 RDPREFMP - ok
    21:12:27.0815 6648 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
    21:12:27.0815 6648 RdpVideoMiniport - ok
    21:12:27.0846 6648 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    21:12:27.0846 6648 RDPWD - ok
    21:12:27.0877 6648 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    21:12:27.0877 6648 rdyboost - ok
    21:12:27.0940 6648 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    21:12:27.0940 6648 rspndr - ok
    21:12:27.0971 6648 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
    21:12:27.0986 6648 RTL8167 - ok
    21:12:28.0018 6648 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
    21:12:28.0018 6648 s3cap - ok
    21:12:28.0049 6648 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    21:12:28.0049 6648 sbp2port - ok
    21:12:28.0080 6648 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    21:12:28.0080 6648 scfilter - ok
    21:12:28.0111 6648 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    21:12:28.0127 6648 secdrv - ok
    21:12:28.0158 6648 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    21:12:28.0158 6648 Serenum - ok
    21:12:28.0174 6648 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    21:12:28.0189 6648 Serial - ok
    21:12:28.0220 6648 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    21:12:28.0236 6648 sermouse - ok
    21:12:28.0283 6648 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    21:12:28.0283 6648 sffdisk - ok
    21:12:28.0298 6648 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    21:12:28.0314 6648 sffp_mmc - ok
    21:12:28.0330 6648 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    21:12:28.0330 6648 sffp_sd - ok
    21:12:28.0361 6648 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    21:12:28.0376 6648 sfloppy - ok
    21:12:28.0392 6648 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    21:12:28.0392 6648 SiSRaid2 - ok
    21:12:28.0423 6648 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    21:12:28.0423 6648 SiSRaid4 - ok
    21:12:28.0439 6648 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    21:12:28.0439 6648 Smb - ok
    21:12:28.0470 6648 smbusp (3b47f81c3c3b4742221a5391ef8d499d) C:\Windows\system32\DRIVERS\intelsmb.sys
    21:12:28.0470 6648 smbusp - ok
    21:12:28.0517 6648 Soluto (f9369327409492097b0bb7ce86bd29de) C:\Windows\system32\DRIVERS\Soluto.sys
    21:12:28.0517 6648 Soluto - ok
    21:12:28.0548 6648 speedfan - ok
    21:12:28.0579 6648 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    21:12:28.0579 6648 spldr - ok
    21:12:28.0642 6648 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    21:12:28.0657 6648 srv - ok
    21:12:28.0688 6648 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    21:12:28.0704 6648 srv2 - ok
    21:12:28.0735 6648 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    21:12:28.0735 6648 srvnet - ok
    21:12:28.0766 6648 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    21:12:28.0766 6648 stexstor - ok
    21:12:28.0829 6648 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
    21:12:28.0829 6648 storflt - ok
    21:12:28.0844 6648 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
    21:12:28.0860 6648 storvsc - ok
    21:12:28.0876 6648 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    21:12:28.0876 6648 swenum - ok
    21:12:28.0891 6648 Synth3dVsc - ok
    21:12:28.0985 6648 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    21:12:29.0016 6648 Tcpip - ok
    21:12:29.0094 6648 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    21:12:29.0110 6648 TCPIP6 - ok
    21:12:29.0141 6648 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    21:12:29.0141 6648 tcpipreg - ok
    21:12:29.0172 6648 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    21:12:29.0172 6648 TDPIPE - ok
    21:12:29.0188 6648 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    21:12:29.0188 6648 TDTCP - ok
    21:12:29.0219 6648 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    21:12:29.0219 6648 tdx - ok
    21:12:29.0234 6648 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    21:12:29.0250 6648 TermDD - ok
    21:12:29.0281 6648 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:12:29.0281 6648 tssecsrv - ok
    21:12:29.0328 6648 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    21:12:29.0328 6648 TsUsbFlt - ok
    21:12:29.0328 6648 tsusbhub - ok
    21:12:29.0390 6648 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    21:12:29.0390 6648 tunnel - ok
    21:12:29.0406 6648 TurboB (f37d49111a12a97de4bb5d8ff444bd2c) C:\Windows\system32\DRIVERS\TurboB.sys
    21:12:29.0406 6648 TurboB - ok
    21:12:29.0437 6648 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    21:12:29.0437 6648 uagp35 - ok
    21:12:29.0484 6648 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    21:12:29.0484 6648 udfs - ok
    21:12:29.0515 6648 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    21:12:29.0515 6648 uliagpkx - ok
    21:12:29.0531 6648 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    21:12:29.0546 6648 umbus - ok
    21:12:29.0562 6648 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    21:12:29.0562 6648 UmPass - ok
    21:12:29.0609 6648 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
    21:12:29.0624 6648 usbaudio - ok
    21:12:29.0656 6648 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    21:12:29.0656 6648 usbccgp - ok
    21:12:29.0687 6648 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    21:12:29.0687 6648 usbcir - ok
    21:12:29.0718 6648 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    21:12:29.0718 6648 usbehci - ok
    21:12:29.0749 6648 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    21:12:29.0749 6648 usbhub - ok
    21:12:29.0780 6648 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
    21:12:29.0780 6648 usbohci - ok
    21:12:29.0796 6648 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    21:12:29.0796 6648 usbprint - ok
    21:12:29.0827 6648 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:12:29.0827 6648 USBSTOR - ok
    21:12:29.0858 6648 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
    21:12:29.0858 6648 usbuhci - ok
    21:12:29.0890 6648 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
    21:12:29.0890 6648 VClone - ok
    21:12:29.0921 6648 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    21:12:29.0921 6648 vdrvroot - ok
    21:12:29.0952 6648 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    21:12:29.0952 6648 vga - ok
    21:12:29.0968 6648 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    21:12:29.0968 6648 VgaSave - ok
    21:12:29.0983 6648 VGPU - ok
    21:12:30.0014 6648 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    21:12:30.0014 6648 vhdmp - ok
    21:12:30.0046 6648 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    21:12:30.0046 6648 viaide - ok
    21:12:30.0061 6648 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
    21:12:30.0077 6648 vmbus - ok
    21:12:30.0092 6648 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
    21:12:30.0092 6648 VMBusHID - ok
    21:12:30.0124 6648 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    21:12:30.0124 6648 volmgr - ok
    21:12:30.0170 6648 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    21:12:30.0170 6648 volmgrx - ok
    21:12:30.0202 6648 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    21:12:30.0202 6648 volsnap - ok
    21:12:30.0217 6648 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    21:12:30.0217 6648 vsmraid - ok
    21:12:30.0248 6648 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
    21:12:30.0248 6648 vwifibus - ok
    21:12:30.0311 6648 VX3000 (c366ae91d2cc2c1c25380061d235c36b) C:\Windows\system32\DRIVERS\VX3000.sys
    21:12:30.0373 6648 VX3000 - ok
    21:12:30.0404 6648 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    21:12:30.0404 6648 WacomPen - ok
    21:12:30.0420 6648 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    21:12:30.0420 6648 WANARP - ok
    21:12:30.0436 6648 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    21:12:30.0436 6648 Wanarpv6 - ok
    21:12:30.0467 6648 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    21:12:30.0467 6648 Wd - ok
    21:12:30.0498 6648 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    21:12:30.0498 6648 Wdf01000 - ok
    21:12:30.0529 6648 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    21:12:30.0529 6648 WfpLwf - ok
    21:12:30.0545 6648 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    21:12:30.0545 6648 WIMMount - ok
    21:12:30.0685 6648 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
    21:12:30.0685 6648 WinUSB - ok
    21:12:30.0794 6648 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    21:12:30.0810 6648 WmiAcpi - ok
    21:12:30.0872 6648 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    21:12:30.0872 6648 ws2ifsl - ok
    21:12:30.0904 6648 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    21:12:30.0919 6648 WudfPf - ok
    21:12:30.0935 6648 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:12:30.0950 6648 WUDFRd - ok
    21:12:30.0966 6648 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    21:12:30.0982 6648 \Device\Harddisk0\DR0 - ok
    21:12:30.0982 6648 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk5\DR5
    21:12:30.0982 6648 \Device\Harddisk5\DR5 - ok
    21:12:30.0997 6648 Boot (0x1200) (8bc5011b8633409eff00ab8ae79ce75c) \Device\Harddisk0\DR0\Partition0
    21:12:30.0997 6648 \Device\Harddisk0\DR0\Partition0 - ok
    21:12:31.0013 6648 Boot (0x1200) (532db9b4b26a489d6e6d11df31cadc81) \Device\Harddisk0\DR0\Partition1
    21:12:31.0013 6648 \Device\Harddisk0\DR0\Partition1 - ok
    21:12:31.0028 6648 Boot (0x1200) (e36acde65c2ebfaee1f916365712e5d1) \Device\Harddisk0\DR0\Partition2
    21:12:31.0028 6648 \Device\Harddisk0\DR0\Partition2 - ok
    21:12:31.0044 6648 Boot (0x1200) (f0da25eca7ac5a04dbdf0ee5a4eea7a2) \Device\Harddisk0\DR0\Partition3
    21:12:31.0044 6648 \Device\Harddisk0\DR0\Partition3 - ok
    21:12:31.0060 6648 Boot (0x1200) (9d3be2031917d840c617d9603f827d7f) \Device\Harddisk5\DR5\Partition0
    21:12:31.0060 6648 \Device\Harddisk5\DR5\Partition0 - ok
    21:12:31.0060 6648 ============================================================
    21:12:31.0060 6648 Scan finished
    21:12:31.0060 6648 ============================================================
    21:12:31.0060 5472 Detected object count: 0
    21:12:31.0060 5472 Actual detected object count: 0
    21:12:39.0187 6496 ============================================================
    21:12:39.0187 6496 Scan started
    21:12:39.0187 6496 Mode: Manual; SigCheck; TDLFS;
    21:12:39.0187 6496 ============================================================
    21:12:39.0484 6496 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    21:12:39.0624 6496 1394ohci - ok
    21:12:39.0671 6496 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    21:12:39.0686 6496 ACPI - ok
    21:12:39.0702 6496 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    21:12:39.0780 6496 AcpiPmi - ok
    21:12:39.0811 6496 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    21:12:39.0842 6496 adp94xx - ok
    21:12:39.0874 6496 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    21:12:39.0905 6496 adpahci - ok
    21:12:39.0920 6496 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    21:12:39.0936 6496 adpu320 - ok
    21:12:39.0983 6496 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    21:12:40.0030 6496 AFD - ok
    21:12:40.0045 6496 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    21:12:40.0045 6496 agp440 - ok
    21:12:40.0076 6496 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    21:12:40.0092 6496 aliide - ok
    21:12:40.0170 6496 ALSysIO - ok
    21:12:40.0201 6496 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    21:12:40.0217 6496 amdide - ok
    21:12:40.0232 6496 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    21:12:40.0295 6496 AmdK8 - ok
    21:12:40.0466 6496 amdkmdag (446a1aad34191665a8df6092bd8eb5a8) C:\Windows\system32\DRIVERS\atikmdag.sys
    21:12:40.0591 6496 amdkmdag - ok
    21:12:40.0607 6496 amdkmdap (f8f8a908fdb005a65ddf7238c814eea5) C:\Windows\system32\DRIVERS\atikmpag.sys
    21:12:40.0638 6496 amdkmdap - ok
    21:12:40.0654 6496 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    21:12:40.0700 6496 AmdPPM - ok
    21:12:40.0732 6496 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    21:12:40.0747 6496 amdsata - ok
    21:12:40.0763 6496 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    21:12:40.0794 6496 amdsbs - ok
    21:12:40.0810 6496 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    21:12:40.0825 6496 amdxata - ok
    21:12:40.0856 6496 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    21:12:40.0981 6496 AppID - ok
    21:12:41.0012 6496 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    21:12:41.0012 6496 arc - ok
    21:12:41.0028 6496 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    21:12:41.0044 6496 arcsas - ok
    21:12:41.0059 6496 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    21:12:41.0168 6496 AsyncMac - ok
    21:12:41.0200 6496 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    21:12:41.0200 6496 atapi - ok
    21:12:41.0231 6496 AtiHDAudioService (cbe5f8b3e54198f5dfe403a55a95de08) C:\Windows\system32\drivers\AtihdW76.sys
    21:12:41.0246 6496 AtiHDAudioService - ok
    21:12:41.0262 6496 ATITool (b07e6681d303a612680223c729b021e2) C:\Windows\system32\DRIVERS\ATITool64.sys
    21:12:41.0293 6496 ATITool ( UnsignedFile.Multi.Generic ) - warning
    21:12:41.0293 6496 ATITool - detected UnsignedFile.Multi.Generic (1)
    21:12:41.0324 6496 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
    21:12:41.0324 6496 AVGIDSDriver - ok
    21:12:41.0356 6496 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
    21:12:41.0371 6496 AVGIDSEH - ok
    21:12:41.0387 6496 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
    21:12:41.0402 6496 AVGIDSFilter - ok
    21:12:41.0418 6496 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
    21:12:41.0434 6496 Avgldx64 - ok
    21:12:41.0465 6496 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
    21:12:41.0480 6496 Avgmfx64 - ok
    21:12:41.0496 6496 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
    21:12:41.0512 6496 Avgrkx64 - ok
    21:12:41.0527 6496 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
    21:12:41.0543 6496 Avgtdia - ok
    21:12:41.0574 6496 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    21:12:41.0605 6496 b06bdrv - ok
    21:12:41.0636 6496 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    21:12:41.0652 6496 b57nd60a - ok
    21:12:41.0683 6496 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    21:12:41.0730 6496 Beep - ok
    21:12:41.0746 6496 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    21:12:41.0761 6496 blbdrive - ok
    21:12:41.0792 6496 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    21:12:41.0839 6496 bowser - ok
    21:12:41.0855 6496 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    21:12:41.0917 6496 BrFiltLo - ok
    21:12:41.0933 6496 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    21:12:41.0948 6496 BrFiltUp - ok
    21:12:41.0964 6496 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    21:12:41.0995 6496 Brserid - ok
    21:12:42.0011 6496 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    21:12:42.0042 6496 BrSerWdm - ok
    21:12:42.0058 6496 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    21:12:42.0073 6496 BrUsbMdm - ok
    21:12:42.0104 6496 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    21:12:42.0120 6496 BrUsbSer - ok
    21:12:42.0136 6496 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    21:12:42.0151 6496 BTHMODEM - ok
    21:12:42.0182 6496 catchme - ok
    21:12:42.0198 6496 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    21:12:42.0245 6496 cdfs - ok
    21:12:42.0260 6496 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
    21:12:42.0276 6496 cdrom - ok
    21:12:42.0292 6496 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    21:12:42.0323 6496 circlass - ok
    21:12:42.0338 6496 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    21:12:42.0370 6496 CLFS - ok
    21:12:42.0401 6496 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    21:12:42.0416 6496 CmBatt - ok
    21:12:42.0448 6496 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    21:12:42.0448 6496 cmdide - ok
    21:12:42.0494 6496 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
    21:12:42.0510 6496 CNG - ok
    21:12:42.0541 6496 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    21:12:42.0557 6496 Compbatt - ok
    21:12:42.0572 6496 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    21:12:42.0604 6496 CompositeBus - ok
    21:12:42.0635 6496 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    21:12:42.0635 6496 crcdisk - ok
    21:12:42.0666 6496 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
    21:12:42.0713 6496 CSC - ok
    21:12:42.0744 6496 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    21:12:42.0806 6496 DfsC - ok
    21:12:42.0822 6496 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    21:12:42.0853 6496 discache - ok
    21:12:42.0869 6496 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    21:12:42.0869 6496 Disk - ok
    21:12:42.0900 6496 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    21:12:42.0947 6496 drmkaud - ok
    21:12:42.0978 6496 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    21:12:43.0009 6496 DXGKrnl - ok
    21:12:43.0087 6496 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    21:12:43.0118 6496 ebdrv - ok
    21:12:43.0134 6496 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys
    21:12:43.0150 6496 ElbyCDIO - ok
    21:12:43.0165 6496 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    21:12:43.0181 6496 elxstor - ok
    21:12:43.0196 6496 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    21:12:43.0259 6496 ErrDev - ok
    21:12:43.0274 6496 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    21:12:43.0321 6496 exfat - ok
    21:12:43.0337 6496 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    21:12:43.0384 6496 fastfat - ok
    21:12:43.0399 6496 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    21:12:43.0446 6496 fdc - ok
    21:12:43.0462 6496 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    21:12:43.0477 6496 FileInfo - ok
    21:12:43.0493 6496 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    21:12:43.0524 6496 Filetrace - ok
    21:12:43.0540 6496 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    21:12:43.0555 6496 flpydisk - ok
    21:12:43.0586 6496 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    21:12:43.0586 6496 FltMgr - ok
    21:12:43.0602 6496 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    21:12:43.0618 6496 FsDepends - ok
    21:12:43.0633 6496 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    21:12:43.0633 6496 Fs_Rec - ok
    21:12:43.0664 6496 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    21:12:43.0680 6496 fvevol - ok
    21:12:43.0696 6496 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    21:12:43.0696 6496 gagp30kx - ok
    21:12:43.0727 6496 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    21:12:43.0742 6496 GEARAspiWDM - ok
    21:12:43.0789 6496 HCW85BDA (6d0f56d217545e2d0addbf301b35260f) C:\Windows\system32\drivers\HCW85BDA.sys
    21:12:43.0836 6496 HCW85BDA - ok
    21:12:43.0852 6496 hcw85cir (25581dcfe6cb06cc0e48fa5b63f67532) C:\Windows\system32\drivers\hcw85cir3.sys
    21:12:43.0867 6496 hcw85cir - ok
    21:12:43.0898 6496 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    21:12:43.0945 6496 HdAudAddService - ok
    21:12:43.0961 6496 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
    21:12:43.0992 6496 HDAudBus - ok
    21:12:44.0023 6496 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
    21:12:44.0039 6496 HECIx64 - ok
    21:12:44.0054 6496 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    21:12:44.0086 6496 HidBatt - ok
    21:12:44.0117 6496 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    21:12:44.0148 6496 HidBth - ok
    21:12:44.0179 6496 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    21:12:44.0210 6496 HidIr - ok
    21:12:44.0257 6496 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    21:12:44.0288 6496 HidUsb - ok
    21:12:44.0320 6496 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    21:12:44.0351 6496 HpSAMD - ok
    21:12:44.0382 6496 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    21:12:44.0444 6496 HTTP - ok
    21:12:44.0476 6496 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    21:12:44.0491 6496 hwpolicy - ok
    21:12:44.0522 6496 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    21:12:44.0538 6496 i8042prt - ok
    21:12:44.0585 6496 iaStor (85977cd13fc16069ce0af7943a811775) C:\Windows\system32\DRIVERS\iaStor.sys
    21:12:44.0600 6496 iaStor - ok
    21:12:44.0632 6496 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    21:12:44.0647 6496 iaStorV - ok
    21:12:44.0663 6496 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    21:12:44.0678 6496 iirsp - ok
    21:12:44.0741 6496 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
    21:12:44.0819 6496 IntcAzAudAddService - ok
    21:12:44.0834 6496 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    21:12:44.0850 6496 intelide - ok
    21:12:44.0866 6496 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    21:12:44.0881 6496 intelppm - ok
    21:12:44.0897 6496 IOCBIOS - ok
    21:12:44.0928 6496 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:12:44.0959 6496 IpFilterDriver - ok
    21:12:44.0990 6496 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    21:12:45.0022 6496 IPMIDRV - ok
    21:12:45.0037 6496 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    21:12:45.0084 6496 IPNAT - ok
    21:12:45.0100 6496 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    21:12:45.0146 6496 IRENUM - ok
    21:12:45.0162 6496 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    21:12:45.0178 6496 isapnp - ok
    21:12:45.0193 6496 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    21:12:45.0209 6496 iScsiPrt - ok
    21:12:45.0224 6496 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
    21:12:45.0240 6496 kbdclass - ok
    21:12:45.0256 6496 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
    21:12:45.0271 6496 kbdhid - ok
    21:12:45.0318 6496 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
    21:12:45.0334 6496 KSecDD - ok
    21:12:45.0365 6496 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
    21:12:45.0380 6496 KSecPkg - ok
    21:12:45.0380 6496 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    21:12:45.0412 6496 ksthunk - ok
    21:12:45.0458 6496 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys
    21:12:45.0458 6496 LHidFilt - ok
    21:12:45.0474 6496 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    21:12:45.0505 6496 lltdio - ok
    21:12:45.0521 6496 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys
    21:12:45.0536 6496 LMouFilt - ok
    21:12:45.0552 6496 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    21:12:45.0568 6496 LSI_FC - ok
    21:12:45.0583 6496 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    21:12:45.0583 6496 LSI_SAS - ok
    21:12:45.0599 6496 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    21:12:45.0614 6496 LSI_SAS2 - ok
    21:12:45.0630 6496 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    21:12:45.0630 6496 LSI_SCSI - ok
    21:12:45.0661 6496 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    21:12:45.0692 6496 luafv - ok
    21:12:45.0724 6496 LUsbFilt (da3494df01c62d821911ed91ce5e1642) C:\Windows\system32\Drivers\LUsbFilt.Sys
    21:12:45.0724 6496 LUsbFilt - ok
    21:12:45.0755 6496 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
    21:12:45.0755 6496 MBAMProtector - ok
    21:12:45.0786 6496 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    21:12:45.0786 6496 megasas - ok
    21:12:45.0817 6496 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    21:12:45.0817 6496 MegaSR - ok
    21:12:45.0848 6496 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\9944.tmp
    21:12:45.0864 6496 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
    21:12:45.0864 6496 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
    21:12:45.0895 6496 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    21:12:45.0926 6496 Modem - ok
    21:12:45.0958 6496 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    21:12:45.0973 6496 monitor - ok
    21:12:46.0004 6496 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    21:12:46.0004 6496 mouclass - ok
    21:12:46.0020 6496 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    21:12:46.0036 6496 mouhid - ok
    21:12:46.0067 6496 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    21:12:46.0067 6496 mountmgr - ok
    21:12:46.0098 6496 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
    21:12:46.0114 6496 MpFilter - ok
    21:12:46.0145 6496 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    21:12:46.0160 6496 mpio - ok
    21:12:46.0176 6496 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
    21:12:46.0176 6496 MpNWMon - ok
    21:12:46.0207 6496 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    21:12:46.0238 6496 mpsdrv - ok
    21:12:46.0270 6496 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    21:12:46.0348 6496 MRxDAV - ok
    21:12:46.0379 6496 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:12:46.0410 6496 mrxsmb - ok
    21:12:46.0426 6496 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:12:46.0457 6496 mrxsmb10 - ok
    21:12:46.0504 6496 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:12:46.0582 6496 mrxsmb20 - ok
    21:12:46.0691 6496 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    21:12:46.0722 6496 msahci - ok
    21:12:46.0753 6496 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    21:12:46.0769 6496 msdsm - ok
    21:12:46.0800 6496 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    21:12:46.0831 6496 Msfs - ok
    21:12:46.0847 6496 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    21:12:46.0878 6496 mshidkmdf - ok
    21:12:46.0909 6496 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    21:12:46.0940 6496 msisadrv - ok
    21:12:46.0956 6496 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    21:12:46.0987 6496 MSKSSRV - ok
    21:12:47.0003 6496 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    21:12:47.0018 6496 MSPCLOCK - ok
    21:12:47.0034 6496 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    21:12:47.0081 6496 MSPQM - ok
    21:12:47.0112 6496 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    21:12:47.0143 6496 MsRPC - ok
    21:12:47.0159 6496 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    21:12:47.0174 6496 mssmbios - ok
    21:12:47.0190 6496 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    21:12:47.0221 6496 MSTEE - ok
    21:12:47.0237 6496 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    21:12:47.0268 6496 MTConfig - ok
    21:12:47.0284 6496 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    21:12:47.0284 6496 Mup - ok
    21:12:47.0315 6496 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    21:12:47.0346 6496 NativeWifiP - ok
    21:12:47.0377 6496 Nbdrv (0b5d0dd9fa104ef87801c8f58f068b3e) C:\Windows\system32\DRIVERS\nbdrv.sys
    21:12:47.0393 6496 Nbdrv - ok
    21:12:47.0455 6496 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    21:12:47.0518 6496 NDIS - ok
    21:12:47.0533 6496 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    21:12:47.0549 6496 NdisCap - ok
    21:12:47.0580 6496 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    21:12:47.0611 6496 NdisTapi - ok
    21:12:47.0642 6496 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    21:12:47.0658 6496 Ndisuio - ok
    21:12:47.0689 6496 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    21:12:47.0720 6496 NdisWan - ok
    21:12:47.0752 6496 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    21:12:47.0767 6496 NDProxy - ok
    21:12:47.0783 6496 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    21:12:47.0814 6496 NetBIOS - ok
    21:12:47.0830 6496 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    21:12:47.0861 6496 NetBT - ok
    21:12:47.0876 6496 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    21:12:47.0892 6496 nfrd960 - ok
    21:12:47.0923 6496 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    21:12:47.0939 6496 NisDrv - ok
    21:12:47.0954 6496 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    21:12:47.0970 6496 Npfs - ok
    21:12:47.0986 6496 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    21:12:48.0017 6496 nsiproxy - ok
    21:12:48.0064 6496 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    21:12:48.0110 6496 Ntfs - ok
    21:12:48.0126 6496 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    21:12:48.0173 6496 Null - ok
    21:12:48.0188 6496 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    21:12:48.0204 6496 nvraid - ok
    21:12:48.0251 6496 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    21:12:48.0251 6496 nvstor - ok
    21:12:48.0282 6496 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    21:12:48.0313 6496 nv_agp - ok
    21:12:48.0329 6496 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    21:12:48.0360 6496 ohci1394 - ok
    21:12:48.0391 6496 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    21:12:48.0407 6496 Parport - ok
    21:12:48.0422 6496 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    21:12:48.0438 6496 partmgr - ok
    21:12:48.0438 6496 PcdrNdisuio - ok
    21:12:48.0469 6496 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    21:12:48.0485 6496 pci - ok
    21:12:48.0500 6496 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    21:12:48.0516 6496 pciide - ok
    21:12:48.0532 6496 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    21:12:48.0547 6496 pcmcia - ok
    21:12:48.0578 6496 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    21:12:48.0594 6496 pcw - ok
    21:12:48.0610 6496 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    21:12:48.0672 6496 PEAUTH - ok
    21:12:48.0719 6496 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    21:12:48.0766 6496 PptpMiniport - ok
    21:12:48.0781 6496 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    21:12:48.0797 6496 Processor - ok
    21:12:48.0828 6496 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    21:12:48.0859 6496 Psched - ok
    21:12:48.0890 6496 pwdrvio (da3964d8fb8798dc741abaca9ed1b99d) C:\Windows\system32\pwdrvio.sys
    21:12:48.0922 6496 pwdrvio - ok
    21:12:48.0937 6496 pwdspio (a55ed5a63d0178a41ea05ac50a60f89a) C:\Windows\system32\pwdspio.sys
    21:12:48.0953 6496 pwdspio - ok
    21:12:49.0000 6496 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    21:12:49.0062 6496 ql2300 - ok
    21:12:49.0078 6496 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    21:12:49.0093 6496 ql40xx - ok
    21:12:49.0109 6496 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    21:12:49.0124 6496 QWAVEdrv - ok
    21:12:49.0140 6496 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    21:12:49.0171 6496 RasAcd - ok
    21:12:49.0187 6496 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    21:12:49.0218 6496 RasAgileVpn - ok
    21:12:49.0249 6496 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:12:49.0296 6496 Rasl2tp - ok
    21:12:49.0312 6496 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    21:12:49.0358 6496 RasPppoe - ok
    21:12:49.0374 6496 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    21:12:49.0405 6496 RasSstp - ok
    21:12:49.0421 6496 rcmirror (96597c96d5acf4a3ef0b24d396853879) C:\Windows\system32\DRIVERS\rcmirror.sys
    21:12:49.0452 6496 rcmirror - ok
    21:12:49.0483 6496 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    21:12:49.0514 6496 rdbss - ok
    21:12:49.0546 6496 RDID1046 (aa46dc7ed6bda35e30734fe0e9f6cb43) C:\Windows\system32\Drivers\rdwm1046.sys
    21:12:49.0577 6496 RDID1046 - ok
    21:12:49.0592 6496 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    21:12:49.0624 6496 rdpbus - ok
    21:12:49.0655 6496 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:12:49.0686 6496 RDPCDD - ok
    21:12:49.0717 6496 RDPDISPM (bdf2db2f19945afaf102a2c03062efb1) C:\Windows\system32\DRIVERS\rdpdispm.sys
    21:12:49.0748 6496 RDPDISPM - ok
    21:12:49.0780 6496 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
    21:12:49.0826 6496 RDPDR - ok
    21:12:49.0858 6496 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    21:12:49.0889 6496 RDPENCDD - ok
    21:12:49.0904 6496 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    21:12:49.0936 6496 RDPREFMP - ok
    21:12:49.0951 6496 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
    21:12:49.0982 6496 RdpVideoMiniport - ok
    21:12:50.0014 6496 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    21:12:50.0045 6496 RDPWD - ok
    21:12:50.0060 6496 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    21:12:50.0076 6496 rdyboost - ok
    21:12:50.0092 6496 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    21:12:50.0123 6496 rspndr - ok
    21:12:50.0138 6496 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
    21:12:50.0154 6496 RTL8167 - ok
    21:12:50.0185 6496 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
    21:12:50.0216 6496 s3cap - ok
    21:12:50.0232 6496 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    21:12:50.0248 6496 sbp2port - ok
    21:12:50.0263 6496 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    21:12:50.0310 6496 scfilter - ok
    21:12:50.0341 6496 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    21:12:50.0388 6496 secdrv - ok
    21:12:50.0404 6496 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    21:12:50.0419 6496 Serenum - ok
    21:12:50.0450 6496 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    21:12:50.0466 6496 Serial - ok
    21:12:50.0497 6496 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    21:12:50.0528 6496 sermouse - ok
    21:12:50.0560 6496 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    21:12:50.0591 6496 sffdisk - ok
    21:12:50.0622 6496 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    21:12:50.0638 6496 sffp_mmc - ok
    21:12:50.0653 6496 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    21:12:50.0700 6496 sffp_sd - ok
    21:12:50.0716 6496 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    21:12:50.0747 6496 sfloppy - ok
    21:12:50.0762 6496 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    21:12:50.0778 6496 SiSRaid2 - ok
    21:12:50.0794 6496 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    21:12:50.0809 6496 SiSRaid4 - ok
    21:12:50.0825 6496 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    21:12:50.0872 6496 Smb - ok
    21:12:50.0903 6496 smbusp (3b47f81c3c3b4742221a5391ef8d499d) C:\Windows\system32\DRIVERS\intelsmb.sys
    21:12:50.0918 6496 smbusp - ok
    21:12:50.0950 6496 Soluto (f9369327409492097b0bb7ce86bd29de) C:\Windows\system32\DRIVERS\Soluto.sys
    21:12:50.0965 6496 Soluto - ok
    21:12:50.0965 6496 speedfan - ok
    21:12:50.0981 6496 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    21:12:50.0996 6496 spldr - ok
    21:12:51.0028 6496 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    21:12:51.0043 6496 srv - ok
    21:12:51.0074 6496 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    21:12:51.0106 6496 srv2 - ok
    21:12:51.0137 6496 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    21:12:51.0152 6496 srvnet - ok
    21:12:51.0184 6496 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    21:12:51.0184 6496 stexstor - ok
    21:12:51.0215 6496 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
    21:12:51.0215 6496 storflt - ok
    21:12:51.0230 6496 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
    21:12:51.0246 6496 storvsc - ok
    21:12:51.0246 6496 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    21:12:51.0262 6496 swenum - ok
    21:12:51.0277 6496 Synth3dVsc - ok
    21:12:51.0340 6496 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    21:12:51.0418 6496 Tcpip - ok
    21:12:51.0464 6496 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    21:12:51.0480 6496 TCPIP6 - ok
    21:12:51.0511 6496 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    21:12:51.0558 6496 tcpipreg - ok
    21:12:51.0589 6496 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    21:12:51.0605 6496 TDPIPE - ok
    21:12:51.0636 6496 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    21:12:51.0667 6496 TDTCP - ok
    21:12:51.0698 6496 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    21:12:51.0714 6496 tdx - ok
    21:12:51.0730 6496 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    21:12:51.0730 6496 TermDD - ok
    21:12:51.0776 6496 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:12:51.0792 6496 tssecsrv - ok
    21:12:51.0839 6496 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    21:12:51.0854 6496 TsUsbFlt - ok
    21:12:51.0870 6496 tsusbhub - ok
    21:12:51.0901 6496 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    21:12:51.0964 6496 tunnel - ok
    21:12:51.0979 6496 TurboB (f37d49111a12a97de4bb5d8ff444bd2c) C:\Windows\system32\DRIVERS\TurboB.sys
    21:12:51.0979 6496 TurboB - ok
    21:12:51.0995 6496 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    21:12:52.0026 6496 uagp35 - ok
    21:12:52.0057 6496 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    21:12:52.0104 6496 udfs - ok
    21:12:52.0135 6496 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    21:12:52.0151 6496 uliagpkx - ok
    21:12:52.0166 6496 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    21:12:52.0182 6496 umbus - ok
    21:12:52.0198 6496 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    21:12:52.0244 6496 UmPass - ok
    21:12:52.0260 6496 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
    21:12:52.0291 6496 usbaudio - ok
    21:12:52.0322 6496 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    21:12:52.0338 6496 usbccgp - ok
    21:12:52.0369 6496 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    21:12:52.0400 6496 usbcir - ok
    21:12:52.0432 6496 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    21:12:52.0463 6496 usbehci - ok
    21:12:52.0494 6496 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    21:12:52.0510 6496 usbhub - ok
    21:12:52.0541 6496 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
    21:12:52.0556 6496 usbohci - ok
    21:12:52.0572 6496 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    21:12:52.0588 6496 usbprint - ok
    21:12:52.0619 6496 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:12:52.0666 6496 USBSTOR - ok
    21:12:52.0681 6496 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
    21:12:52.0697 6496 usbuhci - ok
    21:12:52.0728 6496 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys
    21:12:52.0759 6496 VClone - ok
    21:12:52.0775 6496 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    21:12:52.0790 6496 vdrvroot - ok
    21:12:52.0806 6496 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    21:12:52.0822 6496 vga - ok
    21:12:52.0837 6496 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    21:12:52.0868 6496 VgaSave - ok
    21:12:52.0868 6496 VGPU - ok
    21:12:52.0884 6496 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    21:12:52.0900 6496 vhdmp - ok
    21:12:52.0915 6496 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    21:12:52.0931 6496 viaide - ok
    21:12:52.0946 6496 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
    21:12:52.0946 6496 vmbus - ok
    21:12:52.0978 6496 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
    21:12:53.0009 6496 VMBusHID - ok
    21:12:53.0024 6496 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    21:12:53.0040 6496 volmgr - ok
    21:12:53.0071 6496 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    21:12:53.0102 6496 volmgrx - ok
    21:12:53.0118 6496 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    21:12:53.0134 6496 volsnap - ok
    21:12:53.0149 6496 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    21:12:53.0165 6496 vsmraid - ok
    21:12:53.0196 6496 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
    21:12:53.0212 6496 vwifibus - ok
    21:12:53.0258 6496 VX3000 (c366ae91d2cc2c1c25380061d235c36b) C:\Windows\system32\DRIVERS\VX3000.sys
    21:12:53.0305 6496 VX3000 - ok
    21:12:53.0336 6496 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    21:12:53.0368 6496 WacomPen - ok
    21:12:53.0399 6496 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    21:12:53.0430 6496 WANARP - ok
    21:12:53.0430 6496 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    21:12:53.0446 6496 Wanarpv6 - ok
    21:12:53.0477 6496 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    21:12:53.0477 6496 Wd - ok
    21:12:53.0508 6496 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    21:12:53.0524 6496 Wdf01000 - ok
    21:12:53.0539 6496 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    21:12:53.0570 6496 WfpLwf - ok
    21:12:53.0586 6496 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    21:12:53.0586 6496 WIMMount - ok
    21:12:53.0633 6496 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
    21:12:53.0648 6496 WinUSB - ok
    21:12:53.0680 6496 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    21:12:53.0695 6496 WmiAcpi - ok
    21:12:53.0711 6496 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    21:12:53.0742 6496 ws2ifsl - ok
    21:12:53.0773 6496 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    21:12:53.0820 6496 WudfPf - ok
    21:12:53.0820 6496 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:12:53.0851 6496 WUDFRd - ok
    21:12:53.0867 6496 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    21:12:53.0976 6496 \Device\Harddisk0\DR0 - ok
    21:12:53.0976 6496 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk5\DR5
    21:12:54.0101 6496 \Device\Harddisk5\DR5 - ok
    21:12:54.0101 6496 Boot (0x1200) (8bc5011b8633409eff00ab8ae79ce75c) \Device\Harddisk0\DR0\Partition0
    21:12:54.0101 6496 \Device\Harddisk0\DR0\Partition0 - ok
    21:12:54.0117 6496 Boot (0x1200) (532db9b4b26a489d6e6d11df31cadc81) \Device\Harddisk0\DR0\Partition1
    21:12:54.0117 6496 \Device\Harddisk0\DR0\Partition1 - ok
    21:12:54.0132 6496 Boot (0x1200) (e36acde65c2ebfaee1f916365712e5d1) \Device\Harddisk0\DR0\Partition2
    21:12:54.0132 6496 \Device\Harddisk0\DR0\Partition2 - ok
    21:12:54.0148 6496 Boot (0x1200) (f0da25eca7ac5a04dbdf0ee5a4eea7a2) \Device\Harddisk0\DR0\Partition3
    21:12:54.0148 6496 \Device\Harddisk0\DR0\Partition3 - ok
    21:12:54.0148 6496 Boot (0x1200) (9d3be2031917d840c617d9603f827d7f) \Device\Harddisk5\DR5\Partition0
    21:12:54.0163 6496 \Device\Harddisk5\DR5\Partition0 - ok
    21:12:54.0163 6496 ============================================================
    21:12:54.0163 6496 Scan finished
    21:12:54.0163 6496 ============================================================
    21:12:54.0163 7104 Detected object count: 2
    21:12:54.0163 7104 Actual detected object count: 2
    21:13:43.0335 7104 ATITool ( UnsignedFile.Multi.Generic ) - skipped by user
    21:13:43.0335 7104 ATITool ( UnsignedFile.Multi.Generic ) - User select action: Skip
    21:13:43.0335 7104 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
    21:13:43.0335 7104 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

    Thanks.
     
  6. kevinf80

    kevinf80 Malware Specialist

    Joined:
    Mar 21, 2006
    Messages:
    11,383
    First Name:
    Kevin
    Upload a File to Virustotal
    Please visit Virustotal
    • Click the Browse... button
    • Navigate to the file C:\Windows\system32\DRIVERS\ATITool64.sys
    • Click the Open button
    • Click the Send button
    • If you get a message saying File has already been analyzed: click Reanalyze file now
    • Copy and paste the results back here please.

    Next,

    Download aswMBR from Here

    • Save aswMBR.exe to your Desktop
    • Double click aswMBR.exe to run it, it may ask to update, allow it.
    • Click the Scan button to start the scan as illustrated below

      [​IMG]

      Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives
    • Once the scan finishes click Save log to save the log to your Desktop.

      [​IMG]
    • Copy and paste the contents of aswMBR.txt back here for review
    • You will also notice another file created on the desktop named MBR.dat. Right-click that file and select Send To and then Compressed (zipped) file. Attach that zipped file to your next reply as well.

    Next,

    Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

    Link 1
    Link 2

    • Ensure that Combofix is saved directly to the Desktop <--- Very important
    • Disable all security programs as they will have a negative effect on Combofix, instructions available Here if required. Be aware the list may not have all programs listed, if you need more help please ask.
    • Close any open browsers and any other programs you might have running
    • Double click the [​IMG] icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
    • Instructions for running Combofix available Here if required.
    • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
    • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

    ****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read Here why disabling autoruns is recommended.

    *EXTRA NOTES*
    • If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
    • If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
    • If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

    Post the logs from aswMBR and Combofix in reply, also attach MBR.zip.

    Kevin
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1028609

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice