Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.11.12.06
rootkit: v2016.10.31.01
Windows 10 x64 NTFS
Internet Explorer 11.447.14393.0
Mickey :: DESKTOP-AEGGCVJ [administrator]
12.11.2016 16:05:03
mbar-log-2016-11-12 (16-05-03).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 371052
Time elapsed: 11 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end) Code:
16:20:42.0086 0x2930 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
16:20:46.0308 0x2930 ============================================================
16:20:46.0308 0x2930 Current date / time: 2016/11/12 16:20:46.0308
16:20:46.0308 0x2930 SystemInfo:
16:20:46.0308 0x2930
16:20:46.0308 0x2930 OS Version: 10.0.14393 ServicePack: 0.0
16:20:46.0308 0x2930 Product type: Workstation
16:20:46.0308 0x2930 ComputerName: DESKTOP-AEGGCVJ
16:20:46.0308 0x2930 UserName: Mickey
16:20:46.0308 0x2930 Windows directory: C:\Windows
16:20:46.0308 0x2930 System windows directory: C:\Windows
16:20:46.0308 0x2930 Running under WOW64
16:20:46.0308 0x2930 Processor architecture: Intel x64
16:20:46.0308 0x2930 Number of processors: 8
16:20:46.0308 0x2930 Page size: 0x1000
16:20:46.0308 0x2930 Boot type: Normal boot
16:20:46.0308 0x2930 CodeIntegrityOptions = 0x00000001
16:20:46.0308 0x2930 ============================================================
16:20:46.0398 0x2930 KLMD registered as C:\Windows\system32\drivers\03363242.sys
16:20:46.0398 0x2930 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.447, osProperties = 0x19
16:20:47.0201 0x2930 System UUID: {CA27CF5F-BF84-F43F-781E-8C6DF2E11FE5}
16:20:47.0947 0x2930 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:47.0958 0x2930 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:47.0958 0x2930 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:20:47.0977 0x2930 ============================================================
16:20:47.0977 0x2930 \Device\Harddisk2\DR2:
16:20:47.0977 0x2930 MBR partitions:
16:20:47.0977 0x2930 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:20:47.0977 0x2930 \Device\Harddisk0\DR0:
16:20:47.0977 0x2930 MBR partitions:
16:20:47.0977 0x2930 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
16:20:47.0977 0x2930 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x74656000
16:20:47.0977 0x2930 \Device\Harddisk1\DR1:
16:20:47.0977 0x2930 MBR partitions:
16:20:47.0977 0x2930 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDEB2800
16:20:47.0977 0x2930 ============================================================
16:20:47.0982 0x2930 C: <-> \Device\Harddisk1\DR1\Partition1
16:20:47.0992 0x2930 D: <-> \Device\Harddisk0\DR0\Partition1
16:20:47.0992 0x2930 E: <-> \Device\Harddisk2\DR2\Partition1
16:20:48.0018 0x2930 F: <-> \Device\Harddisk0\DR0\Partition2
16:20:48.0018 0x2930 ============================================================
16:20:48.0018 0x2930 Initialize success
16:20:48.0018 0x2930 ============================================================
16:20:58.0962 0x27ec ============================================================
16:20:58.0962 0x27ec Scan started
16:20:58.0962 0x27ec Mode: Manual;
16:20:58.0962 0x27ec ============================================================
16:20:58.0962 0x27ec KSN ping started
16:20:59.0117 0x27ec KSN ping finished: true
16:20:59.0982 0x27ec ================ Scan system memory ========================
16:20:59.0982 0x27ec System memory - ok
16:20:59.0983 0x27ec ================ Scan services =============================
16:21:00.0066 0x27ec 1394ohci - ok
16:21:00.0070 0x27ec 3ware - ok
16:21:00.0074 0x27ec ACPI - ok
16:21:00.0078 0x27ec AcpiDev - ok
16:21:00.0082 0x27ec acpiex - ok
16:21:00.0084 0x27ec acpipagr - ok
16:21:00.0088 0x27ec AcpiPmi - ok
16:21:00.0092 0x27ec acpitime - ok
16:21:00.0097 0x27ec ADP80XX - ok
16:21:00.0103 0x27ec AFD - ok
16:21:00.0158 0x27ec [ 021D06851E7AFF5C314039DF813608F3, 081B14840F4AD428B4407AA2E639369A45D174D9507BD107F33FE3A94FB8F8EC ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
16:21:00.0200 0x27ec AGSService - ok
16:21:00.0226 0x27ec ahcache - ok
16:21:00.0230 0x27ec AJRouter - ok
16:21:00.0233 0x27ec ALG - ok
16:21:00.0237 0x27ec AmdK8 - ok
16:21:00.0241 0x27ec AmdPPM - ok
16:21:00.0244 0x27ec amdsata - ok
16:21:00.0253 0x27ec amdsbs - ok
16:21:00.0258 0x27ec amdxata - ok
16:21:00.0263 0x27ec AppID - ok
16:21:00.0263 0x27ec AppIDSvc - ok
16:21:00.0268 0x27ec Appinfo - ok
16:21:00.0273 0x27ec [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:21:00.0278 0x27ec Apple Mobile Device Service - ok
16:21:00.0278 0x27ec applockerfltr - ok
16:21:00.0283 0x27ec AppMgmt - ok
16:21:00.0288 0x27ec AppReadiness - ok
16:21:00.0293 0x27ec AppVClient - ok
16:21:00.0293 0x27ec AppvStrm - ok
16:21:00.0298 0x27ec AppvVemgr - ok
16:21:00.0303 0x27ec AppvVfs - ok
16:21:00.0303 0x27ec AppXSvc - ok
16:21:00.0308 0x27ec arcsas - ok
16:21:00.0313 0x27ec AsyncMac - ok
16:21:00.0313 0x27ec atapi - ok
16:21:00.0318 0x27ec AudioEndpointBuilder - ok
16:21:00.0323 0x27ec Audiosrv - ok
16:21:00.0323 0x27ec AxInstSV - ok
16:21:00.0328 0x27ec b06bdrv - ok
16:21:00.0333 0x27ec BasicDisplay - ok
16:21:00.0333 0x27ec BasicRender - ok
16:21:00.0341 0x27ec bcmfn - ok
16:21:00.0345 0x27ec bcmfn2 - ok
16:21:00.0348 0x27ec BDESVC - ok
16:21:00.0353 0x27ec Beep - ok
16:21:00.0353 0x27ec BFE - ok
16:21:00.0358 0x27ec BITS - ok
16:21:00.0368 0x27ec [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:21:00.0378 0x27ec Bonjour Service - ok
16:21:00.0383 0x27ec bowser - ok
16:21:00.0383 0x27ec BrokerInfrastructure - ok
16:21:00.0388 0x27ec Browser - ok
16:21:00.0393 0x27ec BthAvrcpTg - ok
16:21:00.0393 0x27ec BthHFEnum - ok
16:21:00.0398 0x27ec bthhfhid - ok
16:21:00.0403 0x27ec BthHFSrv - ok
16:21:00.0403 0x27ec BTHMODEM - ok
16:21:00.0408 0x27ec bthserv - ok
16:21:00.0413 0x27ec buttonconverter - ok
16:21:00.0418 0x27ec CapImg - ok
16:21:00.0423 0x27ec cdfs - ok
16:21:00.0428 0x27ec CDPSvc - ok
16:21:00.0428 0x27ec CDPUserSvc - ok
16:21:00.0440 0x27ec cdrom - ok
16:21:00.0444 0x27ec CertPropSvc - ok
16:21:00.0447 0x27ec cht4iscsi - ok
16:21:00.0450 0x27ec cht4vbd - ok
16:21:00.0453 0x27ec circlass - ok
16:21:00.0453 0x27ec CLFS - ok
16:21:00.0458 0x27ec ClipSVC - ok
16:21:00.0463 0x27ec clreg - ok
16:21:00.0469 0x27ec CmBatt - ok
16:21:00.0473 0x27ec CNG - ok
16:21:00.0478 0x27ec cnghwassist - ok
16:21:00.0498 0x27ec CompositeBus - ok
16:21:00.0498 0x27ec COMSysApp - ok
16:21:00.0503 0x27ec condrv - ok
16:21:00.0503 0x27ec CoreMessagingRegistrar - ok
16:21:00.0513 0x27ec CryptSvc - ok
16:21:00.0513 0x27ec CSC - ok
16:21:00.0518 0x27ec CscService - ok
16:21:00.0523 0x27ec dam - ok
16:21:00.0529 0x27ec [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d C:\Windows\System32\drivers\dc3d.sys
16:21:00.0529 0x27ec dc3d - ok
16:21:00.0534 0x27ec DcomLaunch - ok
16:21:00.0541 0x27ec DcpSvc - ok
16:21:00.0544 0x27ec defragsvc - ok
16:21:00.0552 0x27ec DeviceAssociationService - ok
16:21:00.0554 0x27ec DeviceInstall - ok
16:21:00.0554 0x27ec DevQueryBroker - ok
16:21:00.0559 0x27ec Dfsc - ok
16:21:00.0564 0x27ec Dhcp - ok
16:21:00.0569 0x27ec diagnosticshub.standardcollector.service - ok
16:21:00.0569 0x27ec DiagTrack - ok
16:21:00.0574 0x27ec disk - ok
16:21:00.0579 0x27ec DmEnrollmentSvc - ok
16:21:00.0579 0x27ec dmvsc - ok
16:21:00.0584 0x27ec dmwappushservice - ok
16:21:00.0589 0x27ec Dnscache - ok
16:21:00.0594 0x27ec dot3svc - ok
16:21:00.0594 0x27ec DPS - ok
16:21:00.0599 0x27ec drmkaud - ok
16:21:00.0604 0x27ec DsmSvc - ok
16:21:00.0604 0x27ec DsSvc - ok
16:21:00.0609 0x27ec DXGKrnl - ok
16:21:00.0614 0x27ec EapHost - ok
16:21:00.0614 0x27ec ebdrv - ok
16:21:00.0619 0x27ec EFS - ok
16:21:00.0624 0x27ec EhStorClass - ok
16:21:00.0629 0x27ec EhStorTcgDrv - ok
16:21:00.0629 0x27ec embeddedmode - ok
16:21:00.0634 0x27ec EntAppSvc - ok
16:21:00.0639 0x27ec ErrDev - ok
16:21:00.0645 0x27ec EventSystem - ok
16:21:00.0648 0x27ec exfat - ok
16:21:00.0651 0x27ec fastfat - ok
16:21:00.0654 0x27ec Fax - ok
16:21:00.0654 0x27ec fdc - ok
16:21:00.0659 0x27ec fdPHost - ok
16:21:00.0664 0x27ec FDResPub - ok
16:21:00.0664 0x27ec fhsvc - ok
16:21:00.0669 0x27ec FileCrypt - ok
16:21:00.0674 0x27ec FileInfo - ok
16:21:00.0674 0x27ec Filetrace - ok
16:21:00.0679 0x27ec flpydisk - ok
16:21:00.0684 0x27ec FltMgr - ok
16:21:00.0689 0x27ec FontCache - ok
16:21:00.0689 0x27ec FrameServer - ok
16:21:00.0694 0x27ec FsDepends - ok
16:21:00.0694 0x27ec Fs_Rec - ok
16:21:00.0699 0x27ec fvevol - ok
16:21:00.0704 0x27ec gencounter - ok
16:21:00.0704 0x27ec genericusbfn - ok
16:21:00.0709 0x27ec GPIOClx0101 - ok
16:21:00.0714 0x27ec gpsvc - ok
16:21:00.0714 0x27ec GpuEnergyDrv - ok
16:21:00.0719 0x27ec HdAudAddService - ok
16:21:00.0724 0x27ec HDAudBus - ok
16:21:00.0724 0x27ec HidBatt - ok
16:21:00.0729 0x27ec HidBth - ok
16:21:00.0734 0x27ec hidi2c - ok
16:21:00.0740 0x27ec hidinterrupt - ok
16:21:00.0743 0x27ec HidIr - ok
16:21:00.0746 0x27ec hidserv - ok
16:21:00.0750 0x27ec HidUsb - ok
16:21:00.0753 0x27ec HomeGroupListener - ok
16:21:00.0754 0x27ec HomeGroupProvider - ok
16:21:00.0759 0x27ec HpSAMD - ok
16:21:00.0759 0x27ec HTTP - ok
16:21:00.0764 0x27ec HvHost - ok
16:21:00.0764 0x27ec hvservice - ok
16:21:00.0769 0x27ec hwpolicy - ok
16:21:00.0774 0x27ec hyperkbd - ok
16:21:00.0779 0x27ec i8042prt - ok
16:21:00.0779 0x27ec iagpio - ok
16:21:00.0784 0x27ec iai2c - ok
16:21:00.0789 0x27ec iaLPSS2i_GPIO2 - ok
16:21:00.0789 0x27ec iaLPSS2i_I2C - ok
16:21:00.0794 0x27ec iaLPSSi_GPIO - ok
16:21:00.0799 0x27ec iaLPSSi_I2C - ok
16:21:00.0799 0x27ec iaStorAV - ok
16:21:00.0804 0x27ec iaStorV - ok
16:21:00.0809 0x27ec ibbus - ok
16:21:00.0809 0x27ec icssvc - ok
16:21:00.0814 0x27ec IKEEXT - ok
16:21:00.0819 0x27ec IndirectKmd - ok
16:21:00.0824 0x27ec intelide - ok
16:21:00.0824 0x27ec intelpep - ok
16:21:00.0829 0x27ec intelppm - ok
16:21:00.0834 0x27ec iorate - ok
16:21:00.0834 0x27ec IpFilterDriver - ok
16:21:00.0841 0x27ec iphlpsvc - ok
16:21:00.0844 0x27ec IPMIDRV - ok
16:21:00.0847 0x27ec IPNAT - ok
16:21:00.0864 0x27ec [ 17EE7DFC68F1656A00A686DF2FB67E09, 759B66F7C9169B8728ECE9D4800DF218B303CEA4D69DDE20239B7C13EDB1DB65 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:21:00.0874 0x27ec iPod Service - ok
16:21:00.0879 0x27ec irda - ok
16:21:00.0879 0x27ec IRENUM - ok
16:21:00.0884 0x27ec irmon - ok
16:21:00.0889 0x27ec isapnp - ok
16:21:00.0894 0x27ec iScsiPrt - ok
16:21:00.0899 0x27ec [ 86CFEF6DC6DE51AAB0C10384FE98F48F, 2E41D017B6166A0CCD2DB067AA1D677CF9E32470763B0F251EE0574FB2009D6F ] JRAID C:\Windows\system32\drivers\jraid.sys
16:21:00.0914 0x27ec JRAID - ok
16:21:00.0919 0x27ec kbdclass - ok
16:21:00.0924 0x27ec kbdhid - ok
16:21:00.0924 0x27ec kdnic - ok
16:21:00.0929 0x27ec KeyIso - ok
16:21:00.0934 0x27ec KSecDD - ok
16:21:00.0934 0x27ec KSecPkg - ok
16:21:00.0941 0x27ec ksthunk - ok
16:21:00.0945 0x27ec KtmRm - ok
16:21:00.0948 0x27ec LanmanServer - ok
16:21:00.0951 0x27ec LanmanWorkstation - ok
16:21:00.0954 0x27ec lfsvc - ok
16:21:00.0954 0x27ec LicenseManager - ok
16:21:00.0959 0x27ec lltdio - ok
16:21:00.0964 0x27ec lltdsvc - ok
16:21:00.0969 0x27ec lmhosts - ok
16:21:00.0974 0x27ec LSI_SAS - ok
16:21:00.0974 0x27ec LSI_SAS2i - ok
16:21:00.0979 0x27ec LSI_SAS3i - ok
16:21:00.0984 0x27ec LSI_SSS - ok
16:21:00.0984 0x27ec LSM - ok
16:21:00.0989 0x27ec luafv - ok
16:21:00.0994 0x27ec MapsBroker - ok
16:21:00.0999 0x27ec [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
16:21:00.0999 0x27ec MBAMProtector - ok
16:21:01.0042 0x27ec [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
16:21:01.0064 0x27ec MBAMScheduler - ok
16:21:01.0094 0x27ec [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
16:21:01.0114 0x27ec MBAMService - ok
16:21:01.0124 0x27ec [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
16:21:01.0129 0x27ec MBAMSwissArmy - ok
16:21:01.0134 0x27ec [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
16:21:01.0140 0x27ec MBAMWebAccessControl - ok
16:21:01.0144 0x27ec megasas - ok
16:21:01.0147 0x27ec megasas2i - ok
16:21:01.0150 0x27ec megasr - ok
16:21:01.0153 0x27ec MessagingService - ok
16:21:01.0154 0x27ec mlx4_bus - ok
16:21:01.0159 0x27ec MMCSS - ok
16:21:01.0164 0x27ec Modem - ok
16:21:01.0164 0x27ec monitor - ok
16:21:01.0169 0x27ec mouclass - ok
16:21:01.0174 0x27ec mouhid - ok
16:21:01.0184 0x27ec mountmgr - ok
16:21:01.0189 0x27ec [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:21:01.0194 0x27ec MozillaMaintenance - ok
16:21:01.0199 0x27ec mpsdrv - ok
16:21:01.0204 0x27ec MpsSvc - ok
16:21:01.0209 0x27ec MRxDAV - ok
16:21:01.0209 0x27ec mrxsmb - ok
16:21:01.0214 0x27ec mrxsmb10 - ok
16:21:01.0219 0x27ec mrxsmb20 - ok
16:21:01.0219 0x27ec MsBridge - ok
16:21:01.0224 0x27ec MSDTC - ok
16:21:01.0229 0x27ec Msfs - ok
16:21:01.0234 0x27ec msgpiowin32 - ok
16:21:01.0234 0x27ec mshidkmdf - ok
16:21:01.0242 0x27ec mshidumdf - ok
16:21:01.0246 0x27ec msisadrv - ok
16:21:01.0250 0x27ec MSiSCSI - ok
16:21:01.0253 0x27ec msiserver - ok
16:21:01.0254 0x27ec MSKSSRV - ok
16:21:01.0254 0x27ec MsLldp - ok
16:21:01.0259 0x27ec MSPCLOCK - ok
16:21:01.0264 0x27ec MSPQM - ok
16:21:01.0264 0x27ec MsRPC - ok
16:21:01.0269 0x27ec MsSecFlt - ok
16:21:01.0274 0x27ec mssmbios - ok
16:21:01.0279 0x27ec MSTEE - ok
16:21:01.0284 0x27ec MTConfig - ok
16:21:01.0284 0x27ec [ 640617B6E682A150C36BE39D78547F6C, 784F712E9DC3EEE81F07946BBA08AA2BEAC7B3961E430B75043645EF7ECA715C ] MTsensor C:\Windows\System32\drivers\ASACPI.sys
16:21:01.0289 0x27ec MTsensor - ok
16:21:01.0294 0x27ec Mup - ok
16:21:01.0294 0x27ec mvumis - ok
16:21:01.0299 0x27ec NativeWifiP - ok
16:21:01.0304 0x27ec NcaSvc - ok
16:21:01.0304 0x27ec NcbService - ok
16:21:01.0309 0x27ec NcdAutoSetup - ok
16:21:01.0314 0x27ec ndfltr - ok
16:21:01.0314 0x27ec NDIS - ok
16:21:01.0319 0x27ec NdisCap - ok
16:21:01.0324 0x27ec NdisImPlatform - ok
16:21:01.0329 0x27ec NdisTapi - ok
16:21:01.0329 0x27ec Ndisuio - ok
16:21:01.0334 0x27ec NdisVirtualBus - ok
16:21:01.0340 0x27ec NdisWan - ok
16:21:01.0343 0x27ec ndiswanlegacy - ok
16:21:01.0346 0x27ec ndproxy - ok
16:21:01.0349 0x27ec Ndu - ok
16:21:01.0353 0x27ec [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\System32\drivers\netaapl64.sys
16:21:01.0370 0x27ec Netaapl - ok
16:21:01.0375 0x27ec NetAdapterCx - ok
16:21:01.0375 0x27ec NetBIOS - ok
16:21:01.0380 0x27ec NetBT - ok
16:21:01.0385 0x27ec Netlogon - ok
16:21:01.0390 0x27ec Netman - ok
16:21:01.0395 0x27ec netprofm - ok
16:21:01.0395 0x27ec NetSetupSvc - ok
16:21:01.0405 0x27ec NetTcpPortSharing - ok
16:21:01.0410 0x27ec NgcCtnrSvc - ok
16:21:01.0415 0x27ec NgcSvc - ok
16:21:01.0415 0x27ec NlaSvc - ok
16:21:01.0420 0x27ec Npfs - ok
16:21:01.0425 0x27ec npsvctrig - ok
16:21:01.0425 0x27ec nsi - ok
16:21:01.0430 0x27ec nsiproxy - ok
16:21:01.0435 0x27ec NTFS - ok
16:21:01.0435 0x27ec [ 96ACBF3DDC38A52FEE115F577F36568F, DB8CB01971208C8D7A306A5FEDA39A3802195123E6B801DFB905B0E1934D3C96 ] NuidFltr C:\Windows\System32\drivers\NuidFltr.sys
16:21:01.0442 0x27ec NuidFltr - ok
16:21:01.0445 0x27ec Null - ok
16:21:01.0455 0x27ec [ A6ED2E5E268D83B77D15348591CB8AE5, 12E2FE967AA46422393E82F112DA0153A2BC86F8B5034187FEF6D37FE51D6562 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
16:21:01.0465 0x27ec NvContainerLocalSystem - ok
16:21:01.0475 0x27ec [ A6ED2E5E268D83B77D15348591CB8AE5, 12E2FE967AA46422393E82F112DA0153A2BC86F8B5034187FEF6D37FE51D6562 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
16:21:01.0485 0x27ec NvContainerNetworkService - ok
16:21:01.0495 0x27ec [ 64DA1993B1973F049C1347DA1B05185E, 2A04E263DB13751D033E2F9B9518820CF4942EEAFA5A32488570EEB699EE2A96 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:21:01.0500 0x27ec NVHDA - ok
16:21:01.0530 0x27ec [ 6AEBC7136C17478CBC9A772F1E60EB9E, D059A9134A6C7117B70302FF853485614E1E632C6F002F3D11C111C450B2F647 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
16:21:01.0549 0x27ec NVIDIA Wireless Controller Service - ok
16:21:01.0887 0x27ec [ 76ECA562B95DB26C64BEC14BB188A3F6, B4DB40D391B227393EEC13659C64B03499632FD11A75E5183BE8A0C8F3C9688B ] nvlddmkm C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_848dea456d3c865e\nvlddmkm.sys
16:21:02.0192 0x27ec nvlddmkm - ok
16:21:02.0210 0x27ec nvraid - ok
16:21:02.0215 0x27ec nvstor - ok
16:21:02.0218 0x27ec [ 06C7DAD44F4B95AA02BE2107486274BC, DBCC2E29F1BEAEFEC5BBD767F71C30FBAA3425E4E88A5C6BAF626661C350CF11 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:21:02.0220 0x27ec NvStreamKms - ok
16:21:02.0233 0x27ec [ 0297C2F2423CFDC37981B7FE0003AB33, D20D075DCFEE0B94EC4A9C658D1B899894AB9008FB0D0719A0FDF3E3213168E2 ] NvStUSB C:\Windows\System32\drivers\nvstusb.sys
16:21:02.0245 0x27ec NvStUSB - ok
16:21:02.0250 0x27ec [ 9D9CAD70EA640AB8D3EB77BFAE6CABE2, 26BBBDF34808E97ABF8A533320F6D38431893BC9B30FE3203956B78E829C39E7 ] NVSWCFilter C:\Windows\System32\drivers\nvswcfilter.sys
16:21:02.0252 0x27ec NVSWCFilter - ok
16:21:02.0256 0x27ec [ 9F3F8D255C2D1ED457487CF1FAD56399, 9C75677937D1930AB422EFD653D47034E83E02A10BF713C19CC1B8239CD1AC9C ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:21:02.0256 0x27ec nvvad_WaveExtensible - ok
16:21:02.0261 0x27ec OneSyncSvc - ok
16:21:02.0311 0x27ec [ 03500C343CEF835CAD0B62C8726A4C62, 76F4C5A3F81F7B59BA8062512773EB30A123288BF9DE515840B510F1E6C42E62 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:21:02.0356 0x27ec Origin Client Service - ok
16:21:02.0411 0x27ec [ 9E569623B98A37D5C1B4A6DAF2B16529, A09838AA316CA969EF5C066A6BF7D49F3DC532A01F4CEF2D66122F1234938CF3 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
16:21:02.0447 0x27ec Origin Web Helper Service - ok
16:21:02.0456 0x27ec [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:21:02.0456 0x27ec ose - ok
16:21:02.0461 0x27ec p2pimsvc - ok
16:21:02.0466 0x27ec p2psvc - ok
16:21:02.0466 0x27ec Parport - ok
16:21:02.0471 0x27ec partmgr - ok
16:21:02.0476 0x27ec PcaSvc - ok
16:21:02.0481 0x27ec pci - ok
16:21:02.0481 0x27ec pciide - ok
16:21:02.0486 0x27ec pcmcia - ok
16:21:02.0491 0x27ec pcw - ok
16:21:02.0496 0x27ec pdc - ok
16:21:02.0496 0x27ec PEAUTH - ok
16:21:02.0501 0x27ec PeerDistSvc - ok
16:21:02.0506 0x27ec percsas2i - ok
16:21:02.0506 0x27ec percsas3i - ok
16:21:02.0556 0x27ec PerfHost - ok
16:21:02.0561 0x27ec PhoneSvc - ok
16:21:02.0566 0x27ec PimIndexMaintenanceSvc - ok
16:21:02.0576 0x27ec pla - ok
16:21:02.0576 0x27ec PlugPlay - ok
16:21:02.0581 0x27ec PNRPAutoReg - ok
16:21:02.0586 0x27ec PNRPsvc - ok
16:21:02.0591 0x27ec [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\Windows\System32\drivers\point64.sys
16:21:02.0591 0x27ec Point64 - ok
16:21:02.0596 0x27ec PolicyAgent - ok
16:21:02.0601 0x27ec Power - ok
16:21:02.0606 0x27ec PptpMiniport - ok
16:21:02.0686 0x27ec [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:21:02.0796 0x27ec PrintNotify - ok
16:21:02.0806 0x27ec Processor - ok
16:21:02.0806 0x27ec ProfSvc - ok
16:21:02.0811 0x27ec Psched - ok
16:21:02.0816 0x27ec QWAVE - ok
16:21:02.0816 0x27ec QWAVEdrv - ok
16:21:02.0821 0x27ec RasAcd - ok
16:21:02.0826 0x27ec RasAgileVpn - ok
16:21:02.0826 0x27ec RasAuto - ok
16:21:02.0831 0x27ec Rasl2tp - ok
16:21:02.0836 0x27ec RasMan - ok
16:21:02.0836 0x27ec RasPppoe - ok
16:21:02.0843 0x27ec RasSstp - ok
16:21:02.0846 0x27ec rdbss - ok
16:21:02.0850 0x27ec rdpbus - ok
16:21:02.0853 0x27ec RDPDR - ok
16:21:02.0857 0x27ec RdpVideoMiniport - ok
16:21:02.0862 0x27ec rdyboost - ok
16:21:02.0862 0x27ec ReFSv1 - ok
16:21:02.0867 0x27ec RemoteAccess - ok
16:21:02.0872 0x27ec RemoteRegistry - ok
16:21:02.0877 0x27ec RetailDemo - ok
16:21:02.0877 0x27ec RmSvc - ok
16:21:02.0882 0x27ec RpcEptMapper - ok
16:21:02.0882 0x27ec RpcLocator - ok
16:21:02.0887 0x27ec RpcSs - ok
16:21:02.0887 0x27ec rspndr - ok
16:21:02.0892 0x27ec rt640x64 - ok
16:21:02.0897 0x27ec s3cap - ok
16:21:02.0897 0x27ec SamSs - ok
16:21:02.0902 0x27ec sbp2port - ok
16:21:02.0907 0x27ec SCardSvr - ok
16:21:02.0912 0x27ec ScDeviceEnum - ok
16:21:02.0917 0x27ec scfilter - ok
16:21:02.0917 0x27ec Schedule - ok
16:21:02.0922 0x27ec scmbus - ok
16:21:02.0927 0x27ec scmdisk0101 - ok
16:21:02.0927 0x27ec SCPolicySvc - ok
16:21:02.0932 0x27ec sdbus - ok
16:21:02.0937 0x27ec SDRSVC - ok
16:21:02.0937 0x27ec sdstor - ok
16:21:02.0944 0x27ec seclogon - ok
16:21:02.0947 0x27ec SENS - ok
16:21:02.0949 0x27ec Sense - ok
16:21:02.0952 0x27ec SensorDataService - ok
16:21:02.0956 0x27ec SensorService - ok
16:21:02.0957 0x27ec SensrSvc - ok
16:21:02.0962 0x27ec SerCx - ok
16:21:02.0962 0x27ec SerCx2 - ok
16:21:02.0967 0x27ec Serenum - ok
16:21:02.0972 0x27ec Serial - ok
16:21:02.0972 0x27ec sermouse - ok
16:21:02.0977 0x27ec SessionEnv - ok
16:21:02.0982 0x27ec sfloppy - ok
16:21:02.0982 0x27ec SharedAccess - ok
16:21:02.0987 0x27ec ShellHWDetection - ok
16:21:02.0987 0x27ec shpamsvc - ok
16:21:02.0992 0x27ec SiSRaid2 - ok
16:21:02.0997 0x27ec SiSRaid4 - ok
16:21:03.0002 0x27ec smphost - ok
16:21:03.0002 0x27ec SmsRouter - ok
16:21:03.0007 0x27ec SNMPTRAP - ok
16:21:03.0012 0x27ec spaceport - ok
16:21:03.0012 0x27ec SpbCx - ok
16:21:03.0017 0x27ec Spooler - ok
16:21:03.0017 0x27ec sppsvc - ok
16:21:03.0023 0x27ec srv - ok
16:21:03.0023 0x27ec srv2 - ok
16:21:03.0028 0x27ec srvnet - ok
16:21:03.0033 0x27ec SSDPSRV - ok
16:21:03.0033 0x27ec SstpSvc - ok
16:21:03.0038 0x27ec StateRepository - ok
16:21:03.0043 0x27ec stexstor - ok
16:21:03.0047 0x27ec stisvc - ok
16:21:03.0050 0x27ec storahci - ok
16:21:03.0053 0x27ec storflt - ok
16:21:03.0056 0x27ec stornvme - ok
16:21:03.0057 0x27ec storqosflt - ok
16:21:03.0062 0x27ec StorSvc - ok
16:21:03.0062 0x27ec storufs - ok
16:21:03.0067 0x27ec storvsc - ok
16:21:03.0072 0x27ec svsvc - ok
16:21:03.0072 0x27ec swenum - ok
16:21:03.0087 0x27ec [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:21:03.0102 0x27ec SwitchBoard - ok
16:21:03.0102 0x27ec swprv - ok
16:21:03.0107 0x27ec Synth3dVsc - ok
16:21:03.0107 0x27ec SysMain - ok
16:21:03.0112 0x27ec SystemEventsBroker - ok
16:21:03.0117 0x27ec TabletInputService - ok
16:21:03.0117 0x27ec TapiSrv - ok
16:21:03.0122 0x27ec Tcpip - ok
16:21:03.0127 0x27ec Tcpip6 - ok
16:21:03.0127 0x27ec tcpipreg - ok
16:21:03.0132 0x27ec tdx - ok
16:21:03.0137 0x27ec terminpt - ok
16:21:03.0137 0x27ec TermService - ok
16:21:03.0146 0x27ec Themes - ok
16:21:03.0149 0x27ec TieringEngineService - ok
16:21:03.0153 0x27ec tiledatamodelsvc - ok
16:21:03.0157 0x27ec TimeBrokerSvc - ok
16:21:03.0157 0x27ec TPM - ok
16:21:03.0162 0x27ec TrkWks - ok
16:21:03.0167 0x27ec TrustedInstaller - ok
16:21:03.0172 0x27ec tsusbflt - ok
16:21:03.0177 0x27ec TsUsbGD - ok
16:21:03.0177 0x27ec tsusbhub - ok
16:21:03.0182 0x27ec tunnel - ok
16:21:03.0187 0x27ec tzautoupdate - ok
16:21:03.0187 0x27ec [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys C:\Windows\System32\drivers\t_mouse.sys
16:21:03.0192 0x27ec t_mouse.sys - ok
16:21:03.0192 0x27ec UASPStor - ok
16:21:03.0197 0x27ec UcmCx0101 - ok
16:21:03.0197 0x27ec UcmTcpciCx0101 - ok
16:21:03.0202 0x27ec UcmUcsi - ok
16:21:03.0202 0x27ec Ucx01000 - ok
16:21:03.0207 0x27ec UdeCx - ok
16:21:03.0212 0x27ec udfs - ok
16:21:03.0212 0x27ec UEFI - ok
16:21:03.0217 0x27ec UevAgentDriver - ok
16:21:03.0222 0x27ec UevAgentService - ok
16:21:03.0222 0x27ec Ufx01000 - ok
16:21:03.0227 0x27ec UfxChipidea - ok
16:21:03.0232 0x27ec ufxsynopsys - ok
16:21:03.0237 0x27ec UI0Detect - ok
16:21:03.0237 0x27ec umbus - ok
16:21:03.0244 0x27ec UmPass - ok
16:21:03.0247 0x27ec UmRdpService - ok
16:21:03.0250 0x27ec UnistoreSvc - ok
16:21:03.0256 0x27ec upnphost - ok
16:21:03.0257 0x27ec UrsChipidea - ok
16:21:03.0262 0x27ec UrsCx01000 - ok
16:21:03.0262 0x27ec UrsSynopsys - ok
16:21:03.0267 0x27ec [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
16:21:03.0272 0x27ec USBAAPL64 - ok
16:21:03.0277 0x27ec usbccgp - ok
16:21:03.0282 0x27ec usbcir - ok
16:21:03.0282 0x27ec usbehci - ok
16:21:03.0287 0x27ec usbhub - ok
16:21:03.0292 0x27ec USBHUB3 - ok
16:21:03.0292 0x27ec usbohci - ok
16:21:03.0297 0x27ec usbprint - ok
16:21:03.0302 0x27ec usbser - ok
16:21:03.0302 0x27ec USBSTOR - ok
16:21:03.0307 0x27ec usbuhci - ok
16:21:03.0312 0x27ec USBXHCI - ok
16:21:03.0317 0x27ec UserDataSvc - ok
16:21:03.0322 0x27ec UserManager - ok
16:21:03.0327 0x27ec UsoSvc - ok
16:21:03.0327 0x27ec VaultSvc - ok
16:21:03.0332 0x27ec vdrvroot - ok
16:21:03.0332 0x27ec vds - ok
16:21:03.0337 0x27ec VerifierExt - ok
16:21:03.0337 0x27ec vhdmp - ok
16:21:03.0345 0x27ec vhf - ok
16:21:03.0362 0x27ec [ EF2270C2DF2B61FF1B8C422DC443CEFE, 30C74108BC0DE5884D64C7611CE8282CE556D9B42D7BE1FE569DE2067FBB4D5A ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
16:21:03.0377 0x27ec VIAHdAudAddService - ok
16:21:03.0382 0x27ec [ 004175DA13E0372DA58F523104921631, 413A4C8169EDFDBAA58DA5FEDCBF1D0525F64A7AD34BAF17E29BCD14C1C189A7 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
16:21:03.0402 0x27ec VIAKaraokeService - ok
16:21:03.0402 0x27ec vmbus - ok
16:21:03.0407 0x27ec VMBusHID - ok
16:21:03.0412 0x27ec vmgid - ok
16:21:03.0412 0x27ec vmicguestinterface - ok
16:21:03.0417 0x27ec vmicheartbeat - ok
16:21:03.0422 0x27ec vmickvpexchange - ok
16:21:03.0427 0x27ec vmicrdv - ok
16:21:03.0427 0x27ec vmicshutdown - ok
16:21:03.0432 0x27ec vmictimesync - ok
16:21:03.0432 0x27ec vmicvmsession - ok
16:21:03.0437 0x27ec vmicvss - ok
16:21:03.0443 0x27ec volmgr - ok
16:21:03.0446 0x27ec volmgrx - ok
16:21:03.0449 0x27ec volsnap - ok
16:21:03.0453 0x27ec volume - ok
16:21:03.0456 0x27ec vpci - ok
16:21:03.0457 0x27ec vsmraid - ok
16:21:03.0462 0x27ec VSS - ok
16:21:03.0462 0x27ec VSTXRAID - ok
16:21:03.0467 0x27ec vwifibus - ok
16:21:03.0467 0x27ec vwififlt - ok
16:21:03.0472 0x27ec W32Time - ok
16:21:03.0477 0x27ec WacomPen - ok
16:21:03.0477 0x27ec WalletService - ok
16:21:03.0482 0x27ec wanarp - ok
16:21:03.0487 0x27ec wanarpv6 - ok
16:21:03.0492 0x27ec wbengine - ok
16:21:03.0492 0x27ec WbioSrvc - ok
16:21:03.0497 0x27ec wcifs - ok
16:21:03.0497 0x27ec Wcmsvc - ok
16:21:03.0502 0x27ec wcncsvc - ok
16:21:03.0507 0x27ec wcnfs - ok
16:21:03.0512 0x27ec WdBoot - ok
16:21:03.0512 0x27ec Wdf01000 - ok
16:21:03.0517 0x27ec WdFilter - ok
16:21:03.0522 0x27ec WdiServiceHost - ok
16:21:03.0522 0x27ec WdiSystemHost - ok
16:21:03.0527 0x27ec wdiwifi - ok
16:21:03.0532 0x27ec WdNisDrv - ok
16:21:03.0532 0x27ec WdNisSvc - ok
16:21:03.0537 0x27ec WebClient - ok
16:21:03.0544 0x27ec Wecsvc - ok
16:21:03.0547 0x27ec WEPHOSTSVC - ok
16:21:03.0550 0x27ec wercplsupport - ok
16:21:03.0553 0x27ec WerSvc - ok
16:21:03.0556 0x27ec WFPLWFS - ok
16:21:03.0557 0x27ec WiaRpc - ok
16:21:03.0563 0x27ec WIMMount - ok
16:21:03.0563 0x27ec WinDefend - ok
16:21:03.0568 0x27ec WindowsTrustedRT - ok
16:21:03.0573 0x27ec WindowsTrustedRTProxy - ok
16:21:03.0578 0x27ec WinHttpAutoProxySvc - ok
16:21:03.0578 0x27ec WinMad - ok
16:21:03.0587 0x27ec Winmgmt - ok
16:21:03.0593 0x27ec WinRM - ok
16:21:03.0598 0x27ec WINUSB - ok
16:21:03.0603 0x27ec WinVerbs - ok
16:21:03.0608 0x27ec [ 3A627A24EAC6CEC3BA59548AA70BAD6E, C4B908CEB2D6F7F14C635AE02E20B16DAF795073975AE3967627D27E8ABAB015 ] WirelessKeyboardFilter C:\Windows\System32\drivers\WirelessKeyboardFilter.sys
16:21:03.0613 0x27ec WirelessKeyboardFilter - ok
16:21:03.0617 0x27ec wisvc - ok
16:21:03.0617 0x27ec WlanSvc - ok
16:21:03.0623 0x27ec wlidsvc - ok
16:21:03.0628 0x27ec WmiAcpi - ok
16:21:03.0633 0x27ec wmiApSrv - ok
16:21:03.0633 0x27ec WMPNetworkSvc - ok
16:21:03.0637 0x27ec Wof - ok
16:21:03.0645 0x27ec workfolderssvc - ok
16:21:03.0648 0x27ec WPDBusEnum - ok
16:21:03.0651 0x27ec WpdUpFltr - ok
16:21:03.0655 0x27ec WpnService - ok
16:21:03.0658 0x27ec WpnUserService - ok
16:21:03.0663 0x27ec ws2ifsl - ok
16:21:03.0668 0x27ec wscsvc - ok
16:21:03.0668 0x27ec WSearch - ok
16:21:03.0673 0x27ec wuauserv - ok
16:21:03.0678 0x27ec WudfPf - ok
16:21:03.0678 0x27ec WUDFRd - ok
16:21:03.0683 0x27ec wudfsvc - ok
16:21:03.0683 0x27ec WUDFWpdFs - ok
16:21:03.0688 0x27ec WUDFWpdMtp - ok
16:21:03.0693 0x27ec WwanSvc - ok
16:21:03.0693 0x27ec XblAuthManager - ok
16:21:03.0698 0x27ec XblGameSave - ok
16:21:03.0703 0x27ec xboxgip - ok
16:21:03.0703 0x27ec XboxNetApiSvc - ok
16:21:03.0708 0x27ec xinputhid - ok
16:21:03.0713 0x27ec ================ Scan global ===============================
16:21:03.0723 0x27ec [ Global ] - ok
16:21:03.0723 0x27ec ================ Scan MBR ==================================
16:21:03.0738 0x27ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
16:21:03.0749 0x27ec \Device\Harddisk2\DR2 - ok
16:21:03.0763 0x27ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:21:03.0877 0x27ec \Device\Harddisk0\DR0 - ok
16:21:03.0877 0x27ec [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:21:04.0090 0x27ec \Device\Harddisk1\DR1 - ok
16:21:04.0090 0x27ec ================ Scan VBR ==================================
16:21:04.0092 0x27ec [ 9B36AC87CCD8DBD7266BE4802F2C548F ] \Device\Harddisk2\DR2\Partition1
16:21:04.0093 0x27ec \Device\Harddisk2\DR2\Partition1 - ok
16:21:04.0096 0x27ec [ 88B2F4B56CC02D9194866855BCEE54C5 ] \Device\Harddisk0\DR0\Partition1
16:21:04.0097 0x27ec \Device\Harddisk0\DR0\Partition1 - ok
16:21:04.0098 0x27ec [ D665C41385222288F1AB70024C6E69BD ] \Device\Harddisk0\DR0\Partition2
16:21:04.0098 0x27ec \Device\Harddisk0\DR0\Partition2 - ok
16:21:04.0103 0x27ec [ BD4D04F5ED84E6B94EAB718ACA386271 ] \Device\Harddisk1\DR1\Partition1
16:21:04.0103 0x27ec \Device\Harddisk1\DR1\Partition1 - ok
16:21:04.0103 0x27ec ================ Scan generic autorun ======================
16:21:04.0108 0x27ec [ DB367E8C8F46C26A05BA982715CC0DB5, 63AE8DD8E41260123E8C98905BD3D444BED86AEA6353F690483E5CB116433AC2 ] C:\Windows\system32\TiltWheelMouse.exe
16:21:04.0128 0x27ec MouseDriver - ok
16:21:04.0128 0x27ec WindowsDefender - ok
16:21:04.0128 0x27ec ShadowPlay - ok
16:21:04.0148 0x27ec [ 63B913AAB1244D8DED54CF0EFC8A56BD, 639830E9ECB004F09EA968EDF68C0037B5DFF7CCFF007DE5D11DEF2166707341 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
16:21:04.0158 0x27ec AdobeAAMUpdater-1.0 - ok
16:21:04.0168 0x27ec [ EB34C71AC9BF2532820AE0F8952EE437, 775561BB60F6DBEAB76C0DFE186C60EF95D0246E15CB1A8BBACD1F38C2EA9EA1 ] C:\Program Files\iTunes\iTunesHelper.exe
16:21:04.0168 0x27ec iTunesHelper - ok
16:21:04.0186 0x27ec [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:21:04.0194 0x27ec SwitchBoard - ok
16:21:04.0218 0x27ec [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
16:21:04.0387 0x27ec AdobeCS6ServiceManager - ok
16:21:04.0433 0x27ec OneDriveSetup - ok
16:21:04.0433 0x27ec OneDriveSetup - ok
16:21:04.0438 0x27ec OneDriveSetup - ok
16:21:04.0448 0x27ec [ 92952D657D754B615ED1709414B443E9, 39F8B63A195F256D035283816C10B45DDF73A177B4143C0575259EE81D6A4000 ] C:\Program Files (x86)\VLC Updater\vlc-updater.exe
16:21:05.0093 0x27ec VLC Updater - ok
16:21:05.0098 0x27ec Waiting for KSN requests completion. In queue: 13
16:21:06.0149 0x27ec AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
16:21:06.0174 0x27ec Win FW state via NFP2: enabled ( trusted )
16:21:06.0365 0x27ec ============================================================
16:21:06.0365 0x27ec Scan finished
16:21:06.0365 0x27ec ============================================================
16:21:06.0376 0x1ebc Detected object count: 0
16:21:06.0376 0x1ebc Actual detected object count: 0
16:21:21.0676 0x29c8 Deinitialize success |