Microsoft Security Essentials detects but cannot remove Trojan:DOS/Alureon.E

I run Windows 7 on a 64-bit system.

Earlier this month, after clicking on a google image link, Microsoft Security Essentials's scanner detected Trojan:DOS/Alureon.E on my computer. Whenever I tried to remove it, I receive an error encountered message. "Error code 0x800704ec. This program is blocked by group policy. For more information, contact your system administrator." Under the items section, it is listed at boot:\\.\PHYSICALDRIVE0\Partition3 (Type 17). Afterwards, my computer had a few strange behaviors, though all seem to be resolved with help I received from the Am I Infected board. (ie: Firefox and Google Chrome would not launch, Google searches would redirect, Windows Firewall was turned off.) I tried reinstalling Microsoft Security Essentials, but it still detects and cannot remove the trojan.

Thank you in advance for helping me with my computer woes!

Below is the DDS log and attached the Attach log.


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.2.0
Run by Amanda at 15:15:48 on 2012-06-19
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: WinZipBar Toolbar: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: WinZipBar Toolbar: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: WinZipBar Toolbar: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [eddbddebebdct] "C:\ProgramData\eddbddebebdct.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun: [SPC1330] C:\Windows\vspc1330.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AMLDEV~1.LNK - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk.disabled
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FA94D0AA-568A-4DCA-BB37-6E76DD2CA3F1} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FA94D0AA-568A-4DCA-BB37-6E76DD2CA3F1}\0786F647F6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{FA94D0AA-568A-4DCA-BB37-6E76DD2CA3F1}\35C464 : DhcpNameServer = 172.16.0.1
TCP: Interfaces\{FA94D0AA-568A-4DCA-BB37-6E76DD2CA3F1}\E4544574541425 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FA94D0AA-568A-4DCA-BB37-6E76DD2CA3F1}\E4544574541425F514A4F4 : DhcpNameServer = 192.168.1.1
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: WinZipBar Toolbar: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
BHO-X64: WinZipBar - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
BHO-X64: AMD SteadyVideo BHO - No File
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: WinZipBar Toolbar: {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files (x86)\WinZipBar\prxtbWinZ.dll
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
mRun-x64: [SPC1330] C:\Windows\vspc1330.exe
mRun-x64: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\u6antzhx.default\
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-06-19 18:54:03 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0E66DD11-AA9E-4D46-8717-11581B2ED0C2}\offreg.dll
2012-06-19 18:45:44 927800 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8F89C53D-6686-471D-A704-68991B93FD71}\gapaengine.dll
2012-06-19 18:45:42 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0E66DD11-AA9E-4D46-8717-11581B2ED0C2}\mpengine.dll
2012-06-19 18:43:31 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-06-19 18:43:29 -------- d-----w- C:\Program Files\Microsoft Security Client
2012-06-19 06:00:27 -------- d-----w- C:\Users\Amanda\AppData\Local\Diagnostics
2012-06-18 19:01:38 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2F637904-818F-48F1-A95E-E12BE7031E14}\mpengine.dll
2012-06-17 21:04:01 8955792 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2012-06-17 20:33:09 -------- d-sh--w- C:\Windows\System32\%APPDATA%
2012-06-16 19:01:11 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-15 08:28:29 -------- d-----w- C:\Program Files (x86)\ESET
2012-06-15 07:01:03 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-15 07:01:02 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-15 07:01:01 174200 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2012-06-15 07:01:01 140920 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2012-06-15 07:01:00 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2012-06-15 07:01:00 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2012-06-15 06:42:37 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-06-15 06:38:35 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-02 18:48:57 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-06-02 18:48:57 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-06-01 05:21:11 0 ----a-w- C:\ProgramData\eddbddebebdct.exe
2012-06-01 02:37:28 -------- d-----w- C:\Users\Amanda\AppData\Roaming\Xuhaw
2012-06-01 02:37:28 -------- d-----w- C:\Users\Amanda\AppData\Roaming\Pefoh
2012-06-01 02:37:28 -------- d-----w- C:\Users\Amanda\AppData\Roaming\Dailvy
2012-05-31 06:06:17 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-05-31 03:06:53 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-05-31 03:02:21 -------- d-----w- C:\Program Files (x86)\FileAdvisor
2012-05-30 17:59:30 4966600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-05-30 09:46:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-29 19:04:23 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2012-05-29 19:04:02 129144 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
2012-05-21 22:15:15 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-05-21 22:15:11 157352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-05-21 22:15:11 129976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
.
==================== Find3M ====================
.
2012-05-29 19:03:50 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys
2012-05-05 06:54:23 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 06:54:23 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-05 06:54:09 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll
2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-27 01:28:54 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-03-27 01:28:54 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-03-27 01:28:54 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-03-27 01:28:54 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2009-11-20 01:08:02 3749224 ----a-w- C:\Program Files (x86)\Common Files\adlmint_libFNP.dll
2009-11-20 01:08:02 2941288 ----a-w- C:\Program Files (x86)\Common Files\adlmint.dll
.
============= FINISH: 15:16:34.36 ===============

Good evening.

Download TDSSKiller.zip from Kaspersky from here and save it to your Desktop.

• You will then need to extract the file(s) from the zipped folder.
  
• To do this: Right-click on the zipped folder and from the menu that appears, click on Extract All...
  In the Extraction Wizard window that opens, click on Next> and in the next window that appears, click on Next> again.
  In the final window, click on Finish
  
• Please close all open programs as this may result in a reboot being necessary.
  
• Double click TDSSKiller.exe to begin.
• Click Change parameters and check the two boxes under Additional Options.
• Click Start scan and allow the tool to do just that.
  
• One the scan has completed, if the tool has identified anything allow it to carry out it's default action(s) - you'll need to click Continue where appropriate.
• Finally, if it prompts you to reboot your machine, please click Reboot Now and ensure that your machine does so.
  
• The log that the tool creates will be located at the root of you hard drive as C:\TDSSKiller.Version_Date_Time_log.txt. - i'd like a copy of the contents in your next reply.
  Please check that you get the one with the right date and time.

Hello Noviciate. Here's the log.


TDSSKiller log:

16:05:17.0689 5440 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
16:05:18.0079 5440 ============================================================
16:05:18.0079 5440 Current date / time: 2012/06/19 16:05:18.0079
16:05:18.0079 5440 SystemInfo:
16:05:18.0079 5440
16:05:18.0079 5440 OS Version: 6.1.7601 ServicePack: 1.0
16:05:18.0079 5440 Product type: Workstation
16:05:18.0079 5440 ComputerName: AMANDA-PC
16:05:18.0079 5440 UserName: Amanda
16:05:18.0079 5440 Windows directory: C:\Windows
16:05:18.0079 5440 System windows directory: C:\Windows
16:05:18.0079 5440 Running under WOW64
16:05:18.0079 5440 Processor architecture: Intel x64
16:05:18.0079 5440 Number of processors: 4
16:05:18.0079 5440 Page size: 0x1000
16:05:18.0079 5440 Boot type: Normal boot
16:05:18.0079 5440 ============================================================
16:05:18.0547 5440 Drive \Device\Harddisk0\DR0 - Size: 0xE8D4A50000 (931.32 Gb), SectorSize: 0x200, Cylinders: 0x1DAE8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:05:18.0687 5440 ============================================================
16:05:18.0687 5440 \Device\Harddisk0\DR0:
16:05:18.0687 5440 MBR partitions:
16:05:18.0687 5440 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:05:18.0687 5440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72FCC800
16:05:18.0687 5440 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72FFF000, BlocksNum 0x16A1280
16:05:18.0687 5440 ============================================================
16:05:18.0734 5440 C: <-> \Device\Harddisk0\DR0\Partition1
16:05:18.0843 5440 D: <-> \Device\Harddisk0\DR0\Partition2
16:05:18.0843 5440 ============================================================
16:05:18.0843 5440 Initialize success
16:05:18.0843 5440 ============================================================
16:06:11.0207 5192 ============================================================
16:06:11.0207 5192 Scan started
16:06:11.0207 5192 Mode: Manual; SigCheck; TDLFS;
16:06:11.0207 5192 ============================================================
16:06:12.0112 5192 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:06:12.0190 5192 1394ohci - ok
16:06:12.0362 5192 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:06:12.0409 5192 ACDaemon - ok
16:06:12.0455 5192 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:06:12.0471 5192 ACPI - ok
16:06:12.0533 5192 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:06:12.0565 5192 AcpiPmi - ok
16:06:12.0674 5192 ACPService (92996a91e5afe1b763f95e6c59914d16) C:\Program Files (x86)\Philips\CamSuite\1.0.9.0\ACPService.exe
16:06:42.0844 5192 ACPService ( UnsignedFile.Multi.Generic ) - warning
16:06:42.0844 5192 ACPService - detected UnsignedFile.Multi.Generic (1)
16:06:43.0063 5192 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:06:43.0094 5192 AdobeARMservice - ok
16:06:43.0281 5192 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:06:43.0312 5192 AdobeFlashPlayerUpdateSvc - ok
16:06:43.0515 5192 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:06:43.0546 5192 adp94xx - ok
16:06:43.0593 5192 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:06:43.0609 5192 adpahci - ok
16:06:43.0640 5192 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:06:43.0655 5192 adpu320 - ok
16:06:43.0687 5192 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:06:43.0733 5192 AeLookupSvc - ok
16:06:43.0827 5192 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:06:43.0843 5192 AFD - ok
16:06:43.0905 5192 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:06:43.0936 5192 agp440 - ok
16:06:43.0967 5192 ahcix64s (aa3f73ccbf498bd56800f840d75e40e4) C:\Windows\system32\DRIVERS\ahcix64s.sys
16:06:43.0983 5192 ahcix64s - ok
16:06:43.0999 5192 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:06:44.0014 5192 ALG - ok
16:06:44.0014 5192 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:06:44.0030 5192 aliide - ok
16:06:44.0077 5192 AMD External Events Utility (a592ca3ec9a5af7f74d5169d556b976f) C:\Windows\system32\atiesrxx.exe
16:06:44.0123 5192 AMD External Events Utility - ok
16:06:44.0233 5192 AMD FUEL Service - ok
16:06:44.0248 5192 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:06:44.0279 5192 amdide - ok
16:06:44.0311 5192 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
16:06:44.0311 5192 amdiox64 - ok
16:06:44.0342 5192 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:06:44.0373 5192 AmdK8 - ok
16:06:45.0075 5192 amdkmdag (1512ceedc3657082f396a0818528b5e8) C:\Windows\system32\DRIVERS\atikmdag.sys
16:06:45.0278 5192 amdkmdag - ok
16:06:45.0449 5192 amdkmdap (3d00276750e2d6f35228e12868cf1a46) C:\Windows\system32\DRIVERS\atikmpag.sys
16:06:45.0481 5192 amdkmdap - ok
16:06:45.0543 5192 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:06:45.0574 5192 AmdPPM - ok
16:06:45.0621 5192 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:06:45.0637 5192 amdsata - ok
16:06:45.0668 5192 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:06:45.0683 5192 amdsbs - ok
16:06:45.0699 5192 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:06:45.0715 5192 amdxata - ok
16:06:45.0855 5192 AMD_RAIDXpert (2b8d1c23d204c0e70eff48a3ffa1c67b) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
16:06:45.0933 5192 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - warning
16:06:45.0933 5192 AMD_RAIDXpert - detected UnsignedFile.Multi.Generic (1)
16:06:46.0105 5192 AODDriver4.01 (0e2ba6dc63e9cf3bf275856735a3e3be) c:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:06:46.0136 5192 AODDriver4.01 - ok
16:06:46.0229 5192 AODDriver4.1 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:06:46.0261 5192 AODDriver4.1 - ok
16:06:46.0307 5192 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:06:46.0370 5192 AppID - ok
16:06:46.0401 5192 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:06:46.0432 5192 AppIDSvc - ok
16:06:46.0463 5192 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:06:46.0495 5192 Appinfo - ok
16:06:46.0573 5192 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:06:46.0604 5192 Apple Mobile Device - ok
16:06:46.0651 5192 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:06:46.0682 5192 arc - ok
16:06:46.0697 5192 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:06:46.0713 5192 arcsas - ok
16:06:46.0822 5192 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:06:46.0853 5192 aspnet_state - ok
16:06:46.0916 5192 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:06:46.0963 5192 AsyncMac - ok
16:06:47.0025 5192 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:06:47.0056 5192 atapi - ok
16:06:47.0181 5192 athr (7d89b0c443f6068e5b27aa3b972069ff) C:\Windows\system32\DRIVERS\athrx.sys
16:06:47.0259 5192 athr - ok
16:06:47.0431 5192 AtiHdmiService (d481083348138b4933acfe95812db71c) C:\Windows\system32\drivers\AtiHdmi.sys
16:06:47.0446 5192 AtiHdmiService - ok
16:06:47.0992 5192 atikmdag (1512ceedc3657082f396a0818528b5e8) C:\Windows\system32\DRIVERS\atikmdag.sys
16:06:48.0086 5192 atikmdag - ok
16:06:48.0164 5192 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
16:06:48.0195 5192 AtiPcie - ok
16:06:48.0304 5192 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:06:48.0367 5192 AudioEndpointBuilder - ok
16:06:48.0367 5192 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:06:48.0398 5192 AudioSrv - ok
16:06:48.0460 5192 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:06:48.0507 5192 AxInstSV - ok
16:06:48.0554 5192 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:06:48.0585 5192 b06bdrv - ok
16:06:48.0632 5192 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:06:48.0647 5192 b57nd60a - ok
16:06:48.0757 5192 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:06:48.0803 5192 BBSvc - ok
16:06:48.0881 5192 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:06:48.0897 5192 BBUpdate - ok
16:06:48.0928 5192 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:06:48.0944 5192 BDESVC - ok
16:06:48.0975 5192 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:06:49.0022 5192 Beep - ok
16:06:49.0131 5192 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:06:49.0193 5192 BFE - ok
16:06:49.0303 5192 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:06:49.0334 5192 BingDesktopUpdate - ok
16:06:49.0427 5192 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:06:49.0490 5192 BITS - ok
16:06:49.0568 5192 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:06:49.0599 5192 blbdrive - ok
16:06:49.0724 5192 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:06:49.0755 5192 Bonjour Service - ok
16:06:49.0817 5192 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:06:49.0833 5192 bowser - ok
16:06:49.0864 5192 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:06:49.0880 5192 BrFiltLo - ok
16:06:49.0895 5192 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:06:49.0911 5192 BrFiltUp - ok
16:06:49.0942 5192 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:06:49.0973 5192 Browser - ok
16:06:50.0083 5192 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:06:50.0114 5192 Brserid - ok
16:06:50.0192 5192 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:06:50.0207 5192 BrSerWdm - ok
16:06:50.0239 5192 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:06:50.0254 5192 BrUsbMdm - ok
16:06:50.0270 5192 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:06:50.0285 5192 BrUsbSer - ok
16:06:50.0317 5192 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:06:50.0332 5192 BTHMODEM - ok
16:06:50.0379 5192 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:06:50.0410 5192 bthserv - ok
16:06:50.0504 5192 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
16:06:50.0535 5192 BVRPMPR5a64 - ok
16:06:50.0582 5192 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:06:50.0660 5192 cdfs - ok
16:06:50.0707 5192 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:06:50.0738 5192 cdrom - ok
16:06:50.0800 5192 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:06:50.0863 5192 CertPropSvc - ok
16:06:50.0894 5192 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:06:50.0925 5192 circlass - ok
16:06:50.0956 5192 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:06:50.0972 5192 CLFS - ok
16:06:51.0050 5192 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:06:51.0081 5192 clr_optimization_v2.0.50727_32 - ok
16:06:51.0175 5192 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:06:51.0190 5192 clr_optimization_v2.0.50727_64 - ok
16:06:51.0315 5192 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:06:51.0331 5192 clr_optimization_v4.0.30319_32 - ok
16:06:51.0409 5192 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:06:51.0440 5192 clr_optimization_v4.0.30319_64 - ok
16:06:51.0487 5192 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:06:51.0518 5192 CmBatt - ok
16:06:51.0611 5192 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:06:51.0643 5192 cmdide - ok
16:06:51.0705 5192 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:06:51.0767 5192 CNG - ok
16:06:51.0767 5192 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:06:51.0783 5192 Compbatt - ok
16:06:51.0830 5192 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:06:51.0861 5192 CompositeBus - ok
16:06:51.0877 5192 COMSysApp - ok
16:06:51.0892 5192 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:06:51.0908 5192 crcdisk - ok
16:06:51.0955 5192 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:06:51.0986 5192 CryptSvc - ok
16:06:52.0048 5192 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:06:52.0111 5192 DcomLaunch - ok
16:06:52.0157 5192 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:06:52.0235 5192 defragsvc - ok
16:06:52.0267 5192 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:06:52.0298 5192 DfsC - ok
16:06:52.0345 5192 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:06:52.0407 5192 Dhcp - ok
16:06:52.0469 5192 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:06:52.0532 5192 discache - ok
16:06:52.0563 5192 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:06:52.0563 5192 Disk - ok
16:06:52.0594 5192 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:06:52.0610 5192 Dnscache - ok
16:06:52.0672 5192 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:06:52.0719 5192 dot3svc - ok
16:06:52.0766 5192 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:06:52.0797 5192 Dot4 - ok
16:06:52.0859 5192 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
16:06:52.0891 5192 Dot4Print - ok
16:06:52.0906 5192 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:06:52.0922 5192 dot4usb - ok
16:06:52.0953 5192 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:06:52.0969 5192 DPS - ok
16:06:53.0015 5192 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:06:53.0015 5192 drmkaud - ok
16:06:53.0078 5192 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:06:53.0109 5192 DXGKrnl - ok
16:06:53.0156 5192 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:06:53.0203 5192 EapHost - ok
16:06:53.0390 5192 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:06:53.0499 5192 ebdrv - ok
16:06:53.0624 5192 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:06:53.0655 5192 EFS - ok
16:06:53.0733 5192 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:06:53.0827 5192 ehRecvr - ok
16:06:53.0873 5192 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:06:53.0951 5192 ehSched - ok
16:06:54.0045 5192 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:06:54.0107 5192 elxstor - ok
16:06:54.0139 5192 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:06:54.0170 5192 ErrDev - ok
16:06:54.0201 5192 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:06:54.0248 5192 EventSystem - ok
16:06:54.0279 5192 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:06:54.0341 5192 exfat - ok
16:06:54.0373 5192 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:06:54.0419 5192 fastfat - ok
16:06:54.0435 5192 FastUserSwitchingCompatibility - ok
16:06:54.0466 5192 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:06:54.0482 5192 Fax - ok
16:06:54.0513 5192 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:06:54.0529 5192 fdc - ok
16:06:54.0544 5192 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:06:54.0607 5192 fdPHost - ok
16:06:54.0607 5192 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:06:54.0638 5192 FDResPub - ok
16:06:54.0653 5192 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:06:54.0669 5192 FileInfo - ok
16:06:54.0685 5192 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:06:54.0700 5192 Filetrace - ok
16:06:54.0841 5192 FLEXnet Licensing Service (d60ef46dc0e757fe5eb579db95b88954) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:06:54.0919 5192 FLEXnet Licensing Service - ok
16:06:55.0090 5192 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
16:06:55.0184 5192 FLEXnet Licensing Service 64 - ok
16:06:55.0277 5192 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:06:55.0309 5192 flpydisk - ok
16:06:55.0371 5192 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:06:55.0402 5192 FltMgr - ok
16:06:55.0558 5192 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:06:55.0589 5192 FontCache - ok
16:06:55.0792 5192 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:06:55.0792 5192 FontCache3.0.0.0 - ok
16:06:55.0823 5192 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:06:55.0839 5192 FsDepends - ok
16:06:55.0870 5192 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:06:55.0901 5192 Fs_Rec - ok
16:06:55.0964 5192 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:06:55.0995 5192 fvevol - ok
16:06:56.0011 5192 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:06:56.0026 5192 gagp30kx - ok
16:06:56.0120 5192 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
16:06:56.0151 5192 GameConsoleService - ok
16:06:56.0182 5192 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:06:56.0198 5192 GEARAspiWDM - ok
16:06:56.0260 5192 GManager (bab3d4a08950b54d7a7f17708990b6b4) C:\Windows\system32\GManager.exe
16:06:56.0291 5192 GManager - ok
16:06:56.0385 5192 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:06:56.0432 5192 gpsvc - ok
16:06:56.0572 5192 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:06:56.0603 5192 gupdate - ok
16:06:56.0619 5192 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:06:56.0619 5192 gupdatem - ok
16:06:56.0713 5192 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:06:56.0744 5192 hcw85cir - ok
16:06:56.0822 5192 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:06:56.0837 5192 HDAudBus - ok
16:06:56.0915 5192 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:06:56.0947 5192 HidBatt - ok
16:06:56.0993 5192 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:06:57.0025 5192 HidBth - ok
16:06:57.0071 5192 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:06:57.0087 5192 HidIr - ok
16:06:57.0103 5192 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:06:57.0149 5192 hidserv - ok
16:06:57.0196 5192 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:06:57.0227 5192 HidUsb - ok
16:06:57.0274 5192 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:06:57.0337 5192 hkmsvc - ok
16:06:57.0368 5192 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:06:57.0383 5192 HomeGroupListener - ok
16:06:57.0415 5192 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:06:57.0430 5192 HomeGroupProvider - ok
16:06:57.0539 5192 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:06:57.0571 5192 hpqcxs08 - ok
16:06:57.0602 5192 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:06:57.0602 5192 hpqddsvc - ok
16:06:57.0680 5192 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:06:57.0711 5192 hpqwmiex - ok
16:06:57.0742 5192 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:06:57.0773 5192 HpSAMD - ok
16:06:57.0867 5192 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:06:57.0914 5192 HTTP - ok
16:06:57.0992 5192 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:06:58.0023 5192 hwpolicy - ok
16:06:58.0054 5192 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:06:58.0085 5192 i8042prt - ok
16:06:58.0117 5192 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:06:58.0132 5192 iaStorV - ok
16:06:58.0257 5192 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:06:58.0304 5192 idsvc - ok
16:06:58.0319 5192 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:06:58.0335 5192 iirsp - ok
16:06:58.0413 5192 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:06:58.0460 5192 IKEEXT - ok
16:06:58.0663 5192 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
16:06:58.0756 5192 IntcAzAudAddService - ok
16:06:58.0865 5192 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:06:58.0897 5192 intelide - ok
16:06:58.0959 5192 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:06:58.0990 5192 intelppm - ok
16:06:59.0021 5192 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:06:59.0053 5192 IPBusEnum - ok
16:06:59.0084 5192 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:06:59.0115 5192 IpFilterDriver - ok
16:06:59.0146 5192 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:06:59.0177 5192 IPMIDRV - ok
16:06:59.0209 5192 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:06:59.0240 5192 IPNAT - ok
16:06:59.0380 5192 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:06:59.0411 5192 iPod Service - ok
16:06:59.0458 5192 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:06:59.0489 5192 IRENUM - ok
16:06:59.0536 5192 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:06:59.0567 5192 isapnp - ok
16:06:59.0661 5192 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:06:59.0692 5192 iScsiPrt - ok
16:06:59.0770 5192 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:06:59.0801 5192 kbdclass - ok
16:06:59.0848 5192 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:06:59.0879 5192 kbdhid - ok
16:06:59.0911 5192 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:06:59.0942 5192 KeyIso - ok
16:06:59.0989 5192 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:07:00.0004 5192 KSecDD - ok
16:07:00.0051 5192 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:07:00.0067 5192 KSecPkg - ok
16:07:00.0067 5192 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:07:00.0098 5192 ksthunk - ok
16:07:00.0129 5192 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:07:00.0160 5192 KtmRm - ok
16:07:00.0223 5192 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:07:00.0238 5192 LanmanServer - ok
16:07:00.0301 5192 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:07:00.0363 5192 LanmanWorkstation - ok
16:07:00.0425 5192 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:07:00.0503 5192 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:07:00.0503 5192 LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:07:00.0566 5192 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:07:00.0613 5192 lltdio - ok
16:07:00.0691 5192 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:07:00.0753 5192 lltdsvc - ok
16:07:00.0784 5192 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:07:00.0815 5192 lmhosts - ok
16:07:00.0847 5192 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:07:00.0862 5192 LSI_FC - ok
16:07:00.0893 5192 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:07:00.0925 5192 LSI_SAS - ok
16:07:00.0956 5192 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:07:00.0971 5192 LSI_SAS2 - ok
16:07:00.0987 5192 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:07:01.0003 5192 LSI_SCSI - ok
16:07:01.0034 5192 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:07:01.0065 5192 luafv - ok
16:07:01.0096 5192 LVPr2M64 - ok
16:07:01.0159 5192 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
16:07:01.0190 5192 LVRS64 - ok
16:07:01.0502 5192 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
16:07:01.0627 5192 LVUVC64 - ok
16:07:01.0736 5192 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
16:07:01.0767 5192 MBAMProtector - ok
16:07:01.0907 5192 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:07:01.0970 5192 MBAMService - ok
16:07:02.0032 5192 MCTDesktopSvr (3e23a0792d5ee0a072961e9e9f347368) C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
16:07:02.0063 5192 MCTDesktopSvr - ok
16:07:02.0079 5192 mctkmd (1bcdb4163f9f75f3c560447145e48062) C:\Windows\system32\drivers\mctkmd64.sys
16:07:02.0095 5192 mctkmd - ok
16:07:02.0110 5192 mctkmdldr (7e622c16ca2798b352c0b31dbb208cbd) C:\Windows\system32\drivers\mctkmdldr64.sys
16:07:02.0110 5192 mctkmdldr - ok
16:07:02.0141 5192 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:07:02.0157 5192 Mcx2Svc - ok
16:07:02.0219 5192 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:07:02.0251 5192 megasas - ok
16:07:02.0344 5192 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:07:02.0375 5192 MegaSR - ok
16:07:02.0516 5192 MemeoBackgroundService (9547f37d0e899fd71b52b2afd4437c79) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
16:07:02.0531 5192 MemeoBackgroundService - ok
16:07:02.0719 5192 mi-raysat_3dsmax2012_64 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
16:07:02.0797 5192 mi-raysat_3dsmax2012_64 ( UnsignedFile.Multi.Generic ) - warning
16:07:02.0797 5192 mi-raysat_3dsmax2012_64 - detected UnsignedFile.Multi.Generic (1)
16:07:02.0828 5192 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:07:02.0859 5192 MMCSS - ok
16:07:02.0875 5192 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:07:02.0906 5192 Modem - ok
16:07:02.0953 5192 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:07:02.0984 5192 monitor - ok
16:07:03.0015 5192 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:07:03.0031 5192 mouclass - ok
16:07:03.0062 5192 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:07:03.0077 5192 mouhid - ok
16:07:03.0124 5192 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:07:03.0140 5192 mountmgr - ok
16:07:03.0218 5192 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:07:03.0218 5192 MozillaMaintenance - ok
16:07:03.0343 5192 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:07:03.0374 5192 MpFilter - ok
16:07:03.0483 5192 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:07:03.0499 5192 mpio - ok
16:07:03.0530 5192 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:07:03.0561 5192 mpsdrv - ok
16:07:03.0686 5192 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:07:03.0748 5192 MpsSvc - ok
16:07:03.0795 5192 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:07:03.0826 5192 MRxDAV - ok
16:07:03.0858 5192 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:07:03.0873 5192 mrxsmb - ok
16:07:03.0936 5192 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:07:03.0951 5192 mrxsmb10 - ok
16:07:03.0967 5192 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:07:03.0982 5192 mrxsmb20 - ok
16:07:04.0029 5192 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:07:04.0045 5192 msahci - ok
16:07:04.0076 5192 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:07:04.0092 5192 msdsm - ok
16:07:04.0138 5192 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:07:04.0170 5192 MSDTC - ok
16:07:04.0201 5192 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:07:04.0248 5192 Msfs - ok
16:07:04.0248 5192 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:07:04.0279 5192 mshidkmdf - ok
16:07:04.0310 5192 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:07:04.0310 5192 msisadrv - ok
16:07:04.0341 5192 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:07:04.0372 5192 MSiSCSI - ok
16:07:04.0372 5192 msiserver - ok
16:07:04.0419 5192 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:07:04.0482 5192 MSKSSRV - ok
16:07:04.0606 5192 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:07:04.0638 5192 MsMpSvc - ok
16:07:04.0716 5192 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:07:04.0762 5192 MSPCLOCK - ok
16:07:04.0794 5192 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:07:04.0825 5192 MSPQM - ok
16:07:04.0872 5192 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:07:04.0887 5192 MsRPC - ok
16:07:04.0903 5192 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:07:04.0903 5192 mssmbios - ok
16:07:05.0012 5192 MSSQL$SQLEXPRESS - ok
16:07:05.0106 5192 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:07:05.0137 5192 MSSQLServerADHelper100 - ok
16:07:05.0168 5192 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:07:05.0230 5192 MSTEE - ok
16:07:05.0262 5192 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:07:05.0262 5192 MTConfig - ok
16:07:05.0277 5192 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:07:05.0293 5192 Mup - ok
16:07:05.0386 5192 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:07:05.0449 5192 napagent - ok
16:07:05.0496 5192 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:07:05.0542 5192 NativeWifiP - ok
16:07:05.0683 5192 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:07:05.0730 5192 NDIS - ok
16:07:05.0761 5192 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:07:05.0823 5192 NdisCap - ok
16:07:05.0839 5192 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:07:05.0870 5192 NdisTapi - ok
16:07:05.0917 5192 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:07:05.0979 5192 Ndisuio - ok
16:07:06.0010 5192 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:07:06.0042 5192 NdisWan - ok
16:07:06.0073 5192 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:07:06.0120 5192 NDProxy - ok
16:07:06.0198 5192 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
16:07:06.0213 5192 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:07:06.0213 5192 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:07:06.0229 5192 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:07:06.0276 5192 NetBIOS - ok
16:07:06.0338 5192 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:07:06.0400 5192 NetBT - ok
16:07:06.0432 5192 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:07:06.0432 5192 Netlogon - ok
16:07:06.0494 5192 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:07:06.0556 5192 Netman - ok
16:07:06.0634 5192 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:07:06.0666 5192 NetMsmqActivator - ok
16:07:06.0666 5192 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:07:06.0681 5192 NetPipeActivator - ok
16:07:06.0728 5192 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:07:06.0775 5192 netprofm - ok
16:07:06.0790 5192 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:07:06.0790 5192 NetTcpActivator - ok
16:07:06.0790 5192 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:07:06.0806 5192 NetTcpPortSharing - ok
16:07:06.0868 5192 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:07:06.0900 5192 nfrd960 - ok
16:07:06.0946 5192 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:07:06.0978 5192 NisDrv - ok
16:07:07.0118 5192 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:07:07.0165 5192 NisSrv - ok
16:07:07.0227 5192 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:07:07.0274 5192 NlaSvc - ok
16:07:07.0305 5192 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:07:07.0321 5192 Npfs - ok
16:07:07.0336 5192 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:07:07.0368 5192 nsi - ok
16:07:07.0368 5192 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:07:07.0399 5192 nsiproxy - ok
16:07:07.0524 5192 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:07:07.0602 5192 Ntfs - ok
16:07:07.0711 5192 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:07:07.0773 5192 Null - ok
16:07:07.0820 5192 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:07:07.0851 5192 nvraid - ok
16:07:07.0851 5192 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:07:07.0882 5192 nvstor - ok
16:07:07.0882 5192 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:07:07.0898 5192 nv_agp - ok
16:07:08.0070 5192 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:07:08.0101 5192 odserv - ok
16:07:08.0226 5192 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:07:08.0257 5192 ohci1394 - ok
16:07:08.0304 5192 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:07:08.0335 5192 ose - ok
16:07:08.0397 5192 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:07:08.0413 5192 p2pimsvc - ok
16:07:08.0506 5192 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:07:08.0538 5192 p2psvc - ok
16:07:08.0631 5192 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:07:08.0662 5192 Parport - ok
16:07:08.0694 5192 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:07:08.0709 5192 partmgr - ok
16:07:08.0725 5192 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:07:08.0756 5192 PcaSvc - ok
16:07:08.0787 5192 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:07:08.0803 5192 pci - ok
16:07:08.0803 5192 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:07:08.0818 5192 pciide - ok
16:07:08.0850 5192 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:07:08.0865 5192 pcmcia - ok
16:07:08.0881 5192 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:07:08.0896 5192 pcw - ok
16:07:08.0928 5192 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:07:08.0974 5192 PEAUTH - ok
16:07:09.0037 5192 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:07:09.0084 5192 PerfHost - ok
16:07:09.0146 5192 phaudlwr (fe8af03efec0387fbbfcfd32e328db9a) C:\Windows\system32\DRIVERS\phaudlwr.sys
16:07:09.0177 5192 phaudlwr - ok
16:07:09.0489 5192 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:07:09.0567 5192 pla - ok
16:07:09.0614 5192 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:07:09.0630 5192 PlugPlay - ok
16:07:09.0676 5192 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
16:07:09.0692 5192 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:07:09.0692 5192 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:07:09.0723 5192 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:07:09.0739 5192 PNRPAutoReg - ok
16:07:09.0770 5192 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:07:09.0786 5192 PNRPsvc - ok
16:07:09.0848 5192 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:07:09.0910 5192 PolicyAgent - ok
16:07:09.0942 5192 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:07:09.0957 5192 Power - ok
16:07:10.0020 5192 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:07:10.0082 5192 PptpMiniport - ok
16:07:10.0098 5192 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:07:10.0113 5192 Processor - ok
16:07:10.0191 5192 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:07:10.0222 5192 ProfSvc - ok
16:07:10.0285 5192 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:07:10.0316 5192 ProtectedStorage - ok
16:07:10.0410 5192 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:07:10.0456 5192 Psched - ok
16:07:10.0503 5192 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:07:10.0534 5192 PxHlpa64 - ok
16:07:10.0644 5192 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:07:10.0737 5192 ql2300 - ok
16:07:10.0862 5192 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:07:10.0893 5192 ql40xx - ok
16:07:10.0924 5192 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:07:10.0940 5192 QWAVE - ok
16:07:10.0971 5192 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:07:10.0987 5192 QWAVEdrv - ok
16:07:11.0002 5192 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:07:11.0018 5192 RasAcd - ok
16:07:11.0065 5192 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:07:11.0143 5192 RasAgileVpn - ok
16:07:11.0158 5192 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:07:11.0190 5192 RasAuto - ok
16:07:11.0252 5192 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:07:11.0299 5192 Rasl2tp - ok
16:07:11.0392 5192 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:07:11.0455 5192 RasMan - ok
16:07:11.0470 5192 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:07:11.0486 5192 RasPppoe - ok
16:07:11.0502 5192 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:07:11.0533 5192 RasSstp - ok
16:07:11.0611 5192 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:07:11.0673 5192 rdbss - ok
16:07:11.0689 5192 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:07:11.0704 5192 rdpbus - ok
16:07:11.0720 5192 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:07:11.0736 5192 RDPCDD - ok
16:07:11.0767 5192 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:07:11.0798 5192 RDPENCDD - ok
16:07:11.0798 5192 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:07:11.0814 5192 RDPREFMP - ok
16:07:11.0860 5192 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:07:11.0892 5192 RDPWD - ok
16:07:11.0954 5192 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:07:11.0985 5192 rdyboost - ok
16:07:12.0016 5192 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:07:12.0048 5192 RemoteAccess - ok
16:07:12.0094 5192 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:07:12.0126 5192 RemoteRegistry - ok
16:07:12.0157 5192 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:07:12.0188 5192 RimUsb - ok
16:07:12.0204 5192 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:07:12.0235 5192 RpcEptMapper - ok
16:07:12.0250 5192 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:07:12.0266 5192 RpcLocator - ok
16:07:12.0328 5192 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:07:12.0391 5192 RpcSs - ok
16:07:12.0484 5192 RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\Windows\system32\DRIVERS\RsFx0105.sys
16:07:12.0500 5192 RsFx0105 - ok
16:07:12.0531 5192 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:07:12.0562 5192 rspndr - ok
16:07:12.0625 5192 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:07:12.0656 5192 RTL8167 - ok
16:07:12.0687 5192 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:07:12.0703 5192 SamSs - ok
16:07:12.0750 5192 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:07:12.0750 5192 sbp2port - ok
16:07:12.0968 5192 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:07:13.0030 5192 SBSDWSCService - ok
16:07:13.0062 5192 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:07:13.0093 5192 SCardSvr - ok
16:07:13.0155 5192 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:07:13.0202 5192 scfilter - ok
16:07:13.0311 5192 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:07:13.0342 5192 Schedule - ok
16:07:13.0420 5192 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:07:13.0467 5192 SCPolicySvc - ok
16:07:13.0545 5192 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:07:13.0592 5192 SDRSVC - ok
16:07:13.0623 5192 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:07:13.0670 5192 secdrv - ok
16:07:13.0732 5192 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:07:13.0779 5192 seclogon - ok
16:07:13.0810 5192 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:07:13.0826 5192 SENS - ok
16:07:13.0842 5192 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:07:13.0857 5192 SensrSvc - ok
16:07:13.0888 5192 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:07:13.0888 5192 Serenum - ok
16:07:13.0920 5192 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:07:13.0951 5192 Serial - ok
16:07:13.0982 5192 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:07:13.0998 5192 sermouse - ok
16:07:14.0044 5192 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:07:14.0091 5192 SessionEnv - ok
16:07:14.0122 5192 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:07:14.0154 5192 sffdisk - ok
16:07:14.0154 5192 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:07:14.0169 5192 sffp_mmc - ok
16:07:14.0185 5192 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:07:14.0200 5192 sffp_sd - ok
16:07:14.0200 5192 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:07:14.0216 5192 sfloppy - ok
16:07:14.0278 5192 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:07:14.0325 5192 ShellHWDetection - ok
16:07:14.0356 5192 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:07:14.0372 5192 SiSRaid2 - ok
16:07:14.0403 5192 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:07:14.0419 5192 SiSRaid4 - ok
16:07:14.0746 5192 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:07:14.0871 5192 Skype C2C Service - ok
16:07:14.0996 5192 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:07:15.0012 5192 SkypeUpdate - ok
16:07:15.0199 5192 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:07:15.0246 5192 Smb - ok
16:07:15.0308 5192 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:07:15.0339 5192 SNMPTRAP - ok
16:07:15.0682 5192 SPC1330 (88cc2a38b87925e1f6a6bb515014d05c) C:\Windows\system32\DRIVERS\spc1330.sys
16:07:15.0807 5192 SPC1330 - ok
16:07:15.0854 5192 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:07:15.0854 5192 spldr - ok
16:07:15.0916 5192 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:07:15.0979 5192 Spooler - ok
16:07:16.0197 5192 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:07:16.0260 5192 sppsvc - ok
16:07:16.0291 5192 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:07:16.0369 5192 sppuinotify - ok
16:07:16.0540 5192 SQLAgent$SQLEXPRESS (45e65fb17a4cd5facbd3ca16c8334c82) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:07:16.0603 5192 SQLAgent$SQLEXPRESS - ok
16:07:16.0774 5192 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:07:16.0806 5192 SQLBrowser - ok
16:07:16.0884 5192 SQLWriter (f92e5f93be572b512da3c016b675ede0) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:07:16.0915 5192 SQLWriter - ok
16:07:17.0008 5192 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:07:17.0040 5192 srv - ok
16:07:17.0071 5192 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:07:17.0086 5192 srv2 - ok
16:07:17.0102 5192 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:07:17.0118 5192 srvnet - ok
16:07:17.0149 5192 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:07:17.0180 5192 SSDPSRV - ok
16:07:17.0196 5192 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:07:17.0227 5192 SstpSvc - ok
16:07:17.0258 5192 Steam Client Service - ok
16:07:17.0305 5192 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:07:17.0336 5192 stexstor - ok
16:07:17.0430 5192 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:07:17.0461 5192 stisvc - ok
16:07:17.0492 5192 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:07:17.0508 5192 swenum - ok
16:07:17.0617 5192 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:07:17.0726 5192 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
16:07:17.0726 5192 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
16:07:17.0757 5192 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:07:17.0788 5192 swprv - ok
16:07:17.0913 5192 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:07:17.0944 5192 SysMain - ok
16:07:18.0147 5192 t1pusb64 (0b57e93661834bbb0c1fe7cc9f259c11) C:\Windows\system32\drivers\t1pusb64.sys
16:07:18.0163 5192 t1pusb64 - ok
16:07:18.0210 5192 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:07:18.0225 5192 TabletInputService - ok
16:07:18.0444 5192 TabletServicePen (37bea19dbd43301fd987f5d277dfbea5) C:\Windows\system32\Pen_Tablet.exe
16:07:18.0787 5192 TabletServicePen - ok
16:07:18.0912 5192 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:07:18.0943 5192 TapiSrv - ok
16:07:19.0021 5192 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:07:19.0083 5192 TBS - ok
16:07:19.0239 5192 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:07:19.0286 5192 Tcpip - ok
16:07:19.0458 5192 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:07:19.0504 5192 TCPIP6 - ok
16:07:19.0582 5192 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:07:19.0629 5192 tcpipreg - ok
16:07:19.0660 5192 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:07:19.0660 5192 TDPIPE - ok
16:07:19.0707 5192 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:07:19.0723 5192 TDTCP - ok
16:07:19.0770 5192 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:07:19.0801 5192 tdx - ok
16:07:19.0848 5192 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:07:19.0879 5192 TermDD - ok
16:07:20.0004 5192 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:07:20.0050 5192 TermService - ok
16:07:20.0082 5192 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:07:20.0097 5192 Themes - ok
16:07:20.0128 5192 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:07:20.0144 5192 THREADORDER - ok
16:07:20.0191 5192 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:07:20.0269 5192 TrkWks - ok
16:07:20.0362 5192 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:07:20.0409 5192 TrustedInstaller - ok
16:07:20.0456 5192 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:07:20.0503 5192 tssecsrv - ok
16:07:20.0534 5192 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:07:20.0550 5192 TsUsbFlt - ok
16:07:20.0612 5192 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:07:20.0674 5192 tunnel - ok
16:07:20.0690 5192 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:07:20.0706 5192 uagp35 - ok
16:07:20.0721 5192 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:07:20.0752 5192 udfs - ok
16:07:20.0784 5192 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:07:20.0784 5192 UI0Detect - ok
16:07:20.0846 5192 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:07:20.0877 5192 uliagpkx - ok
16:07:20.0924 5192 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:07:20.0955 5192 umbus - ok
16:07:21.0002 5192 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:07:21.0018 5192 UmPass - ok
16:07:21.0064 5192 UMVPFSrv - ok
16:07:21.0127 5192 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:07:21.0174 5192 upnphost - ok
16:07:21.0220 5192 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:07:21.0267 5192 usbaudio - ok
16:07:21.0298 5192 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:07:21.0314 5192 usbccgp - ok
16:07:21.0361 5192 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:07:21.0392 5192 usbcir - ok
16:07:21.0439 5192 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:07:21.0470 5192 usbehci - ok
16:07:21.0486 5192 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
16:07:21.0501 5192 usbfilter - ok
16:07:21.0564 5192 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:07:21.0595 5192 usbhub - ok
16:07:21.0626 5192 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:07:21.0642 5192 usbohci - ok
16:07:21.0673 5192 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:07:21.0688 5192 usbprint - ok
16:07:21.0704 5192 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:07:21.0720 5192 usbscan - ok
16:07:21.0751 5192 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:07:21.0782 5192 USBSTOR - ok
16:07:21.0813 5192 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:07:21.0813 5192 usbuhci - ok
16:07:21.0907 5192 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:07:21.0938 5192 usbvideo - ok
16:07:21.0985 5192 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:07:22.0016 5192 UxSms - ok
16:07:22.0094 5192 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:07:22.0125 5192 VaultSvc - ok
16:07:22.0188 5192 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:07:22.0203 5192 vdrvroot - ok
16:07:22.0281 5192 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:07:22.0390 5192 vds - ok
16:07:22.0406 5192 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:07:22.0422 5192 vga - ok
16:07:22.0437 5192 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:07:22.0468 5192 VgaSave - ok
16:07:22.0484 5192 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:07:22.0500 5192 vhdmp - ok
16:07:22.0531 5192 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:07:22.0531 5192 viaide - ok
16:07:22.0562 5192 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:07:22.0562 5192 volmgr - ok
16:07:22.0624 5192 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:07:22.0671 5192 volmgrx - ok
16:07:22.0687 5192 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:07:22.0702 5192 volsnap - ok
16:07:22.0734 5192 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:07:22.0749 5192 vsmraid - ok
16:07:22.0890 5192 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:07:22.0952 5192 VSS - ok
16:07:23.0124 5192 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:07:23.0155 5192 vwifibus - ok
16:07:23.0217 5192 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:07:23.0233 5192 vwififlt - ok
16:07:23.0295 5192 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:07:23.0326 5192 vwifimp - ok
16:07:23.0373 5192 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:07:23.0420 5192 W32Time - ok
16:07:23.0467 5192 wacmoumonitor (37e4600e2cdad3c1a3613a25b97d457c) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
16:07:23.0467 5192 wacmoumonitor - ok
16:07:23.0498 5192 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
16:07:23.0514 5192 wacommousefilter - ok
16:07:23.0529 5192 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:07:23.0560 5192 WacomPen - ok
16:07:23.0576 5192 wacomvhid (53b03e71e88109a5c3c074a33889258a) C:\Windows\system32\DRIVERS\wacomvhid.sys
16:07:23.0592 5192 wacomvhid - ok
16:07:23.0623 5192 WacomVKHid (8b4255329edfba3ecfbd0714476fad38) C:\Windows\system32\DRIVERS\WacomVKHid.sys
16:07:23.0638 5192 WacomVKHid - ok
16:07:23.0685 5192 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:07:23.0732 5192 WANARP - ok
16:07:23.0748 5192 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:07:23.0763 5192 Wanarpv6 - ok
16:07:23.0872 5192 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:07:23.0919 5192 WatAdminSvc - ok
16:07:24.0044 5192 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:07:24.0091 5192 wbengine - ok
16:07:24.0309 5192 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:07:24.0340 5192 WbioSrvc - ok
16:07:24.0465 5192 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:07:24.0481 5192 wcncsvc - ok
16:07:24.0528 5192 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:07:24.0559 5192 WcsPlugInService - ok
16:07:24.0668 5192 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:07:24.0699 5192 Wd - ok
16:07:24.0762 5192 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
16:07:24.0793 5192 WDC_SAM - ok
16:07:24.0886 5192 WDDMService (e6050fe6b60fa91188b8abdb5b1e339f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
16:07:24.0902 5192 WDDMService ( UnsignedFile.Multi.Generic ) - warning
16:07:24.0902 5192 WDDMService - detected UnsignedFile.Multi.Generic (1)
16:07:24.0949 5192 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:07:24.0980 5192 Wdf01000 - ok
16:07:25.0136 5192 WDFME (b83d5071b32a70bebdb3330bfa7acb80) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
16:07:25.0214 5192 WDFME - ok
16:07:25.0370 5192 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:07:25.0401 5192 WdiServiceHost - ok
16:07:25.0401 5192 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:07:25.0417 5192 WdiSystemHost - ok
16:07:25.0479 5192 WDSC (517de2c5568cba6b2a24a557ac60c30b) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
16:07:25.0542 5192 WDSC - ok
16:07:25.0588 5192 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:07:25.0620 5192 WebClient - ok
16:07:25.0635 5192 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:07:25.0666 5192 Wecsvc - ok
16:07:25.0682 5192 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:07:25.0713 5192 wercplsupport - ok
16:07:25.0744 5192 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:07:25.0760 5192 WerSvc - ok
16:07:25.0822 5192 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:07:25.0869 5192 WfpLwf - ok
16:07:25.0885 5192 wiazwvpe - ok
16:07:25.0900 5192 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:07:25.0900 5192 WIMMount - ok
16:07:25.0947 5192 WinDefend - ok
16:07:25.0978 5192 WinHttpAutoProxySvc - ok
16:07:26.0041 5192 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:07:26.0119 5192 Winmgmt - ok
16:07:26.0306 5192 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:07:26.0415 5192 WinRM - ok
16:07:26.0556 5192 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:07:26.0587 5192 WinUsb - ok
16:07:26.0696 5192 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:07:26.0743 5192 Wlansvc - ok
16:07:26.0790 5192 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:07:26.0790 5192 WmiAcpi - ok
16:07:26.0836 5192 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:07:26.0883 5192 wmiApSrv - ok
16:07:26.0930 5192 WMPNetworkSvc - ok
16:07:26.0946 5192 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:07:26.0977 5192 WPCSvc - ok
16:07:27.0039 5192 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:07:27.0086 5192 WPDBusEnum - ok
16:07:27.0102 5192 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:07:27.0133 5192 ws2ifsl - ok
16:07:27.0164 5192 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:07:27.0180 5192 wscsvc - ok
16:07:27.0180 5192 WSearch - ok
16:07:27.0445 5192 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:07:27.0492 5192 wuauserv - ok
16:07:27.0710 5192 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:07:27.0772 5192 WudfPf - ok
16:07:27.0804 5192 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:07:27.0850 5192 WUDFRd - ok
16:07:27.0882 5192 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:07:27.0913 5192 wudfsvc - ok
16:07:27.0944 5192 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:07:27.0960 5192 WwanSvc - ok
16:07:27.0991 5192 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
16:07:28.0006 5192 xusb21 - ok
16:07:28.0116 5192 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
16:07:28.0131 5192 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
16:07:28.0162 5192 MBR (0x1B8) (1bb1462097f8fa16fdfca55c20a30ef4) \Device\Harddisk0\DR0
16:07:28.0740 5192 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:07:28.0740 5192 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:07:28.0740 5192 Boot (0x1200) (684425478dd3e7d901f57c6528f3b338) \Device\Harddisk0\DR0\Partition0
16:07:28.0755 5192 \Device\Harddisk0\DR0\Partition0 - ok
16:07:28.0802 5192 Boot (0x1200) (b60b5ae7133595e970dfd2f429dc5abd) \Device\Harddisk0\DR0\Partition1
16:07:28.0802 5192 \Device\Harddisk0\DR0\Partition1 - ok
16:07:28.0833 5192 Boot (0x1200) (59407deae64e4c7275b397578280cf32) \Device\Harddisk0\DR0\Partition2
16:07:28.0833 5192 \Device\Harddisk0\DR0\Partition2 - ok
16:07:28.0833 5192 ============================================================
16:07:28.0833 5192 Scan finished
16:07:28.0833 5192 ============================================================
16:07:28.0849 3868 Detected object count: 9
16:07:28.0849 3868 Actual detected object count: 9
16:14:13.0264 3868 C:\Program Files (x86)\Philips\CamSuite\1.0.9.0\ACPService.exe - copied to quarantine
16:14:43.0247 3868 ACPService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:14:43.0372 3868 C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe - copied to quarantine
16:14:43.0419 3868 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:14:43.0481 3868 c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - copied to quarantine
16:14:43.0544 3868 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:14:43.0700 3868 C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe - copied to quarantine
16:14:43.0762 3868 mi-raysat_3dsmax2012_64 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:14:43.0856 3868 C:\Windows\system32\HPZinw12.dll - copied to quarantine
16:14:43.0902 3868 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:14:43.0918 3868 C:\Windows\system32\HPZipm12.dll - copied to quarantine
16:14:43.0934 3868 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:14:44.0058 3868 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - copied to quarantine
16:14:44.0152 3868 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:14:44.0230 3868 C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe - copied to quarantine
16:14:44.0292 3868 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
16:14:44.0339 3868 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
16:14:44.0433 3868 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
16:14:44.0448 3868 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
16:14:44.0448 3868 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
16:14:44.0448 3868 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
16:14:44.0448 3868 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
16:14:44.0480 3868 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
16:14:44.0495 3868 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
16:14:44.0511 3868 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
16:14:44.0667 3868 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:14:44.0760 3868 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:14:44.0870 3868 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:14:44.0948 3868 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:14:45.0010 3868 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
16:14:45.0026 3868 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
16:14:45.0041 3868 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
16:14:45.0041 3868 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
16:14:45.0057 3868 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
16:14:45.0182 3868 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
16:14:45.0384 3868 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
16:14:45.0494 3868 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
16:14:45.0540 3868 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
16:14:45.0790 3868 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
16:14:45.0806 3868 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
16:14:45.0821 3868 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
16:15:13.0152 1644 ============================================================
16:15:13.0152 1644 Scan started
16:15:13.0152 1644 Mode: Manual; SigCheck; TDLFS;
16:15:13.0152 1644 ============================================================
16:15:13.0964 1644 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:15:14.0010 1644 1394ohci - ok
16:15:14.0151 1644 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:15:14.0166 1644 ACDaemon - ok
16:15:14.0213 1644 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:15:14.0244 1644 ACPI - ok
16:15:14.0276 1644 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:15:14.0291 1644 AcpiPmi - ok
16:15:14.0400 1644 ACPService (92996a91e5afe1b763f95e6c59914d16) C:\Program Files (x86)\Philips\CamSuite\1.0.9.0\ACPService.exe
16:15:14.0416 1644 ACPService ( UnsignedFile.Multi.Generic ) - warning
16:15:14.0416 1644 ACPService - detected UnsignedFile.Multi.Generic (1)
16:15:14.0510 1644 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:15:14.0525 1644 AdobeARMservice - ok
16:15:14.0650 1644 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:15:14.0681 1644 AdobeFlashPlayerUpdateSvc - ok
16:15:14.0822 1644 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:15:14.0868 1644 adp94xx - ok
16:15:14.0915 1644 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:15:14.0931 1644 adpahci - ok
16:15:14.0993 1644 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:15:15.0024 1644 adpu320 - ok
16:15:15.0056 1644 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:15:15.0087 1644 AeLookupSvc - ok
16:15:15.0165 1644 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:15:15.0196 1644 AFD - ok
16:15:15.0243 1644 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:15:15.0243 1644 agp440 - ok
16:15:15.0274 1644 ahcix64s (aa3f73ccbf498bd56800f840d75e40e4) C:\Windows\system32\DRIVERS\ahcix64s.sys
16:15:15.0290 1644 ahcix64s - ok
16:15:15.0305 1644 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:15:15.0321 1644 ALG - ok
16:15:15.0336 1644 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:15:15.0352 1644 aliide - ok
16:15:15.0383 1644 AMD External Events Utility (a592ca3ec9a5af7f74d5169d556b976f) C:\Windows\system32\atiesrxx.exe
16:15:15.0414 1644 AMD External Events Utility - ok
16:15:15.0492 1644 AMD FUEL Service - ok
16:15:15.0508 1644 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:15:15.0539 1644 amdide - ok
16:15:15.0570 1644 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
16:15:15.0586 1644 amdiox64 - ok
16:15:15.0602 1644 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:15:15.0617 1644 AmdK8 - ok
16:15:16.0132 1644 amdkmdag (1512ceedc3657082f396a0818528b5e8) C:\Windows\system32\DRIVERS\atikmdag.sys
16:15:16.0226 1644 amdkmdag - ok
16:15:16.0413 1644 amdkmdap (3d00276750e2d6f35228e12868cf1a46) C:\Windows\system32\DRIVERS\atikmpag.sys
16:15:16.0460 1644 amdkmdap - ok
16:15:16.0475 1644 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:15:16.0491 1644 AmdPPM - ok
16:15:16.0538 1644 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:15:16.0584 1644 amdsata - ok
16:15:16.0694 1644 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:15:16.0725 1644 amdsbs - ok
16:15:16.0787 1644 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:15:16.0818 1644 amdxata - ok
16:15:16.0943 1644 AMD_RAIDXpert (2b8d1c23d204c0e70eff48a3ffa1c67b) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
16:15:16.0943 1644 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - warning
16:15:16.0943 1644 AMD_RAIDXpert - detected UnsignedFile.Multi.Generic (1)
16:15:17.0037 1644 AODDriver4.01 (0e2ba6dc63e9cf3bf275856735a3e3be) c:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:15:17.0052 1644 AODDriver4.01 - ok
16:15:17.0052 1644 AODDriver4.1 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:15:17.0052 1644 AODDriver4.1 - ok
16:15:17.0099 1644 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:15:17.0130 1644 AppID - ok
16:15:17.0146 1644 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:15:17.0162 1644 AppIDSvc - ok
16:15:17.0193 1644 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:15:17.0271 1644 Appinfo - ok
16:15:17.0349 1644 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:15:17.0364 1644 Apple Mobile Device - ok
16:15:17.0396 1644 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:15:17.0427 1644 arc - ok
16:15:17.0442 1644 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:15:17.0458 1644 arcsas - ok
16:15:17.0536 1644 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:15:17.0552 1644 aspnet_state - ok
16:15:17.0583 1644 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:15:17.0630 1644 AsyncMac - ok
16:15:17.0692 1644 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:15:17.0708 1644 atapi - ok
16:15:17.0848 1644 athr (7d89b0c443f6068e5b27aa3b972069ff) C:\Windows\system32\DRIVERS\athrx.sys
16:15:17.0895 1644 athr - ok
16:15:18.0035 1644 AtiHdmiService (d481083348138b4933acfe95812db71c) C:\Windows\system32\drivers\AtiHdmi.sys
16:15:18.0066 1644 AtiHdmiService - ok
16:15:18.0534 1644 atikmdag (1512ceedc3657082f396a0818528b5e8) C:\Windows\system32\DRIVERS\atikmdag.sys
16:15:18.0644 1644 atikmdag - ok
16:15:18.0737 1644 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
16:15:18.0753 1644 AtiPcie - ok
16:15:18.0846 1644 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:15:18.0893 1644 AudioEndpointBuilder - ok
16:15:18.0893 1644 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:15:18.0924 1644 AudioSrv - ok
16:15:18.0987 1644 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:15:19.0002 1644 AxInstSV - ok
16:15:19.0080 1644 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:15:19.0080 1644 b06bdrv - ok
16:15:19.0143 1644 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:15:19.0158 1644 b57nd60a - ok
16:15:19.0283 1644 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:15:19.0314 1644 BBSvc - ok
16:15:19.0408 1644 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:15:19.0455 1644 BBUpdate - ok
16:15:19.0470 1644 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:15:19.0502 1644 BDESVC - ok
16:15:19.0502 1644 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:15:19.0548 1644 Beep - ok
16:15:19.0611 1644 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:15:19.0642 1644 BFE - ok
16:15:19.0673 1644 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
16:15:19.0689 1644 BingDesktopUpdate - ok
16:15:19.0782 1644 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:15:19.0814 1644 BITS - ok
16:15:19.0923 1644 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:15:19.0954 1644 blbdrive - ok
16:15:20.0063 1644 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:15:20.0079 1644 Bonjour Service - ok
16:15:20.0157 1644 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:15:20.0188 1644 bowser - ok
16:15:20.0235 1644 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:15:20.0266 1644 BrFiltLo - ok
16:15:20.0313 1644 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:15:20.0328 1644 BrFiltUp - ok
16:15:20.0391 1644 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:15:20.0438 1644 Browser - ok
16:15:20.0531 1644 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:15:20.0547 1644 Brserid - ok
16:15:20.0578 1644 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:15:20.0625 1644 BrSerWdm - ok
16:15:20.0640 1644 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:15:20.0656 1644 BrUsbMdm - ok
16:15:20.0656 1644 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:15:20.0672 1644 BrUsbSer - ok
16:15:20.0687 1644 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:15:20.0703 1644 BTHMODEM - ok
16:15:20.0734 1644 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:15:20.0765 1644 bthserv - ok
16:15:20.0796 1644 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
16:15:20.0812 1644 BVRPMPR5a64 - ok
16:15:20.0828 1644 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:15:20.0859 1644 cdfs - ok
16:15:20.0921 1644 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:15:20.0937 1644 cdrom - ok
16:15:20.0999 1644 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:15:21.0062 1644 CertPropSvc - ok
16:15:21.0108 1644 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:15:21.0140 1644 circlass - ok
16:15:21.0186 1644 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:15:21.0202 1644 CLFS - ok
16:15:21.0264 1644 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:15:21.0296 1644 clr_optimization_v2.0.50727_32 - ok
16:15:21.0342 1644 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:15:21.0374 1644 clr_optimization_v2.0.50727_64 - ok
16:15:21.0436 1644 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:15:21.0467 1644 clr_optimization_v4.0.30319_32 - ok
16:15:21.0530 1644 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:15:21.0561 1644 clr_optimization_v4.0.30319_64 - ok
16:15:21.0576 1644 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:15:21.0592 1644 CmBatt - ok
16:15:21.0623 1644 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:15:21.0639 1644 cmdide - ok
16:15:21.0701 1644 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:15:21.0732 1644 CNG - ok
16:15:21.0732 1644 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:15:21.0748 1644 Compbatt - ok
16:15:21.0779 1644 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:15:21.0826 1644 CompositeBus - ok
16:15:21.0826 1644 COMSysApp - ok
16:15:21.0842 1644 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:15:21.0857 1644 crcdisk - ok
16:15:21.0935 1644 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:15:21.0951 1644 CryptSvc - ok
16:15:22.0044 1644 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:15:22.0091 1644 DcomLaunch - ok
16:15:22.0138 1644 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:15:22.0200 1644 defragsvc - ok
16:15:22.0325 1644 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:15:22.0372 1644 DfsC - ok
16:15:22.0450 1644 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:15:22.0497 1644 Dhcp - ok
16:15:22.0528 1644 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:15:22.0544 1644 discache - ok
16:15:22.0559 1644 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:15:22.0559 1644 Disk - ok
16:15:22.0590 1644 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:15:22.0622 1644 Dnscache - ok
16:15:22.0653 1644 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:15:22.0715 1644 dot3svc - ok
16:15:22.0746 1644 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:15:22.0746 1644 Dot4 - ok
16:15:22.0778 1644 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
16:15:22.0793 1644 Dot4Print - ok
16:15:22.0809 1644 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:15:22.0824 1644 dot4usb - ok
16:15:22.0856 1644 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:15:22.0902 1644 DPS - ok
16:15:22.0918 1644 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:15:22.0934 1644 drmkaud - ok
16:15:22.0980 1644 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:15:22.0996 1644 DXGKrnl - ok
16:15:23.0074 1644 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:15:23.0121 1644 EapHost - ok
16:15:23.0386 1644 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:15:23.0433 1644 ebdrv - ok
16:15:23.0558 1644 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:15:23.0589 1644 EFS - ok
16:15:23.0682 1644 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:15:23.0714 1644 ehRecvr - ok
16:15:23.0792 1644 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:15:23.0823 1644 ehSched - ok
16:15:23.0901 1644 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:15:23.0932 1644 elxstor - ok
16:15:23.0994 1644 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:15:24.0026 1644 ErrDev - ok
16:15:24.0104 1644 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:15:24.0150 1644 EventSystem - ok
16:15:24.0197 1644 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:15:24.0228 1644 exfat - ok
16:15:24.0353 1644 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:15:24.0400 1644 fastfat - ok
16:15:24.0416 1644 FastUserSwitchingCompatibility - ok
16:15:24.0447 1644 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:15:24.0462 1644 Fax - ok
16:15:24.0494 1644 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:15:24.0509 1644 fdc - ok
16:15:24.0525 1644 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:15:24.0556 1644 fdPHost - ok
16:15:24.0556 1644 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:15:24.0587 1644 FDResPub - ok
16:15:24.0603 1644 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:15:24.0618 1644 FileInfo - ok
16:15:24.0634 1644 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:15:24.0650 1644 Filetrace - ok
16:15:24.0759 1644 FLEXnet Licensing Service (d60ef46dc0e757fe5eb579db95b88954) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:15:24.0790 1644 FLEXnet Licensing Service - ok
16:15:24.0946 1644 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
16:15:24.0993 1644 FLEXnet Licensing Service 64 - ok
16:15:25.0071 1644 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:15:25.0086 1644 flpydisk - ok
16:15:25.0196 1644 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:15:25.0227 1644 FltMgr - ok
16:15:25.0445 1644 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:15:25.0476 1644 FontCache - ok
16:15:25.0554 1644 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:15:25.0586 1644 FontCache3.0.0.0 - ok
16:15:25.0617 1644 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:15:25.0632 1644 FsDepends - ok
16:15:25.0664 1644 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:15:25.0695 1644 Fs_Rec - ok
16:15:25.0742 1644 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:15:25.0757 1644 fvevol - ok
16:15:25.0788 1644 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:15:25.0804 1644 gagp30kx - ok
16:15:25.0866 1644 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
16:15:25.0898 1644 GameConsoleService - ok
16:15:25.0929 1644 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:15:25.0944 1644 GEARAspiWDM - ok
16:15:25.0991 1644 GManager (bab3d4a08950b54d7a7f17708990b6b4) C:\Windows\system32\GManager.exe
16:15:26.0007 1644 GManager - ok
16:15:26.0085 1644 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:15:26.0147 1644 gpsvc - ok
16:15:26.0350 1644 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:15:26.0381 1644 gupdate - ok
16:15:26.0381 1644 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:15:26.0397 1644 gupdatem - ok
16:15:26.0412 1644 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:15:26.0428 1644 hcw85cir - ok
16:15:26.0459 1644 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:15:26.0490 1644 HDAudBus - ok
16:15:26.0506 1644 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:15:26.0506 1644 HidBatt - ok
16:15:26.0537 1644 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:15:26.0553 1644 HidBth - ok
16:15:26.0568 1644 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:15:26.0584 1644 HidIr - ok
16:15:26.0600 1644 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:15:26.0631 1644 hidserv - ok
16:15:26.0646 1644 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:15:26.0662 1644 HidUsb - ok
16:15:26.0709 1644 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:15:26.0740 1644 hkmsvc - ok
16:15:26.0787 1644 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:15:26.0802 1644 HomeGroupListener - ok
16:15:26.0834 1644 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:15:26.0849 1644 HomeGroupProvider - ok
16:15:26.0943 1644 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:15:26.0974 1644 hpqcxs08 - ok
16:15:26.0990 1644 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:15:27.0005 1644 hpqddsvc - ok
16:15:27.0083 1644 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:15:27.0114 1644 hpqwmiex - ok
16:15:27.0146 1644 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:15:27.0161 1644 HpSAMD - ok
16:15:27.0302 1644 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:15:27.0348 1644 HTTP - ok
16:15:27.0411 1644 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:15:27.0426 1644 hwpolicy - ok
16:15:27.0473 1644 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:15:27.0504 1644 i8042prt - ok
16:15:27.0536 1644 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:15:27.0551 1644 iaStorV - ok
16:15:27.0692 1644 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:15:27.0723 1644 idsvc - ok
16:15:27.0738 1644 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:15:27.0738 1644 iirsp - ok
16:15:27.0816 1644 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:15:27.0863 1644 IKEEXT - ok
16:15:28.0050 1644 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
16:15:28.0097 1644 IntcAzAudAddService - ok
16:15:28.0191 1644 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:15:28.0206 1644 intelide - ok
16:15:28.0253 1644 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:15:28.0284 1644 intelppm - ok
16:15:28.0331 1644 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:15:28.0378 1644 IPBusEnum - ok
16:15:28.0456 1644 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:15:28.0503 1644 IpFilterDriver - ok
16:15:28.0534 1644 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:15:28.0550 1644 IPMIDRV - ok
16:15:28.0581 1644 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:15:28.0643 1644 IPNAT - ok
16:15:28.0799 1644 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:15:28.0830 1644 iPod Service - ok
16:15:28.0846 1644 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:15:28.0846 1644 IRENUM - ok
16:15:28.0908 1644 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:15:28.0940 1644 isapnp - ok
16:15:29.0002 1644 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:15:29.0018 1644 iScsiPrt - ok
16:15:29.0049 1644 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:15:29.0064 1644 kbdclass - ok
16:15:29.0096 1644 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:15:29.0127 1644 kbdhid - ok
16:15:29.0158 1644 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:15:29.0189 1644 KeyIso - ok
16:15:29.0236 1644 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:15:29.0252 1644 KSecDD - ok
16:15:29.0283 1644 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:15:29.0298 1644 KSecPkg - ok
16:15:29.0314 1644 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:15:29.0345 1644 ksthunk - ok
16:15:29.0376 1644 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:15:29.0408 1644 KtmRm - ok
16:15:29.0454 1644 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:15:29.0501 1644 LanmanServer - ok
16:15:29.0548 1644 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:15:29.0610 1644 LanmanWorkstation - ok
16:15:29.0673 1644 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:15:29.0688 1644 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:15:29.0688 1644 LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:15:29.0735 1644 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:15:29.0798 1644 lltdio - ok
16:15:29.0844 1644 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:15:29.0907 1644 lltdsvc - ok
16:15:29.0922 1644 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:15:29.0938 1644 lmhosts - ok
16:15:29.0969 1644 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:15:29.0985 1644 LSI_FC - ok
16:15:30.0016 1644 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:15:30.0047 1644 LSI_SAS - ok
16:15:30.0063 1644 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:15:30.0078 1644 LSI_SAS2 - ok
16:15:30.0094 1644 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:15:30.0110 1644 LSI_SCSI - ok
16:15:30.0156 1644 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:15:30.0188 1644 luafv - ok
16:15:30.0188 1644 LVPr2M64 - ok
16:15:30.0266 1644 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
16:15:30.0297 1644 LVRS64 - ok
16:15:30.0656 1644 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
16:15:30.0718 1644 LVUVC64 - ok
16:15:30.0858 1644 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
16:15:30.0890 1644 MBAMProtector - ok
16:15:31.0046 1644 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:15:31.0077 1644 MBAMService - ok
16:15:31.0139 1644 MCTDesktopSvr (3e23a0792d5ee0a072961e9e9f347368) C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe
16:15:31.0170 1644 MCTDesktopSvr - ok
16:15:31.0186 1644 mctkmd (1bcdb4163f9f75f3c560447145e48062) C:\Windows\system32\drivers\mctkmd64.sys
16:15:31.0202 1644 mctkmd - ok
16:15:31.0202 1644 mctkmdldr (7e622c16ca2798b352c0b31dbb208cbd) C:\Windows\system32\drivers\mctkmdldr64.sys
16:15:31.0217 1644 mctkmdldr - ok
16:15:31.0248 1644 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:15:31.0280 1644 Mcx2Svc - ok
16:15:31.0295 1644 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:15:31.0311 1644 megasas - ok
16:15:31.0358 1644 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:15:31.0373 1644 MegaSR - ok
16:15:31.0451 1644 MemeoBackgroundService (9547f37d0e899fd71b52b2afd4437c79) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
16:15:31.0467 1644 MemeoBackgroundService - ok
16:15:31.0701 1644 mi-raysat_3dsmax2012_64 (0af89452a8ce3928168f4e5b2208c68b) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
16:15:31.0716 1644 mi-raysat_3dsmax2012_64 ( UnsignedFile.Multi.Generic ) - warning
16:15:31.0716 1644 mi-raysat_3dsmax2012_64 - detected UnsignedFile.Multi.Generic (1)
16:15:31.0763 1644 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:15:31.0826 1644 MMCSS - ok
16:15:31.0888 1644 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:15:31.0935 1644 Modem - ok
16:15:31.0966 1644 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:15:31.0982 1644 monitor - ok
16:15:32.0013 1644 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:15:32.0028 1644 mouclass - ok
16:15:32.0044 1644 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:15:32.0044 1644 mouhid - ok
16:15:32.0106 1644 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:15:32.0138 1644 mountmgr - ok
16:15:32.0200 1644 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:15:32.0231 1644 MozillaMaintenance - ok
16:15:32.0278 1644 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
16:15:32.0294 1644 MpFilter - ok
16:15:32.0340 1644 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:15:32.0356 1644 mpio - ok
16:15:32.0387 1644 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:15:32.0418 1644 mpsdrv - ok
16:15:32.0543 1644 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:15:32.0574 1644 MpsSvc - ok
16:15:32.0652 1644 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:15:32.0699 1644 MRxDAV - ok
16:15:32.0746 1644 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:15:32.0777 1644 mrxsmb - ok
16:15:32.0840 1644 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:15:32.0871 1644 mrxsmb10 - ok
16:15:32.0918 1644 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:15:32.0933 1644 mrxsmb20 - ok
16:15:32.0964 1644 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:15:32.0980 1644 msahci - ok
16:15:33.0027 1644 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:15:33.0042 1644 msdsm - ok
16:15:33.0105 1644 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:15:33.0152 1644 MSDTC - ok
16:15:33.0198 1644 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:15:33.0245 1644 Msfs - ok
16:15:33.0276 1644 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:15:33.0339 1644 mshidkmdf - ok
16:15:33.0370 1644 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:15:33.0370 1644 msisadrv - ok
16:15:33.0401 1644 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:15:33.0432 1644 MSiSCSI - ok
16:15:33.0432 1644 msiserver - ok
16:15:33.0432 1644 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:15:33.0464 1644 MSKSSRV - ok
16:15:33.0526 1644 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:15:33.0557 1644 MsMpSvc - ok
16:15:33.0557 1644 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:15:33.0604 1644 MSPCLOCK - ok
16:15:33.0651 1644 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:15:33.0698 1644 MSPQM - ok
16:15:33.0807 1644 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:15:33.0822 1644 MsRPC - ok
16:15:33.0869 1644 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:15:33.0885 1644 mssmbios - ok
16:15:34.0010 1644 MSSQL$SQLEXPRESS - ok
16:15:34.0119 1644 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
16:15:34.0150 1644 MSSQLServerADHelper100 - ok
16:15:34.0181 1644 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:15:34.0212 1644 MSTEE - ok
16:15:34.0259 1644 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:15:34.0275 1644 MTConfig - ok
16:15:34.0290 1644 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:15:34.0306 1644 Mup - ok
16:15:34.0353 1644 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:15:34.0415 1644 napagent - ok
16:15:34.0446 1644 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:15:34.0462 1644 NativeWifiP - ok
16:15:34.0509 1644 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:15:34.0524 1644 NDIS - ok
16:15:34.0540 1644 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:15:34.0571 1644 NdisCap - ok
16:15:34.0587 1644 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:15:34.0618 1644 NdisTapi - ok
16:15:34.0649 1644 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:15:34.0665 1644 Ndisuio - ok
16:15:34.0727 1644 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:15:34.0774 1644 NdisWan - ok
16:15:34.0821 1644 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:15:34.0852 1644 NDProxy - ok
16:15:34.0946 1644 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
16:15:34.0946 1644 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:15:34.0946 1644 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:15:34.0992 1644 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:15:35.0039 1644 NetBIOS - ok
16:15:35.0102 1644 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:15:35.0164 1644 NetBT - ok
16:15:35.0195 1644 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:15:35.0195 1644 Netlogon - ok
16:15:35.0242 1644 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:15:35.0304 1644 Netman - ok
16:15:35.0367 1644 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:35.0382 1644 NetMsmqActivator - ok
16:15:35.0382 1644 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:35.0398 1644 NetPipeActivator - ok
16:15:35.0429 1644 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:15:35.0460 1644 netprofm - ok
16:15:35.0460 1644 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:35.0476 1644 NetTcpActivator - ok
16:15:35.0476 1644 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:15:35.0476 1644 NetTcpPortSharing - ok
16:15:35.0523 1644 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:15:35.0523 1644 nfrd960 - ok
16:15:35.0554 1644 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:15:35.0554 1644 NisDrv - ok
16:15:35.0663 1644 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
16:15:35.0694 1644 NisSrv - ok
16:15:35.0741 1644 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:15:35.0772 1644 NlaSvc - ok
16:15:35.0866 1644 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:15:35.0913 1644 Npfs - ok
16:15:35.0960 1644 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:15:36.0022 1644 nsi - ok
16:15:36.0069 1644 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:15:36.0100 1644 nsiproxy - ok
16:15:36.0303 1644 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:15:36.0334 1644 Ntfs - ok
16:15:36.0396 1644 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:15:36.0459 1644 Null - ok
16:15:36.0506 1644 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:15:36.0537 1644 nvraid - ok
16:15:36.0552 1644 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:15:36.0584 1644 nvstor - ok
16:15:36.0584 1644 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:15:36.0599 1644 nv_agp - ok
16:15:36.0724 1644 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:15:36.0740 1644 odserv - ok
16:15:36.0818 1644 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:15:36.0849 1644 ohci1394 - ok
16:15:36.0880 1644 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:15:36.0911 1644 ose - ok
16:15:37.0036 1644 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:15:37.0067 1644 p2pimsvc - ok
16:15:37.0223 1644 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:15:37.0254 1644 p2psvc - ok
16:15:37.0286 1644 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:15:37.0301 1644 Parport - ok
16:15:37.0348 1644 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:15:37.0379 1644 partmgr - ok
16:15:37.0410 1644 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:15:37.0457 1644 PcaSvc - ok
16:15:37.0504 1644 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:15:37.0535 1644 pci - ok
16:15:37.0582 1644 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:15:37.0598 1644 pciide - ok
16:15:37.0629 1644 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:15:37.0644 1644 pcmcia - ok
16:15:37.0722 1644 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:15:37.0754 1644 pcw - ok
16:15:37.0785 1644 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:15:37.0832 1644 PEAUTH - ok
16:15:37.0894 1644 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:15:37.0941 1644 PerfHost - ok
16:15:38.0050 1644 phaudlwr (fe8af03efec0387fbbfcfd32e328db9a) C:\Windows\system32\DRIVERS\phaudlwr.sys
16:15:38.0081 1644 phaudlwr - ok
16:15:38.0253 1644 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:15:38.0315 1644 pla - ok
16:15:38.0362 1644 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:15:38.0393 1644 PlugPlay - ok
16:15:38.0409 1644 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
16:15:38.0409 1644 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:15:38.0409 1644 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:15:38.0440 1644 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:15:38.0456 1644 PNRPAutoReg - ok
16:15:38.0487 1644 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:15:38.0502 1644 PNRPsvc - ok
16:15:38.0534 1644 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:15:38.0565 1644 PolicyAgent - ok
16:15:38.0596 1644 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:15:38.0627 1644 Power - ok
16:15:38.0674 1644 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:15:38.0721 1644 PptpMiniport - ok
16:15:38.0768 1644 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:15:38.0768 1644 Processor - ok
16:15:38.0799 1644 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:15:38.0814 1644 ProfSvc - ok
16:15:38.0846 1644 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:15:38.0861 1644 ProtectedStorage - ok
16:15:38.0908 1644 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:15:38.0986 1644 Psched - ok
16:15:39.0064 1644 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:15:39.0095 1644 PxHlpa64 - ok
16:15:39.0282 1644 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:15:39.0314 1644 ql2300 - ok
16:15:39.0438 1644 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:15:39.0470 1644 ql40xx - ok
16:15:39.0501 1644 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:15:39.0516 1644 QWAVE - ok
16:15:39.0548 1644 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:15:39.0563 1644 QWAVEdrv - ok
16:15:39.0594 1644 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:15:39.0626 1644 RasAcd - ok
16:15:39.0657 1644 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:15:39.0688 1644 RasAgileVpn - ok
16:15:39.0704 1644 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:15:39.0719 1644 RasAuto - ok
16:15:39.0766 1644 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:15:39.0828 1644 Rasl2tp - ok
16:15:39.0875 1644 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:15:39.0938 1644 RasMan - ok
16:15:39.0953 1644 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:15:39.0984 1644 RasPppoe - ok
16:15:40.0000 1644 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:15:40.0016 1644 RasSstp - ok
16:15:40.0078 1644 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:15:40.0140 1644 rdbss - ok
16:15:40.0172 1644 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:15:40.0172 1644 rdpbus - ok
16:15:40.0187 1644 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:15:40.0203 1644 RDPCDD - ok
16:15:40.0234 1644 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:15:40.0265 1644 RDPENCDD - ok
16:15:40.0265 1644 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:15:40.0281 1644 RDPREFMP - ok
16:15:40.0374 1644 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:15:40.0406 1644 RDPWD - ok
16:15:40.0484 1644 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:15:40.0499 1644 rdyboost - ok
16:15:40.0562 1644 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:15:40.0624 1644 RemoteAccess - ok
16:15:40.0702 1644 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:15:40.0749 1644 RemoteRegistry - ok
16:15:40.0780 1644 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
16:15:40.0811 1644 RimUsb - ok
16:15:40.0827 1644 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:15:40.0874 1644 RpcEptMapper - ok
16:15:40.0889 1644 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:15:40.0889 1644 RpcLocator - ok
16:15:40.0967 1644 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:15:41.0014 1644 RpcSs - ok
16:15:41.0061 1644 RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\Windows\system32\DRIVERS\RsFx0105.sys
16:15:41.0092 1644 RsFx0105 - ok
16:15:41.0123 1644 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:15:41.0154 1644 rspndr - ok
16:15:41.0248 1644 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:15:41.0279 1644 RTL8167 - ok
16:15:41.0373 1644 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:15:41.0404 1644 SamSs - ok
16:15:41.0482 1644 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:15:41.0513 1644 sbp2port - ok
16:15:41.0685 1644 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
16:15:41.0716 1644 SBSDWSCService - ok
16:15:41.0763 1644 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:15:41.0825 1644 SCardSvr - ok
16:15:41.0888 1644 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:15:41.0950 1644 scfilter - ok
16:15:42.0044 1644 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:15:42.0106 1644 Schedule - ok
16:15:42.0137 1644 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:15:42.0168 1644 SCPolicySvc - ok
16:15:42.0278 1644 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:15:42.0309 1644 SDRSVC - ok
16:15:42.0371 1644 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:15:42.0418 1644 secdrv - ok
16:15:42.0434 1644 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:15:42.0465 1644 seclogon - ok
16:15:42.0480 1644 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:15:42.0512 1644 SENS - ok
16:15:42.0574 1644 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:15:42.0605 1644 SensrSvc - ok
16:15:42.0683 1644 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:15:42.0714 1644 Serenum - ok
16:15:42.0730 1644 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:15:42.0746 1644 Serial - ok
16:15:42.0777 1644 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:15:42.0808 1644 sermouse - ok
16:15:42.0855 1644 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:15:42.0886 1644 SessionEnv - ok
16:15:42.0917 1644 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:15:42.0933 1644 sffdisk - ok
16:15:42.0948 1644 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:15:42.0964 1644 sffp_mmc - ok
16:15:42.0964 1644 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:15:42.0980 1644 sffp_sd - ok
16:15:42.0980 1644 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:15:42.0995 1644 sfloppy - ok
16:15:43.0058 1644 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:15:43.0104 1644 ShellHWDetection - ok
16:15:43.0120 1644 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:15:43.0120 1644 SiSRaid2 - ok
16:15:43.0151 1644 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:15:43.0167 1644 SiSRaid4 - ok
16:15:43.0557 1644 Skype C2C Service (4ca43b85f22c7739311788b651a779cb) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:15:43.0604 1644 Skype C2C Service - ok
16:15:43.0697 1644 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
16:15:43.0728 1644 SkypeUpdate - ok
16:15:43.0869 1644 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:15:43.0916 1644 Smb - ok
16:15:43.0931 1644 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:15:43.0947 1644 SNMPTRAP - ok
16:15:44.0150 1644 SPC1330 (88cc2a38b87925e1f6a6bb515014d05c) C:\Windows\system32\DRIVERS\spc1330.sys
16:15:44.0196 1644 SPC1330 - ok
16:15:44.0290 1644 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:15:44.0306 1644 spldr - ok
16:15:44.0446 1644 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:15:44.0493 1644 Spooler - ok
16:15:44.0805 1644 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:15:44.0867 1644 sppsvc - ok
16:15:44.0914 1644 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:15:44.0976 1644 sppuinotify - ok
16:15:45.0117 1644 SQLAgent$SQLEXPRESS (45e65fb17a4cd5facbd3ca16c8334c82) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
16:15:45.0148 1644 SQLAgent$SQLEXPRESS - ok
16:15:45.0257 1644 SQLBrowser (10d936dced9eacd1a1b3fcdda6d7a4eb) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:15:45.0288 1644 SQLBrowser - ok
16:15:45.0304 1644 SQLWriter (f92e5f93be572b512da3c016b675ede0) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:15:45.0320 1644 SQLWriter - ok
16:15:45.0398 1644 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:15:45.0444 1644 srv - ok
16:15:45.0554 1644 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:15:45.0585 1644 srv2 - ok
16:15:45.0678 1644 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:15:45.0710 1644 srvnet - ok
16:15:45.0725 1644 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:15:45.0772 1644 SSDPSRV - ok
16:15:45.0772 1644 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:15:45.0803 1644 SstpSvc - ok
16:15:45.0834 1644 Steam Client Service - ok
16:15:45.0866 1644 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:15:45.0897 1644 stexstor - ok
16:15:45.0975 1644 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:15:46.0006 1644 stisvc - ok
16:15:46.0053 1644 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:15:46.0053 1644 swenum - ok
16:15:46.0162 1644 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:15:46.0193 1644 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
16:15:46.0193 1644 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
16:15:46.0224 1644 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:15:46.0256 1644 swprv - ok
16:15:46.0412 1644 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:15:46.0458 1644 SysMain - ok
16:15:46.0739 1644 t1pusb64 (0b57e93661834bbb0c1fe7cc9f259c11) C:\Windows\system32\drivers\t1pusb64.sys
16:15:46.0770 1644 t1pusb64 - ok
16:15:46.0817 1644 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:15:46.0864 1644 TabletInputService - ok
16:15:47.0129 1644 TabletServicePen (37bea19dbd43301fd987f5d277dfbea5) C:\Windows\system32\Pen_Tablet.exe
16:15:47.0176 1644 TabletServicePen - ok
16:15:47.0270 1644 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:15:47.0332 1644 TapiSrv - ok
16:15:47.0394 1644 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:15:47.0457 1644 TBS - ok
16:15:47.0613 1644 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:15:47.0660 1644 Tcpip - ok
16:15:47.0800 1644 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:15:47.0847 1644 TCPIP6 - ok
16:15:47.0909 1644 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:15:47.0956 1644 tcpipreg - ok
16:15:47.0987 1644 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:15:47.0987 1644 TDPIPE - ok
16:15:48.0034 1644 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:15:48.0034 1644 TDTCP - ok
16:15:48.0081 1644 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:15:48.0128 1644 tdx - ok
16:15:48.0159 1644 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:15:48.0174 1644 TermDD - ok
16:15:48.0315 1644 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:15:48.0362 1644 TermService - ok
16:15:48.0424 1644 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:15:48.0471 1644 Themes - ok
16:15:48.0518 1644 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:15:48.0580 1644 THREADORDER - ok
16:15:48.0627 1644 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:15:48.0674 1644 TrkWks - ok
16:15:48.0736 1644 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:15:48.0783 1644 TrustedInstaller - ok
16:15:48.0814 1644 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:15:48.0845 1644 tssecsrv - ok
16:15:48.0876 1644 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:15:48.0876 1644 TsUsbFlt - ok
16:15:48.0923 1644 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:15:48.0970 1644 tunnel - ok
16:15:49.0001 1644 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:15:49.0032 1644 uagp35 - ok
16:15:49.0079 1644 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:15:49.0142 1644 udfs - ok
16:15:49.0220 1644 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:15:49.0251 1644 UI0Detect - ok
16:15:49.0329 1644 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:15:49.0360 1644 uliagpkx - ok
16:15:49.0407 1644 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:15:49.0422 1644 umbus - ok
16:15:49.0469 1644 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:15:49.0485 1644 UmPass - ok
16:15:49.0500 1644 UMVPFSrv - ok
16:15:49.0532 1644 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:15:49.0563 1644 upnphost - ok
16:15:49.0610 1644 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:15:49.0641 1644 usbaudio - ok
16:15:49.0688 1644 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:15:49.0719 1644 usbccgp - ok
16:15:49.0766 1644 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:15:49.0781 1644 usbcir - ok
16:15:49.0828 1644 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:15:49.0844 1644 usbehci - ok
16:15:49.0875 1644 usbfilter (6648c6d7323a2ce0c4776c36cefbcb14) C:\Windows\system32\DRIVERS\usbfilter.sys
16:15:49.0906 1644 usbfilter - ok
16:15:49.0968 1644 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:15:50.0000 1644 usbhub - ok
16:15:50.0031 1644 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:15:50.0031 1644 usbohci - ok
16:15:50.0062 1644 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:15:50.0093 1644 usbprint - ok
16:15:50.0109 1644 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:15:50.0124 1644 usbscan - ok
16:15:50.0187 1644 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:15:50.0202 1644 USBSTOR - ok
16:15:50.0265 1644 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:15:50.0296 1644 usbuhci - ok
16:15:50.0343 1644 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:15:50.0390 1644 usbvideo - ok
16:15:50.0405 1644 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:15:50.0436 1644 UxSms - ok
16:15:50.0452 1644 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:15:50.0468 1644 VaultSvc - ok
16:15:50.0483 1644 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:15:50.0483 1644 vdrvroot - ok
16:15:50.0546 1644 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:15:50.0592 1644 vds - ok
16:15:50.0624 1644 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:15:50.0639 1644 vga - ok
16:15:50.0655 1644 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:15:50.0670 1644 VgaSave - ok
16:15:50.0702 1644 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:15:50.0702 1644 vhdmp - ok
16:15:50.0733 1644 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:15:50.0733 1644 viaide - ok
16:15:50.0748 1644 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:15:50.0764 1644 volmgr - ok
16:15:50.0826 1644 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:15:50.0858 1644 volmgrx - ok
16:15:50.0889 1644 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:15:50.0904 1644 volsnap - ok
16:15:50.0936 1644 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:15:50.0967 1644 vsmraid - ok
16:15:51.0107 1644 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:15:51.0154 1644 VSS - ok
16:15:51.0263 1644 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:15:51.0294 1644 vwifibus - ok
16:15:51.0310 1644 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:15:51.0326 1644 vwififlt - ok
16:15:51.0341 1644 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:15:51.0357 1644 vwifimp - ok
16:15:51.0388 1644 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:15:51.0419 1644 W32Time - ok
16:15:51.0466 1644 wacmoumonitor (37e4600e2cdad3c1a3613a25b97d457c) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
16:15:51.0482 1644 wacmoumonitor - ok
16:15:51.0497 1644 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
16:15:51.0513 1644 wacommousefilter - ok
16:15:51.0544 1644 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:15:51.0544 1644 WacomPen - ok
16:15:51.0560 1644 wacomvhid (53b03e71e88109a5c3c074a33889258a) C:\Windows\system32\DRIVERS\wacomvhid.sys
16:15:51.0575 1644 wacomvhid - ok
16:15:51.0575 1644 WacomVKHid (8b4255329edfba3ecfbd0714476fad38) C:\Windows\system32\DRIVERS\WacomVKHid.sys
16:15:51.0591 1644 WacomVKHid - ok
16:15:51.0638 1644 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:15:51.0700 1644 WANARP - ok
16:15:51.0700 1644 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:15:51.0716 1644 Wanarpv6 - ok
16:15:51.0872 1644 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:15:51.0918 1644 WatAdminSvc - ok
16:15:52.0121 1644 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:15:52.0152 1644 wbengine - ok
16:15:52.0246 1644 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:15:52.0277 1644 WbioSrvc - ok
16:15:52.0340 1644 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:15:52.0371 1644 wcncsvc - ok
16:15:52.0386 1644 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:15:52.0402 1644 WcsPlugInService - ok
16:15:52.0433 1644 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:15:52.0433 1644 Wd - ok
16:15:52.0480 1644 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
16:15:52.0480 1644 WDC_SAM - ok
16:15:52.0542 1644 WDDMService (e6050fe6b60fa91188b8abdb5b1e339f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
16:15:52.0558 1644 WDDMService ( UnsignedFile.Multi.Generic ) - warning
16:15:52.0558 1644 WDDMService - detected UnsignedFile.Multi.Generic (1)
16:15:52.0667 1644 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:15:52.0714 1644 Wdf01000 - ok
16:15:52.0886 1644 WDFME (b83d5071b32a70bebdb3330bfa7acb80) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
16:15:52.0917 1644 WDFME - ok
16:15:53.0088 1644 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:15:53.0120 1644 WdiServiceHost - ok
16:15:53.0120 1644 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:15:53.0151 1644 WdiSystemHost - ok
16:15:53.0198 1644 WDSC (517de2c5568cba6b2a24a557ac60c30b) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
16:15:53.0213 1644 WDSC - ok
16:15:53.0260 1644 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:15:53.0291 1644 WebClient - ok
16:15:53.0307 1644 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:15:53.0338 1644 Wecsvc - ok
16:15:53.0354 1644 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:15:53.0385 1644 wercplsupport - ok
16:15:53.0400 1644 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:15:53.0416 1644 WerSvc - ok
16:15:53.0463 1644 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:15:53.0478 1644 WfpLwf - ok
16:15:53.0478 1644 wiazwvpe - ok
16:15:53.0494 1644 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:15:53.0510 1644 WIMMount - ok
16:15:53.0525 1644 WinDefend - ok
16:15:53.0525 1644 WinHttpAutoProxySvc - ok
16:15:53.0588 1644 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:15:53.0666 1644 Winmgmt - ok
16:15:53.0853 1644 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:15:53.0915 1644 WinRM - ok
16:15:54.0149 1644 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:15:54.0180 1644 WinUsb - ok
16:15:54.0258 1644 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:15:54.0305 1644 Wlansvc - ok
16:15:54.0321 1644 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:15:54.0321 1644 WmiAcpi - ok
16:15:54.0383 1644 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:15:54.0399 1644 wmiApSrv - ok
16:15:54.0461 1644 WMPNetworkSvc - ok
16:15:54.0477 1644 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:15:54.0508 1644 WPCSvc - ok
16:15:54.0570 1644 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:15:54.0602 1644 WPDBusEnum - ok
16:15:54.0633 1644 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:15:54.0680 1644 ws2ifsl - ok
16:15:54.0711 1644 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:15:54.0726 1644 wscsvc - ok
16:15:54.0726 1644 WSearch - ok
16:15:54.0992 1644 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:15:55.0054 1644 wuauserv - ok
16:15:55.0241 1644 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:15:55.0288 1644 WudfPf - ok
16:15:55.0319 1644 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:15:55.0350 1644 WUDFRd - ok
16:15:55.0397 1644 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:15:55.0460 1644 wudfsvc - ok
16:15:55.0491 1644 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:15:55.0506 1644 WwanSvc - ok
16:15:55.0553 1644 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
16:15:55.0584 1644 xusb21 - ok
16:15:55.0662 1644 {55662437-DA8C-40c0-AADA-2C816A897A49} (74983addca2d9618512c088d856d6615) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
16:15:55.0694 1644 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
16:15:55.0725 1644 MBR (0x1B8) (1bb1462097f8fa16fdfca55c20a30ef4) \Device\Harddisk0\DR0
16:15:56.0255 1644 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:15:56.0255 1644 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:15:56.0255 1644 Boot (0x1200) (684425478dd3e7d901f57c6528f3b338) \Device\Harddisk0\DR0\Partition0
16:15:56.0255 1644 \Device\Harddisk0\DR0\Partition0 - ok
16:15:56.0302 1644 Boot (0x1200) (b60b5ae7133595e970dfd2f429dc5abd) \Device\Harddisk0\DR0\Partition1
16:15:56.0318 1644 \Device\Harddisk0\DR0\Partition1 - ok
16:15:56.0349 1644 Boot (0x1200) (59407deae64e4c7275b397578280cf32) \Device\Harddisk0\DR0\Partition2
16:15:56.0349 1644 \Device\Harddisk0\DR0\Partition2 - ok
16:15:56.0349 1644 ============================================================
16:15:56.0349 1644 Scan finished
16:15:56.0349 1644 ============================================================
16:15:56.0364 4656 Detected object count: 9
16:15:56.0364 4656 Actual detected object count: 9
16:17:00.0387 4656 ACPService ( UnsignedFile.Multi.Generic ) - skipped by user
16:17:00.0387 4656 ACPService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:17:00.0387 4656 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - skipped by user
16:17:00.0387 4656 AMD_RAIDXpert ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:17:00.0387 4656 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
16:17:00.0387 4656 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:17:00.0403 4656 mi-raysat_3dsmax2012_64 ( UnsignedFile.Multi.Generic ) - skipped by user
16:17:00.0403 4656 mi-raysat_3dsmax2012_64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:17:00.0403 4656 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:17:00.0403 4656 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:17:00.0403 4656 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:17:00.0403 4656 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:17:00.0403 4656 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
16:17:00.0403 4656 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:17:00.0403 4656 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
16:17:00.0403 4656 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:17:00.0403 4656 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:17:00.0403 4656 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I'd like you to run TDSSKiller again and this time delete the following if it is detected: \Device\Harddisk0\DR0 ( TDSS File System ). Once done, run your anti-virus and tell me if it still detects the problem.

Ran TDSSKiller and deleted the item. My anti-virus still detects the trojan.

Download aswMBR.exe from here and save it to your Desktop.

• Double click the tool to run it.
• When prompted "Would you like to download latest Avast! virus definitions?" click Yes - you may need to allow access through your firewall.
• Click the Scan button to, well, start the scan - obvious really!
• Once the scan reports "Scan finished successfully" click Save log.
• On my system it offers to save it to the Desktop, which may or may not be it's default behaviour, but it's as handy a place as any.
• You'll also see a file called MBR.dat appear as well - this is a backup that it created, just in case it's needed. Keep it handy for now.

I'd like the contents of aswMBR.txt in your next reply, if you'd be so kind.

Here's the aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-19 17:50:28
-----------------------------
17:50:28.113 OS Version: Windows x64 6.1.7601 Service Pack 1
17:50:28.113 Number of processors: 4 586 0x402
17:50:28.113 ComputerName: AMANDA-PC UserName: Amanda
17:50:39.345 Initialize success
17:50:47.909 AVAST engine defs: 12061900
17:50:56.224 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
17:50:56.224 Disk 0 Vendor: WDC_____ 01.0 Size: 953674MB BusType: 8
17:50:56.255 Disk 0 MBR read successfully
17:50:56.255 Disk 0 MBR scan
17:50:56.271 Disk 0 unknown MBR code
17:50:56.271 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:50:56.318 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 941977 MB offset 206848
17:50:56.396 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11586 MB offset 1929375744
17:50:56.458 Disk 0 Partition 4 00 17 Hidd HPFS/NTFS NTFS 1 MB offset 1953122304
17:50:56.567 Disk 0 scanning C:\Windows\system32\drivers
17:51:12.698 Service scanning
17:51:51.042 Service FastUserSwitchingCompatibility C:\Windows\C:\Windows\system32\FastUserSwitchingCompatibilityex.dll **LOCKED** 123
17:52:25.284 Modules scanning
17:52:25.300 Disk 0 trace - called modules:
17:52:25.316 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
17:52:25.331 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007715060]
17:52:25.331 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> \Device\00000065[0xfffffa80075459c0]
17:52:28.046 AVAST engine scan C:\Windows
17:52:32.320 AVAST engine scan C:\Windows\system32
17:58:15.131 AVAST engine scan C:\Windows\system32\drivers
17:58:34.974 AVAST engine scan C:\Users\Amanda
18:04:51.106 AVAST engine scan C:\ProgramData
18:09:55.655 Scan finished successfully
00:32:49.570 Disk 0 MBR has been saved successfully to "C:\Users\Amanda\Desktop\MBR.dat"
00:32:49.663 The log file has been saved successfully to "C:\Users\Amanda\Desktop\aswMBR_log3.txt"

Good evening.

Download Preformat.zip from here and save it to your Desktop. You will need to extract the file.

Right click on the zipped folder and from the menu that appears, click on Extract All...
In the next window that opens, click on Extract.

You should now see the file Preformat.vbs. Double click it to run it and a text file called Preformat.txt should be created in the same folder - either that or you'll get an error message.
Please copy and paste the contents of the text file into your next reply and then you can delete both of the folders and their contents.

Good evening. =)

I received an error message. (The specified module could not be found.)

Click the Start button and enter the following into the Search programs and files textbox: dsk
Hit <ENTER> and the Disk Management window should open and display a graphical representation of your hard drive(s).
Tell me how many sections your hard drive is divided into.

I think it is 5?

Next to Disk 0, it shows SYSTEM, HP (C:), FACTORY_IMAGE (D:), and then 9MB unallocated and 1 MB Healthy (primary partition)

Click the Start button and enter the following into the Search programs and files textbox: cmd
Hit <ENTER> and a Command Window should open.
Enter the following and hit <ENTER>: diskpart
You should see the Command Prompt change to DISKPART>

Enter the following and hit <ENTER>: list disk
You need to identify your main hard drive - if you only have one, that will be it!

If the disk is 0 (that's zero), enter the following and hit <ENTER>: select disk 0
You should see Disk 0 is now the selected disk. (or whatever disk is your main one.)

Enter the following and hit <ENTER>: list partition
You should now see the partitions for the selected drive displayed.

Right click the Command Window and select mark from the contrext menu that appears.
Left click and drag the white box around the text and then click the right mouse button to copy it to the Clipboard.

I'd like you to post the information in your next reply. You can either just Paste it directly or save it into Notepad if you prefer.

After I typed diskpart, it opened a second command window, and everything I typed afterwards went in the second command window. Here's what it said in both.


first command window:

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation. All rights reserved.

C:\Users\Amanda>diskpart




second command window:

Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: AMANDA-PC

DISKPART> list disk

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B

DISKPART> select disk 0

Disk 0 is now the selected disk.

DISKPART> list partition

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 919 GB 101 MB
Partition 3 Primary 11 GB 919 GB
Partition 4 Primary 1336 KB 931 GB

DISKPART>

Good evening.

You'll have to bear with me a little as I don't want to delete the wrong partition on your hard drive and have you lose any data on it. I'm pretty sure what I want to do, but i'd like one more bit of information before I have you delete the offending partition - better slow and right than quick and ARGHHHHH!!!!!!

Open and Command Window as before and fire up Diskpart again.
Enter select disk 0 as before
Now enter select partition 4 - you should get confirmation that this is now selected.
Finally enter detail partition

I'd like you to copy and paste the response, as before.

I understand. Slow and steady wins the race as they say. Well it's not really a race, but... You know.


Okay, here we go:


Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: AMANDA-PC

DISKPART> list disk

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B

DISKPART> select disk 0

Disk 0 is now the selected disk.

DISKPART> select partition 4

Partition 4 is now the selected partition.

DISKPART> detail partition

Partition 4
Type : 17
Hidden: Yes
Active: No
Offset in Bytes: 999998619648

There is no volume associated with this partition.

DISKPART>