j4jdel0.exe sospetto in appdata/temp

vanni1188 · 3 Dicembre 2012

Salve, premetto che sono un po' paranoico riguardo la questione sicurezza pc e faccio almeno una volta a settimana scansioni complete del sistema con Avira Premium e MalwareBytes, oltre a pulire tutto con ccleaner, sia registro che dati. Fin'ora non ho mai trovato nulla in queste ricerche di routine, le uniche volte che ho rilevato qualcosa è stato quando avevo sicuramente qualche problema palese al pc.

Ora, da un po' di tempo continua a comparire questo strano file j4jdel0.exe nel percorso C:\Users\xxxxx\AppData\Local\Temp e ricordandomi che l'unica volta che ho visto eseguibili in quella cartella erano malware ho deciso di cercare un po' online. Risultati quasi zero. Alcuni siti riferiscono che la % di problemi riguardanti questo file è bassa, Avira e MalwareBytes continuano a dirmi che non è un file infetto, ma la frequenza con cui appare non mi fa pensare bene (praticamente un paio di volte al giorno).

Allego un log di hijackthis casomai servisse.

P.S.: un paio di mesi fa ho beccato il famoso virus della SIAE, ripristinato il sistema e cancellato con avira e malwabytes il casino che mi aveva provocato. Non vorrei che fosse qualche rimasuglio di quello. Un paio di giorni dopo anche la variante polizia di stato di quel virus, per fortuna soltanto quello che avviava da esecuzione automatica. Su Avira effettivamente continua a riportare un "oggetto nascosto" nelle scansioni comunque.

Grazie per l'aiuto. ^^

tecnico24 · 3 Dicembre 2012

Ciao.
Segui questa guida
http://www.tomshw.it/forum/sicurezz...omputer-infetto-leggere-prima-di-postare.html
leggi le istruzioni per OTL e posta i due report.

vanni1188 · 3 Dicembre 2012

Grazie per la rispsota rapida ^^ Ecco i due logs OTL e Extras

tecnico24 · 3 Dicembre 2012

Ci sono ancora alcuni residui.
Innanzitutto , disattiva il ripristino configurazione di sistema:

Per Windows vista / 7:
● Pannello di controllo
● Sistema e sicurezza
● Sistema
● Protezione sistema a sinistra
● Per windows 7 cliccate su configura e spuntate su Disattiva protezione , Applica e ok.

Apri OTL
sotto il box custom scans / fixes
copia ed incolla questo codice in grassetto:

:OTL
O33 - MountPoints2\{5ddb53a5-ec32-11e1-8e19-00235420829a}\Shell - "" = AutoRun
O33 - MountPoints2\{5ddb53a5-ec32-11e1-8e19-00235420829a}\Shell\AutoRun\command - "" = J:\VFPcAssistant.exe
O33 - MountPoints2\{ebca165d-cb7f-11e1-bbe0-00235420829a}\Shell - "" = AutoRun
O33 - MountPoints2\{ebca165d-cb7f-11e1-bbe0-00235420829a}\Shell\AutoRun\command - "" = J:\VFPcAssistant.exe
O33 - MountPoints2\{ebca1660-cb7f-11e1-bbe0-00235420829a}\Shell - "" = AutoRun
O33 - MountPoints2\{ebca1660-cb7f-11e1-bbe0-00235420829a}\Shell\AutoRun\command - "" = J:\VFPcAssistant.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\VFPcAssistant.exe
@alternate Data Stream - 5120 bytes -> C:\ProgramData:gs5sys
@alternate Data Stream - 1536 bytes -> C:\Users\Public\Documents\desktop.ini:gs5sys
@alternate Data Stream - 1536 bytes -> C:\Users\Alfier\Documents\desktop.ini:gs5sys
@alternate Data Stream - 1536 bytes -> C:\Users\Alfier\Desktop\desktop.ini:gs5sys
@alternate Data Stream - 1158 bytes -> C:\ProgramData\Microsoft:2ddtG5TnqofX1g1UYyQPAurNCSnQZy
@alternate Data Stream - 1135 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:nNiJ3GZ6b1xVwOdBQh1O3ieBSa

:Files
C:\Users\Alfier\AppData\Roaming\Umpa
C:\Users\Alfier\AppData\Roaming\Qazybi
C:\Users\Alfier\AppData\Roaming\Ikqi
C:\Users\Alfier\AppData\Roaming\Qosywo
C:\Users\Alfier\AppData\Roaming\Doowr
C:\ProgramData\cstsm.pad
C:\ProgramData\epyks.pad
C:\Users\Alfier\AppData\Roaming\DofusAppId0_2
C:\Users\Alfier\AppData\Roaming\D2Info0
C:\Users\Alfier\AppData\Roaming\DofusAppId0_1
C:\Users\Alfier\AppData\Local\Temp\*.tmp
C:\Users\Alfier\AppData\Local\Temp\*.exe
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt /c

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]

clicca sul bottone

Aspetta le operazioni senza interferire
Aspetta il riavvio del pc
Al ritorno posta il log che ti appare.

vanni1188 · 3 Dicembre 2012

Perdonami ma quando vado a disattivare il ripristino configurazione di sistema mi viene detto che così facendo tutti i punti già creati in passato vengono eliminati. Se qualcosa va storto non rischio di fare più danni di quanti ne possa risolvere?

tecnico24 · 3 Dicembre 2012

Se non disattivi il ripristino , c'è rischio che il pc possa rinfettarsi nuovamente.
Quindi procedi con la disattivazione e poi dopo aver concluso le operazioni lo riattivi.

vanni1188 · 3 Dicembre 2012

Fatto, e questo è il log

ho notato cmq che alcuni file restano ancora, come qualche cartella dal nome strano sotto Appdata/locallow e soprattutto i due pad files in ProgramData (cstsm.pad e epyks.pad) sicuramente collegati a quel virus (per lo meno da altre testimonianze online). Dunque queste sono da eliminare manualmente?

tecnico24 · 3 Dicembre 2012

Perdonami , ma hai copiato tutto il codice nel box custom scans / fixes?

vanni1188 · 3 Dicembre 2012

si, completamente, ho anche ricontrollato a vista ogni riga per evitare errori

tecnico24 · 3 Dicembre 2012

Segui le istruzioni per Combofix:
http://www.tomshw.it/forum/sicurezz...omputer-infetto-leggere-prima-di-postare.html
posta il report.

vanni1188 · 3 Dicembre 2012

Ho provveduto a cancellare a mano i due .pad in programdata e le cartelle rimanenti in Roaming.
Sinceramente sono un po' impaurito da ComboFix, soprattutto in un periodo di sbalzi di tensione come questo... credo che aspetterò di vedere se il file in oggetto ricompare nella cartella temp prima di usare ComboFix, quindi gentilmente non chiudete la discussione per ora ^^

In ogni caso, il consiglio di usare ComboFix è venuto da qualche valore strano nell'ultimo log?

Grazie dell'aiuto comunque ^^

tecnico24 · 3 Dicembre 2012

Combofix eliminava in automatico quei files , e poi ci sono alcune cartelle che non sono state rimosse.
Se non te la senti non ti obbligo , ma il report serviva.

vanni1188 · 3 Dicembre 2012

A me sinceramente interessa che il virus sia stato estirpato là dove può andarsi ad avviare ancora, i .pad files immagino che fossero tutto l'ambaradan grafico dell'interfaccia fasulla SIAE e GDF vista la dimensione (80mb ciascuno), che effettivamente non è più comparsa. Finchè i files sono inerti poco mi importa che siano ancora sparsi qua e là, ma ovviamente se quel j4jdel0 continua a comparire vuole dire che c'è un servizio lo crea... e quindi se succede ancora faccio partire un ComboFix, ma su questo pc lavoro e non posso rischiare più di tanto, oltretutto mi viene difficile fare il backup di certe cose.

P.S.: a quanto pare da una veloce scansione per rootkit di avira c'è ancora un oggetto nascosto nel sistema... l'antivirus mi rimanda al CD Rescue System, che però leggo un po' online che... non funziona... :( da quei log si capisce qualcosa riguardo questo?

tecnico24 · 3 Dicembre 2012

vanni1188 ha detto:
A me sinceramente interessa che il virus sia stato estirpato là dove può andarsi ad avviare ancora, i .pad files immagino che fossero tutto l'ambaradan grafico dell'interfaccia fasulla SIAE e GDF vista la dimensione (80mb ciascuno), che effettivamente non è più comparsa. Finchè i files sono inerti poco mi importa che siano ancora sparsi qua e là, ma ovviamente se quel j4jdel0 continua a comparire vuole dire che c'è un servizio lo crea... e quindi se succede ancora faccio partire un ComboFix, ma su questo pc lavoro e non posso rischiare più di tanto, oltretutto mi viene difficile fare il backup di certe cose.

P.S.: a quanto pare da una veloce scansione per rootkit di avira c'è ancora un oggetto nascosto nel sistema... l'antivirus mi rimanda al CD Rescue System, che però leggo un po' online che... non funziona... :( da quei log si capisce qualcosa riguardo questo?

Non è detto che siano virus.
E' normale che ci sono degli oggetti nascosti in un pc , quindi è un comportamento regolare tranquillo.

Esegui TDSSKiller per una verifica:
http://www.tomshw.it/forum/sicurezz...omputer-infetto-leggere-prima-di-postare.html
posta il log.

vanni1188 · 3 Dicembre 2012

Codice:

19:11:47.0005 1028  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:11:47.0250 1028  ============================================================
19:11:47.0250 1028  Current date / time: 2012/12/03 19:11:47.0250
19:11:47.0250 1028  SystemInfo:
19:11:47.0250 1028  
19:11:47.0250 1028  OS Version: 6.1.7601 ServicePack: 1.0
19:11:47.0250 1028  Product type: Workstation
19:11:47.0250 1028  ComputerName: PC-stanzetta
19:11:47.0251 1028  UserName: Alfier
19:11:47.0251 1028  Windows directory: C:\Windows
19:11:47.0251 1028  System windows directory: C:\Windows
19:11:47.0251 1028  Running under WOW64
19:11:47.0251 1028  Processor architecture: Intel x64
19:11:47.0251 1028  Number of processors: 4
19:11:47.0251 1028  Page size: 0x1000
19:11:47.0251 1028  Boot type: Normal boot
19:11:47.0251 1028  ============================================================
19:11:47.0917 1028  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:11:47.0940 1028  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:11:47.0948 1028  ============================================================
19:11:47.0948 1028  \Device\Harddisk0\DR0:
19:11:47.0949 1028  MBR partitions:
19:11:47.0949 1028  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
19:11:47.0949 1028  \Device\Harddisk1\DR1:
19:11:47.0949 1028  MBR partitions:
19:11:47.0949 1028  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3A384C02
19:11:47.0949 1028  ============================================================
19:11:47.0987 1028  C: <-> \Device\Harddisk0\DR0\Partition1
19:11:48.0012 1028  D: <-> \Device\Harddisk1\DR1\Partition1
19:11:48.0012 1028  ============================================================
19:11:48.0012 1028  Initialize success
19:11:48.0012 1028  ============================================================
19:12:16.0945 3176  ============================================================
19:12:16.0945 3176  Scan started
19:12:16.0945 3176  Mode: Manual; 
19:12:16.0945 3176  ============================================================
19:12:17.0313 3176  ================ Scan system memory ========================
19:12:17.0313 3176  System memory - ok
19:12:17.0314 3176  ================ Scan services =============================
19:12:17.0404 3176  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
19:12:17.0405 3176  1394ohci - ok
19:12:17.0423 3176  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
19:12:17.0426 3176  ACPI - ok
19:12:17.0442 3176  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
19:12:17.0446 3176  AcpiPmi - ok
19:12:17.0528 3176  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:12:17.0529 3176  AdobeARMservice - ok
19:12:17.0564 3176  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:12:17.0574 3176  adp94xx - ok
19:12:17.0593 3176  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:12:17.0600 3176  adpahci - ok
19:12:17.0618 3176  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:12:17.0624 3176  adpu320 - ok
19:12:17.0650 3176  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:12:17.0656 3176  AeLookupSvc - ok
19:12:17.0693 3176  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:12:17.0704 3176  AFD - ok
19:12:17.0726 3176  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
19:12:17.0730 3176  agp440 - ok
19:12:17.0743 3176  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:12:17.0749 3176  ALG - ok
19:12:17.0767 3176  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
19:12:17.0771 3176  aliide - ok
19:12:17.0775 3176  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
19:12:17.0778 3176  amdide - ok
19:12:17.0788 3176  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:12:17.0793 3176  AmdK8 - ok
19:12:17.0797 3176  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:12:17.0801 3176  AmdPPM - ok
19:12:17.0827 3176  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:12:17.0832 3176  amdsata - ok
19:12:17.0845 3176  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:12:17.0851 3176  amdsbs - ok
19:12:17.0860 3176  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:12:17.0864 3176  amdxata - ok
19:12:17.0929 3176  [ D11129E191DAE84C42050D94025C924D ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
19:12:17.0931 3176  AntiVirMailService - ok
19:12:17.0973 3176  [ 407639DC7A413D42B6B6611632B26B93 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:12:17.0974 3176  AntiVirSchedulerService - ok
19:12:17.0998 3176  [ 12AD1B520A3B5F47B492B6A0236DB262 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:12:17.0999 3176  AntiVirService - ok
19:12:18.0017 3176  [ FCA0134FC70DB72D883DFAA7336001FB ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:12:18.0021 3176  AntiVirWebService - ok
19:12:18.0047 3176  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:12:18.0051 3176  AppID - ok
19:12:18.0064 3176  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:12:18.0071 3176  AppIDSvc - ok
19:12:18.0086 3176  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
19:12:18.0093 3176  Appinfo - ok
19:12:18.0120 3176  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:12:18.0128 3176  AppMgmt - ok
19:12:18.0145 3176  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:12:18.0150 3176  arc - ok
19:12:18.0157 3176  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:12:18.0162 3176  arcsas - ok
19:12:18.0249 3176  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:12:18.0256 3176  aspnet_state - ok
19:12:18.0277 3176  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:12:18.0280 3176  AsyncMac - ok
19:12:18.0289 3176  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
19:12:18.0289 3176  atapi - ok
19:12:18.0321 3176  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:12:18.0336 3176  AudioEndpointBuilder - ok
19:12:18.0347 3176  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:12:18.0350 3176  AudioSrv - ok
19:12:18.0396 3176  [ 58AEE8F9E26595ADEB6F008FBB0D6174 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
19:12:18.0403 3176  avgntflt - ok
19:12:18.0426 3176  [ 37D3D3D28B107BCBC1C0137FF31AE480 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
19:12:18.0434 3176  avipbb - ok
19:12:18.0447 3176  [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
19:12:18.0451 3176  avkmgr - ok
19:12:18.0478 3176  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:12:18.0485 3176  AxInstSV - ok
19:12:18.0510 3176  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:12:18.0519 3176  b06bdrv - ok
19:12:18.0539 3176  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:12:18.0545 3176  b57nd60a - ok
19:12:18.0563 3176  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:12:18.0569 3176  BDESVC - ok
19:12:18.0573 3176  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:12:18.0576 3176  Beep - ok
19:12:18.0659 3176  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:12:18.0675 3176  BFE - ok
19:12:18.0725 3176  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:12:18.0735 3176  BITS - ok
19:12:18.0748 3176  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:12:18.0753 3176  blbdrive - ok
19:12:18.0778 3176  [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:12:18.0785 3176  Bonjour Service - ok
19:12:18.0810 3176  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:12:18.0815 3176  bowser - ok
19:12:18.0836 3176  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:12:18.0839 3176  BrFiltLo - ok
19:12:18.0844 3176  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:12:18.0846 3176  BrFiltUp - ok
19:12:18.0883 3176  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:12:18.0891 3176  Browser - ok
19:12:18.0907 3176  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:12:18.0915 3176  Brserid - ok
19:12:18.0926 3176  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:12:18.0930 3176  BrSerWdm - ok
19:12:18.0935 3176  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:12:18.0940 3176  BrUsbMdm - ok
19:12:18.0945 3176  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:12:18.0948 3176  BrUsbSer - ok
19:12:18.0957 3176  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:12:18.0961 3176  BTHMODEM - ok
19:12:19.0003 3176  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:12:19.0010 3176  bthserv - ok
19:12:19.0052 3176  [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64     C:\Windows\system32\drivers\BVRPMPR5a64.SYS
19:12:19.0057 3176  BVRPMPR5a64 - ok
19:12:19.0080 3176  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:12:19.0085 3176  cdfs - ok
19:12:19.0108 3176  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:12:19.0115 3176  cdrom - ok
19:12:19.0143 3176  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:12:19.0149 3176  CertPropSvc - ok
19:12:19.0166 3176  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:12:19.0172 3176  circlass - ok
19:12:19.0188 3176  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:12:19.0191 3176  CLFS - ok
19:12:19.0237 3176  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:12:19.0245 3176  clr_optimization_v2.0.50727_32 - ok
19:12:19.0269 3176  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:12:19.0277 3176  clr_optimization_v2.0.50727_64 - ok
19:12:19.0333 3176  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:12:19.0335 3176  clr_optimization_v4.0.30319_32 - ok
19:12:19.0344 3176  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:12:19.0346 3176  clr_optimization_v4.0.30319_64 - ok
19:12:19.0365 3176  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:12:19.0369 3176  CmBatt - ok
19:12:19.0392 3176  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
19:12:19.0396 3176  cmdide - ok
19:12:19.0428 3176  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:12:19.0440 3176  CNG - ok
19:12:19.0468 3176  [ F38ACFF40E9EDC2B3476EDD724CEA4A0 ] COMMONFX        C:\Windows\system32\drivers\COMMONFX.SYS
19:12:19.0474 3176  COMMONFX - ok
19:12:19.0490 3176  [ F38ACFF40E9EDC2B3476EDD724CEA4A0 ] COMMONFX.SYS    C:\Windows\System32\drivers\COMMONFX.SYS
19:12:19.0491 3176  COMMONFX.SYS - ok
19:12:19.0500 3176  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:12:19.0504 3176  Compbatt - ok
19:12:19.0526 3176  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:12:19.0531 3176  CompositeBus - ok
19:12:19.0537 3176  COMSysApp - ok
19:12:19.0577 3176  [ 3CA734CE373E5675FBC15CA2C45228E5 ] cpudrv64        C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
19:12:19.0582 3176  cpudrv64 - ok
19:12:19.0591 3176  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:12:19.0595 3176  crcdisk - ok
19:12:19.0623 3176  [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:12:19.0633 3176  Creative Audio Engine Licensing Service - ok
19:12:19.0675 3176  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:12:19.0685 3176  CryptSvc - ok
19:12:19.0700 3176  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
19:12:19.0711 3176  CSC - ok
19:12:19.0740 3176  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
19:12:19.0756 3176  CscService - ok
19:12:19.0795 3176  [ 095C566746217CD1482EDE40A70D87D2 ] ctac32k         C:\Windows\system32\drivers\ctac32k.sys
19:12:19.0805 3176  ctac32k - ok
19:12:19.0832 3176  [ 157E2196FCCD002A2EDF3B06DF7B0C9A ] ctaud2k         C:\Windows\system32\drivers\ctaud2k.sys
19:12:19.0845 3176  ctaud2k - ok
19:12:19.0870 3176  [ 17979EE857E930CBFDF24A12E89D77A1 ] CTAUDFX         C:\Windows\system32\drivers\CTAUDFX.SYS
19:12:19.0880 3176  CTAUDFX - ok
19:12:19.0901 3176  [ 17979EE857E930CBFDF24A12E89D77A1 ] CTAUDFX.SYS     C:\Windows\System32\drivers\CTAUDFX.SYS
19:12:19.0905 3176  CTAUDFX.SYS - ok
19:12:19.0944 3176  [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
19:12:19.0946 3176  CTAudSvcService - ok
19:12:19.0969 3176  [ FE3EAE37536C02D087E5C5D339663779 ] CTERFXFX        C:\Windows\system32\drivers\CTERFXFX.SYS
19:12:19.0975 3176  CTERFXFX - ok
19:12:19.0981 3176  [ FE3EAE37536C02D087E5C5D339663779 ] CTERFXFX.SYS    C:\Windows\System32\drivers\CTERFXFX.SYS
19:12:19.0982 3176  CTERFXFX.SYS - ok
19:12:20.0017 3176  [ 4E4FDAB4A7CF5AF56E3FA1FE35E8AD3C ] ctprxy2k        C:\Windows\system32\drivers\ctprxy2k.sys
19:12:20.0023 3176  ctprxy2k - ok
19:12:20.0054 3176  [ 4A7DE2E30B2B9253933A157401EC76D5 ] CTSBLFX         C:\Windows\system32\drivers\CTSBLFX.SYS
19:12:20.0064 3176  CTSBLFX - ok
19:12:20.0077 3176  [ 4A7DE2E30B2B9253933A157401EC76D5 ] CTSBLFX.SYS     C:\Windows\System32\drivers\CTSBLFX.SYS
19:12:20.0081 3176  CTSBLFX.SYS - ok
19:12:20.0106 3176  [ 065ADE032A044D518AB1407D3586B7D5 ] ctsfm2k         C:\Windows\system32\drivers\ctsfm2k.sys
19:12:20.0111 3176  ctsfm2k - ok
19:12:20.0146 3176  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:12:20.0151 3176  DcomLaunch - ok
19:12:20.0176 3176  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:12:20.0186 3176  defragsvc - ok
19:12:20.0199 3176  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:12:20.0204 3176  DfsC - ok
19:12:20.0216 3176  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:12:20.0224 3176  Dhcp - ok
19:12:20.0244 3176  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:12:20.0248 3176  discache - ok
19:12:20.0275 3176  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:12:20.0279 3176  Disk - ok
19:12:20.0289 3176  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\DRIVERS\dmvsc.sys
19:12:20.0293 3176  dmvsc - ok
19:12:20.0315 3176  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:12:20.0322 3176  Dnscache - ok
19:12:20.0354 3176  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:12:20.0365 3176  dot3svc - ok
19:12:20.0392 3176  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
19:12:20.0397 3176  Dot4 - ok
19:12:20.0412 3176  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:12:20.0415 3176  Dot4Print - ok
19:12:20.0426 3176  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
19:12:20.0429 3176  dot4usb - ok
19:12:20.0444 3176  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:12:20.0445 3176  DPS - ok
19:12:20.0466 3176  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:12:20.0469 3176  drmkaud - ok
19:12:20.0501 3176  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:12:20.0511 3176  DXGKrnl - ok
19:12:20.0522 3176  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:12:20.0527 3176  EapHost - ok
19:12:20.0578 3176  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:12:20.0630 3176  ebdrv - ok
19:12:20.0653 3176  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:12:20.0655 3176  EFS - ok
19:12:20.0704 3176  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:12:20.0721 3176  ehRecvr - ok
19:12:20.0729 3176  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:12:20.0737 3176  ehSched - ok
19:12:20.0769 3176  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:12:20.0779 3176  elxstor - ok
19:12:20.0799 3176  [ F380FF5D6D80CECC6DBBC15569757613 ] emupia          C:\Windows\system32\drivers\emupia2k.sys
19:12:20.0804 3176  emupia - ok
19:12:20.0814 3176  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
19:12:20.0817 3176  ErrDev - ok
19:12:20.0850 3176  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:12:20.0853 3176  EventSystem - ok
19:12:20.0868 3176  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:12:20.0875 3176  exfat - ok
19:12:20.0893 3176  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:12:20.0899 3176  fastfat - ok
19:12:20.0933 3176  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:12:20.0944 3176  Fax - ok
19:12:20.0962 3176  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:12:20.0966 3176  fdc - ok
19:12:20.0973 3176  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:12:20.0974 3176  fdPHost - ok
19:12:20.0983 3176  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:12:20.0984 3176  FDResPub - ok
19:12:20.0994 3176  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:12:20.0999 3176  FileInfo - ok
19:12:21.0015 3176  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:12:21.0018 3176  Filetrace - ok
19:12:21.0055 3176  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:12:21.0070 3176  FLEXnet Licensing Service - ok
19:12:21.0162 3176  [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:12:21.0196 3176  FLEXnet Licensing Service 64 - ok
19:12:21.0213 3176  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:12:21.0217 3176  flpydisk - ok
19:12:21.0250 3176  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:12:21.0259 3176  FltMgr - ok
19:12:21.0296 3176  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
19:12:21.0314 3176  FontCache - ok
19:12:21.0345 3176  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:12:21.0352 3176  FontCache3.0.0.0 - ok
19:12:21.0365 3176  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:12:21.0370 3176  FsDepends - ok
19:12:21.0385 3176  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:12:21.0389 3176  Fs_Rec - ok
19:12:21.0426 3176  [ 0D015D3584704EC814A58276232F143B ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
19:12:21.0432 3176  Futuremark SystemInfo Service - ok
19:12:21.0456 3176  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:12:21.0463 3176  fvevol - ok
19:12:21.0472 3176  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:12:21.0477 3176  gagp30kx - ok
19:12:21.0502 3176  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:12:21.0508 3176  gpsvc - ok
19:12:21.0544 3176  [ 82B68F585110AE8500A6D23623AE1F74 ] ha10kx2k        C:\Windows\system32\drivers\ha10kx2k.sys
19:12:21.0556 3176  ha10kx2k - ok
19:12:21.0589 3176  [ 83F647F9ACE9192556F758E528024F68 ] hap16v2k        C:\Windows\system32\drivers\hap16v2k.sys
19:12:21.0596 3176  hap16v2k - ok
19:12:21.0624 3176  [ E815D29361DE89D24C8DBE3E5A7006C9 ] hap17v2k        C:\Windows\system32\drivers\hap17v2k.sys
19:12:21.0631 3176  hap17v2k - ok
19:12:21.0645 3176  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:12:21.0650 3176  hcw85cir - ok
19:12:21.0686 3176  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:12:21.0694 3176  HdAudAddService - ok
19:12:21.0721 3176  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:12:21.0722 3176  HDAudBus - ok
19:12:21.0726 3176  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:12:21.0730 3176  HidBatt - ok
19:12:21.0736 3176  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:12:21.0740 3176  HidBth - ok
19:12:21.0745 3176  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:12:21.0749 3176  HidIr - ok
19:12:21.0770 3176  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:12:21.0775 3176  hidserv - ok
19:12:21.0799 3176  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:12:21.0802 3176  HidUsb - ok
19:12:21.0828 3176  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:12:21.0834 3176  hkmsvc - ok
19:12:21.0844 3176  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:12:21.0855 3176  HomeGroupListener - ok
19:12:21.0880 3176  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:12:21.0887 3176  HomeGroupProvider - ok
19:12:21.0951 3176  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:12:21.0953 3176  hpqcxs08 - ok
19:12:21.0970 3176  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:12:21.0971 3176  hpqddsvc - ok
19:12:21.0996 3176  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
19:12:22.0002 3176  HpSAMD - ok
19:12:22.0040 3176  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:12:22.0056 3176  HTTP - ok
19:12:22.0071 3176  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:12:22.0076 3176  hwpolicy - ok
19:12:22.0104 3176  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:12:22.0111 3176  i8042prt - ok
19:12:22.0139 3176  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:12:22.0150 3176  iaStorV - ok
19:12:22.0184 3176  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:12:22.0207 3176  idsvc - ok
19:12:22.0229 3176  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:12:22.0233 3176  iirsp - ok
19:12:22.0257 3176  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:12:22.0272 3176  IKEEXT - ok
19:12:22.0289 3176  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
19:12:22.0292 3176  intelide - ok
19:12:22.0319 3176  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:12:22.0320 3176  intelppm - ok
19:12:22.0337 3176  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:12:22.0346 3176  IPBusEnum - ok
19:12:22.0361 3176  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:12:22.0366 3176  IpFilterDriver - ok
19:12:22.0381 3176  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:12:22.0396 3176  iphlpsvc - ok
19:12:22.0401 3176  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
19:12:22.0408 3176  IPMIDRV - ok
19:12:22.0414 3176  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:12:22.0420 3176  IPNAT - ok
19:12:22.0434 3176  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:12:22.0437 3176  IRENUM - ok
19:12:22.0454 3176  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
19:12:22.0457 3176  isapnp - ok
19:12:22.0476 3176  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:12:22.0484 3176  iScsiPrt - ok
19:12:22.0507 3176  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:12:22.0511 3176  kbdclass - ok
19:12:22.0532 3176  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:12:22.0535 3176  kbdhid - ok
19:12:22.0551 3176  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:12:22.0553 3176  KeyIso - ok
19:12:22.0577 3176  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:12:22.0582 3176  KSecDD - ok
19:12:22.0614 3176  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:12:22.0623 3176  KSecPkg - ok
19:12:22.0635 3176  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:12:22.0639 3176  ksthunk - ok
19:12:22.0660 3176  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:12:22.0672 3176  KtmRm - ok
19:12:22.0689 3176  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:12:22.0698 3176  LanmanServer - ok
19:12:22.0719 3176  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:12:22.0727 3176  LanmanWorkstation - ok
19:12:22.0754 3176  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:12:22.0758 3176  lltdio - ok
19:12:22.0783 3176  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:12:22.0792 3176  lltdsvc - ok
19:12:22.0807 3176  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:12:22.0811 3176  lmhosts - ok
19:12:22.0830 3176  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:12:22.0834 3176  LSI_FC - ok
19:12:22.0839 3176  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:12:22.0844 3176  LSI_SAS - ok
19:12:22.0849 3176  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:12:22.0853 3176  LSI_SAS2 - ok
19:12:22.0858 3176  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:12:22.0864 3176  LSI_SCSI - ok
19:12:22.0889 3176  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:12:22.0894 3176  luafv - ok
19:12:22.0908 3176  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:12:22.0915 3176  Mcx2Svc - ok
19:12:22.0919 3176  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:12:22.0923 3176  megasas - ok
19:12:22.0930 3176  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:12:22.0936 3176  MegaSR - ok
19:12:23.0013 3176  [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2012_64 C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
19:12:23.0014 3176  mi-raysat_3dsmax2012_64 - ok
19:12:23.0030 3176  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:12:23.0032 3176  MMCSS - ok
19:12:23.0045 3176  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:12:23.0049 3176  Modem - ok
19:12:23.0066 3176  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:12:23.0067 3176  monitor - ok
19:12:23.0084 3176  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:12:23.0088 3176  mouclass - ok
19:12:23.0110 3176  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:12:23.0114 3176  mouhid - ok
19:12:23.0126 3176  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:12:23.0131 3176  mountmgr - ok
19:12:23.0175 3176  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:12:23.0182 3176  MozillaMaintenance - ok
19:12:23.0195 3176  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
19:12:23.0202 3176  mpio - ok
19:12:23.0215 3176  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:12:23.0219 3176  mpsdrv - ok
19:12:23.0248 3176  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:12:23.0262 3176  MpsSvc - ok
19:12:23.0279 3176  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:12:23.0284 3176  MRxDAV - ok
19:12:23.0299 3176  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:12:23.0304 3176  mrxsmb - ok
19:12:23.0322 3176  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:12:23.0329 3176  mrxsmb10 - ok
19:12:23.0353 3176  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:12:23.0358 3176  mrxsmb20 - ok
19:12:23.0377 3176  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
19:12:23.0381 3176  msahci - ok
19:12:23.0386 3176  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
19:12:23.0392 3176  msdsm - ok
19:12:23.0406 3176  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:12:23.0415 3176  MSDTC - ok
19:12:23.0430 3176  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:12:23.0435 3176  Msfs - ok
19:12:23.0444 3176  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:12:23.0446 3176  mshidkmdf - ok
19:12:23.0460 3176  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
19:12:23.0464 3176  msisadrv - ok
19:12:23.0485 3176  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:12:23.0492 3176  MSiSCSI - ok
19:12:23.0496 3176  msiserver - ok
19:12:23.0516 3176  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:12:23.0519 3176  MSKSSRV - ok
19:12:23.0528 3176  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:12:23.0531 3176  MSPCLOCK - ok
19:12:23.0544 3176  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:12:23.0547 3176  MSPQM - ok
19:12:23.0561 3176  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:12:23.0570 3176  MsRPC - ok
19:12:23.0585 3176  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:12:23.0585 3176  mssmbios - ok
19:12:23.0595 3176  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:12:23.0598 3176  MSTEE - ok
19:12:23.0606 3176  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:12:23.0609 3176  MTConfig - ok
19:12:23.0639 3176  [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
19:12:23.0642 3176  MTsensor - ok
19:12:23.0664 3176  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:12:23.0668 3176  Mup - ok
19:12:23.0700 3176  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:12:23.0704 3176  napagent - ok
19:12:23.0732 3176  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:12:23.0739 3176  NativeWifiP - ok
19:12:23.0767 3176  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:12:23.0774 3176  NDIS - ok
19:12:23.0789 3176  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:12:23.0792 3176  NdisCap - ok
19:12:23.0810 3176  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:12:23.0813 3176  NdisTapi - ok
19:12:23.0818 3176  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:12:23.0822 3176  Ndisuio - ok
19:12:23.0837 3176  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:12:23.0843 3176  NdisWan - ok
19:12:23.0857 3176  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:12:23.0862 3176  NDProxy - ok
19:12:23.0885 3176  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:12:23.0890 3176  Net Driver HPZ12 - ok
19:12:23.0903 3176  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:12:23.0907 3176  NetBIOS - ok
19:12:23.0920 3176  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:12:23.0926 3176  NetBT - ok
19:12:23.0933 3176  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:12:23.0934 3176  Netlogon - ok
19:12:23.0968 3176  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:12:23.0971 3176  Netman - ok
19:12:24.0002 3176  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:24.0010 3176  NetMsmqActivator - ok
19:12:24.0015 3176  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:24.0016 3176  NetPipeActivator - ok
19:12:24.0028 3176  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:12:24.0033 3176  netprofm - ok
19:12:24.0038 3176  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:24.0039 3176  NetTcpActivator - ok
19:12:24.0043 3176  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:24.0044 3176  NetTcpPortSharing - ok
19:12:24.0069 3176  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:12:24.0075 3176  nfrd960 - ok
19:12:24.0095 3176  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:12:24.0099 3176  NlaSvc - ok
19:12:24.0107 3176  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:12:24.0112 3176  Npfs - ok
19:12:24.0125 3176  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:12:24.0130 3176  nsi - ok
19:12:24.0137 3176  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:12:24.0140 3176  nsiproxy - ok
19:12:24.0189 3176  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:12:24.0224 3176  Ntfs - ok
19:12:24.0240 3176  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:12:24.0243 3176  Null - ok
19:12:24.0465 3176  [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:12:24.0543 3176  nvlddmkm - ok
19:12:24.0579 3176  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:12:24.0585 3176  nvraid - ok
19:12:24.0607 3176  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:12:24.0612 3176  nvstor - ok
19:12:24.0648 3176  [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:12:24.0653 3176  nvsvc - ok
19:12:24.0702 3176  [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:12:24.0713 3176  nvUpdatusService - ok
19:12:24.0737 3176  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
19:12:24.0742 3176  nv_agp - ok
19:12:24.0798 3176  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:12:24.0811 3176  odserv - ok
19:12:24.0818 3176  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
19:12:24.0824 3176  ohci1394 - ok
19:12:24.0856 3176  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:12:24.0862 3176  ose - ok
19:12:25.0006 3176  [ 85EA378116E2C4385993BA5124536FFC ] ossrv           C:\Windows\system32\drivers\ctoss2k.sys
19:12:25.0014 3176  ossrv - ok
19:12:25.0038 3176  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:12:25.0042 3176  p2pimsvc - ok
19:12:25.0062 3176  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:12:25.0093 3176  p2psvc - ok
19:12:25.0194 3176  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:12:25.0201 3176  Parport - ok
19:12:25.0224 3176  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:12:25.0230 3176  partmgr - ok
19:12:25.0248 3176  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:12:25.0256 3176  PcaSvc - ok
19:12:25.0270 3176  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\DRIVERS\pci.sys
19:12:25.0276 3176  pci - ok
19:12:25.0283 3176  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
19:12:25.0286 3176  pciide - ok
19:12:25.0301 3176  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:12:25.0307 3176  pcmcia - ok
19:12:25.0316 3176  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:12:25.0320 3176  pcw - ok
19:12:25.0338 3176  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:12:25.0350 3176  PEAUTH - ok
19:12:25.0389 3176  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:12:25.0423 3176  PeerDistSvc - ok
19:12:25.0476 3176  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:12:25.0481 3176  PerfHost - ok
19:12:25.0518 3176  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:12:25.0552 3176  pla - ok
19:12:25.0577 3176  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:12:25.0588 3176  PlugPlay - ok
19:12:25.0612 3176  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:12:25.0618 3176  Pml Driver HPZ12 - ok
19:12:25.0639 3176  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:12:25.0644 3176  PNRPAutoReg - ok
19:12:25.0663 3176  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:12:25.0665 3176  PNRPsvc - ok
19:12:25.0683 3176  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:12:25.0696 3176  PolicyAgent - ok
19:12:25.0718 3176  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:12:25.0725 3176  Power - ok
19:12:25.0749 3176  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:12:25.0754 3176  PptpMiniport - ok
19:12:25.0765 3176  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:12:25.0770 3176  Processor - ok
19:12:25.0794 3176  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:12:25.0803 3176  ProfSvc - ok
19:12:25.0814 3176  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:12:25.0816 3176  ProtectedStorage - ok
19:12:25.0827 3176  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:12:25.0833 3176  Psched - ok
19:12:25.0866 3176  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:12:25.0890 3176  ql2300 - ok
19:12:25.0910 3176  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:12:25.0916 3176  ql40xx - ok
19:12:25.0941 3176  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:12:25.0951 3176  QWAVE - ok
19:12:25.0963 3176  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:12:25.0967 3176  QWAVEdrv - ok
19:12:25.0975 3176  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:12:25.0977 3176  RasAcd - ok
19:12:26.0007 3176  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:12:26.0011 3176  RasAgileVpn - ok
19:12:26.0021 3176  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:12:26.0056 3176  RasAuto - ok
19:12:26.0071 3176  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:12:26.0077 3176  Rasl2tp - ok
19:12:26.0092 3176  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:12:26.0104 3176  RasMan - ok
19:12:26.0114 3176  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:12:26.0120 3176  RasPppoe - ok
19:12:26.0128 3176  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:12:26.0132 3176  RasSstp - ok
19:12:26.0154 3176  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:12:26.0162 3176  rdbss - ok
19:12:26.0175 3176  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:12:26.0179 3176  rdpbus - ok
19:12:26.0184 3176  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:12:26.0187 3176  RDPCDD - ok
19:12:26.0204 3176  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:12:26.0209 3176  RDPDR - ok
19:12:26.0220 3176  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:12:26.0223 3176  RDPENCDD - ok
19:12:26.0241 3176  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:12:26.0244 3176  RDPREFMP - ok
19:12:26.0257 3176  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:12:26.0260 3176  RdpVideoMiniport - ok
19:12:26.0279 3176  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:12:26.0285 3176  RDPWD - ok
19:12:26.0302 3176  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:12:26.0308 3176  rdyboost - ok
19:12:26.0328 3176  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:12:26.0335 3176  RemoteAccess - ok
19:12:26.0348 3176  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:12:26.0350 3176  RemoteRegistry - ok
19:12:26.0364 3176  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:12:26.0370 3176  RpcEptMapper - ok
19:12:26.0378 3176  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:12:26.0383 3176  RpcLocator - ok
19:12:26.0397 3176  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:12:26.0401 3176  RpcSs - ok
19:12:26.0434 3176  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:12:26.0439 3176  rspndr - ok
19:12:26.0453 3176  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
19:12:26.0455 3176  s3cap - ok
19:12:26.0464 3176  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:12:26.0465 3176  SamSs - ok
19:12:26.0477 3176  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
19:12:26.0482 3176  sbp2port - ok
19:12:26.0502 3176  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:12:26.0510 3176  SCardSvr - ok
19:12:26.0528 3176  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:12:26.0532 3176  scfilter - ok
19:12:26.0560 3176  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:12:26.0578 3176  Schedule - ok
19:12:26.0602 3176  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:12:26.0603 3176  SCPolicySvc - ok
19:12:26.0616 3176  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:12:26.0628 3176  SDRSVC - ok
19:12:26.0651 3176  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:12:26.0656 3176  secdrv - ok
19:12:26.0667 3176  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:12:26.0674 3176  seclogon - ok
19:12:26.0685 3176  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:12:26.0687 3176  SENS - ok
19:12:26.0699 3176  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:12:26.0706 3176  SensrSvc - ok
19:12:26.0714 3176  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:12:26.0718 3176  Serenum - ok
19:12:26.0736 3176  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:12:26.0742 3176  Serial - ok
19:12:26.0746 3176  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:12:26.0750 3176  sermouse - ok
19:12:26.0782 3176  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:12:26.0790 3176  SessionEnv - ok
19:12:26.0794 3176  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
19:12:26.0797 3176  sffdisk - ok
19:12:26.0801 3176  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
19:12:26.0804 3176  sffp_mmc - ok
19:12:26.0808 3176  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
19:12:26.0811 3176  sffp_sd - ok
19:12:26.0815 3176  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:12:26.0818 3176  sfloppy - ok
19:12:26.0852 3176  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:12:26.0863 3176  SharedAccess - ok
19:12:26.0880 3176  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:12:26.0883 3176  ShellHWDetection - ok
19:12:26.0902 3176  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:12:26.0907 3176  SiSRaid2 - ok
19:12:26.0913 3176  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:12:26.0917 3176  SiSRaid4 - ok
19:12:27.0018 3176  [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:12:27.0064 3176  Skype C2C Service - ok
19:12:27.0098 3176  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:12:27.0099 3176  SkypeUpdate - ok
19:12:27.0130 3176  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:12:27.0135 3176  Smb - ok
19:12:27.0163 3176  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:12:27.0169 3176  SNMPTRAP - ok
19:12:27.0182 3176  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:12:27.0185 3176  spldr - ok
19:12:27.0227 3176  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:12:27.0233 3176  Spooler - ok
19:12:27.0292 3176  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:12:27.0339 3176  sppsvc - ok
19:12:27.0356 3176  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:12:27.0364 3176  sppuinotify - ok
19:12:27.0414 3176  [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd            C:\Windows\System32\Drivers\sptd.sys
19:12:27.0431 3176  sptd - ok
19:12:27.0450 3176  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:12:27.0460 3176  srv - ok
19:12:27.0474 3176  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:12:27.0482 3176  srv2 - ok
19:12:27.0495 3176  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:12:27.0500 3176  srvnet - ok
19:12:27.0521 3176  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:12:27.0529 3176  SSDPSRV - ok
19:12:27.0541 3176  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:12:27.0549 3176  SstpSvc - ok
19:12:27.0577 3176  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:12:27.0581 3176  stexstor - ok
19:12:27.0618 3176  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:12:27.0630 3176  stisvc - ok
19:12:27.0647 3176  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
19:12:27.0651 3176  storflt - ok
19:12:27.0659 3176  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
19:12:27.0663 3176  storvsc - ok
19:12:27.0675 3176  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:12:27.0678 3176  swenum - ok
19:12:27.0694 3176  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:12:27.0705 3176  swprv - ok
19:12:27.0723 3176  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
19:12:27.0729 3176  Synth3dVsc - ok
19:12:27.0763 3176  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:12:27.0786 3176  SysMain - ok
19:12:27.0801 3176  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:12:27.0803 3176  TabletInputService - ok
19:12:27.0938 3176  [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
19:12:28.0024 3176  TabletServicePen - ok
19:12:28.0260 3176  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:12:28.0264 3176  TapiSrv - ok
19:12:28.0281 3176  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:12:28.0283 3176  TBS - ok
19:12:28.0329 3176  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:12:28.0363 3176  Tcpip - ok
19:12:28.0407 3176  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:12:28.0418 3176  TCPIP6 - ok
19:12:28.0442 3176  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:12:28.0446 3176  tcpipreg - ok
19:12:28.0462 3176  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:12:28.0465 3176  TDPIPE - ok
19:12:28.0481 3176  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:12:28.0484 3176  TDTCP - ok
19:12:28.0504 3176  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:12:28.0509 3176  tdx - ok
19:12:28.0519 3176  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:12:28.0524 3176  TermDD - ok
19:12:28.0529 3176  [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt        C:\Windows\system32\DRIVERS\terminpt.sys
19:12:28.0532 3176  terminpt - ok
19:12:28.0560 3176  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:12:28.0574 3176  TermService - ok
19:12:28.0591 3176  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:12:28.0596 3176  Themes - ok
19:12:28.0619 3176  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:12:28.0621 3176  THREADORDER - ok
19:12:28.0647 3176  [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
19:12:28.0650 3176  TouchServicePen - ok
19:12:28.0676 3176  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:12:28.0684 3176  TrkWks - ok
19:12:28.0723 3176  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:12:28.0724 3176  TrustedInstaller - ok
19:12:28.0738 3176  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:12:28.0739 3176  tssecsrv - ok
19:12:28.0761 3176  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:12:28.0767 3176  TsUsbFlt - ok
19:12:28.0784 3176  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\DRIVERS\TsUsbGD.sys
19:12:28.0790 3176  TsUsbGD - ok
19:12:28.0801 3176  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
19:12:28.0808 3176  tsusbhub - ok
19:12:28.0833 3176  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:12:28.0838 3176  tunnel - ok
19:12:28.0843 3176  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:12:28.0847 3176  uagp35 - ok
19:12:28.0854 3176  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:12:28.0862 3176  udfs - ok
19:12:28.0879 3176  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:12:28.0881 3176  UI0Detect - ok
19:12:28.0911 3176  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
19:12:28.0916 3176  uliagpkx - ok
19:12:28.0932 3176  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:12:28.0936 3176  umbus - ok
19:12:28.0940 3176  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:12:28.0943 3176  UmPass - ok
19:12:28.0954 3176  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
19:12:28.0963 3176  UmRdpService - ok
19:12:28.0982 3176  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:12:28.0991 3176  upnphost - ok
19:12:29.0037 3176  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:12:29.0043 3176  usbaudio - ok
19:12:29.0069 3176  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:12:29.0075 3176  usbccgp - ok
19:12:29.0099 3176  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
19:12:29.0106 3176  usbcir - ok
19:12:29.0120 3176  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:12:29.0126 3176  usbehci - ok
19:12:29.0143 3176  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:12:29.0152 3176  usbhub - ok
19:12:29.0163 3176  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:12:29.0167 3176  usbohci - ok
19:12:29.0190 3176  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:12:29.0194 3176  usbprint - ok
19:12:29.0225 3176  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:12:29.0229 3176  usbscan - ok
19:12:29.0248 3176  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:12:29.0254 3176  USBSTOR - ok
19:12:29.0265 3176  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:12:29.0270 3176  usbuhci - ok
19:12:29.0293 3176  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:12:29.0301 3176  UxSms - ok
19:12:29.0320 3176  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:12:29.0322 3176  VaultSvc - ok
19:12:29.0347 3176  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
19:12:29.0351 3176  vdrvroot - ok
19:12:29.0375 3176  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:12:29.0382 3176  vds - ok
19:12:29.0400 3176  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:12:29.0404 3176  vga - ok
19:12:29.0424 3176  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:12:29.0429 3176  VgaSave - ok
19:12:29.0432 3176  VGPU - ok
19:12:29.0440 3176  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
19:12:29.0447 3176  vhdmp - ok
19:12:29.0463 3176  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
19:12:29.0466 3176  viaide - ok
19:12:29.0476 3176  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
19:12:29.0483 3176  vmbus - ok
19:12:29.0492 3176  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
19:12:29.0495 3176  VMBusHID - ok
19:12:29.0505 3176  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
19:12:29.0510 3176  volmgr - ok
19:12:29.0524 3176  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:12:29.0532 3176  volmgrx - ok
19:12:29.0542 3176  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
19:12:29.0550 3176  volsnap - ok
19:12:29.0561 3176  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:12:29.0566 3176  vsmraid - ok
19:12:29.0604 3176  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:12:29.0625 3176  VSS - ok
19:12:29.0636 3176  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:12:29.0640 3176  vwifibus - ok
19:12:29.0657 3176  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:12:29.0667 3176  W32Time - ok
19:12:29.0698 3176  [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor   C:\Windows\system32\DRIVERS\wacmoumonitor.sys
19:12:29.0702 3176  wacmoumonitor - ok
19:12:29.0718 3176  [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
19:12:29.0721 3176  wacommousefilter - ok
19:12:29.0741 3176  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:12:29.0745 3176  WacomPen - ok
19:12:29.0771 3176  [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid       C:\Windows\system32\DRIVERS\wacomvhid.sys
19:12:29.0774 3176  wacomvhid - ok
19:12:29.0799 3176  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:12:29.0803 3176  WANARP - ok
19:12:29.0808 3176  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:12:29.0809 3176  Wanarpv6 - ok
19:12:29.0849 3176  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:12:29.0883 3176  wbengine - ok
19:12:29.0902 3176  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:12:29.0910 3176  WbioSrvc - ok
19:12:29.0929 3176  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:12:29.0939 3176  wcncsvc - ok
19:12:29.0953 3176  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:12:29.0960 3176  WcsPlugInService - ok
19:12:29.0984 3176  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:12:29.0988 3176  Wd - ok
19:12:30.0009 3176  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:12:30.0021 3176  Wdf01000 - ok
19:12:30.0038 3176  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:12:30.0046 3176  WdiServiceHost - ok
19:12:30.0052 3176  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:12:30.0055 3176  WdiSystemHost - ok
19:12:30.0074 3176  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:12:30.0085 3176  WebClient - ok
19:12:30.0102 3176  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:12:30.0117 3176  Wecsvc - ok
19:12:30.0157 3176  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:12:30.0164 3176  wercplsupport - ok
19:12:30.0180 3176  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:12:30.0182 3176  WerSvc - ok
19:12:30.0207 3176  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:12:30.0210 3176  WfpLwf - ok
19:12:30.0224 3176  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:12:30.0228 3176  WIMMount - ok
19:12:30.0242 3176  WinDefend - ok
19:12:30.0247 3176  WinHttpAutoProxySvc - ok
19:12:30.0293 3176  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:12:30.0295 3176  Winmgmt - ok
19:12:30.0341 3176  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:12:30.0384 3176  WinRM - ok
19:12:30.0430 3176  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:12:30.0434 3176  WinUsb - ok
19:12:30.0458 3176  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:12:30.0474 3176  Wlansvc - ok
19:12:30.0585 3176  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:12:30.0616 3176  wlidsvc - ok
19:12:30.0641 3176  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:12:30.0645 3176  WmiAcpi - ok
19:12:30.0665 3176  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:12:30.0673 3176  wmiApSrv - ok
19:12:30.0698 3176  WMPNetworkSvc - ok
19:12:30.0711 3176  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:12:30.0717 3176  WPCSvc - ok
19:12:30.0729 3176  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:12:30.0737 3176  WPDBusEnum - ok
19:12:30.0744 3176  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:12:30.0748 3176  ws2ifsl - ok
19:12:30.0758 3176  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:12:30.0766 3176  wscsvc - ok
19:12:30.0769 3176  WSearch - ok
19:12:30.0824 3176  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:12:30.0858 3176  wuauserv - ok
19:12:30.0881 3176  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:12:30.0886 3176  WudfPf - ok
19:12:30.0910 3176  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:12:30.0915 3176  WUDFRd - ok
19:12:30.0931 3176  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:12:30.0933 3176  wudfsvc - ok
19:12:30.0954 3176  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:12:30.0964 3176  WwanSvc - ok
19:12:31.0016 3176  X6va009 - ok
19:12:31.0034 3176  X6va010 - ok
19:12:31.0066 3176  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
19:12:31.0069 3176  yukonw7 - ok
19:12:31.0080 3176  ================ Scan global ===============================
19:12:31.0093 3176  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:12:31.0131 3176  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:12:31.0149 3176  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:12:31.0169 3176  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:12:31.0184 3176  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:12:31.0187 3176  [Global] - ok
19:12:31.0188 3176  ================ Scan MBR ==================================
19:12:31.0198 3176  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:12:31.0203 3176  \Device\Harddisk0\DR0 - ok
19:12:31.0207 3176  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:12:31.0485 3176  \Device\Harddisk1\DR1 - ok
19:12:31.0485 3176  ================ Scan VBR ==================================
19:12:31.0505 3176  [ 030E53BE4D5D045BC7BB29FA55B0201B ] \Device\Harddisk0\DR0\Partition1
19:12:31.0506 3176  \Device\Harddisk0\DR0\Partition1 - ok
19:12:31.0509 3176  [ F2E6C11D2022336FB938B7F07BE2B4DB ] \Device\Harddisk1\DR1\Partition1
19:12:31.0510 3176  \Device\Harddisk1\DR1\Partition1 - ok
19:12:31.0511 3176  ============================================================
19:12:31.0511 3176  Scan finished
19:12:31.0511 3176  ============================================================
19:12:31.0520 3848  Detected object count: 0
19:12:31.0520 3848  Actual detected object count: 0

Fatto e questo è il suo report. Avevo comunque già l'abitudine di far partire il modulo Antirootkit beta di MalwareBytes (anche se quello impiega parecchio più tempo). Nessuna anomalia comunque.
Ti ringrazio davvero dell'aiuto ^^
Se non hai altri consigli vedrò un po' come va la situazione e se quel file si ripresenta nella cartella Temp, e in caso riscriverò in questo thread.

j4jdel0.exe sospetto in appdata/temp

vanni1188

Nuovo Utente

tecnico24

vanni1188

Nuovo Utente

tecnico24

vanni1188

Nuovo Utente

tecnico24

vanni1188

Nuovo Utente

tecnico24

vanni1188

Nuovo Utente

tecnico24

vanni1188

Nuovo Utente

tecnico24

vanni1188

Nuovo Utente

tecnico24

vanni1188

Nuovo Utente