Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect virus and now svchost.exe infected?


  • Please log in to reply
13 replies to this topic

#1 joe7991

joe7991

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 28 May 2012 - 10:02 PM

So recently I caught a redirect virus which would redirect me to an ad site whenever I clicked on a link. It happen about a quarter of the time. I ran Norton and it seemed to have gotten rid of it. It removed a file called lqsbhgz.dll . Everything seems to be going fine. I restarted ran Norton and Malware Bytes and they didn't catch anything. Browsing the internet seems to be good now too. The only problem is that it seems like I've caught another virus after removing it. A process/file called svchost.exe is taking up a huge amount of CPU and Memory, mainly memory. The memory usage now on my computer is now double what it use to be at idle. Sometimes triple. Ran Norton and Malware again but they did not find anything. What bothers me most is that Norton informs me that "Blackhole Toolkit Website 3" Intrusion was blocked. It says xx.xx.xxx.xx was blocked and it originated from c:\Windows\System32\svchost.exe.

Im really not sure what to do here. Any help would be appreciated.
Thanks,

I should also put that when I boot into Safe Modesvchost.exe dosen't take up as much resources as it does in normal. Its hard to tell though because there are multiple svchost.exe processes running.

Edited by joe7991, 28 May 2012 - 10:06 PM.


BC AdBot (Login to Remove)

 


#2 joe7991

joe7991
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 28 May 2012 - 11:05 PM

I just ran TDSSkiller and it did find something (The second time I ran it).

Here is the log file.

20:45:31.0076 5672 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
20:45:33.0198 5672 ============================================================
20:45:33.0198 5672 Current date / time: 2012/05/28 20:45:33.0198
20:45:33.0198 5672 SystemInfo:
20:45:33.0198 5672
20:45:33.0198 5672 OS Version: 6.1.7601 ServicePack: 1.0
20:45:33.0198 5672 Product type: Workstation
20:45:33.0198 5672 ComputerName: GAMING-PC
20:45:33.0198 5672 UserName: Joseph
20:45:33.0198 5672 Windows directory: C:\Windows
20:45:33.0198 5672 System windows directory: C:\Windows
20:45:33.0198 5672 Processor architecture: Intel x86
20:45:33.0198 5672 Number of processors: 2
20:45:33.0198 5672 Page size: 0x1000
20:45:33.0198 5672 Boot type: Normal boot
20:45:33.0198 5672 ============================================================
20:45:43.0697 5672 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:45:43.0728 5672 ============================================================
20:45:43.0728 5672 \Device\Harddisk0\DR0:
20:45:43.0759 5672 MBR partitions:
20:45:43.0759 5672 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
20:45:43.0759 5672 ============================================================
20:45:44.0009 5672 C: <-> \Device\Harddisk0\DR0\Partition0
20:45:44.0009 5672 ============================================================
20:45:44.0009 5672 Initialize success
20:45:44.0009 5672 ============================================================
20:45:56.0379 2652 ============================================================
20:45:56.0379 2652 Scan started
20:45:56.0379 2652 Mode: Manual; SigCheck; TDLFS;
20:45:56.0379 2652 ============================================================
20:45:59.0390 2652 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:45:59.0499 2652 !SASCORE - ok
20:45:59.0687 2652 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
20:45:59.0733 2652 1394ohci - ok
20:45:59.0811 2652 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
20:45:59.0843 2652 ACPI - ok
20:45:59.0905 2652 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
20:45:59.0936 2652 AcpiPmi - ok
20:46:00.0030 2652 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
20:46:00.0092 2652 adp94xx - ok
20:46:00.0108 2652 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
20:46:00.0155 2652 adpahci - ok
20:46:00.0201 2652 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
20:46:00.0233 2652 adpu320 - ok
20:46:00.0279 2652 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
20:46:00.0373 2652 AeLookupSvc - ok
20:46:00.0451 2652 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
20:46:00.0529 2652 AFD - ok
20:46:00.0576 2652 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
20:46:00.0591 2652 agp440 - ok
20:46:00.0654 2652 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
20:46:00.0685 2652 aic78xx - ok
20:46:00.0716 2652 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
20:46:00.0779 2652 ALG - ok
20:46:00.0841 2652 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
20:46:00.0841 2652 aliide - ok
20:46:00.0888 2652 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
20:46:00.0903 2652 amdagp - ok
20:46:00.0919 2652 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
20:46:00.0950 2652 amdide - ok
20:46:00.0966 2652 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
20:46:01.0013 2652 AmdK8 - ok
20:46:01.0044 2652 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
20:46:01.0059 2652 AmdPPM - ok
20:46:01.0122 2652 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
20:46:01.0137 2652 amdsata - ok
20:46:01.0231 2652 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
20:46:01.0247 2652 amdsbs - ok
20:46:01.0262 2652 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
20:46:01.0262 2652 amdxata - ok
20:46:01.0325 2652 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
20:46:01.0403 2652 AppID - ok
20:46:01.0481 2652 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
20:46:01.0527 2652 AppIDSvc - ok
20:46:01.0574 2652 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
20:46:01.0621 2652 Appinfo - ok
20:46:01.0730 2652 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:46:01.0761 2652 Apple Mobile Device - ok
20:46:01.0793 2652 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
20:46:01.0808 2652 arc - ok
20:46:01.0824 2652 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
20:46:01.0839 2652 arcsas - ok
20:46:01.0886 2652 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\Windows\system32\drivers\AsIO.sys
20:46:01.0933 2652 AsIO - ok
20:46:02.0120 2652 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:46:02.0183 2652 aspnet_state - ok
20:46:02.0229 2652 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
20:46:02.0323 2652 AsyncMac - ok
20:46:02.0401 2652 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
20:46:02.0417 2652 atapi - ok
20:46:02.0479 2652 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
20:46:02.0541 2652 atksgt - ok
20:46:02.0635 2652 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
20:46:02.0697 2652 AudioEndpointBuilder - ok
20:46:02.0697 2652 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
20:46:02.0729 2652 Audiosrv - ok
20:46:02.0807 2652 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
20:46:02.0900 2652 AxInstSV - ok
20:46:02.0994 2652 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
20:46:03.0087 2652 b06bdrv - ok
20:46:03.0134 2652 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
20:46:03.0197 2652 b57nd60x - ok
20:46:03.0259 2652 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
20:46:03.0321 2652 BDESVC - ok
20:46:03.0353 2652 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
20:46:03.0384 2652 Beep - ok
20:46:03.0477 2652 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
20:46:03.0540 2652 BFE - ok
20:46:03.0821 2652 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120517.001\BHDrvx86.sys
20:46:03.0899 2652 BHDrvx86 - ok
20:46:04.0055 2652 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
20:46:04.0367 2652 BITS - ok
20:46:04.0476 2652 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
20:46:04.0507 2652 blbdrive - ok
20:46:04.0694 2652 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
20:46:04.0694 2652 Bonjour Service - ok
20:46:04.0772 2652 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
20:46:04.0850 2652 bowser - ok
20:46:04.0866 2652 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:46:04.0897 2652 BrFiltLo - ok
20:46:04.0944 2652 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:46:04.0975 2652 BrFiltUp - ok
20:46:05.0022 2652 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
20:46:05.0037 2652 Browser - ok
20:46:05.0100 2652 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
20:46:05.0178 2652 Brserid - ok
20:46:05.0209 2652 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
20:46:05.0240 2652 BrSerWdm - ok
20:46:05.0271 2652 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:46:05.0303 2652 BrUsbMdm - ok
20:46:05.0349 2652 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
20:46:05.0365 2652 BrUsbSer - ok
20:46:05.0396 2652 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
20:46:05.0443 2652 BTHMODEM - ok
20:46:05.0505 2652 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
20:46:05.0568 2652 bthserv - ok
20:46:05.0599 2652 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
20:46:05.0630 2652 cdfs - ok
20:46:05.0693 2652 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
20:46:05.0724 2652 cdrom - ok
20:46:05.0786 2652 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
20:46:05.0833 2652 CertPropSvc - ok
20:46:05.0864 2652 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
20:46:05.0880 2652 circlass - ok
20:46:05.0895 2652 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
20:46:05.0911 2652 CLFS - ok
20:46:06.0020 2652 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:46:06.0036 2652 clr_optimization_v2.0.50727_32 - ok
20:46:06.0129 2652 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:46:06.0223 2652 clr_optimization_v4.0.30319_32 - ok
20:46:06.0239 2652 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
20:46:06.0270 2652 CmBatt - ok
20:46:06.0301 2652 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
20:46:06.0317 2652 cmdide - ok
20:46:06.0379 2652 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
20:46:06.0441 2652 CNG - ok
20:46:06.0457 2652 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
20:46:06.0457 2652 Compbatt - ok
20:46:06.0535 2652 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
20:46:06.0551 2652 CompositeBus - ok
20:46:06.0566 2652 COMSysApp - ok
20:46:06.0629 2652 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys
20:46:06.0660 2652 cpuz135 - ok
20:46:06.0691 2652 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
20:46:06.0707 2652 crcdisk - ok
20:46:06.0753 2652 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
20:46:06.0800 2652 CryptSvc - ok
20:46:06.0972 2652 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
20:46:07.0003 2652 DAUpdaterSvc - ok
20:46:07.0050 2652 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
20:46:07.0097 2652 DcomLaunch - ok
20:46:07.0143 2652 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
20:46:07.0237 2652 defragsvc - ok
20:46:07.0299 2652 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
20:46:07.0331 2652 DfsC - ok
20:46:07.0409 2652 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
20:46:07.0471 2652 Dhcp - ok
20:46:07.0502 2652 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
20:46:07.0549 2652 discache - ok
20:46:07.0596 2652 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
20:46:07.0596 2652 Disk - ok
20:46:07.0674 2652 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
20:46:07.0736 2652 Dnscache - ok
20:46:07.0799 2652 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
20:46:07.0845 2652 dot3svc - ok
20:46:07.0923 2652 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
20:46:07.0970 2652 DPS - ok
20:46:08.0048 2652 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
20:46:08.0064 2652 drmkaud - ok
20:46:08.0173 2652 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
20:46:08.0204 2652 DXGKrnl - ok
20:46:08.0251 2652 EagleNT - ok
20:46:08.0298 2652 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
20:46:08.0360 2652 EapHost - ok
20:46:08.0594 2652 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
20:46:08.0641 2652 ebdrv - ok
20:46:08.0781 2652 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:46:08.0828 2652 eeCtrl - ok
20:46:08.0984 2652 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
20:46:09.0047 2652 EFS - ok
20:46:09.0156 2652 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
20:46:09.0296 2652 ehRecvr - ok
20:46:09.0327 2652 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
20:46:09.0390 2652 ehSched - ok
20:46:09.0546 2652 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
20:46:09.0577 2652 elxstor - ok
20:46:09.0639 2652 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\Windows\system32\DRIVERS\ENTECH.sys
20:46:09.0671 2652 ENTECH - ok
20:46:09.0842 2652 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:46:09.0889 2652 EraserUtilRebootDrv - ok
20:46:09.0920 2652 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
20:46:09.0936 2652 ErrDev - ok
20:46:09.0998 2652 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
20:46:10.0076 2652 EventSystem - ok
20:46:10.0123 2652 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
20:46:10.0170 2652 exfat - ok
20:46:10.0201 2652 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
20:46:10.0248 2652 fastfat - ok
20:46:10.0341 2652 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
20:46:10.0435 2652 Fax - ok
20:46:10.0466 2652 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
20:46:10.0482 2652 fdc - ok
20:46:10.0529 2652 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
20:46:10.0575 2652 fdPHost - ok
20:46:10.0591 2652 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
20:46:10.0638 2652 FDResPub - ok
20:46:10.0669 2652 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
20:46:10.0700 2652 FileInfo - ok
20:46:10.0731 2652 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
20:46:10.0747 2652 Filetrace - ok
20:46:10.0778 2652 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
20:46:10.0794 2652 flpydisk - ok
20:46:10.0841 2652 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
20:46:10.0872 2652 FltMgr - ok
20:46:10.0965 2652 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
20:46:11.0059 2652 FontCache - ok
20:46:11.0184 2652 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:46:11.0215 2652 FontCache3.0.0.0 - ok
20:46:11.0246 2652 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
20:46:11.0262 2652 FsDepends - ok
20:46:11.0340 2652 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
20:46:11.0371 2652 fssfltr - ok
20:46:11.0589 2652 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:46:11.0714 2652 fsssvc - ok
20:46:11.0948 2652 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
20:46:11.0948 2652 Fs_Rec - ok
20:46:12.0011 2652 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
20:46:12.0042 2652 fvevol - ok
20:46:12.0073 2652 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:46:12.0104 2652 gagp30kx - ok
20:46:12.0135 2652 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:46:12.0167 2652 GEARAspiWDM - ok
20:46:12.0229 2652 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
20:46:12.0291 2652 gpsvc - ok
20:46:12.0463 2652 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:46:12.0479 2652 gupdate - ok
20:46:12.0510 2652 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:46:12.0525 2652 gupdatem - ok
20:46:12.0557 2652 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
20:46:12.0572 2652 hamachi - ok
20:46:12.0588 2652 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
20:46:12.0666 2652 hcw85cir - ok
20:46:12.0713 2652 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
20:46:12.0728 2652 HDAudBus - ok
20:46:12.0775 2652 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
20:46:12.0806 2652 HidBatt - ok
20:46:12.0853 2652 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
20:46:12.0900 2652 HidBth - ok
20:46:12.0931 2652 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
20:46:12.0947 2652 HidIr - ok
20:46:12.0993 2652 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
20:46:13.0040 2652 hidserv - ok
20:46:13.0087 2652 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
20:46:13.0087 2652 HidUsb - ok
20:46:13.0118 2652 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
20:46:13.0149 2652 hkmsvc - ok
20:46:13.0196 2652 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
20:46:13.0259 2652 HomeGroupListener - ok
20:46:13.0321 2652 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
20:46:13.0352 2652 HomeGroupProvider - ok
20:46:13.0555 2652 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:46:13.0571 2652 hpqcxs08 - ok
20:46:13.0633 2652 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:46:13.0649 2652 hpqddsvc - ok
20:46:13.0695 2652 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
20:46:13.0711 2652 HpSAMD - ok
20:46:13.0789 2652 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
20:46:13.0820 2652 HPSLPSVC - ok
20:46:13.0914 2652 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
20:46:13.0945 2652 HTTP - ok
20:46:13.0976 2652 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
20:46:13.0992 2652 hwpolicy - ok
20:46:14.0054 2652 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
20:46:14.0070 2652 i8042prt - ok
20:46:14.0085 2652 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
20:46:14.0117 2652 iaStorV - ok
20:46:14.0257 2652 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:46:14.0288 2652 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:46:14.0288 2652 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:46:14.0444 2652 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:46:14.0491 2652 idsvc - ok
20:46:14.0741 2652 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120528.001\IDSvix86.sys
20:46:14.0787 2652 IDSVix86 - ok
20:46:14.0975 2652 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
20:46:14.0990 2652 iirsp - ok
20:46:15.0053 2652 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
20:46:15.0099 2652 IKEEXT - ok
20:46:15.0224 2652 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys
20:46:15.0318 2652 IntcAzAudAddService - ok
20:46:15.0443 2652 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
20:46:15.0458 2652 intelide - ok
20:46:15.0489 2652 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
20:46:15.0489 2652 intelppm - ok
20:46:15.0552 2652 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
20:46:15.0583 2652 IPBusEnum - ok
20:46:15.0645 2652 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:46:15.0692 2652 IpFilterDriver - ok
20:46:15.0739 2652 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
20:46:15.0786 2652 iphlpsvc - ok
20:46:15.0817 2652 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
20:46:15.0848 2652 IPMIDRV - ok
20:46:15.0879 2652 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
20:46:15.0926 2652 IPNAT - ok
20:46:16.0067 2652 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe
20:46:16.0129 2652 iPod Service - ok
20:46:16.0160 2652 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
20:46:16.0223 2652 IRENUM - ok
20:46:16.0254 2652 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
20:46:16.0269 2652 isapnp - ok
20:46:16.0316 2652 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
20:46:16.0332 2652 iScsiPrt - ok
20:46:16.0363 2652 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:46:16.0379 2652 kbdclass - ok
20:46:16.0457 2652 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
20:46:16.0472 2652 kbdhid - ok
20:46:16.0519 2652 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:46:16.0535 2652 KeyIso - ok
20:46:16.0550 2652 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
20:46:16.0566 2652 KSecDD - ok
20:46:16.0581 2652 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
20:46:16.0628 2652 KSecPkg - ok
20:46:16.0675 2652 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
20:46:16.0769 2652 KtmRm - ok
20:46:16.0847 2652 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
20:46:16.0878 2652 LanmanServer - ok
20:46:16.0925 2652 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
20:46:17.0034 2652 LanmanWorkstation - ok
20:46:17.0159 2652 LBTServ (47c12f1a54b5c1b51008d7629c1d4f7b) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
20:46:17.0174 2652 LBTServ - ok
20:46:17.0252 2652 LHidFilt (8b30311241f97b35167afe68d79e8530) C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:46:17.0268 2652 LHidFilt - ok
20:46:17.0330 2652 libusb0 (cb5d13966f74d7f000724a907f614193) C:\Windows\system32\DRIVERS\libusb0.sys
20:46:17.0346 2652 libusb0 - ok
20:46:17.0424 2652 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
20:46:17.0455 2652 lirsgt - ok
20:46:17.0549 2652 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
20:46:17.0580 2652 lltdio - ok
20:46:17.0627 2652 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
20:46:17.0705 2652 lltdsvc - ok
20:46:17.0736 2652 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
20:46:17.0767 2652 lmhosts - ok
20:46:17.0798 2652 LMouFilt (48d7422a6c4eec886b56ac534cfa3acf) C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:46:17.0814 2652 LMouFilt - ok
20:46:17.0845 2652 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:46:17.0845 2652 LSI_FC - ok
20:46:17.0861 2652 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:46:17.0876 2652 LSI_SAS - ok
20:46:17.0892 2652 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:46:17.0892 2652 LSI_SAS2 - ok
20:46:17.0907 2652 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:46:17.0923 2652 LSI_SCSI - ok
20:46:17.0954 2652 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
20:46:18.0001 2652 luafv - ok
20:46:18.0079 2652 LUsbFilt (0b808ff2f17c8396fb2ae202f75aed37) C:\Windows\system32\Drivers\LUsbFilt.Sys
20:46:18.0079 2652 LUsbFilt - ok
20:46:18.0141 2652 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
20:46:18.0173 2652 Mcx2Svc - ok
20:46:18.0188 2652 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
20:46:18.0204 2652 megasas - ok
20:46:18.0235 2652 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
20:46:18.0251 2652 MegaSR - ok
20:46:18.0282 2652 mfeavfk (bafdd5e28baea99d7f4772af2f5ec7ee) C:\Windows\system32\drivers\mfeavfk.sys
20:46:18.0297 2652 mfeavfk - ok
20:46:18.0329 2652 mfebopk (1d003e3056a43d881597d6763e83b943) C:\Windows\system32\drivers\mfebopk.sys
20:46:18.0344 2652 mfebopk - ok
20:46:18.0375 2652 mfehidk (3f138a1c8a0659f329f242d1e389b2cf) C:\Windows\system32\drivers\mfehidk.sys
20:46:18.0407 2652 mfehidk - ok
20:46:18.0438 2652 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
20:46:18.0469 2652 mferkdk - ok
20:46:18.0516 2652 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
20:46:18.0516 2652 mfesmfk - ok
20:46:18.0641 2652 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:46:18.0672 2652 Microsoft Office Groove Audit Service - ok
20:46:18.0703 2652 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:46:18.0750 2652 MMCSS - ok
20:46:18.0781 2652 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
20:46:18.0812 2652 Modem - ok
20:46:18.0859 2652 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
20:46:18.0921 2652 monitor - ok
20:46:19.0015 2652 MotioninJoyXFilter (9960b18d55e7bd0f265c3c1953d19592) C:\Windows\system32\DRIVERS\MijXfilt.sys
20:46:19.0046 2652 MotioninJoyXFilter - ok
20:46:19.0109 2652 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
20:46:19.0140 2652 mouclass - ok
20:46:19.0187 2652 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
20:46:19.0202 2652 mouhid - ok
20:46:19.0233 2652 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
20:46:19.0249 2652 mountmgr - ok
20:46:19.0327 2652 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:46:19.0374 2652 MozillaMaintenance - ok
20:46:19.0436 2652 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
20:46:19.0452 2652 mpio - ok
20:46:19.0452 2652 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
20:46:19.0514 2652 mpsdrv - ok
20:46:19.0577 2652 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
20:46:19.0608 2652 MpsSvc - ok
20:46:19.0655 2652 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
20:46:19.0670 2652 MRxDAV - ok
20:46:19.0748 2652 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:46:19.0842 2652 mrxsmb - ok
20:46:19.0904 2652 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:46:19.0967 2652 mrxsmb10 - ok
20:46:19.0982 2652 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:46:20.0013 2652 mrxsmb20 - ok
20:46:20.0107 2652 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
20:46:20.0107 2652 msahci - ok
20:46:20.0138 2652 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
20:46:20.0154 2652 msdsm - ok
20:46:20.0201 2652 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
20:46:20.0247 2652 MSDTC - ok
20:46:20.0279 2652 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
20:46:20.0310 2652 Msfs - ok
20:46:20.0310 2652 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
20:46:20.0325 2652 mshidkmdf - ok
20:46:20.0341 2652 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
20:46:20.0357 2652 msisadrv - ok
20:46:20.0403 2652 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
20:46:20.0466 2652 MSiSCSI - ok
20:46:20.0466 2652 msiserver - ok
20:46:20.0497 2652 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
20:46:20.0544 2652 MSKSSRV - ok
20:46:20.0575 2652 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
20:46:20.0606 2652 MSPCLOCK - ok
20:46:20.0653 2652 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
20:46:20.0684 2652 MSPQM - ok
20:46:20.0715 2652 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
20:46:20.0731 2652 MsRPC - ok
20:46:20.0747 2652 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
20:46:20.0762 2652 mssmbios - ok
20:46:20.0778 2652 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
20:46:20.0809 2652 MSTEE - ok
20:46:20.0825 2652 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
20:46:20.0856 2652 MTConfig - ok
20:46:20.0903 2652 MTsensor (0f24624106d8042e7f27882d9d6ff5c0) C:\Windows\system32\DRIVERS\ASACPI.sys
20:46:21.0012 2652 MTsensor - ok
20:46:21.0027 2652 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
20:46:21.0043 2652 Mup - ok
20:46:21.0215 2652 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
20:46:21.0230 2652 N360 - ok
20:46:21.0293 2652 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
20:46:21.0339 2652 napagent - ok
20:46:21.0371 2652 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
20:46:21.0417 2652 NativeWifiP - ok
20:46:21.0620 2652 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120528.017\NAVENG.SYS
20:46:21.0683 2652 NAVENG - ok
20:46:21.0792 2652 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120528.017\NAVEX15.SYS
20:46:21.0854 2652 NAVEX15 - ok
20:46:22.0104 2652 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
20:46:22.0135 2652 NDIS - ok
20:46:22.0229 2652 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
20:46:22.0275 2652 NdisCap - ok
20:46:22.0322 2652 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
20:46:22.0353 2652 NdisTapi - ok
20:46:22.0431 2652 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
20:46:22.0478 2652 Ndisuio - ok
20:46:22.0509 2652 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
20:46:22.0541 2652 NdisWan - ok
20:46:22.0587 2652 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
20:46:22.0603 2652 NDProxy - ok
20:46:22.0665 2652 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
20:46:22.0665 2652 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:46:22.0665 2652 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:46:22.0697 2652 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
20:46:22.0743 2652 NetBIOS - ok
20:46:22.0806 2652 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
20:46:22.0821 2652 NetBT - ok
20:46:22.0868 2652 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:46:22.0884 2652 Netlogon - ok
20:46:22.0946 2652 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
20:46:22.0993 2652 Netman - ok
20:46:23.0165 2652 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:46:23.0258 2652 NetMsmqActivator - ok
20:46:23.0289 2652 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:46:23.0321 2652 NetPipeActivator - ok
20:46:23.0383 2652 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
20:46:23.0430 2652 netprofm - ok
20:46:23.0430 2652 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:46:23.0445 2652 NetTcpActivator - ok
20:46:23.0445 2652 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:46:23.0461 2652 NetTcpPortSharing - ok
20:46:23.0539 2652 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
20:46:23.0539 2652 nfrd960 - ok
20:46:23.0601 2652 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
20:46:23.0648 2652 NlaSvc - ok
20:46:23.0679 2652 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
20:46:23.0695 2652 Npfs - ok
20:46:23.0742 2652 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
20:46:23.0757 2652 nsi - ok
20:46:23.0773 2652 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
20:46:23.0820 2652 nsiproxy - ok
20:46:23.0913 2652 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
20:46:23.0960 2652 Ntfs - ok
20:46:24.0147 2652 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
20:46:24.0179 2652 Null - ok
20:46:24.0257 2652 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
20:46:24.0288 2652 NVENETFD - ok
20:46:24.0849 2652 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:46:25.0146 2652 nvlddmkm - ok
20:46:25.0395 2652 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
20:46:25.0411 2652 nvraid - ok
20:46:25.0458 2652 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
20:46:25.0473 2652 nvstor - ok
20:46:25.0520 2652 nvstor32 (dc5f166422beebf195e3e4bb8ab4ee22) C:\Windows\system32\DRIVERS\nvstor32.sys
20:46:25.0583 2652 nvstor32 - ok
20:46:25.0676 2652 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
20:46:25.0692 2652 nvsvc - ok
20:46:25.0941 2652 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:46:25.0988 2652 nvUpdatusService - ok
20:46:26.0035 2652 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
20:46:26.0035 2652 nv_agp - ok
20:46:26.0144 2652 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:46:26.0175 2652 odserv - ok
20:46:26.0207 2652 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
20:46:26.0222 2652 ohci1394 - ok
20:46:26.0269 2652 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:46:26.0316 2652 ose - ok
20:46:26.0378 2652 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:46:26.0441 2652 p2pimsvc - ok
20:46:26.0503 2652 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
20:46:26.0534 2652 p2psvc - ok
20:46:26.0612 2652 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
20:46:26.0628 2652 Parport - ok
20:46:26.0675 2652 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
20:46:26.0690 2652 partmgr - ok
20:46:26.0690 2652 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
20:46:26.0706 2652 Parvdm - ok
20:46:26.0737 2652 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
20:46:26.0768 2652 PcaSvc - ok
20:46:26.0815 2652 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
20:46:26.0846 2652 pci - ok
20:46:26.0877 2652 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
20:46:26.0893 2652 pciide - ok
20:46:26.0924 2652 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
20:46:26.0955 2652 pcmcia - ok
20:46:27.0002 2652 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
20:46:27.0096 2652 pcouffin - ok
20:46:27.0111 2652 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
20:46:27.0127 2652 pcw - ok
20:46:27.0174 2652 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
20:46:27.0221 2652 PEAUTH - ok
20:46:27.0345 2652 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
20:46:27.0408 2652 pla - ok
20:46:27.0595 2652 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
20:46:27.0673 2652 PlugPlay - ok
20:46:27.0751 2652 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
20:46:27.0767 2652 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:46:27.0767 2652 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:46:27.0829 2652 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
20:46:27.0845 2652 PnkBstrA - ok
20:46:27.0891 2652 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
20:46:27.0938 2652 PNRPAutoReg - ok
20:46:27.0969 2652 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
20:46:27.0985 2652 PNRPsvc - ok
20:46:28.0063 2652 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
20:46:28.0094 2652 PolicyAgent - ok
20:46:28.0157 2652 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
20:46:28.0188 2652 Power - ok
20:46:28.0297 2652 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
20:46:28.0328 2652 PptpMiniport - ok
20:46:28.0375 2652 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
20:46:28.0391 2652 Processor - ok
20:46:28.0437 2652 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
20:46:28.0469 2652 ProfSvc - ok
20:46:28.0500 2652 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:46:28.0515 2652 ProtectedStorage - ok
20:46:28.0578 2652 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
20:46:28.0593 2652 Psched - ok
20:46:28.0687 2652 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
20:46:28.0734 2652 ql2300 - ok
20:46:28.0859 2652 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
20:46:28.0890 2652 ql40xx - ok
20:46:28.0937 2652 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
20:46:29.0015 2652 QWAVE - ok
20:46:29.0030 2652 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
20:46:29.0046 2652 QWAVEdrv - ok
20:46:29.0061 2652 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
20:46:29.0108 2652 RasAcd - ok
20:46:29.0186 2652 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:46:29.0233 2652 RasAgileVpn - ok
20:46:29.0249 2652 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
20:46:29.0295 2652 RasAuto - ok
20:46:29.0327 2652 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:46:29.0373 2652 Rasl2tp - ok
20:46:29.0451 2652 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
20:46:29.0483 2652 RasMan - ok
20:46:29.0514 2652 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
20:46:29.0545 2652 RasPppoe - ok
20:46:29.0592 2652 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
20:46:29.0623 2652 RasSstp - ok
20:46:29.0685 2652 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
20:46:29.0732 2652 rdbss - ok
20:46:29.0748 2652 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
20:46:29.0763 2652 rdpbus - ok
20:46:29.0810 2652 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:46:29.0826 2652 RDPCDD - ok
20:46:29.0857 2652 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
20:46:29.0888 2652 RDPENCDD - ok
20:46:29.0919 2652 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
20:46:29.0935 2652 RDPREFMP - ok
20:46:29.0982 2652 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
20:46:30.0091 2652 RDPWD - ok
20:46:30.0153 2652 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
20:46:30.0185 2652 rdyboost - ok
20:46:30.0231 2652 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
20:46:30.0294 2652 RemoteAccess - ok
20:46:30.0325 2652 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
20:46:30.0387 2652 RemoteRegistry - ok
20:46:30.0419 2652 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
20:46:30.0450 2652 RpcEptMapper - ok
20:46:30.0497 2652 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
20:46:30.0528 2652 RpcLocator - ok
20:46:30.0590 2652 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
20:46:30.0621 2652 RpcSs - ok
20:46:30.0637 2652 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
20:46:30.0668 2652 rspndr - ok
20:46:30.0855 2652 SABKUTIL - ok
20:46:30.0902 2652 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:46:30.0902 2652 SamSs - ok
20:46:31.0011 2652 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:46:31.0027 2652 SASDIFSV - ok
20:46:31.0074 2652 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:46:31.0074 2652 SASKUTIL - ok
20:46:31.0152 2652 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
20:46:31.0167 2652 sbp2port - ok
20:46:31.0183 2652 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
20:46:31.0245 2652 SCardSvr - ok
20:46:31.0292 2652 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
20:46:31.0323 2652 scfilter - ok
20:46:31.0386 2652 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
20:46:31.0433 2652 Schedule - ok
20:46:31.0464 2652 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
20:46:31.0479 2652 SCPolicySvc - ok
20:46:31.0542 2652 SCREAMINGBDRIVER (d3fa9fb502ad62001101f495bbbac42e) C:\Windows\system32\drivers\ScreamingBAudio.sys
20:46:31.0604 2652 SCREAMINGBDRIVER - ok
20:46:31.0651 2652 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
20:46:31.0713 2652 SDRSVC - ok
20:46:31.0807 2652 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:46:31.0823 2652 SeaPort - ok
20:46:31.0869 2652 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:46:31.0901 2652 secdrv - ok
20:46:31.0932 2652 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
20:46:31.0994 2652 seclogon - ok
20:46:32.0041 2652 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
20:46:32.0072 2652 SENS - ok
20:46:32.0119 2652 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
20:46:32.0213 2652 SensrSvc - ok
20:46:32.0228 2652 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
20:46:32.0244 2652 Serenum - ok
20:46:32.0291 2652 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
20:46:32.0306 2652 Serial - ok
20:46:32.0353 2652 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
20:46:32.0369 2652 sermouse - ok
20:46:32.0431 2652 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
20:46:32.0478 2652 SessionEnv - ok
20:46:32.0525 2652 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
20:46:32.0540 2652 sffdisk - ok
20:46:32.0571 2652 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
20:46:32.0587 2652 sffp_mmc - ok
20:46:32.0634 2652 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
20:46:32.0649 2652 sffp_sd - ok
20:46:32.0681 2652 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
20:46:32.0712 2652 sfloppy - ok
20:46:32.0774 2652 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
20:46:32.0821 2652 SharedAccess - ok
20:46:32.0868 2652 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
20:46:32.0899 2652 ShellHWDetection - ok
20:46:32.0961 2652 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
20:46:32.0977 2652 sisagp - ok
20:46:33.0039 2652 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:46:33.0055 2652 SiSRaid2 - ok
20:46:33.0086 2652 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
20:46:33.0102 2652 SiSRaid4 - ok
20:46:33.0164 2652 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
20:46:33.0180 2652 Smb - ok
20:46:33.0289 2652 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
20:46:33.0320 2652 SNMPTRAP - ok
20:46:33.0367 2652 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
20:46:33.0383 2652 spldr - ok
20:46:33.0445 2652 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
20:46:33.0507 2652 Spooler - ok
20:46:33.0695 2652 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
20:46:33.0804 2652 sppsvc - ok
20:46:33.0944 2652 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
20:46:33.0975 2652 sppuinotify - ok
20:46:34.0100 2652 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
20:46:34.0100 2652 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
20:46:34.0116 2652 sptd ( LockedFile.Multi.Generic ) - warning
20:46:34.0116 2652 sptd - detected LockedFile.Multi.Generic (1)
20:46:34.0272 2652 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502010.003\SRTSP.SYS
20:46:34.0334 2652 SRTSP - ok
20:46:34.0381 2652 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502010.003\SRTSPX.SYS
20:46:34.0412 2652 SRTSPX - ok
20:46:34.0475 2652 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
20:46:34.0521 2652 srv - ok
20:46:34.0553 2652 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
20:46:34.0568 2652 srv2 - ok
20:46:34.0584 2652 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
20:46:34.0631 2652 srvnet - ok
20:46:34.0662 2652 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
20:46:34.0693 2652 SSDPSRV - ok
20:46:34.0709 2652 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
20:46:34.0755 2652 SstpSvc - ok
20:46:34.0865 2652 Steam Client Service - ok
20:46:35.0005 2652 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:46:35.0036 2652 Stereo Service - ok
20:46:35.0083 2652 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
20:46:35.0083 2652 stexstor - ok
20:46:35.0177 2652 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
20:46:35.0223 2652 StillCam - ok
20:46:35.0286 2652 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
20:46:35.0333 2652 StiSvc - ok
20:46:35.0364 2652 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
20:46:35.0379 2652 swenum - ok
20:46:35.0504 2652 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:46:35.0567 2652 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
20:46:35.0567 2652 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
20:46:35.0613 2652 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
20:46:35.0691 2652 swprv - ok
20:46:35.0801 2652 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502010.003\SYMDS.SYS
20:46:35.0863 2652 SymDS - ok
20:46:35.0941 2652 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502010.003\SYMEFA.SYS
20:46:36.0003 2652 SymEFA - ok
20:46:36.0066 2652 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
20:46:36.0128 2652 SymEvent - ok
20:46:36.0206 2652 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502010.003\Ironx86.SYS
20:46:36.0253 2652 SymIRON - ok
20:46:36.0284 2652 SymNetS (2c688094650d23b62b0a809decd0b12f) C:\Windows\System32\Drivers\N360\0502010.003\SYMNETS.SYS
20:46:36.0300 2652 SymNetS - ok
20:46:36.0393 2652 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
20:46:36.0425 2652 SysMain - ok
20:46:36.0471 2652 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
20:46:36.0487 2652 TabletInputService - ok
20:46:36.0534 2652 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
20:46:36.0581 2652 TapiSrv - ok
20:46:36.0627 2652 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
20:46:36.0674 2652 TBS - ok
20:46:36.0861 2652 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
20:46:36.0939 2652 Tcpip - ok
20:46:37.0189 2652 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
20:46:37.0205 2652 TCPIP6 - ok
20:46:37.0314 2652 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
20:46:37.0345 2652 tcpipreg - ok
20:46:37.0392 2652 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
20:46:37.0407 2652 TDPIPE - ok
20:46:37.0439 2652 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
20:46:37.0485 2652 TDTCP - ok
20:46:37.0517 2652 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
20:46:37.0548 2652 tdx - ok
20:46:37.0579 2652 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
20:46:37.0595 2652 TermDD - ok
20:46:37.0657 2652 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
20:46:37.0719 2652 TermService - ok
20:46:37.0766 2652 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
20:46:37.0782 2652 Themes - ok
20:46:37.0813 2652 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
20:46:37.0844 2652 THREADORDER - ok
20:46:37.0907 2652 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\Windows\system32\drivers\tiehdusb.sys
20:46:37.0922 2652 TIEHDUSB ( UnsignedFile.Multi.Generic ) - warning
20:46:37.0922 2652 TIEHDUSB - detected UnsignedFile.Multi.Generic (1)
20:46:37.0953 2652 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
20:46:38.0000 2652 TrkWks - ok
20:46:38.0063 2652 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
20:46:38.0078 2652 TrustedInstaller - ok
20:46:38.0094 2652 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:46:38.0125 2652 tssecsrv - ok
20:46:38.0203 2652 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
20:46:38.0281 2652 TsUsbFlt - ok
20:46:38.0359 2652 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
20:46:38.0406 2652 tunnel - ok
20:46:38.0484 2652 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
20:46:38.0531 2652 uagp35 - ok
20:46:38.0749 2652 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
20:46:38.0796 2652 udfs - ok
20:46:38.0827 2652 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
20:46:38.0858 2652 UI0Detect - ok
20:46:38.0936 2652 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
20:46:38.0936 2652 uliagpkx - ok
20:46:38.0983 2652 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
20:46:38.0999 2652 umbus - ok
20:46:39.0030 2652 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
20:46:39.0123 2652 UmPass - ok
20:46:39.0279 2652 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
20:46:39.0311 2652 upnphost - ok
20:46:39.0342 2652 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
20:46:39.0357 2652 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
20:46:39.0357 2652 USBAAPL - detected UnsignedFile.Multi.Generic (1)
20:46:39.0420 2652 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
20:46:39.0420 2652 usbaudio - ok
20:46:39.0435 2652 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
20:46:39.0451 2652 usbccgp - ok
20:46:39.0529 2652 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
20:46:39.0576 2652 usbcir - ok
20:46:39.0607 2652 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
20:46:39.0607 2652 usbehci - ok
20:46:39.0638 2652 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
20:46:39.0638 2652 usbhub - ok
20:46:39.0654 2652 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
20:46:39.0669 2652 usbohci - ok
20:46:39.0701 2652 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
20:46:39.0716 2652 usbprint - ok
20:46:39.0732 2652 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:46:39.0747 2652 USBSTOR - ok
20:46:39.0763 2652 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
20:46:39.0779 2652 usbuhci - ok
20:46:39.0919 2652 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
20:46:39.0935 2652 UxSms - ok
20:46:39.0966 2652 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
20:46:39.0981 2652 VaultSvc - ok
20:46:40.0028 2652 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
20:46:40.0044 2652 vdrvroot - ok
20:46:40.0153 2652 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
20:46:40.0184 2652 vds - ok
20:46:40.0200 2652 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
20:46:40.0215 2652 vga - ok
20:46:40.0231 2652 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
20:46:40.0247 2652 VgaSave - ok
20:46:40.0262 2652 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
20:46:40.0278 2652 vhdmp - ok
20:46:40.0309 2652 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
20:46:40.0309 2652 viaagp - ok
20:46:40.0325 2652 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
20:46:40.0371 2652 ViaC7 - ok
20:46:40.0387 2652 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
20:46:40.0403 2652 viaide - ok
20:46:40.0418 2652 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
20:46:40.0418 2652 volmgr - ok
20:46:40.0449 2652 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
20:46:40.0465 2652 volmgrx - ok
20:46:40.0481 2652 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
20:46:40.0496 2652 volsnap - ok
20:46:40.0527 2652 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
20:46:40.0543 2652 vsmraid - ok
20:46:41.0448 2652 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
20:46:41.0557 2652 VSS - ok
20:46:41.0619 2652 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
20:46:41.0666 2652 vwifibus - ok
20:46:45.0285 2652 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
20:46:45.0379 2652 W32Time - ok
20:46:45.0457 2652 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
20:46:45.0566 2652 WacomPen - ok
20:46:45.0753 2652 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
20:46:45.0816 2652 WANARP - ok
20:46:45.0816 2652 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
20:46:45.0831 2652 Wanarpv6 - ok
20:46:46.0986 2652 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
20:46:47.0064 2652 WatAdminSvc - ok
20:46:47.0282 2652 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
20:46:47.0360 2652 wbengine - ok
20:46:47.0407 2652 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
20:46:47.0454 2652 WbioSrvc - ok
20:46:47.0501 2652 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
20:46:47.0547 2652 wcncsvc - ok
20:46:47.0579 2652 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
20:46:47.0688 2652 WcsPlugInService - ok
20:46:47.0781 2652 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
20:46:47.0781 2652 Wd - ok
20:46:47.0828 2652 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:46:47.0844 2652 Wdf01000 - ok
20:46:47.0859 2652 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:46:47.0937 2652 WdiServiceHost - ok
20:46:47.0937 2652 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
20:46:47.0953 2652 WdiSystemHost - ok
20:46:48.0000 2652 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
20:46:48.0047 2652 WebClient - ok
20:46:48.0078 2652 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
20:46:48.0156 2652 Wecsvc - ok
20:46:48.0187 2652 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
20:46:48.0218 2652 wercplsupport - ok
20:46:48.0265 2652 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
20:46:48.0312 2652 WerSvc - ok
20:46:48.0390 2652 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
20:46:48.0437 2652 WfpLwf - ok
20:46:48.0468 2652 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
20:46:48.0483 2652 WIMMount - ok
20:46:48.0655 2652 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
20:46:48.0671 2652 WinDefend - ok
20:46:48.0717 2652 WinHttpAutoProxySvc - ok
20:46:48.0827 2652 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
20:46:48.0842 2652 Winmgmt - ok
20:46:48.0951 2652 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
20:46:49.0045 2652 WinRM - ok
20:46:49.0185 2652 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
20:46:49.0201 2652 WinUsb - ok
20:46:49.0295 2652 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
20:46:49.0357 2652 Wlansvc - ok
20:46:49.0560 2652 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:46:49.0622 2652 wlidsvc - ok
20:46:49.0778 2652 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
20:46:49.0794 2652 WmiAcpi - ok
20:46:49.0887 2652 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
20:46:49.0965 2652 wmiApSrv - ok
20:46:50.0090 2652 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:46:50.0168 2652 WMPNetworkSvc - ok
20:46:50.0933 2652 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
20:46:50.0979 2652 WPCSvc - ok
20:46:51.0042 2652 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
20:46:51.0104 2652 WPDBusEnum - ok
20:46:51.0198 2652 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
20:46:51.0229 2652 ws2ifsl - ok
20:46:51.0260 2652 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
20:46:51.0307 2652 wscsvc - ok
20:46:51.0307 2652 WSearch - ok
20:46:51.0432 2652 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
20:46:51.0510 2652 wuauserv - ok
20:46:51.0650 2652 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
20:46:51.0681 2652 WudfPf - ok
20:46:51.0728 2652 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:46:51.0759 2652 WUDFRd - ok
20:46:51.0806 2652 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
20:46:51.0837 2652 wudfsvc - ok
20:46:51.0884 2652 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
20:46:52.0025 2652 WwanSvc - ok
20:46:52.0056 2652 XDva347 - ok
20:46:52.0071 2652 XDva391 - ok
20:46:52.0118 2652 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\Windows\system32\DRIVERS\xusb21.sys
20:46:52.0149 2652 xusb21 - ok
20:46:52.0181 2652 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:46:52.0212 2652 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
20:46:52.0212 2652 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
20:46:52.0243 2652 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:46:52.0243 2652 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:46:52.0274 2652 Boot (0x1200) (419b2752da6296bd1eec5f010672ba2b) \Device\Harddisk0\DR0\Partition0
20:46:52.0274 2652 \Device\Harddisk0\DR0\Partition0 - ok
20:46:52.0274 2652 ============================================================
20:46:52.0274 2652 Scan finished
20:46:52.0274 2652 ============================================================
20:46:52.0274 5964 Detected object count: 9
20:46:52.0274 5964 Actual detected object count: 9
20:51:07.0600 5964 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:07.0600 5964 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:51:07.0600 5964 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:07.0600 5964 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:51:07.0600 5964 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:07.0600 5964 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:51:07.0600 5964 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:51:07.0600 5964 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:51:07.0600 5964 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:07.0600 5964 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:51:07.0600 5964 TIEHDUSB ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:07.0600 5964 TIEHDUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:51:07.0616 5964 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
20:51:07.0616 5964 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:51:08.0224 5964 \Device\Harddisk0\DR0\# - copied to quarantine
20:51:08.0224 5964 \Device\Harddisk0\DR0 - copied to quarantine
20:51:08.0240 5964 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
20:51:08.0256 5964 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
20:51:08.0256 5964 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
20:51:08.0271 5964 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
20:51:08.0271 5964 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
20:51:08.0271 5964 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
20:51:08.0271 5964 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
20:51:08.0271 5964 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
20:51:08.0271 5964 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
20:51:08.0287 5964 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
20:51:08.0287 5964 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
20:51:08.0287 5964 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
20:51:08.0318 5964 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
20:51:08.0318 5964 \Device\Harddisk0\DR0 - ok
20:51:13.0934 5964 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
20:51:13.0934 5964 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:51:13.0934 5964 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
20:51:39.0502 3164 Deinitialize success


Anything else I should do? It cured one thing and quarantined 9 others. svchost.exe seems to acting normal now.

Edited by joe7991, 28 May 2012 - 11:07 PM.


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 28 May 2012 - 11:25 PM

Hello did you reboot after that scan?

If you haven't run Tdss like this do it also?
Open Tdss
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.




Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.


How is it running now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 joe7991

joe7991
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 29 May 2012 - 05:45 PM

Ok here is the new TDSS report

15:37:23.0441 5816 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
15:37:23.0925 5816 ============================================================
15:37:23.0925 5816 Current date / time: 2012/05/29 15:37:23.0925
15:37:23.0925 5816 SystemInfo:
15:37:23.0925 5816
15:37:23.0925 5816 OS Version: 6.1.7601 ServicePack: 1.0
15:37:23.0925 5816 Product type: Workstation
15:37:23.0925 5816 ComputerName: GAMING-PC
15:37:23.0925 5816 UserName: Joseph
15:37:23.0925 5816 Windows directory: C:\Windows
15:37:23.0925 5816 System windows directory: C:\Windows
15:37:23.0925 5816 Processor architecture: Intel x86
15:37:23.0925 5816 Number of processors: 2
15:37:23.0925 5816 Page size: 0x1000
15:37:23.0925 5816 Boot type: Normal boot
15:37:23.0925 5816 ============================================================
15:37:28.0825 5816 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:37:28.0825 5816 ============================================================
15:37:28.0825 5816 \Device\Harddisk0\DR0:
15:37:28.0825 5816 MBR partitions:
15:37:28.0825 5816 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
15:37:28.0825 5816 ============================================================
15:37:28.0856 5816 C: <-> \Device\Harddisk0\DR0\Partition0
15:37:28.0856 5816 ============================================================
15:37:28.0856 5816 Initialize success
15:37:28.0856 5816 ============================================================
15:38:09.0463 5976 ============================================================
15:38:09.0463 5976 Scan started
15:38:09.0463 5976 Mode: Manual; TDLFS;
15:38:09.0463 5976 ============================================================
15:38:12.0022 5976 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:38:12.0037 5976 !SASCORE - ok
15:38:12.0739 5976 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
15:38:12.0817 5976 1394ohci - ok
15:38:12.0958 5976 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
15:38:13.0004 5976 ACPI - ok
15:38:13.0067 5976 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
15:38:13.0067 5976 AcpiPmi - ok
15:38:13.0238 5976 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
15:38:13.0270 5976 adp94xx - ok
15:38:13.0301 5976 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
15:38:13.0301 5976 adpahci - ok
15:38:13.0628 5976 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
15:38:13.0660 5976 adpu320 - ok
15:38:13.0722 5976 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:38:13.0722 5976 AeLookupSvc - ok
15:38:13.0894 5976 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
15:38:13.0909 5976 AFD - ok
15:38:14.0003 5976 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
15:38:14.0050 5976 agp440 - ok
15:38:14.0299 5976 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
15:38:14.0315 5976 aic78xx - ok
15:38:14.0377 5976 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:38:14.0377 5976 ALG - ok
15:38:14.0408 5976 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
15:38:14.0408 5976 aliide - ok
15:38:14.0518 5976 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
15:38:14.0533 5976 amdagp - ok
15:38:14.0533 5976 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
15:38:14.0549 5976 amdide - ok
15:38:14.0798 5976 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
15:38:14.0830 5976 AmdK8 - ok
15:38:14.0892 5976 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
15:38:14.0908 5976 AmdPPM - ok
15:38:14.0954 5976 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
15:38:14.0954 5976 amdsata - ok
15:38:14.0986 5976 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
15:38:15.0001 5976 amdsbs - ok
15:38:15.0032 5976 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
15:38:15.0032 5976 amdxata - ok
15:38:15.0142 5976 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
15:38:15.0157 5976 AppID - ok
15:38:15.0204 5976 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:38:15.0204 5976 AppIDSvc - ok
15:38:15.0344 5976 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
15:38:15.0344 5976 Appinfo - ok
15:38:15.0454 5976 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:38:15.0454 5976 Apple Mobile Device - ok
15:38:15.0469 5976 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
15:38:15.0469 5976 arc - ok
15:38:15.0485 5976 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
15:38:15.0485 5976 arcsas - ok
15:38:15.0641 5976 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\Windows\system32\drivers\AsIO.sys
15:38:15.0672 5976 AsIO - ok
15:38:16.0015 5976 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:38:16.0078 5976 aspnet_state - ok
15:38:16.0187 5976 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:38:16.0187 5976 AsyncMac - ok
15:38:16.0265 5976 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
15:38:16.0265 5976 atapi - ok
15:38:16.0374 5976 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
15:38:16.0374 5976 atksgt - ok
15:38:16.0452 5976 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:38:16.0483 5976 AudioEndpointBuilder - ok
15:38:16.0499 5976 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:38:16.0499 5976 Audiosrv - ok
15:38:16.0873 5976 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
15:38:16.0889 5976 AxInstSV - ok
15:38:16.0982 5976 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
15:38:17.0029 5976 b06bdrv - ok
15:38:17.0123 5976 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:38:17.0185 5976 b57nd60x - ok
15:38:17.0341 5976 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:38:17.0341 5976 BDESVC - ok
15:38:17.0388 5976 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:38:17.0388 5976 Beep - ok
15:38:17.0466 5976 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
15:38:17.0466 5976 BFE - ok
15:38:17.0731 5976 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120517.001\BHDrvx86.sys
15:38:17.0731 5976 BHDrvx86 - ok
15:38:17.0918 5976 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
15:38:17.0918 5976 BITS - ok
15:38:18.0012 5976 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:38:18.0012 5976 blbdrive - ok
15:38:18.0480 5976 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
15:38:18.0496 5976 Bonjour Service - ok
15:38:18.0542 5976 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
15:38:18.0542 5976 bowser - ok
15:38:18.0558 5976 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:38:18.0558 5976 BrFiltLo - ok
15:38:18.0558 5976 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:38:18.0558 5976 BrFiltUp - ok
15:38:18.0605 5976 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
15:38:18.0620 5976 Browser - ok
15:38:18.0683 5976 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:38:18.0683 5976 Brserid - ok
15:38:18.0698 5976 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:38:18.0698 5976 BrSerWdm - ok
15:38:18.0776 5976 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:38:18.0776 5976 BrUsbMdm - ok
15:38:18.0792 5976 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:38:18.0792 5976 BrUsbSer - ok
15:38:18.0808 5976 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
15:38:18.0808 5976 BTHMODEM - ok
15:38:18.0854 5976 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:38:18.0870 5976 bthserv - ok
15:38:18.0917 5976 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:38:18.0932 5976 cdfs - ok
15:38:18.0979 5976 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
15:38:18.0979 5976 cdrom - ok
15:38:19.0042 5976 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:38:19.0042 5976 CertPropSvc - ok
15:38:19.0042 5976 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
15:38:19.0042 5976 circlass - ok
15:38:19.0073 5976 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:38:19.0120 5976 CLFS - ok
15:38:19.0229 5976 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:38:19.0260 5976 clr_optimization_v2.0.50727_32 - ok
15:38:19.0400 5976 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:38:19.0463 5976 clr_optimization_v4.0.30319_32 - ok
15:38:19.0494 5976 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
15:38:19.0494 5976 CmBatt - ok
15:38:19.0525 5976 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
15:38:19.0525 5976 cmdide - ok
15:38:19.0634 5976 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
15:38:19.0681 5976 CNG - ok
15:38:19.0697 5976 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
15:38:19.0697 5976 Compbatt - ok
15:38:19.0775 5976 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
15:38:19.0775 5976 CompositeBus - ok
15:38:19.0790 5976 COMSysApp - ok
15:38:19.0837 5976 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys
15:38:19.0868 5976 cpuz135 - ok
15:38:19.0884 5976 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
15:38:19.0884 5976 crcdisk - ok
15:38:19.0946 5976 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
15:38:19.0946 5976 CryptSvc - ok
15:38:20.0071 5976 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
15:38:20.0087 5976 DAUpdaterSvc - ok
15:38:20.0149 5976 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:38:20.0149 5976 DcomLaunch - ok
15:38:20.0212 5976 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:38:20.0258 5976 defragsvc - ok
15:38:20.0305 5976 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
15:38:20.0336 5976 DfsC - ok
15:38:20.0368 5976 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
15:38:20.0383 5976 Dhcp - ok
15:38:20.0399 5976 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:38:20.0399 5976 discache - ok
15:38:20.0430 5976 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
15:38:20.0430 5976 Disk - ok
15:38:20.0492 5976 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
15:38:20.0492 5976 Dnscache - ok
15:38:20.0555 5976 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
15:38:20.0555 5976 dot3svc - ok
15:38:20.0617 5976 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
15:38:20.0617 5976 DPS - ok
15:38:20.0680 5976 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:38:20.0680 5976 drmkaud - ok
15:38:20.0758 5976 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
15:38:20.0789 5976 DXGKrnl - ok
15:38:20.0836 5976 EagleNT - ok
15:38:20.0882 5976 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:38:20.0882 5976 EapHost - ok
15:38:21.0038 5976 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
15:38:21.0085 5976 ebdrv - ok
15:38:21.0226 5976 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
15:38:21.0257 5976 eeCtrl - ok
15:38:21.0428 5976 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
15:38:21.0428 5976 EFS - ok
15:38:21.0538 5976 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
15:38:21.0616 5976 ehRecvr - ok
15:38:21.0662 5976 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:38:21.0678 5976 ehSched - ok
15:38:21.0756 5976 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
15:38:21.0772 5976 elxstor - ok
15:38:21.0818 5976 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\Windows\system32\DRIVERS\ENTECH.sys
15:38:21.0834 5976 ENTECH - ok
15:38:21.0943 5976 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:38:21.0959 5976 EraserUtilRebootDrv - ok
15:38:22.0006 5976 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
15:38:22.0006 5976 ErrDev - ok
15:38:22.0068 5976 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:38:22.0084 5976 EventSystem - ok
15:38:22.0115 5976 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:38:22.0115 5976 exfat - ok
15:38:22.0130 5976 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:38:22.0146 5976 fastfat - ok
15:38:22.0208 5976 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
15:38:22.0255 5976 Fax - ok
15:38:22.0255 5976 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:38:22.0255 5976 fdc - ok
15:38:22.0271 5976 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:38:22.0271 5976 fdPHost - ok
15:38:22.0286 5976 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:38:22.0286 5976 FDResPub - ok
15:38:22.0286 5976 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:38:22.0286 5976 FileInfo - ok
15:38:22.0302 5976 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:38:22.0302 5976 Filetrace - ok
15:38:22.0302 5976 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:38:22.0302 5976 flpydisk - ok
15:38:22.0333 5976 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:38:22.0349 5976 FltMgr - ok
15:38:22.0427 5976 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
15:38:22.0427 5976 FontCache - ok
15:38:22.0567 5976 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:38:22.0583 5976 FontCache3.0.0.0 - ok
15:38:22.0614 5976 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:38:22.0614 5976 FsDepends - ok
15:38:22.0676 5976 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
15:38:22.0692 5976 fssfltr - ok
15:38:22.0879 5976 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:38:22.0942 5976 fsssvc - ok
15:38:23.0129 5976 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
15:38:23.0160 5976 Fs_Rec - ok
15:38:23.0222 5976 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
15:38:23.0222 5976 fvevol - ok
15:38:23.0254 5976 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:38:23.0269 5976 gagp30kx - ok
15:38:23.0316 5976 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:38:23.0332 5976 GEARAspiWDM - ok
15:38:23.0394 5976 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
15:38:23.0394 5976 gpsvc - ok
15:38:23.0503 5976 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:38:23.0503 5976 gupdate - ok
15:38:23.0519 5976 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:38:23.0519 5976 gupdatem - ok
15:38:23.0550 5976 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
15:38:23.0550 5976 hamachi - ok
15:38:23.0566 5976 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:38:23.0566 5976 hcw85cir - ok
15:38:23.0612 5976 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
15:38:23.0612 5976 HDAudBus - ok
15:38:23.0628 5976 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
15:38:23.0628 5976 HidBatt - ok
15:38:23.0644 5976 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
15:38:23.0644 5976 HidBth - ok
15:38:23.0659 5976 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
15:38:23.0659 5976 HidIr - ok
15:38:23.0706 5976 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
15:38:23.0706 5976 hidserv - ok
15:38:23.0737 5976 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
15:38:23.0737 5976 HidUsb - ok
15:38:23.0768 5976 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
15:38:23.0768 5976 hkmsvc - ok
15:38:23.0831 5976 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
15:38:23.0831 5976 HomeGroupListener - ok
15:38:23.0878 5976 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
15:38:23.0893 5976 HomeGroupProvider - ok
15:38:24.0049 5976 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
15:38:24.0049 5976 hpqcxs08 - ok
15:38:24.0096 5976 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
15:38:24.0112 5976 hpqddsvc - ok
15:38:24.0127 5976 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
15:38:24.0127 5976 HpSAMD - ok
15:38:24.0190 5976 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
15:38:24.0205 5976 HPSLPSVC - ok
15:38:24.0283 5976 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
15:38:24.0283 5976 HTTP - ok
15:38:24.0330 5976 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
15:38:24.0330 5976 hwpolicy - ok
15:38:24.0346 5976 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
15:38:24.0361 5976 i8042prt - ok
15:38:24.0408 5976 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
15:38:24.0424 5976 iaStorV - ok
15:38:24.0564 5976 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:38:24.0595 5976 IDriverT - ok
15:38:24.0751 5976 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:38:24.0751 5976 idsvc - ok
15:38:24.0970 5976 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120528.001\IDSvix86.sys
15:38:24.0985 5976 IDSVix86 - ok
15:38:25.0157 5976 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
15:38:25.0157 5976 iirsp - ok
15:38:25.0219 5976 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
15:38:25.0219 5976 IKEEXT - ok
15:38:25.0375 5976 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys
15:38:25.0406 5976 IntcAzAudAddService - ok
15:38:25.0484 5976 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
15:38:25.0484 5976 intelide - ok
15:38:25.0516 5976 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:38:25.0516 5976 intelppm - ok
15:38:25.0562 5976 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:38:25.0578 5976 IPBusEnum - ok
15:38:25.0609 5976 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:38:25.0609 5976 IpFilterDriver - ok
15:38:25.0672 5976 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
15:38:25.0687 5976 iphlpsvc - ok
15:38:25.0734 5976 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
15:38:25.0734 5976 IPMIDRV - ok
15:38:25.0750 5976 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:38:25.0750 5976 IPNAT - ok
15:38:25.0890 5976 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe
15:38:25.0937 5976 iPod Service - ok
15:38:25.0968 5976 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:38:25.0968 5976 IRENUM - ok
15:38:25.0984 5976 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
15:38:25.0984 5976 isapnp - ok
15:38:26.0046 5976 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
15:38:26.0124 5976 iScsiPrt - ok
15:38:26.0155 5976 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:38:26.0155 5976 kbdclass - ok
15:38:26.0202 5976 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
15:38:26.0202 5976 kbdhid - ok
15:38:26.0249 5976 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:38:26.0249 5976 KeyIso - ok
15:38:26.0249 5976 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
15:38:26.0264 5976 KSecDD - ok
15:38:26.0296 5976 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
15:38:26.0342 5976 KSecPkg - ok
15:38:26.0389 5976 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:38:26.0436 5976 KtmRm - ok
15:38:26.0498 5976 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
15:38:26.0498 5976 LanmanServer - ok
15:38:26.0561 5976 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
15:38:26.0576 5976 LanmanWorkstation - ok
15:38:26.0686 5976 LBTServ (47c12f1a54b5c1b51008d7629c1d4f7b) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
15:38:26.0701 5976 LBTServ - ok
15:38:26.0764 5976 LHidFilt (8b30311241f97b35167afe68d79e8530) C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:38:26.0764 5976 LHidFilt - ok
15:38:26.0842 5976 libusb0 (cb5d13966f74d7f000724a907f614193) C:\Windows\system32\DRIVERS\libusb0.sys
15:38:26.0857 5976 libusb0 - ok
15:38:26.0935 5976 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
15:38:26.0935 5976 lirsgt - ok
15:38:26.0998 5976 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:38:26.0998 5976 lltdio - ok
15:38:27.0060 5976 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:38:27.0076 5976 lltdsvc - ok
15:38:27.0076 5976 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:38:27.0076 5976 lmhosts - ok
15:38:27.0091 5976 LMouFilt (48d7422a6c4eec886b56ac534cfa3acf) C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:38:27.0091 5976 LMouFilt - ok
15:38:27.0122 5976 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:38:27.0122 5976 LSI_FC - ok
15:38:27.0138 5976 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:38:27.0138 5976 LSI_SAS - ok
15:38:27.0154 5976 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:38:27.0154 5976 LSI_SAS2 - ok
15:38:27.0169 5976 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:38:27.0169 5976 LSI_SCSI - ok
15:38:27.0185 5976 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:38:27.0200 5976 luafv - ok
15:38:27.0247 5976 LUsbFilt (0b808ff2f17c8396fb2ae202f75aed37) C:\Windows\system32\Drivers\LUsbFilt.Sys
15:38:27.0247 5976 LUsbFilt - ok
15:38:27.0294 5976 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
15:38:27.0310 5976 Mcx2Svc - ok
15:38:27.0341 5976 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
15:38:27.0356 5976 megasas - ok
15:38:27.0372 5976 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
15:38:27.0372 5976 MegaSR - ok
15:38:27.0419 5976 mfeavfk (bafdd5e28baea99d7f4772af2f5ec7ee) C:\Windows\system32\drivers\mfeavfk.sys
15:38:27.0419 5976 mfeavfk - ok
15:38:27.0434 5976 mfebopk (1d003e3056a43d881597d6763e83b943) C:\Windows\system32\drivers\mfebopk.sys
15:38:27.0466 5976 mfebopk - ok
15:38:27.0497 5976 mfehidk (3f138a1c8a0659f329f242d1e389b2cf) C:\Windows\system32\drivers\mfehidk.sys
15:38:27.0497 5976 mfehidk - ok
15:38:27.0528 5976 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
15:38:27.0544 5976 mferkdk - ok
15:38:27.0575 5976 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
15:38:27.0590 5976 mfesmfk - ok
15:38:27.0715 5976 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
15:38:27.0731 5976 Microsoft Office Groove Audit Service - ok
15:38:27.0778 5976 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:38:27.0793 5976 MMCSS - ok
15:38:27.0809 5976 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:38:27.0809 5976 Modem - ok
15:38:27.0856 5976 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:38:27.0871 5976 monitor - ok
15:38:27.0949 5976 MotioninJoyXFilter (9960b18d55e7bd0f265c3c1953d19592) C:\Windows\system32\DRIVERS\MijXfilt.sys
15:38:27.0980 5976 MotioninJoyXFilter - ok
15:38:28.0043 5976 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:38:28.0043 5976 mouclass - ok
15:38:28.0090 5976 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:38:28.0105 5976 mouhid - ok
15:38:28.0152 5976 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
15:38:28.0168 5976 mountmgr - ok
15:38:28.0261 5976 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:38:28.0292 5976 MozillaMaintenance - ok
15:38:28.0355 5976 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
15:38:28.0355 5976 mpio - ok
15:38:28.0370 5976 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:38:28.0370 5976 mpsdrv - ok
15:38:28.0464 5976 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
15:38:28.0480 5976 MpsSvc - ok
15:38:28.0511 5976 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
15:38:28.0526 5976 MRxDAV - ok
15:38:28.0573 5976 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:38:28.0573 5976 mrxsmb - ok
15:38:28.0636 5976 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:38:28.0636 5976 mrxsmb10 - ok
15:38:28.0651 5976 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:38:28.0651 5976 mrxsmb20 - ok
15:38:28.0682 5976 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
15:38:28.0682 5976 msahci - ok
15:38:28.0698 5976 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
15:38:28.0729 5976 msdsm - ok
15:38:28.0760 5976 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:38:28.0776 5976 MSDTC - ok
15:38:28.0807 5976 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:38:28.0807 5976 Msfs - ok
15:38:28.0807 5976 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:38:28.0807 5976 mshidkmdf - ok
15:38:28.0854 5976 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
15:38:28.0854 5976 msisadrv - ok
15:38:28.0916 5976 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:38:28.0932 5976 MSiSCSI - ok
15:38:28.0948 5976 msiserver - ok
15:38:28.0963 5976 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:38:28.0979 5976 MSKSSRV - ok
15:38:28.0979 5976 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:38:28.0979 5976 MSPCLOCK - ok
15:38:28.0994 5976 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:38:28.0994 5976 MSPQM - ok
15:38:29.0041 5976 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:38:29.0041 5976 MsRPC - ok
15:38:29.0057 5976 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
15:38:29.0057 5976 mssmbios - ok
15:38:29.0072 5976 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:38:29.0088 5976 MSTEE - ok
15:38:29.0119 5976 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
15:38:29.0119 5976 MTConfig - ok
15:38:29.0166 5976 MTsensor (0f24624106d8042e7f27882d9d6ff5c0) C:\Windows\system32\DRIVERS\ASACPI.sys
15:38:29.0182 5976 MTsensor - ok
15:38:29.0213 5976 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:38:29.0213 5976 Mup - ok
15:38:29.0369 5976 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
15:38:29.0384 5976 N360 - ok
15:38:29.0447 5976 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
15:38:29.0447 5976 napagent - ok
15:38:29.0494 5976 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:38:29.0494 5976 NativeWifiP - ok
15:38:29.0681 5976 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120528.024\NAVENG.SYS
15:38:29.0681 5976 NAVENG - ok
15:38:29.0899 5976 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120528.024\NAVEX15.SYS
15:38:29.0915 5976 NAVEX15 - ok
15:38:30.0164 5976 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
15:38:30.0164 5976 NDIS - ok
15:38:30.0227 5976 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:38:30.0227 5976 NdisCap - ok
15:38:30.0242 5976 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:38:30.0242 5976 NdisTapi - ok
15:38:30.0305 5976 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
15:38:30.0305 5976 Ndisuio - ok
15:38:30.0352 5976 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
15:38:30.0352 5976 NdisWan - ok
15:38:30.0398 5976 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
15:38:30.0398 5976 NDProxy - ok
15:38:30.0461 5976 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
15:38:30.0461 5976 Net Driver HPZ12 - ok
15:38:30.0492 5976 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:38:30.0492 5976 NetBIOS - ok
15:38:30.0554 5976 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
15:38:30.0601 5976 NetBT - ok
15:38:30.0648 5976 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:38:30.0648 5976 Netlogon - ok
15:38:30.0710 5976 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:38:30.0726 5976 Netman - ok
15:38:30.0866 5976 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:38:30.0913 5976 NetMsmqActivator - ok
15:38:30.0913 5976 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:38:30.0913 5976 NetPipeActivator - ok
15:38:30.0960 5976 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:38:30.0960 5976 netprofm - ok
15:38:30.0976 5976 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:38:30.0976 5976 NetTcpActivator - ok
15:38:30.0991 5976 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:38:30.0991 5976 NetTcpPortSharing - ok
15:38:31.0007 5976 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
15:38:31.0022 5976 nfrd960 - ok
15:38:31.0069 5976 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
15:38:31.0085 5976 NlaSvc - ok
15:38:31.0085 5976 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:38:31.0085 5976 Npfs - ok
15:38:31.0132 5976 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:38:31.0132 5976 nsi - ok
15:38:31.0132 5976 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:38:31.0132 5976 nsiproxy - ok
15:38:31.0241 5976 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
15:38:31.0256 5976 Ntfs - ok
15:38:31.0428 5976 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:38:31.0428 5976 Null - ok
15:38:31.0506 5976 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
15:38:31.0506 5976 NVENETFD - ok
15:38:32.0068 5976 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:38:32.0146 5976 nvlddmkm - ok
15:38:32.0364 5976 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
15:38:32.0364 5976 nvraid - ok
15:38:32.0426 5976 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
15:38:32.0426 5976 nvstor - ok
15:38:32.0473 5976 nvstor32 (dc5f166422beebf195e3e4bb8ab4ee22) C:\Windows\system32\DRIVERS\nvstor32.sys
15:38:32.0520 5976 nvstor32 - ok
15:38:32.0614 5976 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
15:38:32.0645 5976 nvsvc - ok
15:38:32.0894 5976 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:38:32.0910 5976 nvUpdatusService - ok
15:38:33.0394 5976 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
15:38:33.0394 5976 nv_agp - ok
15:38:33.0503 5976 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:38:33.0550 5976 odserv - ok
15:38:33.0596 5976 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
15:38:33.0596 5976 ohci1394 - ok
15:38:33.0940 5976 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:38:34.0002 5976 ose - ok
15:38:34.0049 5976 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:38:34.0064 5976 p2pimsvc - ok
15:38:34.0127 5976 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:38:34.0127 5976 p2psvc - ok
15:38:34.0205 5976 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:38:34.0205 5976 Parport - ok
15:38:34.0267 5976 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
15:38:34.0283 5976 partmgr - ok
15:38:34.0298 5976 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:38:34.0298 5976 Parvdm - ok
15:38:34.0314 5976 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:38:34.0314 5976 PcaSvc - ok
15:38:34.0361 5976 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
15:38:34.0361 5976 pci - ok
15:38:34.0376 5976 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
15:38:34.0376 5976 pciide - ok
15:38:34.0408 5976 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
15:38:34.0423 5976 pcmcia - ok
15:38:34.0454 5976 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
15:38:34.0486 5976 pcouffin - ok
15:38:34.0517 5976 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:38:34.0517 5976 pcw - ok
15:38:34.0548 5976 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:38:34.0564 5976 PEAUTH - ok
15:38:34.0704 5976 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
15:38:34.0766 5976 pla - ok
15:38:34.0985 5976 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
15:38:35.0000 5976 PlugPlay - ok
15:38:35.0078 5976 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
15:38:35.0078 5976 Pml Driver HPZ12 - ok
15:38:35.0141 5976 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
15:38:35.0172 5976 PnkBstrA - ok
15:38:35.0266 5976 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:38:35.0266 5976 PNRPAutoReg - ok
15:38:35.0297 5976 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:38:35.0312 5976 PNRPsvc - ok
15:38:35.0375 5976 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
15:38:35.0375 5976 PolicyAgent - ok
15:38:35.0437 5976 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
15:38:35.0437 5976 Power - ok
15:38:35.0531 5976 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:38:35.0546 5976 PptpMiniport - ok
15:38:35.0593 5976 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
15:38:35.0593 5976 Processor - ok
15:38:35.0656 5976 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
15:38:35.0656 5976 ProfSvc - ok
15:38:35.0702 5976 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:38:35.0702 5976 ProtectedStorage - ok
15:38:35.0765 5976 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:38:35.0765 5976 Psched - ok
15:38:35.0843 5976 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
15:38:35.0874 5976 ql2300 - ok
15:38:35.0983 5976 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
15:38:35.0999 5976 ql40xx - ok
15:38:36.0046 5976 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:38:36.0046 5976 QWAVE - ok
15:38:36.0061 5976 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:38:36.0061 5976 QWAVEdrv - ok
15:38:36.0077 5976 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:38:36.0077 5976 RasAcd - ok
15:38:36.0124 5976 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:38:36.0124 5976 RasAgileVpn - ok
15:38:36.0139 5976 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:38:36.0139 5976 RasAuto - ok
15:38:36.0155 5976 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:38:36.0155 5976 Rasl2tp - ok
15:38:36.0217 5976 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
15:38:36.0233 5976 RasMan - ok
15:38:36.0248 5976 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:38:36.0248 5976 RasPppoe - ok
15:38:36.0280 5976 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:38:36.0295 5976 RasSstp - ok
15:38:36.0342 5976 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
15:38:36.0342 5976 rdbss - ok
15:38:36.0358 5976 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
15:38:36.0358 5976 rdpbus - ok
15:38:36.0404 5976 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:38:36.0404 5976 RDPCDD - ok
15:38:36.0420 5976 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:38:36.0436 5976 RDPENCDD - ok
15:38:36.0436 5976 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:38:36.0436 5976 RDPREFMP - ok
15:38:36.0482 5976 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
15:38:36.0545 5976 RDPWD - ok
15:38:36.0607 5976 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
15:38:36.0670 5976 rdyboost - ok
15:38:36.0748 5976 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:38:36.0748 5976 RemoteAccess - ok
15:38:36.0779 5976 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:38:36.0794 5976 RemoteRegistry - ok
15:38:36.0872 5976 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:38:36.0872 5976 RpcEptMapper - ok
15:38:36.0935 5976 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:38:36.0966 5976 RpcLocator - ok
15:38:37.0153 5976 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:38:37.0153 5976 RpcSs - ok
15:38:37.0262 5976 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:38:37.0262 5976 rspndr - ok
15:38:37.0512 5976 SABKUTIL - ok
15:38:37.0590 5976 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:38:37.0590 5976 SamSs - ok
15:38:38.0058 5976 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:38:38.0105 5976 SASDIFSV - ok
15:38:38.0432 5976 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:38:38.0464 5976 SASKUTIL - ok
15:38:38.0604 5976 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
15:38:38.0604 5976 sbp2port - ok
15:38:38.0807 5976 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:38:38.0822 5976 SCardSvr - ok
15:38:38.0900 5976 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
15:38:38.0932 5976 scfilter - ok
15:38:39.0992 5976 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
15:38:40.0024 5976 Schedule - ok
15:38:40.0195 5976 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:38:40.0195 5976 SCPolicySvc - ok
15:38:40.0304 5976 SCREAMINGBDRIVER (d3fa9fb502ad62001101f495bbbac42e) C:\Windows\system32\drivers\ScreamingBAudio.sys
15:38:40.0351 5976 SCREAMINGBDRIVER - ok
15:38:40.0804 5976 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
15:38:40.0850 5976 SDRSVC - ok
15:38:41.0474 5976 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:38:41.0506 5976 SeaPort - ok
15:38:41.0630 5976 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:38:41.0646 5976 secdrv - ok
15:38:41.0755 5976 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:38:41.0755 5976 seclogon - ok
15:38:41.0818 5976 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
15:38:41.0818 5976 SENS - ok
15:38:41.0989 5976 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:38:42.0052 5976 SensrSvc - ok
15:38:42.0098 5976 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:38:42.0114 5976 Serenum - ok
15:38:42.0332 5976 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:38:42.0332 5976 Serial - ok
15:38:42.0410 5976 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
15:38:42.0442 5976 sermouse - ok
15:38:42.0520 5976 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
15:38:42.0520 5976 SessionEnv - ok
15:38:42.0582 5976 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
15:38:42.0629 5976 sffdisk - ok
15:38:42.0660 5976 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
15:38:42.0676 5976 sffp_mmc - ok
15:38:42.0738 5976 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
15:38:42.0754 5976 sffp_sd - ok
15:38:42.0816 5976 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
15:38:42.0816 5976 sfloppy - ok
15:38:42.0894 5976 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:38:42.0988 5976 SharedAccess - ok
15:38:43.0175 5976 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
15:38:43.0190 5976 ShellHWDetection - ok
15:38:43.0206 5976 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
15:38:43.0206 5976 sisagp - ok
15:38:43.0237 5976 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:38:43.0237 5976 SiSRaid2 - ok
15:38:43.0253 5976 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
15:38:43.0268 5976 SiSRaid4 - ok
15:38:43.0284 5976 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:38:43.0284 5976 Smb - ok
15:38:43.0346 5976 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:38:43.0346 5976 SNMPTRAP - ok
15:38:43.0362 5976 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:38:43.0362 5976 spldr - ok
15:38:43.0424 5976 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
15:38:43.0424 5976 Spooler - ok
15:38:43.0643 5976 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
15:38:43.0674 5976 sppsvc - ok
15:38:43.0939 5976 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
15:38:43.0939 5976 sppuinotify - ok
15:38:44.0064 5976 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
15:38:44.0064 5976 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
15:38:44.0080 5976 sptd ( LockedFile.Multi.Generic ) - warning
15:38:44.0080 5976 sptd - detected LockedFile.Multi.Generic (1)
15:38:44.0204 5976 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502010.003\SRTSP.SYS
15:38:44.0204 5976 SRTSP - ok
15:38:44.0298 5976 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502010.003\SRTSPX.SYS
15:38:44.0314 5976 SRTSPX - ok
15:38:44.0454 5976 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
15:38:44.0454 5976 srv - ok
15:38:45.0741 5976 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
15:38:45.0756 5976 srv2 - ok
15:38:46.0240 5976 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
15:38:46.0255 5976 srvnet - ok
15:38:47.0082 5976 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:38:47.0098 5976 SSDPSRV - ok
15:38:47.0519 5976 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:38:47.0535 5976 SstpSvc - ok
15:38:47.0925 5976 Steam Client Service - ok
15:38:50.0093 5976 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:38:50.0109 5976 Stereo Service - ok
15:38:50.0467 5976 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
15:38:50.0467 5976 stexstor - ok
15:38:50.0701 5976 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
15:38:50.0811 5976 StillCam - ok
15:38:52.0667 5976 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
15:38:52.0683 5976 StiSvc - ok
15:38:52.0792 5976 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
15:38:52.0792 5976 swenum - ok
15:38:53.0634 5976 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:38:53.0665 5976 SwitchBoard - ok
15:38:54.0430 5976 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:38:54.0445 5976 swprv - ok
15:38:55.0912 5976 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502010.003\SYMDS.SYS
15:38:56.0052 5976 SymDS - ok
15:38:57.0097 5976 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502010.003\SYMEFA.SYS
15:38:57.0160 5976 SymEFA - ok
15:38:57.0425 5976 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
15:38:57.0456 5976 SymEvent - ok
15:38:57.0924 5976 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502010.003\Ironx86.SYS
15:38:57.0940 5976 SymIRON - ok
15:38:58.0361 5976 SymNetS (2c688094650d23b62b0a809decd0b12f) C:\Windows\System32\Drivers\N360\0502010.003\SYMNETS.SYS
15:38:58.0392 5976 SymNetS - ok
15:38:59.0281 5976 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
15:38:59.0328 5976 SysMain - ok
15:38:59.0375 5976 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
15:38:59.0391 5976 TabletInputService - ok
15:38:59.0453 5976 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
15:38:59.0469 5976 TapiSrv - ok
15:38:59.0515 5976 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:38:59.0515 5976 TBS - ok
15:38:59.0671 5976 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
15:38:59.0749 5976 Tcpip - ok
15:38:59.0968 5976 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
15:38:59.0968 5976 TCPIP6 - ok
15:39:00.0046 5976 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
15:39:00.0046 5976 tcpipreg - ok
15:39:00.0108 5976 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
15:39:00.0108 5976 TDPIPE - ok
15:39:00.0155 5976 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
15:39:00.0186 5976 TDTCP - ok
15:39:00.0217 5976 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
15:39:00.0217 5976 tdx - ok
15:39:00.0264 5976 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
15:39:00.0264 5976 TermDD - ok
15:39:00.0748 5976 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
15:39:00.0763 5976 TermService - ok
15:39:00.0904 5976 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:39:00.0904 5976 Themes - ok
15:39:01.0356 5976 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:39:01.0356 5976 THREADORDER - ok
15:39:01.0434 5976 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\Windows\system32\drivers\tiehdusb.sys
15:39:01.0465 5976 TIEHDUSB - ok
15:39:01.0559 5976 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:39:01.0559 5976 TrkWks - ok
15:39:01.0699 5976 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
15:39:01.0699 5976 TrustedInstaller - ok
15:39:01.0777 5976 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:39:01.0777 5976 tssecsrv - ok
15:39:01.0871 5976 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
15:39:01.0887 5976 TsUsbFlt - ok
15:39:01.0996 5976 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
15:39:01.0996 5976 tunnel - ok
15:39:02.0089 5976 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
15:39:02.0121 5976 uagp35 - ok
15:39:02.0667 5976 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
15:39:02.0682 5976 udfs - ok
15:39:02.0807 5976 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:39:02.0823 5976 UI0Detect - ok
15:39:02.0901 5976 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
15:39:02.0901 5976 uliagpkx - ok
15:39:02.0994 5976 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
15:39:02.0994 5976 umbus - ok
15:39:03.0041 5976 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
15:39:03.0041 5976 UmPass - ok
15:39:03.0103 5976 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:39:03.0103 5976 upnphost - ok
15:39:03.0181 5976 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
15:39:03.0197 5976 USBAAPL - ok
15:39:03.0447 5976 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
15:39:03.0493 5976 usbaudio - ok
15:39:03.0556 5976 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
15:39:03.0618 5976 usbccgp - ok
15:39:03.0681 5976 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
15:39:03.0805 5976 usbcir - ok
15:39:03.0868 5976 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
15:39:03.0868 5976 usbcir - ok
15:39:03.0883 5976 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
15:39:03.0883 5976 usbehci - ok
15:39:03.0961 5976 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
15:39:03.0977 5976 usbhub - ok
15:39:03.0993 5976 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
15:39:03.0993 5976 usbohci - ok
15:39:04.0024 5976 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:39:04.0039 5976 usbprint - ok
15:39:04.0273 5976 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:39:04.0289 5976 USBSTOR - ok
15:39:04.0429 5976 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
15:39:04.0429 5976 usbuhci - ok
15:39:04.0492 5976 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:39:04.0492 5976 UxSms - ok
15:39:04.0554 5976 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:39:04.0554 5976 VaultSvc - ok
15:39:04.0648 5976 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
15:39:04.0648 5976 vdrvroot - ok
15:39:04.0757 5976 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
15:39:04.0788 5976 vds - ok
15:39:04.0835 5976 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:39:04.0835 5976 vga - ok
15:39:04.0882 5976 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:39:04.0882 5976 VgaSave - ok
15:39:04.0929 5976 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
15:39:04.0944 5976 vhdmp - ok
15:39:04.0960 5976 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
15:39:04.0960 5976 viaagp - ok
15:39:04.0975 5976 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
15:39:04.0975 5976 ViaC7 - ok
15:39:05.0022 5976 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
15:39:05.0022 5976 viaide - ok
15:39:05.0069 5976 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
15:39:05.0069 5976 volmgr - ok
15:39:05.0100 5976 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:39:05.0131 5976 volmgrx - ok
15:39:05.0178 5976 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
15:39:05.0178 5976 volsnap - ok
15:39:05.0225 5976 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
15:39:05.0225 5976 vsmraid - ok
15:39:05.0319 5976 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
15:39:05.0334 5976 VSS - ok
15:39:05.0365 5976 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
15:39:05.0365 5976 vwifibus - ok
15:39:05.0443 5976 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:39:05.0443 5976 W32Time - ok
15:39:05.0459 5976 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
15:39:05.0459 5976 WacomPen - ok
15:39:05.0506 5976 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:39:05.0521 5976 WANARP - ok
15:39:05.0521 5976 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:39:05.0521 5976 Wanarpv6 - ok
15:39:05.0646 5976 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
15:39:05.0677 5976 WatAdminSvc - ok
15:39:05.0896 5976 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
15:39:05.0927 5976 wbengine - ok
15:39:05.0989 5976 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:39:05.0989 5976 WbioSrvc - ok
15:39:06.0052 5976 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
15:39:06.0052 5976 wcncsvc - ok
15:39:06.0067 5976 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:39:06.0067 5976 WcsPlugInService - ok
15:39:06.0161 5976 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
15:39:06.0161 5976 Wd - ok
15:39:06.0192 5976 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:39:06.0192 5976 Wdf01000 - ok
15:39:06.0239 5976 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:39:06.0239 5976 WdiServiceHost - ok
15:39:06.0239 5976 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:39:06.0239 5976 WdiSystemHost - ok
15:39:06.0317 5976 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
15:39:06.0317 5976 WebClient - ok
15:39:06.0379 5976 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:39:06.0379 5976 Wecsvc - ok
15:39:06.0379 5976 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:39:06.0395 5976 wercplsupport - ok
15:39:06.0426 5976 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:39:06.0426 5976 WerSvc - ok
15:39:06.0457 5976 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:39:06.0457 5976 WfpLwf - ok
15:39:06.0457 5976 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:39:06.0457 5976 WIMMount - ok
15:39:06.0629 5976 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:39:06.0738 5976 WinDefend - ok
15:39:06.0769 5976 WinHttpAutoProxySvc - ok
15:39:07.0128 5976 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:39:07.0144 5976 Winmgmt - ok
15:39:07.0643 5976 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
15:39:07.0674 5976 WinRM - ok
15:39:08.0095 5976 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
15:39:08.0095 5976 WinUsb - ok
15:39:08.0392 5976 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:39:08.0407 5976 Wlansvc - ok
15:39:08.0626 5976 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:39:08.0657 5976 wlidsvc - ok
15:39:08.0813 5976 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
15:39:08.0813 5976 WmiAcpi - ok
15:39:08.0938 5976 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:39:08.0938 5976 wmiApSrv - ok
15:39:09.0063 5976 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:39:09.0078 5976 WMPNetworkSvc - ok
15:39:09.0156 5976 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:39:09.0156 5976 WPCSvc - ok
15:39:09.0219 5976 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
15:39:09.0219 5976 WPDBusEnum - ok
15:39:09.0250 5976 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:39:09.0250 5976 ws2ifsl - ok
15:39:09.0297 5976 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
15:39:09.0297 5976 wscsvc - ok
15:39:09.0297 5976 WSearch - ok
15:39:09.0905 5976 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
15:39:09.0936 5976 wuauserv - ok
15:39:10.0155 5976 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
15:39:10.0155 5976 WudfPf - ok
15:39:10.0186 5976 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:39:10.0186 5976 WUDFRd - ok
15:39:10.0248 5976 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
15:39:10.0248 5976 wudfsvc - ok
15:39:10.0311 5976 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:39:10.0326 5976 WwanSvc - ok
15:39:10.0342 5976 XDva347 - ok
15:39:10.0357 5976 XDva391 - ok
15:39:10.0435 5976 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\Windows\system32\DRIVERS\xusb21.sys
15:39:10.0451 5976 xusb21 - ok
15:39:10.0498 5976 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:39:10.0919 5976 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:39:10.0919 5976 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:39:10.0950 5976 Boot (0x1200) (419b2752da6296bd1eec5f010672ba2b) \Device\Harddisk0\DR0\Partition0
15:39:10.0950 5976 \Device\Harddisk0\DR0\Partition0 - ok
15:39:10.0950 5976 ============================================================
15:39:10.0950 5976 Scan finished
15:39:10.0950 5976 ============================================================
15:39:10.0966 5968 Detected object count: 2
15:39:10.0966 5968 Actual detected object count: 2
15:39:22.0388 5968 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:39:22.0388 5968 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:39:22.0388 5968 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:39:22.0388 5968 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:39:26.0943 5812 Deinitialize success

#5 joe7991

joe7991
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 29 May 2012 - 05:54 PM

Here is MBAM log. By the way, no restarts needed

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.29.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Joseph :: GAMING-PC [administrator]

5/29/2012 3:45:32 PM
mbam-log-2012-05-29 (15-45-32).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 259392
Time elapsed: 8 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 29 May 2012 - 06:42 PM

OK , rerun the first TDSS,
Change the setting beside these entries

to Delete


01:02:31.0640 5588 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
01:02:31.0640 5588 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


reboot and post that log.



Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How is ut running now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 joe7991

joe7991
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 30 May 2012 - 12:15 AM

Report from ESET scan

C:\ProgramData\YouTube Downloader\ytd_installer.exe probably a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\TDSSKiller_Quarantine\28.05.2012_20.45.33\mbr0000\tdlfs0000\tsk0001.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.05.2012_20.45.33\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.05.2012_20.45.33\mbr0000\tdlfs0000\tsk0003.dta a variant of Win32/Rootkit.Kryptik.LH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.05.2012_20.45.33\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.05.2012_20.45.33\mbr0000\tdlfs0000\tsk0008.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\28.05.2012_20.45.33\mbr0000\tdlfs0000\tsk0009.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.05.2012_19.09.55\tdlfs0000\tsk0001.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.05.2012_19.09.55\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.05.2012_19.09.55\tdlfs0000\tsk0003.dta a variant of Win32/Rootkit.Kryptik.LH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.05.2012_19.09.55\tdlfs0000\tsk0004.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.05.2012_19.09.55\tdlfs0000\tsk0008.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\29.05.2012_19.09.55\tdlfs0000\tsk0009.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\Users\Joseph\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\7ff8dfd3-5b5cde3a a variant of Java/JShrink.A application deleted - quarantined
C:\Users\Joseph\AppData\Roaming\Mozilla\Firefox\Profiles\k690lli9.default\extensions\mbwbivmeyh@mbwbivmeyh.org.xpi JS/Redirector.NBX trojan deleted - quarantined

#8 joe7991

joe7991
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 30 May 2012 - 12:18 AM

Updated TDSS

22:16:45.0530 2224 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
22:16:46.0004 2224 ============================================================
22:16:46.0004 2224 Current date / time: 2012/05/29 22:16:46.0004
22:16:46.0004 2224 SystemInfo:
22:16:46.0004 2224
22:16:46.0004 2224 OS Version: 6.1.7601 ServicePack: 1.0
22:16:46.0004 2224 Product type: Workstation
22:16:46.0004 2224 ComputerName: GAMING-PC
22:16:46.0004 2224 UserName: Joseph
22:16:46.0004 2224 Windows directory: C:\Windows
22:16:46.0004 2224 System windows directory: C:\Windows
22:16:46.0004 2224 Processor architecture: Intel x86
22:16:46.0004 2224 Number of processors: 2
22:16:46.0004 2224 Page size: 0x1000
22:16:46.0004 2224 Boot type: Normal boot
22:16:46.0004 2224 ============================================================
22:16:49.0096 2224 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:16:49.0098 2224 ============================================================
22:16:49.0098 2224 \Device\Harddisk0\DR0:
22:16:49.0098 2224 MBR partitions:
22:16:49.0098 2224 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
22:16:49.0098 2224 ============================================================
22:16:49.0132 2224 C: <-> \Device\Harddisk0\DR0\Partition0
22:16:49.0132 2224 ============================================================
22:16:49.0132 2224 Initialize success
22:16:49.0132 2224 ============================================================
22:16:53.0140 3420 ============================================================
22:16:53.0140 3420 Scan started
22:16:53.0140 3420 Mode: Manual; SigCheck; TDLFS;
22:16:53.0140 3420 ============================================================
22:16:54.0655 3420 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
22:16:54.0715 3420 !SASCORE - ok
22:16:54.0934 3420 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:16:55.0178 3420 1394ohci - ok
22:16:55.0248 3420 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:16:55.0284 3420 ACPI - ok
22:16:55.0349 3420 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:16:55.0452 3420 AcpiPmi - ok
22:16:55.0533 3420 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:16:55.0590 3420 adp94xx - ok
22:16:55.0610 3420 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:16:55.0630 3420 adpahci - ok
22:16:55.0649 3420 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:16:55.0672 3420 adpu320 - ok
22:16:55.0718 3420 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
22:16:55.0804 3420 AeLookupSvc - ok
22:16:55.0901 3420 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:16:56.0027 3420 AFD - ok
22:16:56.0077 3420 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:16:56.0108 3420 agp440 - ok
22:16:56.0150 3420 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:16:56.0190 3420 aic78xx - ok
22:16:56.0232 3420 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
22:16:56.0320 3420 ALG - ok
22:16:56.0381 3420 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:16:56.0393 3420 aliide - ok
22:16:56.0446 3420 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:16:56.0458 3420 amdagp - ok
22:16:56.0471 3420 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:16:56.0484 3420 amdide - ok
22:16:56.0503 3420 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:16:56.0622 3420 AmdK8 - ok
22:16:56.0641 3420 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:16:56.0674 3420 AmdPPM - ok
22:16:56.0720 3420 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
22:16:56.0748 3420 amdsata - ok
22:16:56.0785 3420 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:16:56.0807 3420 amdsbs - ok
22:16:56.0818 3420 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
22:16:56.0830 3420 amdxata - ok
22:16:56.0874 3420 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:16:56.0987 3420 AppID - ok
22:16:57.0062 3420 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
22:16:57.0125 3420 AppIDSvc - ok
22:16:57.0171 3420 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
22:16:57.0234 3420 Appinfo - ok
22:16:57.0513 3420 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:16:57.0527 3420 Apple Mobile Device - ok
22:16:57.0553 3420 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:16:57.0581 3420 arc - ok
22:16:57.0605 3420 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:16:57.0629 3420 arcsas - ok
22:16:57.0672 3420 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\Windows\system32\drivers\AsIO.sys
22:16:57.0829 3420 AsIO - ok
22:16:57.0979 3420 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:16:58.0067 3420 aspnet_state - ok
22:16:58.0092 3420 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:16:59.0114 3420 AsyncMac - ok
22:16:59.0178 3420 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:16:59.0191 3420 atapi - ok
22:16:59.0273 3420 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
22:16:59.0333 3420 atksgt - ok
22:16:59.0422 3420 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:16:59.0479 3420 AudioEndpointBuilder - ok
22:16:59.0490 3420 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
22:16:59.0537 3420 Audiosrv - ok
22:16:59.0615 3420 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
22:16:59.0711 3420 AxInstSV - ok
22:16:59.0793 3420 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:16:59.0919 3420 b06bdrv - ok
22:16:59.0988 3420 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:17:00.0078 3420 b57nd60x - ok
22:17:00.0122 3420 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
22:17:00.0236 3420 BDESVC - ok
22:17:00.0260 3420 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:17:00.0296 3420 Beep - ok
22:17:00.0380 3420 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
22:17:00.0430 3420 BFE - ok
22:17:00.0682 3420 BHDrvx86 (a503d32ae26f77cb942aed530112edaa) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120517.001\BHDrvx86.sys
22:17:00.0741 3420 BHDrvx86 - ok
22:17:00.0920 3420 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
22:17:01.0020 3420 BITS - ok
22:17:01.0106 3420 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:17:01.0138 3420 blbdrive - ok
22:17:01.0323 3420 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
22:17:01.0338 3420 Bonjour Service - ok
22:17:01.0408 3420 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:17:01.0515 3420 bowser - ok
22:17:01.0537 3420 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:17:01.0640 3420 BrFiltLo - ok
22:17:01.0657 3420 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:17:01.0698 3420 BrFiltUp - ok
22:17:01.0750 3420 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
22:17:01.0800 3420 Browser - ok
22:17:01.0851 3420 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:17:01.0910 3420 Brserid - ok
22:17:01.0938 3420 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:17:01.0968 3420 BrSerWdm - ok
22:17:01.0989 3420 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:17:02.0018 3420 BrUsbMdm - ok
22:17:02.0036 3420 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:17:02.0081 3420 BrUsbSer - ok
22:17:02.0113 3420 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:17:02.0145 3420 BTHMODEM - ok
22:17:02.0218 3420 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
22:17:02.0271 3420 bthserv - ok
22:17:02.0315 3420 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:17:02.0358 3420 cdfs - ok
22:17:02.0455 3420 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
22:17:02.0472 3420 cdrom - ok
22:17:02.0569 3420 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:17:02.0626 3420 CertPropSvc - ok
22:17:02.0654 3420 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:17:02.0669 3420 circlass - ok
22:17:02.0700 3420 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:17:02.0762 3420 CLFS - ok
22:17:02.0869 3420 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:17:02.0881 3420 clr_optimization_v2.0.50727_32 - ok
22:17:02.0997 3420 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:17:03.0101 3420 clr_optimization_v4.0.30319_32 - ok
22:17:03.0120 3420 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:17:03.0154 3420 CmBatt - ok
22:17:03.0188 3420 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:17:03.0199 3420 cmdide - ok
22:17:03.0250 3420 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
22:17:03.0323 3420 CNG - ok
22:17:03.0337 3420 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:17:03.0349 3420 Compbatt - ok
22:17:03.0409 3420 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:17:03.0425 3420 CompositeBus - ok
22:17:03.0445 3420 COMSysApp - ok
22:17:03.0591 3420 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys
22:17:03.0650 3420 cpuz135 - ok
22:17:03.0666 3420 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:17:03.0678 3420 crcdisk - ok
22:17:03.0737 3420 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
22:17:03.0781 3420 CryptSvc - ok
22:17:03.0945 3420 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
22:17:03.0975 3420 DAUpdaterSvc - ok
22:17:04.0035 3420 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:17:04.0077 3420 DcomLaunch - ok
22:17:04.0124 3420 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
22:17:04.0179 3420 defragsvc - ok
22:17:04.0230 3420 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:17:04.0295 3420 DfsC - ok
22:17:04.0374 3420 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
22:17:04.0427 3420 Dhcp - ok
22:17:04.0460 3420 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:17:04.0502 3420 discache - ok
22:17:04.0551 3420 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:17:04.0563 3420 Disk - ok
22:17:04.0635 3420 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
22:17:04.0729 3420 Dnscache - ok
22:17:04.0786 3420 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
22:17:04.0878 3420 dot3svc - ok
22:17:04.0930 3420 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
22:17:04.0991 3420 DPS - ok
22:17:05.0066 3420 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:17:05.0115 3420 drmkaud - ok
22:17:05.0195 3420 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:17:05.0261 3420 DXGKrnl - ok
22:17:05.0282 3420 EagleNT - ok
22:17:05.0345 3420 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
22:17:05.0401 3420 EapHost - ok
22:17:05.0562 3420 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:17:05.0664 3420 ebdrv - ok
22:17:05.0806 3420 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:17:05.0869 3420 eeCtrl - ok
22:17:06.0035 3420 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
22:17:06.0150 3420 EFS - ok
22:17:06.0268 3420 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
22:17:06.0425 3420 ehRecvr - ok
22:17:06.0464 3420 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
22:17:06.0526 3420 ehSched - ok
22:17:06.0660 3420 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:17:06.0690 3420 elxstor - ok
22:17:06.0745 3420 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\Windows\system32\DRIVERS\ENTECH.sys
22:17:06.0771 3420 ENTECH - ok
22:17:06.0946 3420 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:17:06.0972 3420 EraserUtilRebootDrv - ok
22:17:07.0016 3420 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:17:07.0048 3420 ErrDev - ok
22:17:07.0138 3420 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
22:17:07.0197 3420 EventSystem - ok
22:17:07.0234 3420 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:17:07.0271 3420 exfat - ok
22:17:07.0296 3420 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:17:07.0350 3420 fastfat - ok
22:17:07.0438 3420 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
22:17:07.0614 3420 Fax - ok
22:17:07.0630 3420 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:17:07.0665 3420 fdc - ok
22:17:07.0696 3420 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
22:17:07.0739 3420 fdPHost - ok
22:17:07.0764 3420 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
22:17:07.0804 3420 FDResPub - ok
22:17:07.0824 3420 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:17:07.0841 3420 FileInfo - ok
22:17:07.0849 3420 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:17:07.0872 3420 Filetrace - ok
22:17:07.0876 3420 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:17:07.0907 3420 flpydisk - ok
22:17:07.0954 3420 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:17:07.0976 3420 FltMgr - ok
22:17:08.0059 3420 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
22:17:08.0182 3420 FontCache - ok
22:17:08.0316 3420 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:17:08.0342 3420 FontCache3.0.0.0 - ok
22:17:08.0379 3420 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:17:08.0392 3420 FsDepends - ok
22:17:08.0456 3420 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
22:17:08.0518 3420 fssfltr - ok
22:17:08.0711 3420 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
22:17:08.0818 3420 fsssvc - ok
22:17:09.0013 3420 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
22:17:09.0047 3420 Fs_Rec - ok
22:17:09.0108 3420 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:17:09.0156 3420 fvevol - ok
22:17:09.0218 3420 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:17:09.0252 3420 gagp30kx - ok
22:17:09.0284 3420 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:17:09.0345 3420 GEARAspiWDM - ok
22:17:09.0412 3420 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
22:17:09.0465 3420 gpsvc - ok
22:17:09.0639 3420 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
22:17:09.0693 3420 gupdate - ok
22:17:09.0704 3420 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
22:17:09.0714 3420 gupdatem - ok
22:17:09.0734 3420 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
22:17:09.0745 3420 hamachi - ok
22:17:09.0758 3420 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:17:09.0876 3420 hcw85cir - ok
22:17:09.0925 3420 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:17:09.0957 3420 HDAudBus - ok
22:17:09.0983 3420 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:17:10.0014 3420 HidBatt - ok
22:17:10.0047 3420 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:17:10.0075 3420 HidBth - ok
22:17:10.0126 3420 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:17:10.0157 3420 HidIr - ok
22:17:10.0224 3420 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
22:17:10.0269 3420 hidserv - ok
22:17:10.0333 3420 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:17:10.0356 3420 HidUsb - ok
22:17:10.0396 3420 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
22:17:10.0449 3420 hkmsvc - ok
22:17:10.0509 3420 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
22:17:10.0572 3420 HomeGroupListener - ok
22:17:10.0716 3420 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
22:17:10.0760 3420 HomeGroupProvider - ok
22:17:10.0952 3420 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:17:10.0978 3420 hpqcxs08 - ok
22:17:11.0052 3420 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:17:11.0064 3420 hpqddsvc - ok
22:17:11.0129 3420 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:17:11.0141 3420 HpSAMD - ok
22:17:11.0210 3420 HPSLPSVC (a04f4ac48895774a2cf9d1c9eaaacef0) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
22:17:11.0236 3420 HPSLPSVC - ok
22:17:11.0316 3420 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:17:11.0386 3420 HTTP - ok
22:17:11.0435 3420 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:17:11.0470 3420 hwpolicy - ok
22:17:11.0544 3420 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:17:11.0596 3420 i8042prt - ok
22:17:11.0638 3420 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
22:17:11.0664 3420 iaStorV - ok
22:17:11.0811 3420 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:17:11.0873 3420 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:17:11.0873 3420 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:17:12.0038 3420 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:17:12.0103 3420 idsvc - ok
22:17:12.0355 3420 IDSVix86 (f9069ce7a7b9f9ba75d009b0ce3d7601) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120528.001\IDSvix86.sys
22:17:12.0402 3420 IDSVix86 - ok
22:17:12.0586 3420 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:17:12.0599 3420 iirsp - ok
22:17:12.0692 3420 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
22:17:12.0740 3420 IKEEXT - ok
22:17:12.0859 3420 IntcAzAudAddService (4e38a2883df3ba382a59132b3e7d709e) C:\Windows\system32\drivers\RTKVHDA.sys
22:17:12.0958 3420 IntcAzAudAddService - ok
22:17:13.0095 3420 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:17:13.0107 3420 intelide - ok
22:17:13.0136 3420 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:17:13.0165 3420 intelppm - ok
22:17:13.0201 3420 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
22:17:13.0259 3420 IPBusEnum - ok
22:17:13.0292 3420 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:17:13.0328 3420 IpFilterDriver - ok
22:17:13.0416 3420 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
22:17:13.0448 3420 iphlpsvc - ok
22:17:13.0491 3420 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:17:13.0521 3420 IPMIDRV - ok
22:17:13.0562 3420 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:17:13.0606 3420 IPNAT - ok
22:17:13.0758 3420 iPod Service (9033d67b7112d23eded6789bacded128) C:\Program Files\iPod\bin\iPodService.exe
22:17:13.0816 3420 iPod Service - ok
22:17:13.0845 3420 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:17:13.0894 3420 IRENUM - ok
22:17:13.0923 3420 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:17:13.0935 3420 isapnp - ok
22:17:13.0992 3420 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:17:14.0014 3420 iScsiPrt - ok
22:17:14.0044 3420 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:17:14.0056 3420 kbdclass - ok
22:17:14.0109 3420 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
22:17:14.0139 3420 kbdhid - ok
22:17:14.0176 3420 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:17:14.0188 3420 KeyIso - ok
22:17:14.0201 3420 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
22:17:14.0230 3420 KSecDD - ok
22:17:14.0268 3420 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
22:17:14.0318 3420 KSecPkg - ok
22:17:14.0375 3420 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
22:17:14.0461 3420 KtmRm - ok
22:17:14.0554 3420 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
22:17:14.0600 3420 LanmanServer - ok
22:17:14.0650 3420 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
22:17:14.0688 3420 LanmanWorkstation - ok
22:17:14.0829 3420 LBTServ (47c12f1a54b5c1b51008d7629c1d4f7b) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
22:17:14.0859 3420 LBTServ - ok
22:17:14.0927 3420 LHidFilt (8b30311241f97b35167afe68d79e8530) C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:17:14.0937 3420 LHidFilt - ok
22:17:14.0991 3420 libusb0 (cb5d13966f74d7f000724a907f614193) C:\Windows\system32\DRIVERS\libusb0.sys
22:17:15.0051 3420 libusb0 - ok
22:17:15.0098 3420 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
22:17:15.0132 3420 lirsgt - ok
22:17:15.0213 3420 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:17:15.0260 3420 lltdio - ok
22:17:15.0341 3420 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
22:17:15.0414 3420 lltdsvc - ok
22:17:15.0423 3420 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
22:17:15.0461 3420 lmhosts - ok
22:17:15.0493 3420 LMouFilt (48d7422a6c4eec886b56ac534cfa3acf) C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:17:15.0503 3420 LMouFilt - ok
22:17:15.0532 3420 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:17:15.0559 3420 LSI_FC - ok
22:17:15.0590 3420 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:17:15.0602 3420 LSI_SAS - ok
22:17:15.0623 3420 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:17:15.0635 3420 LSI_SAS2 - ok
22:17:15.0650 3420 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:17:15.0662 3420 LSI_SCSI - ok
22:17:15.0685 3420 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:17:15.0728 3420 luafv - ok
22:17:15.0804 3420 LUsbFilt (0b808ff2f17c8396fb2ae202f75aed37) C:\Windows\system32\Drivers\LUsbFilt.Sys
22:17:15.0813 3420 LUsbFilt - ok
22:17:15.0854 3420 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
22:17:15.0886 3420 Mcx2Svc - ok
22:17:15.0914 3420 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:17:15.0929 3420 megasas - ok
22:17:15.0960 3420 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:17:15.0980 3420 MegaSR - ok
22:17:16.0013 3420 mfeavfk (bafdd5e28baea99d7f4772af2f5ec7ee) C:\Windows\system32\drivers\mfeavfk.sys
22:17:16.0027 3420 mfeavfk - ok
22:17:16.0059 3420 mfebopk (1d003e3056a43d881597d6763e83b943) C:\Windows\system32\drivers\mfebopk.sys
22:17:16.0088 3420 mfebopk - ok
22:17:16.0122 3420 mfehidk (3f138a1c8a0659f329f242d1e389b2cf) C:\Windows\system32\drivers\mfehidk.sys
22:17:16.0134 3420 mfehidk - ok
22:17:16.0183 3420 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
22:17:16.0209 3420 mferkdk - ok
22:17:16.0265 3420 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
22:17:16.0276 3420 mfesmfk - ok
22:17:16.0422 3420 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:17:16.0456 3420 Microsoft Office Groove Audit Service - ok
22:17:16.0510 3420 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:17:16.0550 3420 MMCSS - ok
22:17:16.0587 3420 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:17:16.0626 3420 Modem - ok
22:17:16.0690 3420 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:17:16.0755 3420 monitor - ok
22:17:16.0835 3420 MotioninJoyXFilter (9960b18d55e7bd0f265c3c1953d19592) C:\Windows\system32\DRIVERS\MijXfilt.sys
22:17:16.0873 3420 MotioninJoyXFilter - ok
22:17:16.0961 3420 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
22:17:16.0974 3420 mouclass - ok
22:17:17.0047 3420 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:17:17.0076 3420 mouhid - ok
22:17:17.0104 3420 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:17:17.0137 3420 mountmgr - ok
22:17:17.0221 3420 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:17:17.0279 3420 MozillaMaintenance - ok
22:17:17.0328 3420 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:17:17.0343 3420 mpio - ok
22:17:17.0361 3420 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:17:17.0419 3420 mpsdrv - ok
22:17:17.0473 3420 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
22:17:17.0533 3420 MpsSvc - ok
22:17:17.0574 3420 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:17:17.0593 3420 MRxDAV - ok
22:17:17.0648 3420 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:17:17.0836 3420 mrxsmb - ok
22:17:17.0892 3420 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:17:17.0945 3420 mrxsmb10 - ok
22:17:17.0957 3420 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:17:17.0988 3420 mrxsmb20 - ok
22:17:18.0026 3420 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:17:18.0038 3420 msahci - ok
22:17:18.0052 3420 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:17:18.0075 3420 msdsm - ok
22:17:18.0122 3420 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
22:17:18.0162 3420 MSDTC - ok
22:17:18.0245 3420 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:17:18.0269 3420 Msfs - ok
22:17:18.0295 3420 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:17:18.0318 3420 mshidkmdf - ok
22:17:18.0330 3420 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:17:18.0342 3420 msisadrv - ok
22:17:18.0401 3420 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
22:17:18.0468 3420 MSiSCSI - ok
22:17:18.0478 3420 msiserver - ok
22:17:18.0621 3420 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:17:18.0691 3420 MSKSSRV - ok
22:17:18.0727 3420 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:17:18.0768 3420 MSPCLOCK - ok
22:17:18.0806 3420 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:17:18.0851 3420 MSPQM - ok
22:17:18.0889 3420 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:17:18.0913 3420 MsRPC - ok
22:17:18.0930 3420 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:17:18.0942 3420 mssmbios - ok
22:17:18.0949 3420 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:17:18.0993 3420 MSTEE - ok
22:17:19.0026 3420 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:17:19.0060 3420 MTConfig - ok
22:17:19.0110 3420 MTsensor (0f24624106d8042e7f27882d9d6ff5c0) C:\Windows\system32\DRIVERS\ASACPI.sys
22:17:19.0236 3420 MTsensor - ok
22:17:19.0253 3420 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:17:19.0265 3420 Mup - ok
22:17:19.0435 3420 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe
22:17:19.0447 3420 N360 - ok
22:17:19.0507 3420 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
22:17:19.0540 3420 napagent - ok
22:17:19.0575 3420 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:17:19.0655 3420 NativeWifiP - ok
22:17:19.0829 3420 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120529.019\NAVENG.SYS
22:17:19.0864 3420 NAVENG - ok
22:17:19.0967 3420 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120529.019\NAVEX15.SYS
22:17:20.0009 3420 NAVEX15 - ok
22:17:20.0277 3420 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:17:20.0334 3420 NDIS - ok
22:17:20.0379 3420 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:17:20.0415 3420 NdisCap - ok
22:17:20.0448 3420 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:17:20.0488 3420 NdisTapi - ok
22:17:20.0535 3420 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:17:20.0606 3420 Ndisuio - ok
22:17:20.0640 3420 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:17:20.0714 3420 NdisWan - ok
22:17:20.0754 3420 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:17:20.0775 3420 NDProxy - ok
22:17:20.0846 3420 Net Driver HPZ12 (69c503c004f49aee8b8e3067cc047ba7) C:\Windows\system32\HPZinw12.dll
22:17:20.0851 3420 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:17:20.0851 3420 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:17:20.0863 3420 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:17:20.0905 3420 NetBIOS - ok
22:17:20.0957 3420 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
22:17:21.0029 3420 NetBT - ok
22:17:21.0076 3420 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:17:21.0087 3420 Netlogon - ok
22:17:21.0151 3420 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
22:17:21.0199 3420 Netman - ok
22:17:21.0362 3420 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:17:21.0427 3420 NetMsmqActivator - ok
22:17:21.0453 3420 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:17:21.0463 3420 NetPipeActivator - ok
22:17:21.0496 3420 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
22:17:21.0552 3420 netprofm - ok
22:17:21.0556 3420 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:17:21.0565 3420 NetTcpActivator - ok
22:17:21.0568 3420 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:17:21.0578 3420 NetTcpPortSharing - ok
22:17:21.0618 3420 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:17:21.0630 3420 nfrd960 - ok
22:17:21.0693 3420 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
22:17:21.0736 3420 NlaSvc - ok
22:17:21.0766 3420 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:17:21.0788 3420 Npfs - ok
22:17:21.0825 3420 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
22:17:21.0849 3420 nsi - ok
22:17:21.0859 3420 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:17:21.0906 3420 nsiproxy - ok
22:17:22.0008 3420 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
22:17:22.0084 3420 Ntfs - ok
22:17:22.0258 3420 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:17:22.0297 3420 Null - ok
22:17:22.0391 3420 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
22:17:22.0457 3420 NVENETFD - ok
22:17:23.0092 3420 nvlddmkm (e891b3979f0cf2740c1b073f834221fe) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:17:23.0349 3420 nvlddmkm - ok
22:17:23.0582 3420 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
22:17:23.0596 3420 nvraid - ok
22:17:23.0650 3420 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
22:17:23.0662 3420 nvstor - ok
22:17:23.0708 3420 nvstor32 (dc5f166422beebf195e3e4bb8ab4ee22) C:\Windows\system32\DRIVERS\nvstor32.sys
22:17:23.0764 3420 nvstor32 - ok
22:17:23.0857 3420 nvsvc (ae2de8e165dcb93a66b21748e6f913df) C:\Windows\system32\nvvsvc.exe
22:17:23.0881 3420 nvsvc - ok
22:17:24.0124 3420 nvUpdatusService (c78581c14699c46fe0f0817416383134) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:17:24.0181 3420 nvUpdatusService - ok
22:17:24.0240 3420 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:17:24.0253 3420 nv_agp - ok
22:17:24.0360 3420 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:17:24.0422 3420 odserv - ok
22:17:24.0488 3420 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:17:24.0538 3420 ohci1394 - ok
22:17:24.0600 3420 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:17:24.0647 3420 ose - ok
22:17:24.0704 3420 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:17:24.0768 3420 p2pimsvc - ok
22:17:24.0828 3420 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
22:17:24.0893 3420 p2psvc - ok
22:17:24.0968 3420 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:17:24.0982 3420 Parport - ok
22:17:25.0030 3420 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
22:17:25.0065 3420 partmgr - ok
22:17:25.0098 3420 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:17:25.0127 3420 Parvdm - ok
22:17:25.0161 3420 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
22:17:25.0195 3420 PcaSvc - ok
22:17:25.0248 3420 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:17:25.0270 3420 pci - ok
22:17:25.0281 3420 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:17:25.0292 3420 pciide - ok
22:17:25.0315 3420 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:17:25.0336 3420 pcmcia - ok
22:17:25.0377 3420 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
22:17:25.0505 3420 pcouffin - ok
22:17:25.0518 3420 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:17:25.0530 3420 pcw - ok
22:17:25.0578 3420 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:17:25.0632 3420 PEAUTH - ok
22:17:25.0750 3420 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
22:17:25.0862 3420 pla - ok
22:17:26.0037 3420 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
22:17:26.0090 3420 PlugPlay - ok
22:17:26.0174 3420 Pml Driver HPZ12 (12b4549d515cb26bb8d375038017ca65) C:\Windows\system32\HPZipm12.dll
22:17:26.0189 3420 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:17:26.0189 3420 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
22:17:26.0248 3420 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
22:17:26.0259 3420 PnkBstrA - ok
22:17:26.0309 3420 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
22:17:26.0353 3420 PNRPAutoReg - ok
22:17:26.0387 3420 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
22:17:26.0402 3420 PNRPsvc - ok
22:17:26.0472 3420 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
22:17:26.0511 3420 PolicyAgent - ok
22:17:26.0563 3420 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
22:17:26.0596 3420 Power - ok
22:17:26.0694 3420 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:17:26.0750 3420 PptpMiniport - ok
22:17:26.0796 3420 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:17:26.0809 3420 Processor - ok
22:17:26.0833 3420 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
22:17:26.0863 3420 ProfSvc - ok
22:17:26.0930 3420 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:17:26.0943 3420 ProtectedStorage - ok
22:17:27.0118 3420 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:17:27.0176 3420 Psched - ok
22:17:27.0266 3420 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:17:27.0312 3420 ql2300 - ok
22:17:27.0446 3420 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:17:27.0461 3420 ql40xx - ok
22:17:27.0531 3420 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
22:17:27.0622 3420 QWAVE - ok
22:17:27.0647 3420 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:17:27.0662 3420 QWAVEdrv - ok
22:17:27.0678 3420 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:17:27.0705 3420 RasAcd - ok
22:17:27.0767 3420 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:17:27.0809 3420 RasAgileVpn - ok
22:17:27.0845 3420 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
22:17:27.0922 3420 RasAuto - ok
22:17:27.0940 3420 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:17:27.0988 3420 Rasl2tp - ok
22:17:28.0076 3420 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
22:17:28.0142 3420 RasMan - ok
22:17:28.0168 3420 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:17:28.0197 3420 RasPppoe - ok
22:17:28.0262 3420 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:17:28.0300 3420 RasSstp - ok
22:17:28.0341 3420 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:17:28.0406 3420 rdbss - ok
22:17:28.0436 3420 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:17:28.0471 3420 rdpbus - ok
22:17:28.0500 3420 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:17:28.0564 3420 RDPCDD - ok
22:17:28.0594 3420 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:17:28.0639 3420 RDPENCDD - ok
22:17:28.0681 3420 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:17:28.0703 3420 RDPREFMP - ok
22:17:28.0757 3420 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
22:17:28.0921 3420 RDPWD - ok
22:17:28.0986 3420 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:17:29.0052 3420 rdyboost - ok
22:17:29.0104 3420 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
22:17:29.0157 3420 RemoteAccess - ok
22:17:29.0210 3420 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
22:17:29.0293 3420 RemoteRegistry - ok
22:17:29.0332 3420 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
22:17:29.0377 3420 RpcEptMapper - ok
22:17:29.0410 3420 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
22:17:29.0454 3420 RpcLocator - ok
22:17:29.0510 3420 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
22:17:29.0537 3420 RpcSs - ok
22:17:29.0550 3420 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:17:29.0596 3420 rspndr - ok
22:17:29.0742 3420 SABKUTIL - ok
22:17:29.0784 3420 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:17:29.0795 3420 SamSs - ok
22:17:29.0936 3420 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:17:29.0965 3420 SASDIFSV - ok
22:17:30.0014 3420 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:17:30.0044 3420 SASKUTIL - ok
22:17:30.0128 3420 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:17:30.0141 3420 sbp2port - ok
22:17:30.0164 3420 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
22:17:30.0228 3420 SCardSvr - ok
22:17:30.0270 3420 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:17:30.0307 3420 scfilter - ok
22:17:30.0369 3420 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
22:17:30.0417 3420 Schedule - ok
22:17:30.0451 3420 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
22:17:30.0471 3420 SCPolicySvc - ok
22:17:30.0526 3420 SCREAMINGBDRIVER (d3fa9fb502ad62001101f495bbbac42e) C:\Windows\system32\drivers\ScreamingBAudio.sys
22:17:30.0550 3420 SCREAMINGBDRIVER - ok
22:17:30.0603 3420 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
22:17:30.0792 3420 SDRSVC - ok
22:17:30.0947 3420 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
22:17:30.0967 3420 SeaPort - ok
22:17:31.0024 3420 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:17:31.0068 3420 secdrv - ok
22:17:31.0108 3420 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
22:17:31.0166 3420 seclogon - ok
22:17:31.0207 3420 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
22:17:31.0252 3420 SENS - ok
22:17:31.0294 3420 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
22:17:31.0418 3420 SensrSvc - ok
22:17:31.0438 3420 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:17:31.0450 3420 Serenum - ok
22:17:31.0475 3420 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:17:31.0488 3420 Serial - ok
22:17:31.0533 3420 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:17:31.0585 3420 sermouse - ok
22:17:31.0638 3420 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
22:17:31.0709 3420 SessionEnv - ok
22:17:31.0746 3420 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:17:31.0808 3420 sffdisk - ok
22:17:31.0823 3420 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:17:31.0835 3420 sffp_mmc - ok
22:17:31.0849 3420 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:17:31.0871 3420 sffp_sd - ok
22:17:31.0882 3420 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:17:31.0936 3420 sfloppy - ok
22:17:31.0981 3420 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
22:17:32.0023 3420 SharedAccess - ok
22:17:32.0077 3420 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
22:17:32.0105 3420 ShellHWDetection - ok
22:17:32.0245 3420 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:17:32.0257 3420 sisagp - ok
22:17:32.0280 3420 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:17:32.0292 3420 SiSRaid2 - ok
22:17:32.0311 3420 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:17:32.0324 3420 SiSRaid4 - ok
22:17:32.0344 3420 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:17:32.0366 3420 Smb - ok
22:17:32.0435 3420 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
22:17:32.0478 3420 SNMPTRAP - ok
22:17:32.0512 3420 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:17:32.0524 3420 spldr - ok
22:17:32.0590 3420 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
22:17:32.0627 3420 Spooler - ok
22:17:32.0819 3420 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
22:17:32.0937 3420 sppsvc - ok
22:17:33.0093 3420 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
22:17:33.0130 3420 sppuinotify - ok
22:17:33.0244 3420 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
22:17:33.0244 3420 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
22:17:33.0258 3420 sptd ( LockedFile.Multi.Generic ) - warning
22:17:33.0258 3420 sptd - detected LockedFile.Multi.Generic (1)
22:17:33.0380 3420 SRTSP (83726cf02eced69138948083e06b6eac) C:\Windows\System32\Drivers\N360\0502010.003\SRTSP.SYS
22:17:33.0473 3420 SRTSP - ok
22:17:33.0614 3420 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\Windows\system32\drivers\N360\0502010.003\SRTSPX.SYS
22:17:33.0655 3420 SRTSPX - ok
22:17:33.0719 3420 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:17:33.0835 3420 srv - ok
22:17:33.0862 3420 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:17:33.0879 3420 srv2 - ok
22:17:33.0894 3420 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:17:33.0922 3420 srvnet - ok
22:17:33.0959 3420 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
22:17:33.0991 3420 SSDPSRV - ok
22:17:34.0002 3420 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
22:17:34.0088 3420 SstpSvc - ok
22:17:34.0212 3420 Steam Client Service - ok
22:17:34.0343 3420 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:17:34.0365 3420 Stereo Service - ok
22:17:34.0413 3420 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:17:34.0428 3420 stexstor - ok
22:17:34.0494 3420 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
22:17:34.0543 3420 StillCam - ok
22:17:34.0597 3420 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
22:17:34.0644 3420 StiSvc - ok
22:17:34.0688 3420 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:17:34.0709 3420 swenum - ok
22:17:34.0856 3420 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:17:34.0986 3420 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
22:17:34.0986 3420 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
22:17:35.0046 3420 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
22:17:35.0111 3420 swprv - ok
22:17:35.0231 3420 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\Windows\system32\drivers\N360\0502010.003\SYMDS.SYS
22:17:35.0277 3420 SymDS - ok
22:17:35.0347 3420 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\Windows\system32\drivers\N360\0502010.003\SYMEFA.SYS
22:17:35.0403 3420 SymEFA - ok
22:17:35.0461 3420 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\Windows\system32\Drivers\SYMEVENT.SYS
22:17:35.0524 3420 SymEvent - ok
22:17:35.0593 3420 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\Windows\system32\drivers\N360\0502010.003\Ironx86.SYS
22:17:35.0639 3420 SymIRON - ok
22:17:35.0666 3420 SymNetS (2c688094650d23b62b0a809decd0b12f) C:\Windows\System32\Drivers\N360\0502010.003\SYMNETS.SYS
22:17:35.0732 3420 SymNetS - ok
22:17:35.0833 3420 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
22:17:35.0914 3420 SysMain - ok
22:17:35.0958 3420 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
22:17:35.0986 3420 TabletInputService - ok
22:17:36.0049 3420 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
22:17:36.0093 3420 TapiSrv - ok
22:17:36.0139 3420 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
22:17:36.0200 3420 TBS - ok
22:17:36.0379 3420 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
22:17:36.0471 3420 Tcpip - ok
22:17:36.0658 3420 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
22:17:36.0682 3420 TCPIP6 - ok
22:17:36.0777 3420 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:17:36.0813 3420 tcpipreg - ok
22:17:36.0862 3420 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:17:36.0889 3420 TDPIPE - ok
22:17:36.0933 3420 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
22:17:36.0986 3420 TDTCP - ok
22:17:37.0015 3420 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:17:37.0056 3420 tdx - ok
22:17:37.0094 3420 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:17:37.0107 3420 TermDD - ok
22:17:37.0178 3420 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
22:17:37.0258 3420 TermService - ok
22:17:37.0348 3420 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
22:17:37.0432 3420 Themes - ok
22:17:37.0501 3420 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
22:17:37.0524 3420 THREADORDER - ok
22:17:37.0590 3420 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\Windows\system32\drivers\tiehdusb.sys
22:17:37.0614 3420 TIEHDUSB ( UnsignedFile.Multi.Generic ) - warning
22:17:37.0614 3420 TIEHDUSB - detected UnsignedFile.Multi.Generic (1)
22:17:37.0653 3420 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
22:17:37.0694 3420 TrkWks - ok
22:17:37.0775 3420 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
22:17:37.0855 3420 TrustedInstaller - ok
22:17:37.0895 3420 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:17:37.0941 3420 tssecsrv - ok
22:17:37.0977 3420 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:17:38.0083 3420 TsUsbFlt - ok
22:17:38.0155 3420 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:17:38.0201 3420 tunnel - ok
22:17:38.0240 3420 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:17:38.0253 3420 uagp35 - ok
22:17:38.0303 3420 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:17:38.0378 3420 udfs - ok
22:17:38.0426 3420 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
22:17:38.0477 3420 UI0Detect - ok
22:17:38.0543 3420 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:17:38.0556 3420 uliagpkx - ok
22:17:38.0605 3420 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:17:38.0619 3420 umbus - ok
22:17:38.0643 3420 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:17:38.0659 3420 UmPass - ok
22:17:38.0681 3420 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
22:17:38.0732 3420 upnphost - ok
22:17:38.0768 3420 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
22:17:38.0793 3420 USBAAPL ( UnsignedFile.Multi.Generic ) - warning
22:17:38.0793 3420 USBAAPL - detected UnsignedFile.Multi.Generic (1)
22:17:38.0852 3420 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:17:38.0908 3420 usbaudio - ok
22:17:38.0922 3420 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
22:17:38.0987 3420 usbccgp - ok
22:17:39.0037 3420 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:17:39.0074 3420 usbcir - ok
22:17:39.0096 3420 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
22:17:39.0110 3420 usbehci - ok
22:17:39.0142 3420 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
22:17:39.0231 3420 usbhub - ok
22:17:39.0250 3420 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
22:17:39.0282 3420 usbohci - ok
22:17:39.0309 3420 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:17:39.0343 3420 usbprint - ok
22:17:39.0378 3420 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:17:39.0508 3420 USBSTOR - ok
22:17:39.0525 3420 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
22:17:39.0540 3420 usbuhci - ok
22:17:39.0582 3420 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
22:17:39.0605 3420 UxSms - ok
22:17:39.0642 3420 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
22:17:39.0660 3420 VaultSvc - ok
22:17:39.0708 3420 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:17:39.0720 3420 vdrvroot - ok
22:17:39.0778 3420 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
22:17:39.0809 3420 vds - ok
22:17:39.0823 3420 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:17:39.0853 3420 vga - ok
22:17:39.0886 3420 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:17:39.0908 3420 VgaSave - ok
22:17:39.0961 3420 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:17:39.0983 3420 vhdmp - ok
22:17:40.0004 3420 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:17:40.0017 3420 viaagp - ok
22:17:40.0035 3420 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:17:40.0068 3420 ViaC7 - ok
22:17:40.0109 3420 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:17:40.0122 3420 viaide - ok
22:17:40.0181 3420 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:17:40.0193 3420 volmgr - ok
22:17:40.0214 3420 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:17:40.0249 3420 volmgrx - ok
22:17:40.0284 3420 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:17:40.0306 3420 volsnap - ok
22:17:40.0333 3420 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:17:40.0357 3420 vsmraid - ok
22:17:40.0461 3420 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
22:17:40.0554 3420 VSS - ok
22:17:40.0588 3420 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
22:17:40.0623 3420 vwifibus - ok
22:17:40.0675 3420 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
22:17:40.0762 3420 W32Time - ok
22:17:40.0801 3420 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:17:40.0833 3420 WacomPen - ok
22:17:40.0905 3420 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:17:40.0941 3420 WANARP - ok
22:17:40.0943 3420 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:17:40.0963 3420 Wanarpv6 - ok
22:17:41.0108 3420 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
22:17:41.0191 3420 WatAdminSvc - ok
22:17:41.0649 3420 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
22:17:41.0813 3420 wbengine - ok
22:17:41.0863 3420 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
22:17:41.0926 3420 WbioSrvc - ok
22:17:41.0966 3420 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
22:17:41.0997 3420 wcncsvc - ok
22:17:42.0005 3420 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
22:17:42.0130 3420 WcsPlugInService - ok
22:17:42.0291 3420 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:17:42.0319 3420 Wd - ok
22:17:42.0387 3420 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:17:42.0407 3420 Wdf01000 - ok
22:17:42.0448 3420 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:17:42.0620 3420 WdiServiceHost - ok
22:17:42.0624 3420 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
22:17:42.0639 3420 WdiSystemHost - ok
22:17:42.0696 3420 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
22:17:42.0779 3420 WebClient - ok
22:17:42.0827 3420 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
22:17:42.0893 3420 Wecsvc - ok
22:17:42.0904 3420 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
22:17:42.0937 3420 wercplsupport - ok
22:17:42.0958 3420 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
22:17:43.0007 3420 WerSvc - ok
22:17:43.0067 3420 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:17:43.0110 3420 WfpLwf - ok
22:17:43.0138 3420 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:17:43.0165 3420 WIMMount - ok
22:17:43.0295 3420 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
22:17:43.0372 3420 WinDefend - ok
22:17:43.0404 3420 WinHttpAutoProxySvc - ok
22:17:43.0507 3420 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
22:17:43.0540 3420 Winmgmt - ok
22:17:43.0640 3420 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
22:17:43.0743 3420 WinRM - ok
22:17:43.0886 3420 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
22:17:43.0916 3420 WinUsb - ok
22:17:43.0993 3420 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
22:17:44.0060 3420 Wlansvc - ok
22:17:44.0251 3420 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:17:44.0307 3420 wlidsvc - ok
22:17:44.0503 3420 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:17:44.0516 3420 WmiAcpi - ok
22:17:44.0616 3420 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
22:17:44.0704 3420 wmiApSrv - ok
22:17:44.0836 3420 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:17:44.0915 3420 WMPNetworkSvc - ok
22:17:45.0066 3420 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
22:17:45.0172 3420 WPCSvc - ok
22:17:45.0233 3420 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
22:17:45.0351 3420 WPDBusEnum - ok
22:17:45.0439 3420 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:17:45.0479 3420 ws2ifsl - ok
22:17:45.0511 3420 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
22:17:45.0545 3420 wscsvc - ok
22:17:45.0552 3420 WSearch - ok
22:17:45.0686 3420 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
22:17:45.0737 3420 wuauserv - ok
22:17:45.0895 3420 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:17:45.0917 3420 WudfPf - ok
22:17:45.0932 3420 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:17:45.0964 3420 WUDFRd - ok
22:17:46.0023 3420 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
22:17:46.0046 3420 wudfsvc - ok
22:17:46.0103 3420 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
22:17:46.0185 3420 WwanSvc - ok
22:17:46.0228 3420 XDva347 - ok
22:17:46.0242 3420 XDva391 - ok
22:17:46.0465 3420 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\Windows\system32\DRIVERS\xusb21.sys
22:17:46.0534 3420 xusb21 - ok
22:17:46.0565 3420 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:17:46.0990 3420 \Device\Harddisk0\DR0 - ok
22:17:46.0993 3420 Boot (0x1200) (419b2752da6296bd1eec5f010672ba2b) \Device\Harddisk0\DR0\Partition0
22:17:46.0994 3420 \Device\Harddisk0\DR0\Partition0 - ok
22:17:46.0995 3420 ============================================================
22:17:46.0995 3420 Scan finished
22:17:46.0995 3420 ============================================================
22:17:47.0003 2504 Detected object count: 7
22:17:47.0003 2504 Actual detected object count: 7
22:17:58.0274 2504 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:58.0274 2504 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:58.0275 2504 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:58.0275 2504 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:58.0276 2504 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:58.0276 2504 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:58.0277 2504 sptd ( LockedFile.Multi.Generic ) - skipped by user
22:17:58.0277 2504 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
22:17:58.0278 2504 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:58.0278 2504 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:58.0279 2504 TIEHDUSB ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:58.0279 2504 TIEHDUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:58.0280 2504 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:58.0280 2504 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:18:01.0730 1192 Deinitialize success

#9 joe7991

joe7991
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 30 May 2012 - 01:18 AM

Here is the aswMBR scan

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-29 22:19:06
-----------------------------
22:19:06.659 OS Version: Windows 6.1.7601 Service Pack 1
22:19:06.659 Number of processors: 2 586 0x1706
22:19:06.660 ComputerName: GAMING-PC UserName: Joseph
22:19:14.113 Initialize success
22:20:51.291 AVAST engine defs: 12052800
22:21:16.381 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000077
22:21:16.383 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
22:21:16.413 Disk 0 MBR read successfully
22:21:16.415 Disk 0 MBR scan
22:21:16.419 Disk 0 Windows 7 default MBR code
22:21:16.424 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476938 MB offset 2048
22:21:16.430 Disk 0 scanning sectors +976771072
22:21:16.513 Disk 0 scanning C:\Windows\system32\drivers
22:21:29.276 Service scanning
22:21:48.995 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
22:21:56.551 Modules scanning
22:22:08.150 Disk 0 trace - called modules:
22:22:08.194 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0xc34211f8]<<
22:22:08.539 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xc37ea1c0]
22:22:08.544 3 CLASSPNP.SYS[c9ebe59e] -> nt!IofCallDriver -> [0xc34b7e70]
22:22:08.548 5 ACPI.sys[c939a3d4] -> nt!IofCallDriver -> \Device\00000077[0xc34b7ab8]
22:22:08.552 \Driver\nvstor[0xc349cc40] -> IRP_MJ_CREATE -> 0xc34211f8
22:22:09.926 AVAST engine scan C:\Windows
22:22:14.526 AVAST engine scan C:\Windows\system32
22:26:05.478 AVAST engine scan C:\Windows\system32\drivers
22:26:26.136 AVAST engine scan C:\Users\Joseph
23:06:03.865 AVAST engine scan C:\ProgramData
23:13:09.105 Scan finished successfully
23:17:50.626 Disk 0 MBR has been saved successfully to "C:\Users\Joseph\Desktop\MBR.dat"
23:17:50.630 The log file has been saved successfully to "C:\Users\Joseph\Desktop\aswMBR.txt"

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 30 May 2012 - 03:03 PM

Good,, Olmarik may carry a Bootkit

Download Bootkit Remover to your Desktop.

  • Unzip downloaded file to your Desktop.
  • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
  • It will show a Black screen with some data on it.
  • Right click on the screen and click Select All.
  • Press CTRL+C
  • Open a Notepad and press CTRL+V
  • Post the output back here.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 joe7991

joe7991
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 30 May 2012 - 07:31 PM

Bootkit Remover
© 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601)
, 32-bit

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00100000
ATA_Read(): DeviceIoControl() ERROR 1
Boot sector MD5 is: bb4f1627d8b9beda49ac0d010229f3ff

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 30 May 2012 - 07:59 PM

That looks good.. How is it running?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 joe7991

joe7991
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:04:10 AM

Posted 30 May 2012 - 10:26 PM

A lot better. Ram usage has gone back done to normal states. Everything runs more smoothly. Would you say I'm clean of all viruses/malware/etc?

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 31 May 2012 - 09:51 AM

I'd say good to go!!

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users