Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Looks like I also incurred the wrath of the Happili virus


  • This topic is locked This topic is locked
12 replies to this topic

#1 paice

paice

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 02 April 2012 - 05:36 PM

Hello,

I must preface this by stating that I am sort of a moron when it comes to computers, so please bear with me. I noticed multiple posts already about this trojan, but figured you fine folks would rather I start my own thread instead of cherry picking from others'

Today I started getting redirected both in Firefox and IE, mostly getting the happili page, but a couple of times getting something else (get answers or something like that). I already had malwarebytes' free version on my pc, so I ran that and it found 3 hits (trojan.agent.GMAGen) which were removed, 2 by rebooting, 1 directly.

I also ran TDSSkiller (clean) & aswmbr (3 hits), whose logs I'll paste below ("fix" wasn't an option for aswmbr, only "Fixmbr," which came with a warning, so I didn't proceed.

Specs of my pc are:

HP Pavillion p600 series
AMD Anthlon ™ IIx4 640 Processor
64 Bit OS
Windows 7 Home Premium

If you need anything further, please let me know.

Thanks

Here are the aforementioned logs:

17:18:22.0129 5108 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48
17:18:22.0371 5108 ============================================================
17:18:22.0371 5108 Current date / time: 2012/04/02 17:18:22.0371
17:18:22.0371 5108 SystemInfo:
17:18:22.0371 5108
17:18:22.0371 5108 OS Version: 6.1.7600 ServicePack: 0.0
17:18:22.0371 5108 Product type: Workstation
17:18:22.0372 5108 ComputerName: VICTOR030
17:18:22.0372 5108 UserName: Cos
17:18:22.0372 5108 Windows directory: C:\Windows
17:18:22.0372 5108 System windows directory: C:\Windows
17:18:22.0372 5108 Running under WOW64
17:18:22.0372 5108 Processor architecture: Intel x64
17:18:22.0372 5108 Number of processors: 4
17:18:22.0372 5108 Page size: 0x1000
17:18:22.0372 5108 Boot type: Normal boot
17:18:22.0372 5108 ============================================================
17:18:23.0236 5108 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:18:23.0257 5108 \Device\Harddisk0\DR0:
17:18:23.0258 5108 MBR used
17:18:23.0258 5108 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x35000
17:18:23.0258 5108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x36E8E, BlocksNum 0x72B95182
17:18:23.0258 5108 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72BCC800, BlocksNum 0x1B39DB0
17:18:23.0309 5108 Initialize success
17:18:23.0309 5108 ============================================================
17:18:24.0878 4308 ============================================================
17:18:24.0878 4308 Scan started
17:18:24.0878 4308 Mode: Manual;
17:18:24.0878 4308 ============================================================
17:18:25.0991 4308 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
17:18:25.0999 4308 1394ohci - ok
17:18:26.0023 4308 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
17:18:26.0030 4308 ACPI - ok
17:18:26.0048 4308 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
17:18:26.0052 4308 AcpiPmi - ok
17:18:26.0129 4308 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:18:26.0132 4308 AdobeARMservice - ok
17:18:26.0175 4308 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:18:26.0186 4308 adp94xx - ok
17:18:26.0209 4308 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:18:26.0219 4308 adpahci - ok
17:18:26.0242 4308 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:18:26.0248 4308 adpu320 - ok
17:18:26.0277 4308 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:18:26.0279 4308 AeLookupSvc - ok
17:18:26.0313 4308 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
17:18:26.0319 4308 AFD - ok
17:18:26.0339 4308 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
17:18:26.0342 4308 agp440 - ok
17:18:26.0360 4308 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:18:26.0361 4308 ALG - ok
17:18:26.0377 4308 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
17:18:26.0380 4308 aliide - ok
17:18:26.0412 4308 AMD External Events Utility (ca0d6c1390f4b3baf2a0a69d1a7f8332) C:\Windows\system32\atiesrxx.exe
17:18:26.0415 4308 AMD External Events Utility - ok
17:18:26.0427 4308 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
17:18:26.0429 4308 amdide - ok
17:18:26.0446 4308 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:18:26.0449 4308 AmdK8 - ok
17:18:26.0605 4308 amdkmdag (75e4baca583ae02c11e9ac8747e2abe0) C:\Windows\system32\DRIVERS\atikmdag.sys
17:18:26.0734 4308 amdkmdag - ok
17:18:26.0772 4308 amdkmdap (b765cf4b32f347be747b21ae22641025) C:\Windows\system32\DRIVERS\atikmpag.sys
17:18:26.0775 4308 amdkmdap - ok
17:18:26.0795 4308 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:18:26.0797 4308 AmdPPM - ok
17:18:26.0854 4308 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
17:18:26.0858 4308 amdsata - ok
17:18:26.0895 4308 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:18:26.0901 4308 amdsbs - ok
17:18:26.0921 4308 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
17:18:26.0922 4308 amdxata - ok
17:18:26.0943 4308 amd_sata (8a2b4818215d8a6ff54dc3f0d63cbb2d) C:\Windows\system32\DRIVERS\amd_sata.sys
17:18:26.0943 4308 amd_sata - ok
17:18:26.0961 4308 amd_xata (a2d8977623e13591b15f6370c6cc37b0) C:\Windows\system32\DRIVERS\amd_xata.sys
17:18:26.0962 4308 amd_xata - ok
17:18:26.0992 4308 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
17:18:26.0994 4308 AppID - ok
17:18:27.0015 4308 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:18:27.0016 4308 AppIDSvc - ok
17:18:27.0038 4308 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
17:18:27.0040 4308 Appinfo - ok
17:18:27.0065 4308 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:18:27.0067 4308 arc - ok
17:18:27.0076 4308 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:18:27.0079 4308 arcsas - ok
17:18:27.0101 4308 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:18:27.0106 4308 AsyncMac - ok
17:18:27.0145 4308 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
17:18:27.0147 4308 atapi - ok
17:18:27.0201 4308 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:18:27.0202 4308 AtiPcie - ok
17:18:27.0238 4308 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:18:27.0252 4308 AudioEndpointBuilder - ok
17:18:27.0271 4308 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:18:27.0277 4308 AudioSrv - ok
17:18:27.0454 4308 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:18:27.0479 4308 AVGIDSAgent - ok
17:18:27.0515 4308 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:18:27.0517 4308 AVGIDSDriver - ok
17:18:27.0530 4308 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:18:27.0530 4308 AVGIDSEH - ok
17:18:27.0541 4308 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:18:27.0542 4308 AVGIDSFilter - ok
17:18:27.0578 4308 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
17:18:27.0581 4308 Avgldx64 - ok
17:18:27.0599 4308 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
17:18:27.0600 4308 Avgmfx64 - ok
17:18:27.0658 4308 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
17:18:27.0659 4308 Avgrkx64 - ok
17:18:27.0687 4308 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
17:18:27.0696 4308 Avgtdia - ok
17:18:27.0722 4308 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:18:27.0726 4308 avgwd - ok
17:18:27.0743 4308 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
17:18:27.0747 4308 AxInstSV - ok
17:18:27.0786 4308 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:18:27.0798 4308 b06bdrv - ok
17:18:27.0825 4308 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:18:27.0831 4308 b57nd60a - ok
17:18:27.0855 4308 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:18:27.0857 4308 BDESVC - ok
17:18:27.0885 4308 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:18:27.0886 4308 Beep - ok
17:18:27.0912 4308 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
17:18:27.0920 4308 BFE - ok
17:18:27.0952 4308 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
17:18:27.0963 4308 BITS - ok
17:18:27.0983 4308 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:18:27.0985 4308 blbdrive - ok
17:18:28.0011 4308 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
17:18:28.0013 4308 bowser - ok
17:18:28.0030 4308 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:18:28.0031 4308 BrFiltLo - ok
17:18:28.0048 4308 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:18:28.0050 4308 BrFiltUp - ok
17:18:28.0066 4308 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
17:18:28.0068 4308 Browser - ok
17:18:28.0091 4308 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:18:28.0095 4308 Brserid - ok
17:18:28.0110 4308 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:18:28.0113 4308 BrSerWdm - ok
17:18:28.0122 4308 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:18:28.0123 4308 BrUsbMdm - ok
17:18:28.0142 4308 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:18:28.0144 4308 BrUsbSer - ok
17:18:28.0156 4308 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:18:28.0158 4308 BTHMODEM - ok
17:18:28.0177 4308 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:18:28.0181 4308 bthserv - ok
17:18:28.0238 4308 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:18:28.0243 4308 cdfs - ok
17:18:28.0268 4308 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
17:18:28.0273 4308 cdrom - ok
17:18:28.0295 4308 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:18:28.0298 4308 CertPropSvc - ok
17:18:28.0319 4308 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:18:28.0322 4308 circlass - ok
17:18:28.0354 4308 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:18:28.0362 4308 CLFS - ok
17:18:28.0411 4308 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:18:28.0413 4308 clr_optimization_v2.0.50727_32 - ok
17:18:28.0430 4308 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:18:28.0433 4308 clr_optimization_v2.0.50727_64 - ok
17:18:28.0491 4308 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:18:28.0494 4308 clr_optimization_v4.0.30319_32 - ok
17:18:28.0524 4308 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:18:28.0527 4308 clr_optimization_v4.0.30319_64 - ok
17:18:28.0547 4308 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:18:28.0554 4308 CmBatt - ok
17:18:28.0566 4308 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
17:18:28.0569 4308 cmdide - ok
17:18:28.0624 4308 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
17:18:28.0633 4308 CNG - ok
17:18:28.0655 4308 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:18:28.0658 4308 Compbatt - ok
17:18:28.0685 4308 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:18:28.0686 4308 CompositeBus - ok
17:18:28.0694 4308 COMSysApp - ok
17:18:28.0720 4308 CpqDfw (a398ed024f739e7be74ecffa8a713a89) C:\Windows\system32\drivers\CpqDfw.sys
17:18:28.0724 4308 CpqDfw - ok
17:18:28.0757 4308 cqcpu (10fb0ff62af6262bf88e3607e2ae2a69) C:\Windows\system32\drivers\cqcpu.sys
17:18:28.0759 4308 cqcpu - ok
17:18:28.0767 4308 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:18:28.0769 4308 crcdisk - ok
17:18:28.0790 4308 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
17:18:28.0793 4308 CryptSvc - ok
17:18:28.0826 4308 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:18:28.0833 4308 DcomLaunch - ok
17:18:28.0853 4308 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:18:28.0857 4308 defragsvc - ok
17:18:28.0890 4308 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
17:18:28.0892 4308 DfsC - ok
17:18:28.0910 4308 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
17:18:28.0915 4308 Dhcp - ok
17:18:28.0934 4308 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:18:28.0935 4308 discache - ok
17:18:28.0952 4308 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:18:28.0954 4308 Disk - ok
17:18:28.0989 4308 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
17:18:28.0991 4308 Dnscache - ok
17:18:29.0011 4308 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
17:18:29.0014 4308 dot3svc - ok
17:18:29.0029 4308 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
17:18:29.0031 4308 DPS - ok
17:18:29.0061 4308 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:18:29.0062 4308 drmkaud - ok
17:18:29.0115 4308 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
17:18:29.0132 4308 DXGKrnl - ok
17:18:29.0151 4308 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:18:29.0153 4308 EapHost - ok
17:18:29.0223 4308 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:18:29.0271 4308 ebdrv - ok
17:18:29.0298 4308 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
17:18:29.0299 4308 EFS - ok
17:18:29.0355 4308 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
17:18:29.0366 4308 ehRecvr - ok
17:18:29.0388 4308 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:18:29.0390 4308 ehSched - ok
17:18:29.0415 4308 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:18:29.0422 4308 elxstor - ok
17:18:29.0436 4308 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
17:18:29.0438 4308 ErrDev - ok
17:18:29.0483 4308 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:18:29.0488 4308 EventSystem - ok
17:18:29.0509 4308 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:18:29.0513 4308 exfat - ok
17:18:29.0533 4308 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:18:29.0537 4308 fastfat - ok
17:18:29.0577 4308 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
17:18:29.0585 4308 Fax - ok
17:18:29.0604 4308 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:18:29.0606 4308 fdc - ok
17:18:29.0625 4308 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:18:29.0626 4308 fdPHost - ok
17:18:29.0638 4308 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:18:29.0639 4308 FDResPub - ok
17:18:29.0652 4308 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:18:29.0654 4308 FileInfo - ok
17:18:29.0671 4308 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:18:29.0672 4308 Filetrace - ok
17:18:29.0691 4308 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:18:29.0692 4308 flpydisk - ok
17:18:29.0723 4308 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
17:18:29.0727 4308 FltMgr - ok
17:18:29.0765 4308 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
17:18:29.0791 4308 FontCache - ok
17:18:29.0834 4308 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:18:29.0836 4308 FontCache3.0.0.0 - ok
17:18:29.0856 4308 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:18:29.0858 4308 FsDepends - ok
17:18:29.0878 4308 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:18:29.0879 4308 Fs_Rec - ok
17:18:29.0909 4308 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:18:29.0912 4308 fvevol - ok
17:18:29.0933 4308 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:18:29.0936 4308 gagp30kx - ok
17:18:30.0000 4308 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:18:30.0005 4308 GameConsoleService - ok
17:18:30.0050 4308 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
17:18:30.0066 4308 gpsvc - ok
17:18:30.0140 4308 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:18:30.0143 4308 gupdate - ok
17:18:30.0152 4308 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:18:30.0154 4308 gupdatem - ok
17:18:30.0202 4308 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:18:30.0204 4308 gusvc - ok
17:18:30.0224 4308 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:18:30.0227 4308 hcw85cir - ok
17:18:30.0258 4308 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
17:18:30.0263 4308 HdAudAddService - ok
17:18:30.0282 4308 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:18:30.0284 4308 HDAudBus - ok
17:18:30.0299 4308 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:18:30.0301 4308 HidBatt - ok
17:18:30.0317 4308 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:18:30.0320 4308 HidBth - ok
17:18:30.0338 4308 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:18:30.0340 4308 HidIr - ok
17:18:30.0361 4308 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:18:30.0362 4308 hidserv - ok
17:18:30.0384 4308 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
17:18:30.0385 4308 HidUsb - ok
17:18:30.0402 4308 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
17:18:30.0404 4308 hkmsvc - ok
17:18:30.0427 4308 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
17:18:30.0430 4308 HomeGroupListener - ok
17:18:30.0454 4308 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
17:18:30.0458 4308 HomeGroupProvider - ok
17:18:30.0499 4308 HP Health Check Service (37965381364b2e106e1dd7d74cdcaa43) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:18:30.0502 4308 HP Health Check Service - ok
17:18:30.0557 4308 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:18:30.0562 4308 HPClientSvc - ok
17:18:30.0605 4308 HPDrvMntSvc.exe (a48a151d3fa7cb032a51453f087221c7) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:18:30.0607 4308 HPDrvMntSvc.exe - ok
17:18:30.0632 4308 hpqwmiex (71bd8a611e0677175d3938c9cea7339a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:18:30.0638 4308 hpqwmiex - ok
17:18:30.0674 4308 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:18:30.0676 4308 HpSAMD - ok
17:18:30.0722 4308 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:18:30.0725 4308 HTCAND64 - ok
17:18:30.0767 4308 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
17:18:30.0771 4308 htcnprot - ok
17:18:30.0812 4308 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
17:18:30.0827 4308 HTTP - ok
17:18:30.0849 4308 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
17:18:30.0850 4308 hwpolicy - ok
17:18:30.0865 4308 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:18:30.0868 4308 i8042prt - ok
17:18:30.0922 4308 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
17:18:30.0955 4308 iaStorV - ok
17:18:31.0095 4308 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:18:31.0108 4308 idsvc - ok
17:18:31.0141 4308 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:18:31.0144 4308 iirsp - ok
17:18:31.0178 4308 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
17:18:31.0188 4308 IKEEXT - ok
17:18:31.0275 4308 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
17:18:31.0321 4308 IntcAzAudAddService - ok
17:18:31.0340 4308 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
17:18:31.0342 4308 intelide - ok
17:18:31.0361 4308 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:18:31.0363 4308 intelppm - ok
17:18:31.0390 4308 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:18:31.0393 4308 IPBusEnum - ok
17:18:31.0414 4308 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:18:31.0417 4308 IpFilterDriver - ok
17:18:31.0443 4308 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
17:18:31.0449 4308 iphlpsvc - ok
17:18:31.0465 4308 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:18:31.0468 4308 IPMIDRV - ok
17:18:31.0484 4308 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:18:31.0487 4308 IPNAT - ok
17:18:31.0500 4308 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:18:31.0501 4308 IRENUM - ok
17:18:31.0510 4308 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
17:18:31.0511 4308 isapnp - ok
17:18:31.0534 4308 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
17:18:31.0538 4308 iScsiPrt - ok
17:18:31.0547 4308 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:18:31.0548 4308 kbdclass - ok
17:18:31.0567 4308 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
17:18:31.0568 4308 kbdhid - ok
17:18:31.0596 4308 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:18:31.0597 4308 KeyIso - ok
17:18:31.0622 4308 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
17:18:31.0624 4308 KSecDD - ok
17:18:31.0652 4308 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
17:18:31.0654 4308 KSecPkg - ok
17:18:31.0670 4308 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:18:31.0676 4308 ksthunk - ok
17:18:31.0730 4308 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:18:31.0741 4308 KtmRm - ok
17:18:31.0779 4308 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
17:18:31.0787 4308 LanmanServer - ok
17:18:31.0814 4308 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
17:18:31.0820 4308 LanmanWorkstation - ok
17:18:31.0863 4308 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:18:31.0866 4308 LightScribeService - ok
17:18:31.0890 4308 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:18:31.0892 4308 lltdio - ok
17:18:31.0930 4308 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:18:31.0934 4308 lltdsvc - ok
17:18:31.0953 4308 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:18:31.0954 4308 lmhosts - ok
17:18:31.0982 4308 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:18:31.0984 4308 LSI_FC - ok
17:18:31.0996 4308 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:18:31.0999 4308 LSI_SAS - ok
17:18:32.0016 4308 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:18:32.0018 4308 LSI_SAS2 - ok
17:18:32.0037 4308 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:18:32.0040 4308 LSI_SCSI - ok
17:18:32.0072 4308 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:18:32.0073 4308 luafv - ok
17:18:32.0090 4308 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
17:18:32.0093 4308 Mcx2Svc - ok
17:18:32.0108 4308 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:18:32.0110 4308 megasas - ok
17:18:32.0128 4308 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:18:32.0132 4308 MegaSR - ok
17:18:32.0191 4308 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:18:32.0195 4308 Microsoft Office Groove Audit Service - ok
17:18:32.0222 4308 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:18:32.0224 4308 MMCSS - ok
17:18:32.0240 4308 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:18:32.0243 4308 Modem - ok
17:18:32.0271 4308 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:18:32.0272 4308 monitor - ok
17:18:32.0288 4308 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:18:32.0290 4308 mouclass - ok
17:18:32.0308 4308 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:18:32.0309 4308 mouhid - ok
17:18:32.0324 4308 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
17:18:32.0326 4308 mountmgr - ok
17:18:32.0345 4308 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
17:18:32.0348 4308 mpio - ok
17:18:32.0370 4308 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:18:32.0372 4308 mpsdrv - ok
17:18:32.0402 4308 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
17:18:32.0412 4308 MpsSvc - ok
17:18:32.0446 4308 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
17:18:32.0449 4308 MRxDAV - ok
17:18:32.0486 4308 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:18:32.0490 4308 mrxsmb - ok
17:18:32.0513 4308 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:18:32.0519 4308 mrxsmb10 - ok
17:18:32.0536 4308 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:18:32.0540 4308 mrxsmb20 - ok
17:18:32.0562 4308 msahci (2ba4ff3d5eb68587dd662a896f649c7d) C:\Windows\system32\DRIVERS\msahci.sys
17:18:32.0573 4308 msahci - ok
17:18:32.0608 4308 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
17:18:32.0612 4308 msdsm - ok
17:18:32.0641 4308 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:18:32.0647 4308 MSDTC - ok
17:18:32.0688 4308 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:18:32.0696 4308 Msfs - ok
17:18:32.0723 4308 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:18:32.0724 4308 mshidkmdf - ok
17:18:32.0746 4308 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
17:18:32.0748 4308 msisadrv - ok
17:18:32.0779 4308 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:18:32.0785 4308 MSiSCSI - ok
17:18:32.0796 4308 msiserver - ok
17:18:32.0822 4308 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:18:32.0824 4308 MSKSSRV - ok
17:18:32.0840 4308 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:18:32.0842 4308 MSPCLOCK - ok
17:18:32.0854 4308 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:18:32.0856 4308 MSPQM - ok
17:18:32.0883 4308 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
17:18:32.0887 4308 MsRPC - ok
17:18:32.0909 4308 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:18:32.0910 4308 mssmbios - ok
17:18:32.0929 4308 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:18:32.0931 4308 MSTEE - ok
17:18:32.0943 4308 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:18:32.0945 4308 MTConfig - ok
17:18:32.0966 4308 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:18:32.0967 4308 Mup - ok
17:18:32.0996 4308 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
17:18:33.0003 4308 napagent - ok
17:18:33.0054 4308 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:18:33.0058 4308 NativeWifiP - ok
17:18:33.0097 4308 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
17:18:33.0114 4308 NDIS - ok
17:18:33.0141 4308 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:18:33.0143 4308 NdisCap - ok
17:18:33.0171 4308 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:18:33.0174 4308 NdisTapi - ok
17:18:33.0183 4308 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
17:18:33.0184 4308 Ndisuio - ok
17:18:33.0205 4308 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:18:33.0208 4308 NdisWan - ok
17:18:33.0228 4308 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
17:18:33.0230 4308 NDProxy - ok
17:18:33.0239 4308 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:18:33.0241 4308 NetBIOS - ok
17:18:33.0259 4308 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
17:18:33.0263 4308 NetBT - ok
17:18:33.0285 4308 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:18:33.0287 4308 Netlogon - ok
17:18:33.0312 4308 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:18:33.0317 4308 Netman - ok
17:18:33.0343 4308 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:18:33.0349 4308 netprofm - ok
17:18:33.0389 4308 netr28x (1982b291df9833fb3adc397ebd310a18) C:\Windows\system32\DRIVERS\netr28x.sys
17:18:33.0402 4308 netr28x - ok
17:18:33.0428 4308 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:18:33.0430 4308 NetTcpPortSharing - ok
17:18:33.0450 4308 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:18:33.0453 4308 nfrd960 - ok
17:18:33.0484 4308 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
17:18:33.0488 4308 NlaSvc - ok
17:18:33.0497 4308 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:18:33.0499 4308 Npfs - ok
17:18:33.0524 4308 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:18:33.0526 4308 nsi - ok
17:18:33.0541 4308 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:18:33.0542 4308 nsiproxy - ok
17:18:33.0618 4308 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
17:18:33.0651 4308 Ntfs - ok
17:18:33.0670 4308 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:18:33.0671 4308 Null - ok
17:18:33.0709 4308 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
17:18:33.0712 4308 nvraid - ok
17:18:33.0733 4308 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
17:18:33.0736 4308 nvstor - ok
17:18:33.0776 4308 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
17:18:33.0779 4308 nv_agp - ok
17:18:33.0857 4308 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:18:33.0865 4308 odserv - ok
17:18:33.0885 4308 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
17:18:33.0889 4308 ohci1394 - ok
17:18:33.0941 4308 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:18:33.0944 4308 ose - ok
17:18:33.0987 4308 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:18:33.0994 4308 p2pimsvc - ok
17:18:34.0018 4308 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:18:34.0028 4308 p2psvc - ok
17:18:34.0047 4308 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:18:34.0055 4308 Parport - ok
17:18:34.0080 4308 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
17:18:34.0083 4308 partmgr - ok
17:18:34.0132 4308 PassThru Service (68139940b5ac84affb7eb1b713be66e7) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
17:18:34.0135 4308 PassThru Service - ok
17:18:34.0177 4308 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:18:34.0185 4308 PcaSvc - ok
17:18:34.0218 4308 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
17:18:34.0221 4308 pci - ok
17:18:34.0241 4308 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
17:18:34.0242 4308 pciide - ok
17:18:34.0256 4308 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:18:34.0259 4308 pcmcia - ok
17:18:34.0277 4308 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:18:34.0278 4308 pcw - ok
17:18:34.0323 4308 pdfcDispatcher - ok
17:18:34.0367 4308 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:18:34.0373 4308 PEAUTH - ok
17:18:34.0417 4308 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:18:34.0418 4308 PerfHost - ok
17:18:34.0462 4308 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
17:18:34.0489 4308 pla - ok
17:18:34.0522 4308 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
17:18:34.0526 4308 PlugPlay - ok
17:18:34.0538 4308 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:18:34.0539 4308 PNRPAutoReg - ok
17:18:34.0569 4308 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:18:34.0571 4308 PNRPsvc - ok
17:18:34.0594 4308 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
17:18:34.0599 4308 PolicyAgent - ok
17:18:34.0612 4308 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:18:34.0614 4308 Power - ok
17:18:34.0628 4308 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
17:18:34.0630 4308 PptpMiniport - ok
17:18:34.0649 4308 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:18:34.0651 4308 Processor - ok
17:18:34.0683 4308 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
17:18:34.0686 4308 ProfSvc - ok
17:18:34.0709 4308 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:18:34.0712 4308 ProtectedStorage - ok
17:18:34.0744 4308 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
17:18:34.0748 4308 Psched - ok
17:18:34.0814 4308 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:18:34.0847 4308 ql2300 - ok
17:18:34.0870 4308 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:18:34.0873 4308 ql40xx - ok
17:18:34.0903 4308 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:18:34.0907 4308 QWAVE - ok
17:18:34.0922 4308 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:18:34.0923 4308 QWAVEdrv - ok
17:18:34.0943 4308 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:18:34.0945 4308 RasAcd - ok
17:18:34.0966 4308 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:18:34.0968 4308 RasAgileVpn - ok
17:18:34.0984 4308 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:18:34.0987 4308 RasAuto - ok
17:18:35.0006 4308 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:18:35.0009 4308 Rasl2tp - ok
17:18:35.0035 4308 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
17:18:35.0040 4308 RasMan - ok
17:18:35.0055 4308 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:18:35.0058 4308 RasPppoe - ok
17:18:35.0074 4308 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:18:35.0077 4308 RasSstp - ok
17:18:35.0093 4308 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
17:18:35.0098 4308 rdbss - ok
17:18:35.0117 4308 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:18:35.0119 4308 rdpbus - ok
17:18:35.0140 4308 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:18:35.0140 4308 RDPCDD - ok
17:18:35.0159 4308 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:18:35.0160 4308 RDPENCDD - ok
17:18:35.0180 4308 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:18:35.0181 4308 RDPREFMP - ok
17:18:35.0227 4308 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
17:18:35.0235 4308 RDPWD - ok
17:18:35.0251 4308 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
17:18:35.0256 4308 rdyboost - ok
17:18:35.0290 4308 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:18:35.0295 4308 RemoteAccess - ok
17:18:35.0327 4308 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:18:35.0334 4308 RemoteRegistry - ok
17:18:35.0394 4308 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
17:18:35.0401 4308 RoxioNow Service - ok
17:18:35.0437 4308 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:18:35.0441 4308 RpcEptMapper - ok
17:18:35.0471 4308 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:18:35.0473 4308 RpcLocator - ok
17:18:35.0502 4308 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:18:35.0507 4308 RpcSs - ok
17:18:35.0529 4308 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:18:35.0531 4308 rspndr - ok
17:18:35.0556 4308 RTL8167 (b15c021c2c9bb217a799d9532e8f04d4) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:18:35.0561 4308 RTL8167 - ok
17:18:35.0584 4308 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:18:35.0585 4308 SamSs - ok
17:18:35.0601 4308 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
17:18:35.0603 4308 sbp2port - ok
17:18:35.0634 4308 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:18:35.0638 4308 SCardSvr - ok
17:18:35.0650 4308 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
17:18:35.0651 4308 scfilter - ok
17:18:35.0693 4308 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
17:18:35.0718 4308 Schedule - ok
17:18:35.0737 4308 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:18:35.0739 4308 SCPolicySvc - ok
17:18:35.0758 4308 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
17:18:35.0762 4308 SDRSVC - ok
17:18:35.0771 4308 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:18:35.0772 4308 secdrv - ok
17:18:35.0788 4308 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
17:18:35.0790 4308 seclogon - ok
17:18:35.0827 4308 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:18:35.0829 4308 SENS - ok
17:18:35.0846 4308 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:18:35.0848 4308 SensrSvc - ok
17:18:35.0876 4308 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:18:35.0879 4308 Serenum - ok
17:18:35.0917 4308 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:18:35.0920 4308 Serial - ok
17:18:35.0952 4308 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:18:35.0955 4308 sermouse - ok
17:18:35.0992 4308 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
17:18:35.0995 4308 SessionEnv - ok
17:18:36.0010 4308 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:18:36.0012 4308 sffdisk - ok
17:18:36.0031 4308 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:18:36.0033 4308 sffp_mmc - ok
17:18:36.0052 4308 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:18:36.0054 4308 sffp_sd - ok
17:18:36.0071 4308 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:18:36.0091 4308 sfloppy - ok
17:18:36.0139 4308 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:18:36.0148 4308 SharedAccess - ok
17:18:36.0179 4308 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
17:18:36.0189 4308 ShellHWDetection - ok
17:18:36.0213 4308 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:18:36.0238 4308 SiSRaid2 - ok
17:18:36.0297 4308 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:18:36.0301 4308 SiSRaid4 - ok
17:18:36.0345 4308 SIVDRIVER (a0fd911feea045d4a4f5154666c76ec7) C:\Windows\system32\Drivers\SIVX64.sys
17:18:36.0349 4308 SIVDRIVER - ok
17:18:36.0377 4308 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:18:36.0381 4308 Smb - ok
17:18:36.0420 4308 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:18:36.0424 4308 SNMPTRAP - ok
17:18:36.0437 4308 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:18:36.0438 4308 spldr - ok
17:18:36.0494 4308 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
17:18:36.0508 4308 Spooler - ok
17:18:36.0603 4308 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
17:18:36.0661 4308 sppsvc - ok
17:18:36.0679 4308 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:18:36.0680 4308 sppuinotify - ok
17:18:36.0709 4308 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
17:18:36.0713 4308 srv - ok
17:18:36.0731 4308 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
17:18:36.0735 4308 srv2 - ok
17:18:36.0763 4308 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
17:18:36.0764 4308 srvnet - ok
17:18:36.0788 4308 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:18:36.0790 4308 SSDPSRV - ok
17:18:36.0804 4308 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:18:36.0806 4308 SstpSvc - ok
17:18:36.0826 4308 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:18:36.0828 4308 stexstor - ok
17:18:36.0880 4308 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
17:18:36.0895 4308 stisvc - ok
17:18:36.0917 4308 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:18:36.0919 4308 swenum - ok
17:18:36.0947 4308 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:18:36.0954 4308 swprv - ok
17:18:36.0993 4308 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
17:18:37.0027 4308 SysMain - ok
17:18:37.0048 4308 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
17:18:37.0051 4308 TabletInputService - ok
17:18:37.0069 4308 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
17:18:37.0074 4308 TapiSrv - ok
17:18:37.0099 4308 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:18:37.0101 4308 TBS - ok
17:18:37.0179 4308 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
17:18:37.0231 4308 Tcpip - ok
17:18:37.0283 4308 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
17:18:37.0297 4308 TCPIP6 - ok
17:18:37.0322 4308 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
17:18:37.0324 4308 tcpipreg - ok
17:18:37.0341 4308 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:18:37.0343 4308 TDPIPE - ok
17:18:37.0371 4308 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
17:18:37.0373 4308 TDTCP - ok
17:18:37.0395 4308 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
17:18:37.0398 4308 tdx - ok
17:18:37.0414 4308 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
17:18:37.0417 4308 TermDD - ok
17:18:37.0444 4308 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
17:18:37.0453 4308 TermService - ok
17:18:37.0473 4308 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:18:37.0475 4308 Themes - ok
17:18:37.0492 4308 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:18:37.0494 4308 THREADORDER - ok
17:18:37.0515 4308 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:18:37.0518 4308 TrkWks - ok
17:18:37.0538 4308 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
17:18:37.0539 4308 TrustedInstaller - ok
17:18:37.0562 4308 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:18:37.0563 4308 tssecsrv - ok
17:18:37.0590 4308 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
17:18:37.0592 4308 tunnel - ok
17:18:37.0611 4308 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:18:37.0614 4308 uagp35 - ok
17:18:37.0632 4308 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
17:18:37.0637 4308 udfs - ok
17:18:37.0663 4308 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:18:37.0665 4308 UI0Detect - ok
17:18:37.0683 4308 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:18:37.0686 4308 uliagpkx - ok
17:18:37.0695 4308 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
17:18:37.0697 4308 umbus - ok
17:18:37.0712 4308 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:18:37.0713 4308 UmPass - ok
17:18:37.0727 4308 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:18:37.0733 4308 upnphost - ok
17:18:37.0759 4308 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
17:18:37.0761 4308 usbccgp - ok
17:18:37.0777 4308 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
17:18:37.0781 4308 usbcir - ok
17:18:37.0811 4308 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
17:18:37.0813 4308 usbehci - ok
17:18:37.0836 4308 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
17:18:37.0838 4308 usbfilter - ok
17:18:37.0858 4308 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
17:18:37.0872 4308 usbhub - ok
17:18:37.0890 4308 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
17:18:37.0892 4308 usbohci - ok
17:18:37.0901 4308 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:18:37.0903 4308 usbprint - ok
17:18:37.0928 4308 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:18:37.0931 4308 usbscan - ok
17:18:37.0947 4308 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:18:37.0948 4308 USBSTOR - ok
17:18:37.0962 4308 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
17:18:37.0972 4308 usbuhci - ok
17:18:37.0986 4308 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:18:37.0988 4308 UxSms - ok
17:18:38.0031 4308 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:18:38.0032 4308 VaultSvc - ok
17:18:38.0050 4308 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:18:38.0051 4308 vdrvroot - ok
17:18:38.0073 4308 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
17:18:38.0081 4308 vds - ok
17:18:38.0096 4308 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:18:38.0098 4308 vga - ok
17:18:38.0115 4308 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:18:38.0116 4308 VgaSave - ok
17:18:38.0141 4308 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
17:18:38.0145 4308 vhdmp - ok
17:18:38.0160 4308 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
17:18:38.0163 4308 viaide - ok
17:18:38.0181 4308 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
17:18:38.0183 4308 volmgr - ok
17:18:38.0208 4308 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
17:18:38.0213 4308 volmgrx - ok
17:18:38.0225 4308 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
17:18:38.0229 4308 volsnap - ok
17:18:38.0248 4308 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:18:38.0251 4308 vsmraid - ok
17:18:38.0298 4308 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
17:18:38.0333 4308 VSS - ok
17:18:38.0343 4308 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:18:38.0345 4308 vwifibus - ok
17:18:38.0369 4308 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:18:38.0371 4308 vwififlt - ok
17:18:38.0399 4308 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:18:38.0400 4308 vwifimp - ok
17:18:38.0413 4308 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:18:38.0419 4308 W32Time - ok
17:18:38.0445 4308 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:18:38.0447 4308 WacomPen - ok
17:18:38.0463 4308 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:18:38.0466 4308 WANARP - ok
17:18:38.0471 4308 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:18:38.0472 4308 Wanarpv6 - ok
17:18:38.0536 4308 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:18:38.0562 4308 WatAdminSvc - ok
17:18:38.0605 4308 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
17:18:38.0640 4308 wbengine - ok
17:18:38.0657 4308 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:18:38.0660 4308 WbioSrvc - ok
17:18:38.0693 4308 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
17:18:38.0698 4308 wcncsvc - ok
17:18:38.0714 4308 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:18:38.0717 4308 WcsPlugInService - ok
17:18:38.0737 4308 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:18:38.0739 4308 Wd - ok
17:18:38.0766 4308 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:18:38.0773 4308 Wdf01000 - ok
17:18:38.0793 4308 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:18:38.0796 4308 WdiServiceHost - ok
17:18:38.0801 4308 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:18:38.0803 4308 WdiSystemHost - ok
17:18:38.0833 4308 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
17:18:38.0838 4308 WebClient - ok
17:18:38.0855 4308 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:18:38.0859 4308 Wecsvc - ok
17:18:38.0878 4308 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:18:38.0881 4308 wercplsupport - ok
17:18:38.0901 4308 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:18:38.0904 4308 WerSvc - ok
17:18:38.0919 4308 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:18:38.0921 4308 WfpLwf - ok
17:18:38.0937 4308 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:18:38.0939 4308 WIMMount - ok
17:18:38.0969 4308 WinDefend - ok
17:18:38.0985 4308 WinHttpAutoProxySvc - ok
17:18:39.0027 4308 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:18:39.0031 4308 Winmgmt - ok
17:18:39.0108 4308 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
17:18:39.0156 4308 WinRM - ok
17:18:39.0210 4308 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:18:39.0242 4308 Wlansvc - ok
17:18:39.0346 4308 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:18:39.0392 4308 wlidsvc - ok
17:18:39.0429 4308 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:18:39.0430 4308 WmiAcpi - ok
17:18:39.0453 4308 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:18:39.0456 4308 wmiApSrv - ok
17:18:39.0464 4308 WMPNetworkSvc - ok
17:18:39.0495 4308 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:18:39.0497 4308 WPCSvc - ok
17:18:39.0514 4308 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
17:18:39.0519 4308 WPDBusEnum - ok
17:18:39.0553 4308 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:18:39.0554 4308 ws2ifsl - ok
17:18:39.0578 4308 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
17:18:39.0581 4308 wscsvc - ok
17:18:39.0589 4308 WSearch - ok
17:18:39.0660 4308 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
17:18:39.0721 4308 wuauserv - ok
17:18:39.0740 4308 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
17:18:39.0742 4308 WudfPf - ok
17:18:39.0759 4308 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:18:39.0761 4308 WUDFRd - ok
17:18:39.0778 4308 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
17:18:39.0782 4308 wudfsvc - ok
17:18:39.0795 4308 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:18:39.0799 4308 WwanSvc - ok
17:18:39.0835 4308 MBR (0x1B8) (d3f3d406f47598575889aa4b8f8dd083) \Device\Harddisk0\DR0
17:18:40.0034 4308 \Device\Harddisk0\DR0 - ok
17:18:40.0041 4308 Boot (0x1200) (6a77ac194ac0b035dc34313033575c6f) \Device\Harddisk0\DR0\Partition0
17:18:40.0043 4308 \Device\Harddisk0\DR0\Partition0 - ok
17:18:40.0060 4308 Boot (0x1200) (1d9c33492d0e1e5ab12b72577abc5d1b) \Device\Harddisk0\DR0\Partition1
17:18:40.0063 4308 \Device\Harddisk0\DR0\Partition1 - ok
17:18:40.0091 4308 Boot (0x1200) (4fd9e226a9e5a524e0136d57c72fbf46) \Device\Harddisk0\DR0\Partition2
17:18:40.0092 4308 \Device\Harddisk0\DR0\Partition2 - ok
17:18:40.0093 4308 ============================================================
17:18:40.0093 4308 Scan finished
17:18:40.0093 4308 ============================================================
17:18:40.0108 4632 Detected object count: 0
17:18:40.0108 4632 Actual detected object count: 0
17:20:01.0835 4340 ============================================================
17:20:01.0835 4340 Scan started
17:20:01.0835 4340 Mode: Manual;
17:20:01.0835 4340 ============================================================
17:20:02.0121 4340 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
17:20:02.0125 4340 1394ohci - ok
17:20:02.0153 4340 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
17:20:02.0159 4340 ACPI - ok
17:20:02.0178 4340 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
17:20:02.0179 4340 AcpiPmi - ok
17:20:02.0242 4340 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:20:02.0245 4340 AdobeARMservice - ok
17:20:02.0271 4340 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:20:02.0279 4340 adp94xx - ok
17:20:02.0322 4340 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:20:02.0328 4340 adpahci - ok
17:20:02.0355 4340 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:20:02.0359 4340 adpu320 - ok
17:20:02.0389 4340 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:20:02.0390 4340 AeLookupSvc - ok
17:20:02.0426 4340 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
17:20:02.0430 4340 AFD - ok
17:20:02.0444 4340 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
17:20:02.0445 4340 agp440 - ok
17:20:02.0465 4340 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:20:02.0466 4340 ALG - ok
17:20:02.0482 4340 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
17:20:02.0483 4340 aliide - ok
17:20:02.0509 4340 AMD External Events Utility (ca0d6c1390f4b3baf2a0a69d1a7f8332) C:\Windows\system32\atiesrxx.exe
17:20:02.0511 4340 AMD External Events Utility - ok
17:20:02.0548 4340 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
17:20:02.0550 4340 amdide - ok
17:20:02.0568 4340 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:20:02.0570 4340 AmdK8 - ok
17:20:02.0716 4340 amdkmdag (75e4baca583ae02c11e9ac8747e2abe0) C:\Windows\system32\DRIVERS\atikmdag.sys
17:20:02.0750 4340 amdkmdag - ok
17:20:02.0804 4340 amdkmdap (b765cf4b32f347be747b21ae22641025) C:\Windows\system32\DRIVERS\atikmpag.sys
17:20:02.0808 4340 amdkmdap - ok
17:20:02.0825 4340 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:20:02.0827 4340 AmdPPM - ok
17:20:02.0858 4340 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
17:20:02.0859 4340 amdsata - ok
17:20:02.0882 4340 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:20:02.0884 4340 amdsbs - ok
17:20:02.0901 4340 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
17:20:02.0902 4340 amdxata - ok
17:20:02.0923 4340 amd_sata (8a2b4818215d8a6ff54dc3f0d63cbb2d) C:\Windows\system32\DRIVERS\amd_sata.sys
17:20:02.0924 4340 amd_sata - ok
17:20:02.0942 4340 amd_xata (a2d8977623e13591b15f6370c6cc37b0) C:\Windows\system32\DRIVERS\amd_xata.sys
17:20:02.0943 4340 amd_xata - ok
17:20:02.0957 4340 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
17:20:02.0958 4340 AppID - ok
17:20:02.0979 4340 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:20:02.0980 4340 AppIDSvc - ok
17:20:02.0993 4340 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
17:20:02.0994 4340 Appinfo - ok
17:20:03.0003 4340 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:20:03.0004 4340 arc - ok
17:20:03.0014 4340 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:20:03.0015 4340 arcsas - ok
17:20:03.0032 4340 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:20:03.0032 4340 AsyncMac - ok
17:20:03.0068 4340 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
17:20:03.0069 4340 atapi - ok
17:20:03.0115 4340 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:20:03.0117 4340 AtiPcie - ok
17:20:03.0152 4340 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:20:03.0163 4340 AudioEndpointBuilder - ok
17:20:03.0182 4340 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:20:03.0187 4340 AudioSrv - ok
17:20:03.0337 4340 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:20:03.0362 4340 AVGIDSAgent - ok
17:20:03.0396 4340 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:20:03.0397 4340 AVGIDSDriver - ok
17:20:03.0411 4340 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:20:03.0411 4340 AVGIDSEH - ok
17:20:03.0422 4340 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:20:03.0422 4340 AVGIDSFilter - ok
17:20:03.0459 4340 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
17:20:03.0461 4340 Avgldx64 - ok
17:20:03.0472 4340 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
17:20:03.0472 4340 Avgmfx64 - ok
17:20:03.0505 4340 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
17:20:03.0505 4340 Avgrkx64 - ok
17:20:03.0534 4340 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
17:20:03.0541 4340 Avgtdia - ok
17:20:03.0570 4340 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:20:03.0574 4340 avgwd - ok
17:20:03.0591 4340 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
17:20:03.0594 4340 AxInstSV - ok
17:20:03.0622 4340 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:20:03.0626 4340 b06bdrv - ok
17:20:03.0639 4340 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:20:03.0642 4340 b57nd60a - ok
17:20:03.0661 4340 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:20:03.0662 4340 BDESVC - ok
17:20:03.0674 4340 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:20:03.0675 4340 Beep - ok
17:20:03.0701 4340 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
17:20:03.0706 4340 BFE - ok
17:20:03.0742 4340 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
17:20:03.0749 4340 BITS - ok
17:20:03.0764 4340 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:20:03.0765 4340 blbdrive - ok
17:20:03.0792 4340 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
17:20:03.0793 4340 bowser - ok
17:20:03.0811 4340 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:20:03.0811 4340 BrFiltLo - ok
17:20:03.0829 4340 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:20:03.0830 4340 BrFiltUp - ok
17:20:03.0847 4340 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
17:20:03.0848 4340 Browser - ok
17:20:03.0872 4340 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:20:03.0874 4340 Brserid - ok
17:20:03.0891 4340 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:20:03.0892 4340 BrSerWdm - ok
17:20:03.0922 4340 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:20:03.0922 4340 BrUsbMdm - ok
17:20:03.0948 4340 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:20:03.0948 4340 BrUsbSer - ok
17:20:03.0962 4340 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:20:03.0963 4340 BTHMODEM - ok
17:20:04.0000 4340 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:20:04.0001 4340 bthserv - ok
17:20:04.0019 4340 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:20:04.0020 4340 cdfs - ok
17:20:04.0056 4340 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
17:20:04.0058 4340 cdrom - ok
17:20:04.0076 4340 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:20:04.0077 4340 CertPropSvc - ok
17:20:04.0091 4340 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:20:04.0092 4340 circlass - ok
17:20:04.0124 4340 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:20:04.0127 4340 CLFS - ok
17:20:04.0175 4340 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:20:04.0177 4340 clr_optimization_v2.0.50727_32 - ok
17:20:04.0194 4340 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:20:04.0197 4340 clr_optimization_v2.0.50727_64 - ok
17:20:04.0247 4340 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:20:04.0251 4340 clr_optimization_v4.0.30319_32 - ok
17:20:04.0280 4340 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:20:04.0284 4340 clr_optimization_v4.0.30319_64 - ok
17:20:04.0295 4340 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:20:04.0297 4340 CmBatt - ok
17:20:04.0312 4340 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
17:20:04.0313 4340 cmdide - ok
17:20:04.0352 4340 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
17:20:04.0356 4340 CNG - ok
17:20:04.0364 4340 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:20:04.0365 4340 Compbatt - ok
17:20:04.0382 4340 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:20:04.0383 4340 CompositeBus - ok
17:20:04.0410 4340 COMSysApp - ok
17:20:04.0460 4340 CpqDfw (a398ed024f739e7be74ecffa8a713a89) C:\Windows\system32\drivers\CpqDfw.sys
17:20:04.0461 4340 CpqDfw - ok
17:20:04.0488 4340 cqcpu (10fb0ff62af6262bf88e3607e2ae2a69) C:\Windows\system32\drivers\cqcpu.sys
17:20:04.0490 4340 cqcpu - ok
17:20:04.0502 4340 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:20:04.0503 4340 crcdisk - ok
17:20:04.0548 4340 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
17:20:04.0551 4340 CryptSvc - ok
17:20:04.0582 4340 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:20:04.0588 4340 DcomLaunch - ok
17:20:04.0609 4340 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:20:04.0612 4340 defragsvc - ok
17:20:04.0638 4340 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
17:20:04.0639 4340 DfsC - ok
17:20:04.0667 4340 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
17:20:04.0670 4340 Dhcp - ok
17:20:04.0682 4340 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:20:04.0683 4340 discache - ok
17:20:04.0700 4340 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:20:04.0701 4340 Disk - ok
17:20:04.0755 4340 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
17:20:04.0759 4340 Dnscache - ok
17:20:04.0786 4340 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
17:20:04.0791 4340 dot3svc - ok
17:20:04.0811 4340 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
17:20:04.0815 4340 DPS - ok
17:20:04.0833 4340 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:20:04.0834 4340 drmkaud - ok
17:20:04.0881 4340 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
17:20:04.0888 4340 DXGKrnl - ok
17:20:04.0907 4340 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:20:04.0909 4340 EapHost - ok
17:20:04.0987 4340 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:20:05.0010 4340 ebdrv - ok
17:20:05.0038 4340 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
17:20:05.0039 4340 EFS - ok
17:20:05.0087 4340 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
17:20:05.0098 4340 ehRecvr - ok
17:20:05.0119 4340 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:20:05.0121 4340 ehSched - ok
17:20:05.0146 4340 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:20:05.0151 4340 elxstor - ok
17:20:05.0167 4340 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
17:20:05.0168 4340 ErrDev - ok
17:20:05.0197 4340 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:20:05.0201 4340 EventSystem - ok
17:20:05.0224 4340 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:20:05.0226 4340 exfat - ok
17:20:05.0248 4340 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:20:05.0250 4340 fastfat - ok
17:20:05.0275 4340 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
17:20:05.0281 4340 Fax - ok
17:20:05.0302 4340 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:20:05.0303 4340 fdc - ok
17:20:05.0315 4340 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:20:05.0316 4340 fdPHost - ok
17:20:05.0327 4340 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:20:05.0329 4340 FDResPub - ok
17:20:05.0341 4340 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:20:05.0342 4340 FileInfo - ok
17:20:05.0361 4340 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:20:05.0362 4340 Filetrace - ok
17:20:05.0380 4340 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:20:05.0381 4340 flpydisk - ok
17:20:05.0404 4340 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
17:20:05.0405 4340 FltMgr - ok
17:20:05.0444 4340 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
17:20:05.0449 4340 FontCache - ok
17:20:05.0499 4340 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:20:05.0501 4340 FontCache3.0.0.0 - ok
17:20:05.0520 4340 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:20:05.0522 4340 FsDepends - ok
17:20:05.0543 4340 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:20:05.0544 4340 Fs_Rec - ok
17:20:05.0566 4340 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:20:05.0568 4340 fvevol - ok
17:20:05.0581 4340 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:20:05.0582 4340 gagp30kx - ok
17:20:05.0638 4340 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:20:05.0641 4340 GameConsoleService - ok
17:20:05.0690 4340 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
17:20:05.0701 4340 gpsvc - ok
17:20:05.0755 4340 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:20:05.0758 4340 gupdate - ok
17:20:05.0768 4340 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:20:05.0771 4340 gupdatem - ok
17:20:05.0800 4340 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:20:05.0802 4340 gusvc - ok
17:20:05.0822 4340 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:20:05.0823 4340 hcw85cir - ok
17:20:05.0848 4340 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
17:20:05.0851 4340 HdAudAddService - ok
17:20:05.0872 4340 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:20:05.0873 4340 HDAudBus - ok
17:20:05.0889 4340 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:20:05.0890 4340 HidBatt - ok
17:20:05.0940 4340 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:20:05.0943 4340 HidBth - ok
17:20:05.0961 4340 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:20:05.0963 4340 HidIr - ok
17:20:05.0984 4340 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:20:05.0985 4340 hidserv - ok
17:20:05.0999 4340 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
17:20:06.0000 4340 HidUsb - ok
17:20:06.0017 4340 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
17:20:06.0019 4340 hkmsvc - ok
17:20:06.0041 4340 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
17:20:06.0044 4340 HomeGroupListener - ok
17:20:06.0069 4340 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
17:20:06.0072 4340 HomeGroupProvider - ok
17:20:06.0113 4340 HP Health Check Service (37965381364b2e106e1dd7d74cdcaa43) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:20:06.0114 4340 HP Health Check Service - ok
17:20:06.0155 4340 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:20:06.0160 4340 HPClientSvc - ok
17:20:06.0203 4340 HPDrvMntSvc.exe (a48a151d3fa7cb032a51453f087221c7) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:20:06.0205 4340 HPDrvMntSvc.exe - ok
17:20:06.0234 4340 hpqwmiex (71bd8a611e0677175d3938c9cea7339a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:20:06.0246 4340 hpqwmiex - ok
17:20:06.0280 4340 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:20:06.0283 4340 HpSAMD - ok
17:20:06.0345 4340 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:20:06.0347 4340 HTCAND64 - ok
17:20:06.0373 4340 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
17:20:06.0374 4340 htcnprot - ok
17:20:06.0405 4340 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
17:20:06.0410 4340 HTTP - ok
17:20:06.0430 4340 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
17:20:06.0431 4340 hwpolicy - ok
17:20:06.0447 4340 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:20:06.0448 4340 i8042prt - ok
17:20:06.0539 4340 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
17:20:06.0546 4340 iaStorV - ok
17:20:06.0601 4340 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:20:06.0615 4340 idsvc - ok
17:20:06.0639 4340 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:20:06.0640 4340 iirsp - ok
17:20:06.0676 4340 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
17:20:06.0683 4340 IKEEXT - ok
17:20:06.0765 4340 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
17:20:06.0788 4340 IntcAzAudAddService - ok
17:20:06.0805 4340 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
17:20:06.0806 4340 intelide - ok
17:20:06.0817 4340 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:20:06.0818 4340 intelppm - ok
17:20:06.0838 4340 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:20:06.0840 4340 IPBusEnum - ok
17:20:06.0854 4340 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:20:06.0855 4340 IpFilterDriver - ok
17:20:06.0882 4340 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
17:20:06.0886 4340 iphlpsvc - ok
17:20:06.0905 4340 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:20:06.0906 4340 IPMIDRV - ok
17:20:06.0924 4340 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:20:06.0925 4340 IPNAT - ok
17:20:06.0940 4340 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:20:06.0940 4340 IRENUM - ok
17:20:06.0966 4340 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
17:20:06.0967 4340 isapnp - ok
17:20:06.0990 4340 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
17:20:06.0992 4340 iScsiPrt - ok
17:20:07.0001 4340 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:20:07.0002 4340 kbdclass - ok
17:20:07.0024 4340 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
17:20:07.0024 4340 kbdhid - ok
17:20:07.0086 4340 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:20:07.0088 4340 KeyIso - ok
17:20:07.0121 4340 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
17:20:07.0124 4340 KSecDD - ok
17:20:07.0226 4340 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
17:20:07.0230 4340 KSecPkg - ok
17:20:07.0319 4340 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:20:07.0320 4340 ksthunk - ok
17:20:07.0378 4340 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:20:07.0386 4340 KtmRm - ok
17:20:07.0419 4340 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
17:20:07.0425 4340 LanmanServer - ok
17:20:07.0454 4340 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
17:20:07.0459 4340 LanmanWorkstation - ok
17:20:07.0503 4340 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:20:07.0505 4340 LightScribeService - ok
17:20:07.0522 4340 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:20:07.0524 4340 lltdio - ok
17:20:07.0553 4340 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:20:07.0556 4340 lltdsvc - ok
17:20:07.0576 4340 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:20:07.0577 4340 lmhosts - ok
17:20:07.0596 4340 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:20:07.0598 4340 LSI_FC - ok
17:20:07.0636 4340 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:20:07.0637 4340 LSI_SAS - ok
17:20:07.0664 4340 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:20:07.0665 4340 LSI_SAS2 - ok
17:20:07.0675 4340 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:20:07.0676 4340 LSI_SCSI - ok
17:20:07.0695 4340 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:20:07.0696 4340 luafv - ok
17:20:07.0722 4340 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
17:20:07.0723 4340 Mcx2Svc - ok
17:20:07.0739 4340 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:20:07.0740 4340 megasas - ok
17:20:07.0759 4340 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:20:07.0762 4340 MegaSR - ok
17:20:07.0822 4340 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:20:07.0825 4340 Microsoft Office Groove Audit Service - ok
17:20:07.0854 4340 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:20:07.0857 4340 MMCSS - ok
17:20:07.0880 4340 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:20:07.0881 4340 Modem - ok
17:20:07.0902 4340 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:20:07.0903 4340 monitor - ok
17:20:07.0919 4340 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:20:07.0920 4340 mouclass - ok
17:20:07.0929 4340 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:20:07.0930 4340 mouhid - ok
17:20:07.0947 4340 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
17:20:07.0949 4340 mountmgr - ok
17:20:07.0985 4340 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
17:20:07.0986 4340 mpio - ok
17:20:08.0001 4340 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:20:08.0002 4340 mpsdrv - ok
17:20:08.0033 4340 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
17:20:08.0040 4340 MpsSvc - ok
17:20:08.0061 4340 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
17:20:08.0062 4340 MRxDAV - ok
17:20:08.0091 4340 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:20:08.0093 4340 mrxsmb - ok
17:20:08.0126 4340 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:20:08.0128 4340 mrxsmb10 - ok
17:20:08.0141 4340 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:20:08.0143 4340 mrxsmb20 - ok
17:20:08.0160 4340 msahci (2ba4ff3d5eb68587dd662a896f649c7d) C:\Windows\system32\DRIVERS\msahci.sys
17:20:08.0161 4340 msahci - ok
17:20:08.0198 4340 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
17:20:08.0201 4340 msdsm - ok
17:20:08.0239 4340 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:20:08.0243 4340 MSDTC - ok
17:20:08.0267 4340 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:20:08.0269 4340 Msfs - ok
17:20:08.0296 4340 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:20:08.0296 4340 mshidkmdf - ok
17:20:08.0311 4340 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
17:20:08.0311 4340 msisadrv - ok
17:20:08.0394 4340 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:20:08.0398 4340 MSiSCSI - ok
17:20:08.0409 4340 msiserver - ok
17:20:08.0445 4340 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:20:08.0445 4340 MSKSSRV - ok
17:20:08.0463 4340 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:20:08.0464 4340 MSPCLOCK - ok
17:20:08.0477 4340 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:20:08.0478 4340 MSPQM - ok
17:20:08.0497 4340 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
17:20:08.0500 4340 MsRPC - ok
17:20:08.0515 4340 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:20:08.0517 4340 mssmbios - ok
17:20:08.0535 4340 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:20:08.0536 4340 MSTEE - ok
17:20:08.0550 4340 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:20:08.0550 4340 MTConfig - ok
17:20:08.0572 4340 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:20:08.0573 4340 Mup - ok
17:20:08.0603 4340 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
17:20:08.0607 4340 napagent - ok
17:20:08.0627 4340 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:20:08.0630 4340 NativeWifiP - ok
17:20:08.0654 4340 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
17:20:08.0661 4340 NDIS - ok
17:20:08.0680 4340 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:20:08.0681 4340 NdisCap - ok
17:20:08.0703 4340 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:20:08.0703 4340 NdisTapi - ok
17:20:08.0713 4340 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
17:20:08.0714 4340 Ndisuio - ok
17:20:08.0736 4340 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:20:08.0738 4340 NdisWan - ok
17:20:08.0759 4340 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
17:20:08.0760 4340 NDProxy - ok
17:20:08.0769 4340 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:20:08.0770 4340 NetBIOS - ok
17:20:08.0790 4340 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
17:20:08.0793 4340 NetBT - ok
17:20:08.0817 4340 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:20:08.0818 4340 Netlogon - ok
17:20:08.0844 4340 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:20:08.0848 4340 Netman - ok
17:20:08.0875 4340 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:20:08.0879 4340 netprofm - ok
17:20:08.0912 4340 netr28x (1982b291df9833fb3adc397ebd310a18) C:\Windows\system32\DRIVERS\netr28x.sys
17:20:08.0919 4340 netr28x - ok
17:20:08.0951 4340 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:20:08.0953 4340 NetTcpPortSharing - ok
17:20:08.0973 4340 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:20:08.0974 4340 nfrd960 - ok
17:20:08.0990 4340 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
17:20:08.0993 4340 NlaSvc - ok
17:20:09.0003 4340 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:20:09.0003 4340 Npfs - ok
17:20:09.0030 4340 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:20:09.0032 4340 nsi - ok
17:20:09.0041 4340 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:20:09.0042 4340 nsiproxy - ok
17:20:09.0107 4340 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
17:20:09.0132 4340 Ntfs - ok
17:20:09.0151 4340 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:20:09.0153 4340 Null - ok
17:20:09.0191 4340 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
17:20:09.0195 4340 nvraid - ok
17:20:09.0232 4340 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
17:20:09.0235 4340 nvstor - ok
17:20:09.0258 4340 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
17:20:09.0261 4340 nv_agp - ok
17:20:09.0339 4340 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:20:09.0347 4340 odserv - ok
17:20:09.0365 4340 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
17:20:09.0367 4340 ohci1394 - ok
17:20:09.0388 4340 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:20:09.0390 4340 ose - ok
17:20:09.0426 4340 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:20:09.0430 4340 p2pimsvc - ok
17:20:09.0446 4340 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:20:09.0451 4340 p2psvc - ok
17:20:09.0461 4340 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:20:09.0462 4340 Parport - ok
17:20:09.0478 4340 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
17:20:09.0479 4340 partmgr - ok
17:20:09.0522 4340 PassThru Service (68139940b5ac84affb7eb1b713be66e7) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
17:20:09.0525 4340 PassThru Service - ok
17:20:09.0551 4340 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:20:09.0557 4340 PcaSvc - ok
17:20:09.0576 4340 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
17:20:09.0580 4340 pci - ok
17:20:09.0598 4340 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
17:20:09.0599 4340 pciide - ok
17:20:09.0638 4340 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:20:09.0640 4340 pcmcia - ok
17:20:09.0659 4340 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:20:09.0660 4340 pcw - ok
17:20:09.0671 4340 pdfcDispatcher - ok
17:20:09.0717 4340 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:20:09.0722 4340 PEAUTH - ok
17:20:09.0757 4340 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:20:09.0759 4340 PerfHost - ok
17:20:09.0802 4340 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
17:20:09.0809 4340 pla - ok
17:20:09.0845 4340 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
17:20:09.0848 4340 PlugPlay - ok
17:20:09.0861 4340 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:20:09.0862 4340 PNRPAutoReg - ok
17:20:09.0883 4340 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:20:09.0886 4340 PNRPsvc - ok
17:20:09.0909 4340 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
17:20:09.0912 4340 PolicyAgent - ok
17:20:09.0927 4340 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:20:09.0929 4340 Power - ok
17:20:09.0943 4340 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
17:20:09.0944 4340 PptpMiniport - ok
17:20:09.0964 4340 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:20:09.0964 4340 Processor - ok
17:20:09.0991 4340 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
17:20:09.0997 4340 ProfSvc - ok
17:20:10.0024 4340 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:20:10.0027 4340 ProtectedStorage - ok
17:20:10.0051 4340 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
17:20:10.0054 4340 Psched - ok
17:20:10.0112 4340 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:20:10.0135 4340 ql2300 - ok
17:20:10.0160 4340 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:20:10.0161 4340 ql40xx - ok
17:20:10.0193 4340 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:20:10.0195 4340 QWAVE - ok
17:20:10.0212 4340 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:20:10.0213 4340 QWAVEdrv - ok
17:20:10.0250 4340 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:20:10.0250 4340 RasAcd - ok
17:20:10.0272 4340 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:20:10.0273 4340 RasAgileVpn - ok
17:20:10.0291 4340 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:20:10.0292 4340 RasAuto - ok
17:20:10.0304 4340 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:20:10.0305 4340 Rasl2tp - ok
17:20:10.0332 4340 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
17:20:10.0336 4340 RasMan - ok
17:20:10.0354 4340 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:20:10.0355 4340 RasPppoe - ok
17:20:10.0372 4340 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:20:10.0373 4340 RasSstp - ok
17:20:10.0391 4340 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
17:20:10.0393 4340 rdbss - ok
17:20:10.0407 4340 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:20:10.0407 4340 rdpbus - ok
17:20:10.0421 4340 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:20:10.0422 4340 RDPCDD - ok
17:20:10.0456 4340 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:20:10.0456 4340 RDPENCDD - ok
17:20:10.0470 4340 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:20:10.0471 4340 RDPREFMP - ok
17:20:10.0499 4340 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
17:20:10.0501 4340 RDPWD - ok
17:20:10.0511 4340 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
17:20:10.0513 4340 rdyboost - ok
17:20:10.0538 4340 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:20:10.0540 4340 RemoteAccess - ok
17:20:10.0558 4340 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:20:10.0560 4340 RemoteRegistry - ok
17:20:10.0617 4340 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
17:20:10.0624 4340 RoxioNow Service - ok
17:20:10.0651 4340 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:20:10.0656 4340 RpcEptMapper - ok
17:20:10.0686 4340 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:20:10.0688 4340 RpcLocator - ok
17:20:10.0717 4340 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:20:10.0722 4340 RpcSs - ok
17:20:10.0743 4340 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:20:10.0744 4340 rspndr - ok
17:20:10.0770 4340 RTL8167 (b15c021c2c9bb217a799d9532e8f04d4) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:20:10.0773 4340 RTL8167 - ok
17:20:10.0798 4340 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:20:10.0799 4340 SamSs - ok
17:20:10.0815 4340 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
17:20:10.0816 4340 sbp2port - ok
17:20:10.0840 4340 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:20:10.0843 4340 SCardSvr - ok
17:20:10.0856 4340 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
17:20:10.0857 4340 scfilter - ok
17:20:10.0898 4340 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
17:20:10.0908 4340 Schedule - ok
17:20:10.0943 4340 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:20:10.0944 4340 SCPolicySvc - ok
17:20:10.0965 4340 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
17:20:10.0971 4340 SDRSVC - ok
17:20:10.0984 4340 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:20:10.0985 4340 secdrv - ok
17:20:11.0010 4340 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
17:20:11.0012 4340 seclogon - ok
17:20:11.0025 4340 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:20:11.0027 4340 SENS - ok
17:20:11.0044 4340 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:20:11.0046 4340 SensrSvc - ok
17:20:11.0065 4340 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:20:11.0066 4340 Serenum - ok
17:20:11.0090 4340 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:20:11.0091 4340 Serial - ok
17:20:11.0122 4340 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:20:11.0123 4340 sermouse - ok
17:20:11.0164 4340 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
17:20:11.0166 4340 SessionEnv - ok
17:20:11.0182 4340 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:20:11.0183 4340 sffdisk - ok
17:20:11.0195 4340 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:20:11.0196 4340 sffp_mmc - ok
17:20:11.0216 4340 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:20:11.0217 4340 sffp_sd - ok
17:20:11.0243 4340 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:20:11.0244 4340 sfloppy - ok
17:20:11.0276 4340 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:20:11.0280 4340 SharedAccess - ok
17:20:11.0299 4340 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
17:20:11.0303 4340 ShellHWDetection - ok
17:20:11.0319 4340 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:20:11.0320 4340 SiSRaid2 - ok
17:20:11.0352 4340 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:20:11.0353 4340 SiSRaid4 - ok
17:20:11.0384 4340 SIVDRIVER (a0fd911feea045d4a4f5154666c76ec7) C:\Windows\system32\Drivers\SIVX64.sys
17:20:11.0385 4340 SIVDRIVER - ok
17:20:11.0399 4340 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:20:11.0400 4340 Smb - ok
17:20:11.0421 4340 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:20:11.0423 4340 SNMPTRAP - ok
17:20:11.0432 4340 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:20:11.0433 4340 spldr - ok
17:20:11.0463 4340 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
17:20:11.0469 4340 Spooler - ok
17:20:11.0557 4340 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
17:20:11.0582 4340 sppsvc - ok
17:20:11.0619 4340 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:20:11.0623 4340 sppuinotify - ok
17:20:11.0661 4340 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
17:20:11.0669 4340 srv - ok
17:20:11.0698 4340 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
17:20:11.0706 4340 srv2 - ok
17:20:11.0728 4340 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
17:20:11.0732 4340 srvnet - ok
17:20:11.0754 4340 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:20:11.0760 4340 SSDPSRV - ok
17:20:11.0777 4340 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:20:11.0782 4340 SstpSvc - ok
17:20:11.0824 4340 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:20:11.0826 4340 stexstor - ok
17:20:11.0861 4340 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
17:20:11.0874 4340 stisvc - ok
17:20:11.0890 4340 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:20:11.0891 4340 swenum - ok
17:20:11.0911 4340 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:20:11.0917 4340 swprv - ok
17:20:11.0957 4340 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
17:20:11.0971 4340 SysMain - ok
17:20:11.0987 4340 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
17:20:11.0988 4340 TabletInputService - ok
17:20:12.0036 4340 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
17:20:12.0044 4340 TapiSrv - ok
17:20:12.0063 4340 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:20:12.0065 4340 TBS - ok
17:20:12.0168 4340 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
17:20:12.0186 4340 Tcpip - ok
17:20:12.0228 4340 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
17:20:12.0239 4340 TCPIP6 - ok
17:20:12.0262 4340 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
17:20:12.0262 4340 tcpipreg - ok
17:20:12.0280 4340 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:20:12.0281 4340 TDPIPE - ok
17:20:12.0361 4340 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
17:20:12.0362 4340 TDTCP - ok
17:20:12.0385 4340 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
17:20:12.0388 4340 tdx - ok
17:20:12.0412 4340 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
17:20:12.0414 4340 TermDD - ok
17:20:12.0441 4340 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
17:20:12.0448 4340 TermService - ok
17:20:12.0462 4340 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:20:12.0464 4340 Themes - ok
17:20:12.0507 4340 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:20:12.0508 4340 THREADORDER - ok
17:20:12.0530 4340 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:20:12.0535 4340 TrkWks - ok
17:20:12.0562 4340 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
17:20:12.0565 4340 TrustedInstaller - ok
17:20:12.0585 4340 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:20:12.0586 4340 tssecsrv - ok
17:20:12.0604 4340 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
17:20:12.0606 4340 tunnel - ok
17:20:12.0625 4340 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:20:12.0626 4340 uagp35 - ok
17:20:12.0646 4340 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
17:20:12.0649 4340 udfs - ok
17:20:12.0669 4340 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:20:12.0671 4340 UI0Detect - ok
17:20:12.0706 4340 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:20:12.0707 4340 uliagpkx - ok
17:20:12.0716 4340 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
17:20:12.0717 4340 umbus - ok
17:20:12.0727 4340 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:20:12.0728 4340 UmPass - ok
17:20:12.0742 4340 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:20:12.0746 4340 upnphost - ok
17:20:12.0784 4340 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
17:20:12.0786 4340 usbccgp - ok
17:20:12.0809 4340 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
17:20:12.0812 4340 usbcir - ok
17:20:12.0834 4340 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
17:20:12.0836 4340 usbehci - ok
17:20:12.0859 4340 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
17:20:12.0861 4340 usbfilter - ok
17:20:12.0889 4340 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
17:20:12.0892 4340 usbhub - ok
17:20:12.0913 4340 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
17:20:12.0914 4340 usbohci - ok
17:20:12.0926 4340 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:20:12.0927 4340 usbprint - ok
17:20:12.0940 4340 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:20:12.0941 4340 usbscan - ok
17:20:12.0961 4340 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:20:12.0963 4340 USBSTOR - ok
17:20:12.0977 4340 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
17:20:12.0978 4340 usbuhci - ok
17:20:12.0992 4340 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:20:12.0994 4340 UxSms - ok
17:20:13.0037 4340 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:20:13.0040 4340 VaultSvc - ok
17:20:13.0064 4340 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:20:13.0066 4340 vdrvroot - ok
17:20:13.0099 4340 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
17:20:13.0110 4340 vds - ok
17:20:13.0135 4340 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:20:13.0137 4340 vga - ok
17:20:13.0179 4340 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:20:13.0181 4340 VgaSave - ok
17:20:13.0205 4340 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
17:20:13.0207 4340 vhdmp - ok
17:20:13.0224 4340 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
17:20:13.0225 4340 viaide - ok
17:20:13.0262 4340 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
17:20:13.0265 4340 volmgr - ok
17:20:13.0291 4340 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
17:20:13.0298 4340 volmgrx - ok
17:20:13.0317 4340 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
17:20:13.0321 4340 volsnap - ok
17:20:13.0345 4340 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:20:13.0347 4340 vsmraid - ok
17:20:13.0387 4340 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
17:20:13.0400 4340 VSS - ok
17:20:13.0409 4340 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:20:13.0410 4340 vwifibus - ok
17:20:13.0425 4340 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:20:13.0426 4340 vwififlt - ok
17:20:13.0438 4340 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:20:13.0438 4340 vwifimp - ok
17:20:13.0450 4340 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:20:13.0453 4340 W32Time - ok
17:20:13.0476 4340 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:20:13.0476 4340 WacomPen - ok
17:20:13.0494 4340 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:20:13.0495 4340 WANARP - ok
17:20:13.0499 4340 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:20:13.0500 4340 Wanarpv6 - ok
17:20:13.0539 4340 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:20:13.0545 4340 WatAdminSvc - ok
17:20:13.0613 4340 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
17:20:13.0628 4340 wbengine - ok
17:20:13.0654 4340 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:20:13.0658 4340 WbioSrvc - ok
17:20:13.0690 4340 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
17:20:13.0694 4340 wcncsvc - ok
17:20:13.0712 4340 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:20:13.0714 4340 WcsPlugInService - ok
17:20:13.0735 4340 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:20:13.0736 4340 Wd - ok
17:20:13.0763 4340 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:20:13.0769 4340 Wdf01000 - ok
17:20:13.0782 4340 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:20:13.0785 4340 WdiServiceHost - ok
17:20:13.0792 4340 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:20:13.0795 4340 WdiSystemHost - ok
17:20:13.0841 4340 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
17:20:13.0848 4340 WebClient - ok
17:20:13.0865 4340 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:20:13.0872 4340 Wecsvc - ok
17:20:13.0893 4340 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:20:13.0895 4340 wercplsupport - ok
17:20:13.0907 4340 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:20:13.0909 4340 WerSvc - ok
17:20:13.0925 4340 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:20:13.0926 4340 WfpLwf - ok
17:20:13.0968 4340 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:20:13.0969 4340 WIMMount - ok
17:20:14.0000 4340 WinDefend - ok
17:20:14.0008 4340 WinHttpAutoProxySvc - ok
17:20:14.0049 4340 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:20:14.0052 4340 Winmgmt - ok
17:20:14.0101 4340 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
17:20:14.0117 4340 WinRM - ok
17:20:14.0147 4340 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:20:14.0153 4340 Wlansvc - ok
17:20:14.0235 4340 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:20:14.0257 4340 wlidsvc - ok
17:20:14.0267 4340 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:20:14.0267 4340 WmiAcpi - ok
17:20:14.0284 4340 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:20:14.0286 4340 wmiApSrv - ok
17:20:14.0295 4340 WMPNetworkSvc - ok
17:20:14.0326 4340 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:20:14.0328 4340 WPCSvc - ok
17:20:14.0345 4340 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
17:20:14.0347 4340 WPDBusEnum - ok
17:20:14.0367 4340 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:20:14.0368 4340 ws2ifsl - ok
17:20:14.0392 4340 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
17:20:14.0394 4340 wscsvc - ok
17:20:14.0401 4340 WSearch - ok
17:20:14.0456 4340 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
17:20:14.0471 4340 wuauserv - ok
17:20:14.0488 4340 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
17:20:14.0489 4340 WudfPf - ok
17:20:14.0532 4340 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:20:14.0533 4340 WUDFRd - ok
17:20:14.0543 4340 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
17:20:14.0545 4340 wudfsvc - ok
17:20:14.0559 4340 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:20:14.0562 4340 WwanSvc - ok
17:20:14.0583 4340 MBR (0x1B8) (d3f3d406f47598575889aa4b8f8dd083) \Device\Harddisk0\DR0
17:20:14.0783 4340 \Device\Harddisk0\DR0 - ok
17:20:14.0791 4340 Boot (0x1200) (6a77ac194ac0b035dc34313033575c6f) \Device\Harddisk0\DR0\Partition0
17:20:14.0793 4340 \Device\Harddisk0\DR0\Partition0 - ok
17:20:14.0808 4340 Boot (0x1200) (1d9c33492d0e1e5ab12b72577abc5d1b) \Device\Harddisk0\DR0\Partition1
17:20:14.0811 4340 \Device\Harddisk0\DR0\Partition1 - ok
17:20:14.0839 4340 Boot (0x1200) (4fd9e226a9e5a524e0136d57c72fbf46) \Device\Harddisk0\DR0\Partition2
17:20:14.0840 4340 \Device\Harddisk0\DR0\Partition2 - ok
17:20:14.0841 4340 ============================================================
17:20:14.0841 4340 Scan finished
17:20:14.0841 4340 ============================================================
17:20:14.0851 4468 Detected object count: 0
17:20:14.0851 4468 Actual detected object count: 0

aswmbr

Copyright© 2011 AVAST Software
Run date: 2012-04-02 17:24:07
-----------------------------
17:24:07.979 OS Version: Windows x64 6.1.7600
17:24:07.979 Number of processors: 4 586 0x503
17:24:07.980 ComputerName: VICTOR030 UserName: Cos
17:24:09.462 Initialize success
17:24:51.934 AVAST engine defs: 12040201
17:25:11.784 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000058
17:25:11.789 Disk 0 Vendor: ST310005 HP35 Size: 953869MB BusType: 11
17:25:11.798 Disk 0 MBR read successfully
17:25:11.800 Disk 0 MBR scan
17:25:11.805 Disk 0 unknown MBR code
17:25:11.812 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 106 MB offset 2048
17:25:11.823 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 939818 MB offset 224910
17:25:11.853 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13939 MB offset 1924974592
17:25:11.900 Disk 0 scanning C:\Windows\system32\drivers
17:25:20.436 Service scanning
17:25:34.254 Modules scanning
17:25:34.272 Disk 0 trace - called modules:
17:25:34.314 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
17:25:34.324 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80046eb790]
17:25:34.336 3 CLASSPNP.SYS[fffff8800186143f] -> nt!IofCallDriver -> [0xfffffa80045bcac0]
17:25:34.348 5 amd_xata.sys[fffff88000e728b4] -> nt!IofCallDriver -> \Device\00000058[0xfffffa80045b58f0]
17:25:41.194 AVAST engine scan C:\Windows
17:25:43.824 AVAST engine scan C:\Windows\system32
17:28:40.478 AVAST engine scan C:\Windows\system32\drivers
17:28:50.707 AVAST engine scan C:\Users\Cos
17:29:38.957 File: C:\Users\Cos\AppData\Local\Temp\nsv1B35.tmp\tceskqa.dll **INFECTED** Win32:Trojan-gen
17:29:39.102 File: C:\Users\Cos\AppData\Local\Temp\nsv1B35.tmp\vmvsz.dll **INFECTED** Win32:Trojan-gen
17:29:48.287 File: C:\Users\Cos\AppData\Roaming\WildTangent\WildTangent\tceskqa.dll **INFECTED** Win32:Trojan-gen
17:30:19.474 AVAST engine scan C:\ProgramData
17:31:39.627 Scan finished successfully
17:40:14.793 Disk 0 MBR has been saved successfully to "C:\Users\Cos\Desktop\MBR.dat"
17:40:14.797 The log file has been saved successfully to "C:\Users\Cos\Desktop\aswMBRlog.txt"

Edited by hamluis, 02 April 2012 - 05:52 PM.
Moved from Win 7 to Am I Infected.


BC AdBot (Login to Remove)

 


#2 paice

paice
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 02 April 2012 - 05:54 PM

Damn. I'm sorry. It appears that I have already shown my moronic ways on the very first post.

I mistakenly put this thread in Windows 7 subdirectory. Rather than repeat it, gumming up the works, please move it to the proper place.

Thanks. Sorry again.

#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:51 PM

Posted 02 April 2012 - 09:48 PM

Ok,its moved now to Am I Infecred.

Let's double check. So we'll run a few.

Run TDSS like this.
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).




Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 paice

paice
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 03 April 2012 - 11:39 AM

TDSS

11:47:25.0113 4764 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
11:47:25.0362 4764 ============================================================
11:47:25.0362 4764 Current date / time: 2012/04/03 11:47:25.0362
11:47:25.0362 4764 SystemInfo:
11:47:25.0362 4764
11:47:25.0362 4764 OS Version: 6.1.7600 ServicePack: 0.0
11:47:25.0362 4764 Product type: Workstation
11:47:25.0363 4764 ComputerName: VICTOR030
11:47:25.0363 4764 UserName: Cos
11:47:25.0363 4764 Windows directory: C:\Windows
11:47:25.0363 4764 System windows directory: C:\Windows
11:47:25.0363 4764 Running under WOW64
11:47:25.0363 4764 Processor architecture: Intel x64
11:47:25.0363 4764 Number of processors: 4
11:47:25.0363 4764 Page size: 0x1000
11:47:25.0363 4764 Boot type: Normal boot
11:47:25.0363 4764 ============================================================
11:47:26.0419 4764 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:47:26.0448 4764 \Device\Harddisk0\DR0:
11:47:26.0459 4764 MBR used
11:47:26.0459 4764 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x35000
11:47:26.0459 4764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x36E8E, BlocksNum 0x72B95182
11:47:26.0459 4764 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72BCC800, BlocksNum 0x1B39DB0
11:47:26.0568 4764 Initialize success
11:47:26.0568 4764 ============================================================
11:47:43.0962 4696 ============================================================
11:47:43.0962 4696 Scan started
11:47:43.0962 4696 Mode: Manual; TDLFS;
11:47:43.0962 4696 ============================================================
11:47:44.0444 4696 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
11:47:44.0451 4696 1394ohci - ok
11:47:44.0482 4696 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
11:47:44.0491 4696 ACPI - ok
11:47:44.0513 4696 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:47:44.0516 4696 AcpiPmi - ok
11:47:44.0588 4696 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:47:44.0592 4696 AdobeARMservice - ok
11:47:44.0613 4696 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:47:44.0620 4696 adp94xx - ok
11:47:44.0639 4696 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:47:44.0644 4696 adpahci - ok
11:47:44.0654 4696 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:47:44.0657 4696 adpu320 - ok
11:47:44.0677 4696 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:47:44.0679 4696 AeLookupSvc - ok
11:47:44.0722 4696 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
11:47:44.0728 4696 AFD - ok
11:47:44.0737 4696 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:47:44.0739 4696 agp440 - ok
11:47:44.0753 4696 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:47:44.0755 4696 ALG - ok
11:47:44.0763 4696 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:47:44.0765 4696 aliide - ok
11:47:44.0797 4696 AMD External Events Utility (ca0d6c1390f4b3baf2a0a69d1a7f8332) C:\Windows\system32\atiesrxx.exe
11:47:44.0800 4696 AMD External Events Utility - ok
11:47:44.0808 4696 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:47:44.0810 4696 amdide - ok
11:47:44.0821 4696 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:47:44.0823 4696 AmdK8 - ok
11:47:44.0945 4696 amdkmdag (75e4baca583ae02c11e9ac8747e2abe0) C:\Windows\system32\DRIVERS\atikmdag.sys
11:47:45.0064 4696 amdkmdag - ok
11:47:45.0075 4696 amdkmdap (b765cf4b32f347be747b21ae22641025) C:\Windows\system32\DRIVERS\atikmpag.sys
11:47:45.0078 4696 amdkmdap - ok
11:47:45.0096 4696 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:47:45.0097 4696 AmdPPM - ok
11:47:45.0129 4696 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
11:47:45.0131 4696 amdsata - ok
11:47:45.0140 4696 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:47:45.0143 4696 amdsbs - ok
11:47:45.0156 4696 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
11:47:45.0156 4696 amdxata - ok
11:47:45.0177 4696 amd_sata (8a2b4818215d8a6ff54dc3f0d63cbb2d) C:\Windows\system32\DRIVERS\amd_sata.sys
11:47:45.0178 4696 amd_sata - ok
11:47:45.0187 4696 amd_xata (a2d8977623e13591b15f6370c6cc37b0) C:\Windows\system32\DRIVERS\amd_xata.sys
11:47:45.0188 4696 amd_xata - ok
11:47:45.0198 4696 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:47:45.0200 4696 AppID - ok
11:47:45.0216 4696 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:47:45.0217 4696 AppIDSvc - ok
11:47:45.0230 4696 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
11:47:45.0232 4696 Appinfo - ok
11:47:45.0250 4696 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:47:45.0252 4696 arc - ok
11:47:45.0260 4696 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:47:45.0262 4696 arcsas - ok
11:47:45.0277 4696 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:47:45.0278 4696 AsyncMac - ok
11:47:45.0288 4696 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:47:45.0290 4696 atapi - ok
11:47:45.0327 4696 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
11:47:45.0328 4696 AtiPcie - ok
11:47:45.0358 4696 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:47:45.0365 4696 AudioEndpointBuilder - ok
11:47:45.0375 4696 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:47:45.0379 4696 AudioSrv - ok
11:47:45.0545 4696 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:47:45.0614 4696 AVGIDSAgent - ok
11:47:45.0641 4696 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
11:47:45.0644 4696 AVGIDSDriver - ok
11:47:45.0656 4696 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
11:47:45.0657 4696 AVGIDSEH - ok
11:47:45.0667 4696 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
11:47:45.0668 4696 AVGIDSFilter - ok
11:47:45.0696 4696 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
11:47:45.0699 4696 Avgldx64 - ok
11:47:45.0717 4696 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
11:47:45.0718 4696 Avgmfx64 - ok
11:47:45.0759 4696 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
11:47:45.0762 4696 Avgrkx64 - ok
11:47:45.0786 4696 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
11:47:45.0791 4696 Avgtdia - ok
11:47:45.0822 4696 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:47:45.0825 4696 avgwd - ok
11:47:45.0852 4696 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
11:47:45.0855 4696 AxInstSV - ok
11:47:45.0889 4696 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:47:45.0895 4696 b06bdrv - ok
11:47:45.0915 4696 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:47:45.0919 4696 b57nd60a - ok
11:47:45.0939 4696 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:47:45.0942 4696 BDESVC - ok
11:47:45.0961 4696 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:47:45.0962 4696 Beep - ok
11:47:45.0995 4696 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
11:47:46.0001 4696 BFE - ok
11:47:46.0035 4696 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
11:47:46.0044 4696 BITS - ok
11:47:46.0059 4696 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:47:46.0060 4696 blbdrive - ok
11:47:46.0087 4696 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
11:47:46.0089 4696 bowser - ok
11:47:46.0105 4696 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:47:46.0106 4696 BrFiltLo - ok
11:47:46.0113 4696 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:47:46.0115 4696 BrFiltUp - ok
11:47:46.0133 4696 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
11:47:46.0136 4696 Browser - ok
11:47:46.0146 4696 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:47:46.0150 4696 Brserid - ok
11:47:46.0157 4696 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:47:46.0159 4696 BrSerWdm - ok
11:47:46.0166 4696 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:47:46.0168 4696 BrUsbMdm - ok
11:47:46.0176 4696 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:47:46.0177 4696 BrUsbSer - ok
11:47:46.0189 4696 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:47:46.0193 4696 BTHMODEM - ok
11:47:46.0212 4696 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:47:46.0214 4696 bthserv - ok
11:47:46.0222 4696 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:47:46.0224 4696 cdfs - ok
11:47:46.0243 4696 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:47:46.0245 4696 cdrom - ok
11:47:46.0263 4696 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:47:46.0265 4696 CertPropSvc - ok
11:47:46.0272 4696 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:47:46.0274 4696 circlass - ok
11:47:46.0293 4696 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:47:46.0297 4696 CLFS - ok
11:47:46.0343 4696 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:47:46.0345 4696 clr_optimization_v2.0.50727_32 - ok
11:47:46.0363 4696 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:47:46.0367 4696 clr_optimization_v2.0.50727_64 - ok
11:47:46.0434 4696 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:47:46.0437 4696 clr_optimization_v4.0.30319_32 - ok
11:47:46.0465 4696 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:47:46.0469 4696 clr_optimization_v4.0.30319_64 - ok
11:47:46.0478 4696 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:47:46.0480 4696 CmBatt - ok
11:47:46.0488 4696 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:47:46.0490 4696 cmdide - ok
11:47:46.0532 4696 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
11:47:46.0543 4696 CNG - ok
11:47:46.0555 4696 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:47:46.0558 4696 Compbatt - ok
11:47:46.0578 4696 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:47:46.0580 4696 CompositeBus - ok
11:47:46.0587 4696 COMSysApp - ok
11:47:46.0605 4696 CpqDfw (a398ed024f739e7be74ecffa8a713a89) C:\Windows\system32\drivers\CpqDfw.sys
11:47:46.0606 4696 CpqDfw - ok
11:47:46.0625 4696 cqcpu (10fb0ff62af6262bf88e3607e2ae2a69) C:\Windows\system32\drivers\cqcpu.sys
11:47:46.0627 4696 cqcpu - ok
11:47:46.0635 4696 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:47:46.0637 4696 crcdisk - ok
11:47:46.0658 4696 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
11:47:46.0662 4696 CryptSvc - ok
11:47:46.0695 4696 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:47:46.0702 4696 DcomLaunch - ok
11:47:46.0729 4696 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:47:46.0734 4696 defragsvc - ok
11:47:46.0758 4696 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
11:47:46.0761 4696 DfsC - ok
11:47:46.0779 4696 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
11:47:46.0783 4696 Dhcp - ok
11:47:46.0796 4696 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:47:46.0797 4696 discache - ok
11:47:46.0828 4696 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:47:46.0830 4696 Disk - ok
11:47:46.0857 4696 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
11:47:46.0860 4696 Dnscache - ok
11:47:46.0879 4696 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
11:47:46.0882 4696 dot3svc - ok
11:47:46.0897 4696 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
11:47:46.0899 4696 DPS - ok
11:47:46.0911 4696 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:47:46.0912 4696 drmkaud - ok
11:47:46.0966 4696 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
11:47:46.0975 4696 DXGKrnl - ok
11:47:46.0994 4696 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:47:46.0996 4696 EapHost - ok
11:47:47.0079 4696 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:47:47.0139 4696 ebdrv - ok
11:47:47.0166 4696 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
11:47:47.0169 4696 EFS - ok
11:47:47.0219 4696 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
11:47:47.0228 4696 ehRecvr - ok
11:47:47.0248 4696 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:47:47.0251 4696 ehSched - ok
11:47:47.0279 4696 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:47:47.0286 4696 elxstor - ok
11:47:47.0294 4696 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:47:47.0296 4696 ErrDev - ok
11:47:47.0334 4696 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:47:47.0341 4696 EventSystem - ok
11:47:47.0351 4696 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:47:47.0355 4696 exfat - ok
11:47:47.0376 4696 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:47:47.0380 4696 fastfat - ok
11:47:47.0415 4696 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
11:47:47.0425 4696 Fax - ok
11:47:47.0434 4696 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:47:47.0435 4696 fdc - ok
11:47:47.0452 4696 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:47:47.0454 4696 fdPHost - ok
11:47:47.0473 4696 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:47:47.0475 4696 FDResPub - ok
11:47:47.0487 4696 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:47:47.0489 4696 FileInfo - ok
11:47:47.0506 4696 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:47:47.0508 4696 Filetrace - ok
11:47:47.0517 4696 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:47:47.0519 4696 flpydisk - ok
11:47:47.0550 4696 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:47:47.0553 4696 FltMgr - ok
11:47:47.0583 4696 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
11:47:47.0609 4696 FontCache - ok
11:47:47.0651 4696 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:47:47.0653 4696 FontCache3.0.0.0 - ok
11:47:47.0673 4696 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:47:47.0676 4696 FsDepends - ok
11:47:47.0688 4696 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:47:47.0690 4696 Fs_Rec - ok
11:47:47.0719 4696 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:47:47.0723 4696 fvevol - ok
11:47:47.0738 4696 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:47:47.0740 4696 gagp30kx - ok
11:47:47.0816 4696 GameConsoleService (d154305de6090e6e84e525f84bb08a06) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
11:47:47.0822 4696 GameConsoleService - ok
11:47:47.0860 4696 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
11:47:47.0878 4696 gpsvc - ok
11:47:47.0941 4696 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:47.0942 4696 gupdate - ok
11:47:47.0953 4696 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:47:47.0955 4696 gupdatem - ok
11:47:47.0986 4696 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:47:47.0989 4696 gusvc - ok
11:47:48.0008 4696 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:47:48.0010 4696 hcw85cir - ok
11:47:48.0075 4696 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
11:47:48.0084 4696 HdAudAddService - ok
11:47:48.0118 4696 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:47:48.0123 4696 HDAudBus - ok
11:47:48.0135 4696 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:47:48.0138 4696 HidBatt - ok
11:47:48.0151 4696 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:47:48.0154 4696 HidBth - ok
11:47:48.0163 4696 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:47:48.0165 4696 HidIr - ok
11:47:48.0179 4696 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:47:48.0181 4696 hidserv - ok
11:47:48.0196 4696 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:47:48.0198 4696 HidUsb - ok
11:47:48.0212 4696 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
11:47:48.0215 4696 hkmsvc - ok
11:47:48.0236 4696 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
11:47:48.0239 4696 HomeGroupListener - ok
11:47:48.0264 4696 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
11:47:48.0268 4696 HomeGroupProvider - ok
11:47:48.0309 4696 HP Health Check Service (37965381364b2e106e1dd7d74cdcaa43) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
11:47:48.0313 4696 HP Health Check Service - ok
11:47:48.0350 4696 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
11:47:48.0357 4696 HPClientSvc - ok
11:47:48.0398 4696 HPDrvMntSvc.exe (a48a151d3fa7cb032a51453f087221c7) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:47:48.0402 4696 HPDrvMntSvc.exe - ok
11:47:48.0425 4696 hpqwmiex (71bd8a611e0677175d3938c9cea7339a) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
11:47:48.0434 4696 hpqwmiex - ok
11:47:48.0456 4696 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:47:48.0459 4696 HpSAMD - ok
11:47:48.0490 4696 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
11:47:48.0492 4696 HTCAND64 - ok
11:47:48.0527 4696 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
11:47:48.0570 4696 htcnprot - ok
11:47:48.0722 4696 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:47:48.0737 4696 HTTP - ok
11:47:48.0759 4696 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:47:48.0761 4696 hwpolicy - ok
11:47:48.0780 4696 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:47:48.0783 4696 i8042prt - ok
11:47:48.0815 4696 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
11:47:48.0821 4696 iaStorV - ok
11:47:48.0856 4696 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:47:48.0866 4696 idsvc - ok
11:47:48.0883 4696 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:47:48.0885 4696 iirsp - ok
11:47:48.0921 4696 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
11:47:48.0931 4696 IKEEXT - ok
11:47:48.0990 4696 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
11:47:49.0053 4696 IntcAzAudAddService - ok
11:47:49.0062 4696 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:47:49.0064 4696 intelide - ok
11:47:49.0074 4696 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:47:49.0076 4696 intelppm - ok
11:47:49.0100 4696 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:47:49.0104 4696 IPBusEnum - ok
11:47:49.0113 4696 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:47:49.0115 4696 IpFilterDriver - ok
11:47:49.0136 4696 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
11:47:49.0144 4696 iphlpsvc - ok
11:47:49.0153 4696 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:47:49.0155 4696 IPMIDRV - ok
11:47:49.0175 4696 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:47:49.0178 4696 IPNAT - ok
11:47:49.0193 4696 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:47:49.0196 4696 IRENUM - ok
11:47:49.0204 4696 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:47:49.0206 4696 isapnp - ok
11:47:49.0224 4696 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:47:49.0227 4696 iScsiPrt - ok
11:47:49.0256 4696 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:47:49.0258 4696 kbdclass - ok
11:47:49.0269 4696 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:47:49.0271 4696 kbdhid - ok
11:47:49.0297 4696 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:47:49.0299 4696 KeyIso - ok
11:47:49.0324 4696 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
11:47:49.0327 4696 KSecDD - ok
11:47:49.0363 4696 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
11:47:49.0368 4696 KSecPkg - ok
11:47:49.0381 4696 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:47:49.0384 4696 ksthunk - ok
11:47:49.0417 4696 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:47:49.0424 4696 KtmRm - ok
11:47:49.0454 4696 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
11:47:49.0459 4696 LanmanServer - ok
11:47:49.0482 4696 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
11:47:49.0486 4696 LanmanWorkstation - ok
11:47:49.0531 4696 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:47:49.0535 4696 LightScribeService - ok
11:47:49.0558 4696 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:47:49.0562 4696 lltdio - ok
11:47:49.0599 4696 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:47:49.0609 4696 lltdsvc - ok
11:47:49.0638 4696 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:47:49.0642 4696 lmhosts - ok
11:47:49.0668 4696 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:47:49.0673 4696 LSI_FC - ok
11:47:49.0684 4696 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:47:49.0687 4696 LSI_SAS - ok
11:47:49.0696 4696 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:47:49.0698 4696 LSI_SAS2 - ok
11:47:49.0708 4696 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:47:49.0711 4696 LSI_SCSI - ok
11:47:49.0732 4696 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:47:49.0734 4696 luafv - ok
11:47:49.0751 4696 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
11:47:49.0753 4696 Mcx2Svc - ok
11:47:49.0766 4696 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:47:49.0768 4696 megasas - ok
11:47:49.0788 4696 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:47:49.0797 4696 MegaSR - ok
11:47:49.0861 4696 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:47:49.0865 4696 Microsoft Office Groove Audit Service - ok
11:47:49.0899 4696 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:47:49.0904 4696 MMCSS - ok
11:47:49.0917 4696 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:47:49.0920 4696 Modem - ok
11:47:49.0940 4696 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:47:49.0942 4696 monitor - ok
11:47:49.0956 4696 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:47:49.0958 4696 mouclass - ok
11:47:49.0985 4696 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:47:49.0986 4696 mouhid - ok
11:47:50.0001 4696 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:47:50.0002 4696 mountmgr - ok
11:47:50.0021 4696 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:47:50.0024 4696 mpio - ok
11:47:50.0038 4696 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:47:50.0040 4696 mpsdrv - ok
11:47:50.0069 4696 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
11:47:50.0077 4696 MpsSvc - ok
11:47:50.0097 4696 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:47:50.0100 4696 MRxDAV - ok
11:47:50.0128 4696 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:47:50.0130 4696 mrxsmb - ok
11:47:50.0162 4696 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:47:50.0166 4696 mrxsmb10 - ok
11:47:50.0178 4696 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:47:50.0181 4696 mrxsmb20 - ok
11:47:50.0197 4696 msahci (2ba4ff3d5eb68587dd662a896f649c7d) C:\Windows\system32\DRIVERS\msahci.sys
11:47:50.0199 4696 msahci - ok
11:47:50.0217 4696 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:47:50.0220 4696 msdsm - ok
11:47:50.0266 4696 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:47:50.0269 4696 MSDTC - ok
11:47:50.0322 4696 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:47:50.0325 4696 Msfs - ok
11:47:50.0358 4696 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:47:50.0361 4696 mshidkmdf - ok
11:47:50.0381 4696 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:47:50.0385 4696 msisadrv - ok
11:47:50.0414 4696 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:47:50.0421 4696 MSiSCSI - ok
11:47:50.0431 4696 msiserver - ok
11:47:50.0465 4696 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:47:50.0467 4696 MSKSSRV - ok
11:47:50.0484 4696 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:47:50.0486 4696 MSPCLOCK - ok
11:47:50.0498 4696 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:47:50.0500 4696 MSPQM - ok
11:47:50.0526 4696 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:47:50.0531 4696 MsRPC - ok
11:47:50.0552 4696 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:47:50.0554 4696 mssmbios - ok
11:47:50.0572 4696 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:47:50.0574 4696 MSTEE - ok
11:47:50.0587 4696 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:47:50.0589 4696 MTConfig - ok
11:47:50.0609 4696 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:47:50.0612 4696 Mup - ok
11:47:50.0640 4696 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
11:47:50.0647 4696 napagent - ok
11:47:50.0697 4696 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:47:50.0705 4696 NativeWifiP - ok
11:47:50.0741 4696 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:47:50.0752 4696 NDIS - ok
11:47:50.0768 4696 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:47:50.0770 4696 NdisCap - ok
11:47:50.0798 4696 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:47:50.0801 4696 NdisTapi - ok
11:47:50.0819 4696 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:47:50.0821 4696 Ndisuio - ok
11:47:50.0841 4696 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:47:50.0844 4696 NdisWan - ok
11:47:50.0863 4696 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:47:50.0866 4696 NDProxy - ok
11:47:50.0878 4696 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:47:50.0880 4696 NetBIOS - ok
11:47:50.0903 4696 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:47:50.0907 4696 NetBT - ok
11:47:50.0930 4696 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:47:50.0931 4696 Netlogon - ok
11:47:50.0956 4696 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:47:50.0961 4696 Netman - ok
11:47:50.0987 4696 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:47:50.0993 4696 netprofm - ok
11:47:51.0031 4696 netr28x (1982b291df9833fb3adc397ebd310a18) C:\Windows\system32\DRIVERS\netr28x.sys
11:47:51.0040 4696 netr28x - ok
11:47:51.0083 4696 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:47:51.0085 4696 NetTcpPortSharing - ok
11:47:51.0103 4696 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:47:51.0105 4696 nfrd960 - ok
11:47:51.0127 4696 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
11:47:51.0131 4696 NlaSvc - ok
11:47:51.0140 4696 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:47:51.0141 4696 Npfs - ok
11:47:51.0168 4696 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:47:51.0170 4696 nsi - ok
11:47:51.0185 4696 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:47:51.0187 4696 nsiproxy - ok
11:47:51.0240 4696 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
11:47:51.0266 4696 Ntfs - ok
11:47:51.0281 4696 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:47:51.0282 4696 Null - ok
11:47:51.0311 4696 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
11:47:51.0313 4696 nvraid - ok
11:47:51.0327 4696 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
11:47:51.0329 4696 nvstor - ok
11:47:51.0363 4696 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:47:51.0368 4696 nv_agp - ok
11:47:51.0453 4696 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:47:51.0464 4696 odserv - ok
11:47:51.0487 4696 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:47:51.0489 4696 ohci1394 - ok
11:47:51.0551 4696 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:47:51.0556 4696 ose - ok
11:47:51.0589 4696 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:47:51.0595 4696 p2pimsvc - ok
11:47:51.0645 4696 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:47:51.0659 4696 p2psvc - ok
11:47:51.0692 4696 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:47:51.0697 4696 Parport - ok
11:47:51.0716 4696 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
11:47:51.0721 4696 partmgr - ok
11:47:51.0769 4696 PassThru Service (68139940b5ac84affb7eb1b713be66e7) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
11:47:51.0772 4696 PassThru Service - ok
11:47:51.0789 4696 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:47:51.0797 4696 PcaSvc - ok
11:47:51.0821 4696 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:47:51.0824 4696 pci - ok
11:47:51.0844 4696 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:47:51.0846 4696 pciide - ok
11:47:51.0868 4696 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:47:51.0872 4696 pcmcia - ok
11:47:51.0888 4696 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:47:51.0892 4696 pcw - ok
11:47:51.0942 4696 pdfcDispatcher - ok
11:47:51.0970 4696 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:47:51.0977 4696 PEAUTH - ok
11:47:52.0012 4696 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:47:52.0013 4696 PerfHost - ok
11:47:52.0073 4696 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
11:47:52.0099 4696 pla - ok
11:47:52.0145 4696 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
11:47:52.0158 4696 PlugPlay - ok
11:47:52.0174 4696 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:47:52.0177 4696 PNRPAutoReg - ok
11:47:52.0197 4696 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:47:52.0202 4696 PNRPsvc - ok
11:47:52.0231 4696 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
11:47:52.0238 4696 PolicyAgent - ok
11:47:52.0265 4696 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:47:52.0270 4696 Power - ok
11:47:52.0297 4696 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:47:52.0301 4696 PptpMiniport - ok
11:47:52.0318 4696 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:47:52.0321 4696 Processor - ok
11:47:52.0345 4696 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
11:47:52.0349 4696 ProfSvc - ok
11:47:52.0378 4696 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:47:52.0380 4696 ProtectedStorage - ok
11:47:52.0396 4696 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:47:52.0399 4696 Psched - ok
11:47:52.0440 4696 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:47:52.0466 4696 ql2300 - ok
11:47:52.0489 4696 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:47:52.0494 4696 ql40xx - ok
11:47:52.0514 4696 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:47:52.0519 4696 QWAVE - ok
11:47:52.0533 4696 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:47:52.0536 4696 QWAVEdrv - ok
11:47:52.0554 4696 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:47:52.0556 4696 RasAcd - ok
11:47:52.0577 4696 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:47:52.0579 4696 RasAgileVpn - ok
11:47:52.0595 4696 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:47:52.0599 4696 RasAuto - ok
11:47:52.0617 4696 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:47:52.0620 4696 Rasl2tp - ok
11:47:52.0637 4696 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
11:47:52.0644 4696 RasMan - ok
11:47:52.0658 4696 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:47:52.0661 4696 RasPppoe - ok
11:47:52.0677 4696 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:47:52.0680 4696 RasSstp - ok
11:47:52.0696 4696 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:47:52.0701 4696 rdbss - ok
11:47:52.0719 4696 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:47:52.0721 4696 rdpbus - ok
11:47:52.0742 4696 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:47:52.0744 4696 RDPCDD - ok
11:47:52.0756 4696 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:47:52.0758 4696 RDPENCDD - ok
11:47:52.0783 4696 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:47:52.0785 4696 RDPREFMP - ok
11:47:52.0820 4696 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
11:47:52.0824 4696 RDPWD - ok
11:47:52.0836 4696 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:47:52.0840 4696 rdyboost - ok
11:47:52.0868 4696 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:47:52.0876 4696 RemoteAccess - ok
11:47:52.0913 4696 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:47:52.0917 4696 RemoteRegistry - ok
11:47:52.0977 4696 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
11:47:52.0981 4696 RoxioNow Service - ok
11:47:53.0013 4696 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:47:53.0016 4696 RpcEptMapper - ok
11:47:53.0040 4696 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:47:53.0042 4696 RpcLocator - ok
11:47:53.0062 4696 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:47:53.0066 4696 RpcSs - ok
11:47:53.0081 4696 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:47:53.0083 4696 rspndr - ok
11:47:53.0107 4696 RTL8167 (b15c021c2c9bb217a799d9532e8f04d4) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:47:53.0111 4696 RTL8167 - ok
11:47:53.0136 4696 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:47:53.0137 4696 SamSs - ok
11:47:53.0152 4696 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:47:53.0155 4696 sbp2port - ok
11:47:53.0178 4696 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:47:53.0182 4696 SCardSvr - ok
11:47:53.0194 4696 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:47:53.0196 4696 scfilter - ok
11:47:53.0242 4696 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
11:47:53.0268 4696 Schedule - ok
11:47:53.0289 4696 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:47:53.0290 4696 SCPolicySvc - ok
11:47:53.0310 4696 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
11:47:53.0313 4696 SDRSVC - ok
11:47:53.0321 4696 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:47:53.0322 4696 secdrv - ok
11:47:53.0340 4696 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
11:47:53.0342 4696 seclogon - ok
11:47:53.0371 4696 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:47:53.0377 4696 SENS - ok
11:47:53.0399 4696 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:47:53.0405 4696 SensrSvc - ok
11:47:53.0436 4696 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:47:53.0440 4696 Serenum - ok
11:47:53.0461 4696 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:47:53.0466 4696 Serial - ok
11:47:53.0488 4696 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:47:53.0492 4696 sermouse - ok
11:47:53.0527 4696 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
11:47:53.0531 4696 SessionEnv - ok
11:47:53.0545 4696 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:47:53.0547 4696 sffdisk - ok
11:47:53.0566 4696 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:47:53.0568 4696 sffp_mmc - ok
11:47:53.0587 4696 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:47:53.0589 4696 sffp_sd - ok
11:47:53.0606 4696 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:47:53.0608 4696 sfloppy - ok
11:47:53.0647 4696 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:47:53.0653 4696 SharedAccess - ok
11:47:53.0687 4696 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
11:47:53.0693 4696 ShellHWDetection - ok
11:47:53.0723 4696 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:47:53.0726 4696 SiSRaid2 - ok
11:47:53.0748 4696 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:47:53.0750 4696 SiSRaid4 - ok
11:47:53.0780 4696 SIVDRIVER (a0fd911feea045d4a4f5154666c76ec7) C:\Windows\system32\Drivers\SIVX64.sys
11:47:53.0782 4696 SIVDRIVER - ok
11:47:53.0811 4696 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:47:53.0814 4696 Smb - ok
11:47:53.0842 4696 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:47:53.0845 4696 SNMPTRAP - ok
11:47:53.0865 4696 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:47:53.0867 4696 spldr - ok
11:47:53.0893 4696 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
11:47:53.0901 4696 Spooler - ok
11:47:53.0977 4696 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
11:47:54.0035 4696 sppsvc - ok
11:47:54.0047 4696 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:47:54.0050 4696 sppuinotify - ok
11:47:54.0086 4696 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
11:47:54.0095 4696 srv - ok
11:47:54.0120 4696 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
11:47:54.0130 4696 srv2 - ok
11:47:54.0158 4696 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
11:47:54.0164 4696 srvnet - ok
11:47:54.0194 4696 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:47:54.0204 4696 SSDPSRV - ok
11:47:54.0223 4696 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:47:54.0227 4696 SstpSvc - ok
11:47:54.0245 4696 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:47:54.0247 4696 stexstor - ok
11:47:54.0287 4696 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
11:47:54.0296 4696 stisvc - ok
11:47:54.0311 4696 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:47:54.0313 4696 swenum - ok
11:47:54.0332 4696 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:47:54.0340 4696 swprv - ok
11:47:54.0395 4696 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
11:47:54.0429 4696 SysMain - ok
11:47:54.0450 4696 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
11:47:54.0454 4696 TabletInputService - ok
11:47:54.0471 4696 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
11:47:54.0478 4696 TapiSrv - ok
11:47:54.0501 4696 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:47:54.0504 4696 TBS - ok
11:47:54.0560 4696 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
11:47:54.0596 4696 Tcpip - ok
11:47:54.0662 4696 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
11:47:54.0676 4696 TCPIP6 - ok
11:47:54.0699 4696 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:47:54.0701 4696 tcpipreg - ok
11:47:54.0726 4696 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:47:54.0728 4696 TDPIPE - ok
11:47:54.0756 4696 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
11:47:54.0758 4696 TDTCP - ok
11:47:54.0781 4696 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:47:54.0786 4696 tdx - ok
11:47:54.0808 4696 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:47:54.0813 4696 TermDD - ok
11:47:54.0859 4696 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
11:47:54.0877 4696 TermService - ok
11:47:54.0900 4696 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:47:54.0906 4696 Themes - ok
11:47:54.0936 4696 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:47:54.0941 4696 THREADORDER - ok
11:47:54.0967 4696 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:47:54.0971 4696 TrkWks - ok
11:47:55.0006 4696 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
11:47:55.0009 4696 TrustedInstaller - ok
11:47:55.0031 4696 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:47:55.0033 4696 tssecsrv - ok
11:47:55.0058 4696 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:47:55.0062 4696 tunnel - ok
11:47:55.0096 4696 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:47:55.0099 4696 uagp35 - ok
11:47:55.0117 4696 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
11:47:55.0120 4696 udfs - ok
11:47:55.0148 4696 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:47:55.0151 4696 UI0Detect - ok
11:47:55.0168 4696 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:47:55.0170 4696 uliagpkx - ok
11:47:55.0179 4696 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:47:55.0180 4696 umbus - ok
11:47:55.0198 4696 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:47:55.0199 4696 UmPass - ok
11:47:55.0220 4696 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:47:55.0225 4696 upnphost - ok
11:47:55.0243 4696 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
11:47:55.0245 4696 usbccgp - ok
11:47:55.0262 4696 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:47:55.0264 4696 usbcir - ok
11:47:55.0280 4696 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
11:47:55.0282 4696 usbehci - ok
11:47:55.0304 4696 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
11:47:55.0306 4696 usbfilter - ok
11:47:55.0326 4696 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
11:47:55.0331 4696 usbhub - ok
11:47:55.0342 4696 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys
11:47:55.0343 4696 usbohci - ok
11:47:55.0352 4696 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:47:55.0353 4696 usbprint - ok
11:47:55.0369 4696 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:47:55.0371 4696 usbscan - ok
11:47:55.0382 4696 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:47:55.0384 4696 USBSTOR - ok
11:47:55.0398 4696 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
11:47:55.0399 4696 usbuhci - ok
11:47:55.0422 4696 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:47:55.0424 4696 UxSms - ok
11:47:55.0450 4696 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:47:55.0453 4696 VaultSvc - ok
11:47:55.0477 4696 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:47:55.0479 4696 vdrvroot - ok
11:47:55.0500 4696 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
11:47:55.0509 4696 vds - ok
11:47:55.0523 4696 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:47:55.0525 4696 vga - ok
11:47:55.0542 4696 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:47:55.0548 4696 VgaSave - ok
11:47:55.0584 4696 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:47:55.0588 4696 vhdmp - ok
11:47:55.0604 4696 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:47:55.0605 4696 viaide - ok
11:47:55.0624 4696 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:47:55.0627 4696 volmgr - ok
11:47:55.0651 4696 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:47:55.0656 4696 volmgrx - ok
11:47:55.0669 4696 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:47:55.0674 4696 volsnap - ok
11:47:55.0708 4696 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:47:55.0711 4696 vsmraid - ok
11:47:55.0758 4696 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
11:47:55.0794 4696 VSS - ok
11:47:55.0813 4696 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:47:55.0815 4696 vwifibus - ok
11:47:55.0846 4696 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:47:55.0850 4696 vwififlt - ok
11:47:55.0876 4696 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:47:55.0880 4696 vwifimp - ok
11:47:55.0900 4696 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:47:55.0913 4696 W32Time - ok
11:47:55.0938 4696 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:47:55.0940 4696 WacomPen - ok
11:47:55.0957 4696 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:47:55.0960 4696 WANARP - ok
11:47:55.0965 4696 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:47:55.0967 4696 Wanarpv6 - ok
11:47:56.0014 4696 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:47:56.0040 4696 WatAdminSvc - ok
11:47:56.0072 4696 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
11:47:56.0097 4696 wbengine - ok
11:47:56.0116 4696 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:47:56.0120 4696 WbioSrvc - ok
11:47:56.0152 4696 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
11:47:56.0157 4696 wcncsvc - ok
11:47:56.0175 4696 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:47:56.0177 4696 WcsPlugInService - ok
11:47:56.0189 4696 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:47:56.0192 4696 Wd - ok
11:47:56.0216 4696 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:47:56.0223 4696 Wdf01000 - ok
11:47:56.0236 4696 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:47:56.0239 4696 WdiServiceHost - ok
11:47:56.0243 4696 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:47:56.0245 4696 WdiSystemHost - ok
11:47:56.0276 4696 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
11:47:56.0282 4696 WebClient - ok
11:47:56.0299 4696 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:47:56.0309 4696 Wecsvc - ok
11:47:56.0330 4696 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:47:56.0335 4696 wercplsupport - ok
11:47:56.0361 4696 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:47:56.0365 4696 WerSvc - ok
11:47:56.0379 4696 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:47:56.0381 4696 WfpLwf - ok
11:47:56.0398 4696 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:47:56.0401 4696 WIMMount - ok
11:47:56.0429 4696 WinDefend - ok
11:47:56.0445 4696 WinHttpAutoProxySvc - ok
11:47:56.0487 4696 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:47:56.0491 4696 Winmgmt - ok
11:47:56.0539 4696 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
11:47:56.0583 4696 WinRM - ok
11:47:56.0620 4696 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:47:56.0633 4696 Wlansvc - ok
11:47:56.0715 4696 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:47:56.0738 4696 wlidsvc - ok
11:47:56.0765 4696 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:47:56.0766 4696 WmiAcpi - ok
11:47:56.0788 4696 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:47:56.0792 4696 wmiApSrv - ok
11:47:56.0800 4696 WMPNetworkSvc - ok
11:47:56.0810 4696 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:47:56.0813 4696 WPCSvc - ok
11:47:56.0832 4696 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
11:47:56.0836 4696 WPDBusEnum - ok
11:47:56.0855 4696 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:47:56.0857 4696 ws2ifsl - ok
11:47:56.0888 4696 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
11:47:56.0892 4696 wscsvc - ok
11:47:56.0899 4696 WSearch - ok
11:47:56.0970 4696 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
11:47:57.0013 4696 wuauserv - ok
11:47:57.0034 4696 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
11:47:57.0036 4696 WudfPf - ok
11:47:57.0053 4696 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:47:57.0056 4696 WUDFRd - ok
11:47:57.0072 4696 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
11:47:57.0075 4696 wudfsvc - ok
11:47:57.0097 4696 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:47:57.0101 4696 WwanSvc - ok
11:47:57.0145 4696 MBR (0x1B8) (d3f3d406f47598575889aa4b8f8dd083) \Device\Harddisk0\DR0
11:47:57.0350 4696 \Device\Harddisk0\DR0 - ok
11:47:57.0357 4696 Boot (0x1200) (6a77ac194ac0b035dc34313033575c6f) \Device\Harddisk0\DR0\Partition0
11:47:57.0359 4696 \Device\Harddisk0\DR0\Partition0 - ok
11:47:57.0396 4696 Boot (0x1200) (1d9c33492d0e1e5ab12b72577abc5d1b) \Device\Harddisk0\DR0\Partition1
11:47:57.0398 4696 \Device\Harddisk0\DR0\Partition1 - ok
11:47:57.0426 4696 Boot (0x1200) (4fd9e226a9e5a524e0136d57c72fbf46) \Device\Harddisk0\DR0\Partition2
11:47:57.0429 4696 \Device\Harddisk0\DR0\Partition2 - ok
11:47:57.0430 4696 ============================================================
11:47:57.0430 4696 Scan finished
11:47:57.0430 4696 ============================================================
11:47:57.0452 0992 Detected object count: 0
11:47:57.0452 0992 Actual detected object count: 0

* There was no need to reboot for the TDSS scan


Today's MBAM scan

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.03.08

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Cos :: VICTOR030 [administrator]

4/3/2012 12:09:43 PM
mbam-log-2012-04-03 (12-09-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 203267
Time elapsed: 1 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Cos\AppData\Local\Temp\arg24857.exe (Trojan.Tracur) -> Quarantined and deleted successfully.

(end)

* I DID have to reboot after the Malwarebytes scan *
* Just an FYI, yesterday's Malwarebytes scan (from a version already on my pc, not renamed before downloading, came back with 3 hits that were removed. I wrote them down and retyped below (forgive me if I missed a character or two)

Memory Modules Detected = 1
C:\users\cos\AppData\Roaming\wildtangent\wildtangent\vmvs2.dll Trojan.agent.GMAGen (delete on reboot)

Registry Values Detected = 1
HKCV\SOFTWARE\MICROSOFT\Windows\Current version\Run\Update Trojan.Agent.GMACen (deleted successfully)

Files Detected = 1
C:\users\cos\AppData\Roaming\wildtangent\wildtangent\vmvs2.dll Trojan.agent.GMAGen (delete on reboot)

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-03 12:20:00
-----------------------------
12:20:00.950 OS Version: Windows x64 6.1.7600
12:20:00.950 Number of processors: 4 586 0x503
12:20:00.950 ComputerName: VICTOR030 UserName: Cos
12:20:03.118 Initialize success
12:20:07.798 AVAST engine defs: 12040201
12:20:12.603 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000058
12:20:12.618 Disk 0 Vendor: ST310005 HP35 Size: 953869MB BusType: 11
12:20:12.634 Disk 0 MBR read successfully
12:20:12.634 Disk 0 MBR scan
12:20:12.650 Disk 0 unknown MBR code
12:20:12.681 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 106 MB offset 2048
12:20:12.696 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 939818 MB offset 224910
12:20:12.728 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13939 MB offset 1924974592
12:20:12.774 Disk 0 scanning C:\Windows\system32\drivers
12:20:20.169 Service scanning
12:20:39.747 Modules scanning
12:20:39.747 Disk 0 trace - called modules:
12:20:39.763 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
12:20:39.763 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80046ea790]
12:20:39.778 3 CLASSPNP.SYS[fffff880018d043f] -> nt!IofCallDriver -> [0xfffffa80045b9ac0]
12:20:39.778 5 amd_xata.sys[fffff880011078b4] -> nt!IofCallDriver -> \Device\00000058[0xfffffa80045b29c0]
12:20:48.015 AVAST engine scan C:\Windows
12:20:50.636 AVAST engine scan C:\Windows\system32
12:23:32.096 AVAST engine scan C:\Windows\system32\drivers
12:23:41.331 AVAST engine scan C:\Users\Cos
12:24:28.818 File: C:\Users\Cos\AppData\Local\Temp\nsv1B35.tmp\tceskqa.dll **INFECTED** Win32:Trojan-gen
12:24:28.911 File: C:\Users\Cos\AppData\Local\Temp\nsv1B35.tmp\vmvsz.dll **INFECTED** Win32:Trojan-gen
12:24:41.781 File: C:\Users\Cos\AppData\Roaming\WildTangent\WildTangent\tceskqa.dll **INFECTED** Win32:Trojan-gen

12:25:21.390 AVAST engine scan C:\ProgramData
12:26:23.930 Scan finished successfully
12:27:23.788 Disk 0 MBR has been saved successfully to "C:\Users\Cos\Desktop\MBR.dat"
12:27:23.788 The log file has been saved successfully to "C:\Users\Cos\Desktop\aswMBR.txt"


* The "Fix" tab wasn't an option when this scan finished. Only the "FixMBR" tab was available. Should I proceed with that, even though there's a pop up warning about doing so? I'll leave it minimiized on my pc until you give me permission on what to do.

Thanks for your help

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:51 PM

Posted 03 April 2012 - 12:42 PM

Run the FixMBR and rerun the aswMBR.

Then let me know how it is after this.


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 paice

paice
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 03 April 2012 - 02:46 PM

aswMBR (after clicking the "Fix MBR" tab)

13:47:42.113 Verifying
13:47:52.141 Disk 0 Windows 601 MBR fixed successfully
13:48:23.753 Disk 0 MBR has been saved successfully to "C:\Users\Cos\Desktop\MBR.dat"
13:48:23.757 The log file has been saved successfully to "C:\Users\Cos\Desktop\aswMBRafterfixmbr.txt"

ESET log threats found (scan completed in 1 hr, 19 minutes)

C:\Users\Cos\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\7b2707d0-7710edf9 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Cos\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\d189d59-54d72b7b a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined

* When clicking the "Finish" button on the ESET program, a separate pop up window came up, informing me that "this program might not have installed correctly, giving me 2 options as "reinstall using recommended settings" or "this program installed correctly."

By all indications, it did install correctly, as the scan was completed.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:51 PM

Posted 03 April 2012 - 03:10 PM

Looks like it did install correctly. Probably a reaction to the MBR adjustment.

Hows the redirect?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 paice

paice
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 03 April 2012 - 03:35 PM

While I haven't seen a happoli.com page come up, I've been redirected 4 times today (the first time was before i hit the Fix MBR button and that page name escapes me. 2 others were just now and the page I'm sent to just looks like the subject name I'm googling in different font sizes, all in blue, listing multiple sites. The 4th time (also just now) was redirected to a site called "gimmeanswers."

Edited by paice, 03 April 2012 - 03:35 PM.


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:51 PM

Posted 03 April 2012 - 06:57 PM

Hello,
If using FireFox. The problem may be an add-on in Firefox called "performance cache" or another one.

Try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date

Edited by boopme, 03 April 2012 - 06:58 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 paice

paice
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 03 April 2012 - 08:57 PM

Tough to say.

I disabled the Performance Cache 1.0 and was skating along for about 20 Google searches and then got 3 of 4 redirects.

I had 4 entries in the Add-ons "Extensions" section. I removed one outright (something called "Ask" which appears to be on the Firefox browsing page anyway).

The 3rd one was a "Java Console," which had a message that it wasn't compatible with Firefox version 9.0.1, which got me thinking that I should be using Firefox version 11 anyway.

The last one was "AVG Safe Search 12.0.0.1912," which was enabled. I was hesitant to disable anything AVG, as that's the main Antivirus app I have on my pc, but I hit the "disable" button anyway.

I then proceeded to upgrade to Firefox version 11 and this is what the "Extensions" sections shows now:

Performance Cache 1.0 is still disabled, but gives me the option to enable or remove it.
Java Console is gone. Not sure why, as I hadn't removed it outright, but if it's not needed, so be it.
AVG Safe Search is still disabled, but on the new version of Firefox, I no longer have the option to enable it again. Do you think that's ok? No big deal, even though AVG is my Antivirus of choice?

I've been Google searching for about 20 times now, with no redirects. However, I'm not certain that it was only Firefox that had the redirects. I'm pretty sure that Google Chrome and IE also were redirecting me yesterday. So, I'll surf with all 3 for the next day and see if anything occurs.

Question: Does disabling these extenstions mean that I still have this virus/rootkit/ect... but that I'm just not going to see signs of it or at that point (assuming no more redirects occur over the next day), would you feel that my pc is "clean?"

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:51 PM

Posted 03 April 2012 - 09:22 PM

Ok, looks like a protected malware.
We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 paice

paice
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 04 April 2012 - 10:27 AM

As far as I can tell, Firefox seems ok, but this thing is still on my computer (probably just not seen in Firefox because I disabled the remaining add on extensions) because it's still redirecting me, quite frequently, when using Google Chrome.

I still can't be sure about IE because I really didn't give it much of a try once I noticed that Chrome was still affected. Truth be told, I don't care much about Chrome, as I usually use Firefox, but am still wary that this infection is still on my machine, getting access to who knows what personal info I have on here.

Computer's only 3 months old (refurbished job), so I'd rather not scrap it this early (only 53 gigs of 915 have been used)

Anyway, below is the link to the new thread I created in the other forum with the DDS log (I didn't attempt GMER, as my system is 64 bit and the instructions mentioned 32 bit only.

http://www.bleepingcomputer.com/forums/topic448823.html

Thanks for your ongoing assistance. Much obliged.

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:51 PM

Posted 04 April 2012 - 07:06 PM

Thanks,we'll find it now.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users