Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Long list of problems/ can't seem to get rid of a virus


  • Please log in to reply
40 replies to this topic

#1 Loopyloo

Loopyloo

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 06 September 2012 - 01:18 PM

Browser: firefox
System: windows 7

Ok, this virus has been causing havoc for me for around a month. Last month it had a problem with Google/Bing redirecting me somewhere instead of my intended search. I ran Malwarebytes, and one other scan that I cannot remember the name of unfortunately (want to say it started with a 'd'). It seemed to work.. but the computer started to act a little funny, so I restored it to a previous time. From there it seemed fine for about a week. However, after a week when starting my computer it would not start. The screen turned black and it said new hardware was causing it to fail starting, and it said put in my windows 7 disk. I don't have a disk so I clicked the option repair computer and it failed. So I shut it off and removed the usb storage device and tried to start it again. This time it started up. I later scanned the flash drive with malwarebytes and found nothing. I opened the internet and found that it had begun to lag horribly. When scrolling it will stop certain places for a few seconds then jump down. Also, when I click things the computer freezes then tries to load it. I ran malwarebytes and now a norton scan. It found some things and I restarted my computer. As I restarted it went bsod, but restarted anyway. I chose start windows normally and the problem is still there with the lag and such. It said windows had an unexpected shutdown, though I was just restarting it. Firefox becomes unresponsive very quickly as well as malwarebytes and other programs. I get the stop script option a lot too. If I can get any help I would greatly appreciate it. Also I keep getting notified that "winrscmde" has high cpu usage?

Edited by Loopyloo, 06 September 2012 - 01:22 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 06 September 2012 - 01:21 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Loopyloo

Loopyloo
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 06 September 2012 - 03:05 PM

While running ESET it shutdown and did a lot of wacky things. But here are the logs:

tdsskiller:
14:27:59.0358 3304 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
14:28:00.0152 3304 ============================================================
14:28:00.0152 3304 Current date / time: 2012/09/06 14:28:00.0152
14:28:00.0152 3304 SystemInfo:
14:28:00.0152 3304
14:28:00.0152 3304 OS Version: 6.1.7600 ServicePack: 0.0
14:28:00.0152 3304 Product type: Workstation
14:28:00.0152 3304 ComputerName: KATELYN-PC
14:28:00.0155 3304 UserName: Katelyn
14:28:00.0155 3304 Windows directory: C:\Windows
14:28:00.0155 3304 System windows directory: C:\Windows
14:28:00.0155 3304 Running under WOW64
14:28:00.0155 3304 Processor architecture: Intel x64
14:28:00.0155 3304 Number of processors: 1
14:28:00.0155 3304 Page size: 0x1000
14:28:00.0155 3304 Boot type: Normal boot
14:28:00.0155 3304 ============================================================
14:28:01.0963 3304 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:28:01.0967 3304 ============================================================
14:28:01.0967 3304 \Device\Harddisk0\DR0:
14:28:01.0967 3304 MBR partitions:
14:28:01.0967 3304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:28:01.0967 3304 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x23CBB800
14:28:01.0967 3304 ============================================================
14:28:02.0012 3304 C: <-> \Device\Harddisk0\DR0\Partition2
14:28:02.0012 3304 ============================================================
14:28:02.0012 3304 Initialize success
14:28:02.0012 3304 ============================================================
14:28:04.0306 4872 ============================================================
14:28:04.0306 4872 Scan started
14:28:04.0306 4872 Mode: Manual;
14:28:04.0306 4872 ============================================================
14:28:07.0619 4872 ================ Scan system memory ========================
14:28:07.0619 4872 System memory - ok
14:28:07.0620 4872 ================ Scan services =============================
14:28:08.0167 4872 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:28:08.0171 4872 1394ohci - ok
14:28:08.0243 4872 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:28:08.0246 4872 ACDaemon - ok
14:28:08.0269 4872 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:28:08.0274 4872 ACPI - ok
14:28:08.0301 4872 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:28:08.0303 4872 AcpiPmi - ok
14:28:08.0399 4872 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:28:08.0401 4872 AdobeARMservice - ok
14:28:08.0424 4872 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:28:08.0430 4872 adp94xx - ok
14:28:08.0451 4872 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:28:08.0463 4872 adpahci - ok
14:28:08.0483 4872 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:28:08.0506 4872 adpu320 - ok
14:28:08.0569 4872 [ E005682AE8F8EC4EB05F2A70A16EA1C5 ] AE1000 C:\Windows\system32\DRIVERS\ae1000w7.sys
14:28:08.0595 4872 AE1000 - ok
14:28:08.0619 4872 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:28:08.0620 4872 AeLookupSvc - ok
14:28:08.0679 4872 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
14:28:08.0684 4872 AFD - ok
14:28:08.0719 4872 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:28:08.0729 4872 agp440 - ok
14:28:08.0753 4872 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:28:08.0767 4872 ALG - ok
14:28:08.0801 4872 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:28:08.0803 4872 aliide - ok
14:28:08.0820 4872 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:28:08.0822 4872 amdide - ok
14:28:08.0841 4872 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:28:08.0843 4872 AmdK8 - ok
14:28:08.0874 4872 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:28:08.0876 4872 AmdPPM - ok
14:28:08.0901 4872 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:28:08.0919 4872 amdsata - ok
14:28:08.0955 4872 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:28:08.0958 4872 amdsbs - ok
14:28:08.0975 4872 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:28:08.0977 4872 amdxata - ok
14:28:09.0003 4872 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
14:28:09.0005 4872 AppID - ok
14:28:09.0029 4872 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:28:09.0031 4872 AppIDSvc - ok
14:28:09.0057 4872 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
14:28:09.0059 4872 Appinfo - ok
14:28:09.0077 4872 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:28:09.0079 4872 arc - ok
14:28:09.0103 4872 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:28:09.0105 4872 arcsas - ok
14:28:09.0134 4872 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:28:09.0148 4872 ArcSoftKsUFilter - ok
14:28:09.0179 4872 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:28:09.0180 4872 AsyncMac - ok
14:28:09.0203 4872 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:28:09.0205 4872 atapi - ok
14:28:09.0228 4872 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:28:09.0235 4872 AudioEndpointBuilder - ok
14:28:09.0248 4872 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:28:09.0254 4872 AudioSrv - ok
14:28:09.0272 4872 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:28:09.0292 4872 AxInstSV - ok
14:28:09.0327 4872 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:28:09.0342 4872 b06bdrv - ok
14:28:09.0373 4872 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:28:09.0386 4872 b57nd60a - ok
14:28:09.0473 4872 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:28:09.0476 4872 BDESVC - ok
14:28:09.0495 4872 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:28:09.0497 4872 Beep - ok
14:28:09.0524 4872 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
14:28:09.0531 4872 BFE - ok
14:28:09.0753 4872 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120905.001\BHDrvx64.sys
14:28:09.0776 4872 BHDrvx64 - ok
14:28:09.0811 4872 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
14:28:09.0837 4872 BITS - ok
14:28:09.0867 4872 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:28:09.0871 4872 blbdrive - ok
14:28:09.0911 4872 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:28:09.0935 4872 bowser - ok
14:28:09.0949 4872 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:28:09.0951 4872 BrFiltLo - ok
14:28:09.0974 4872 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:28:09.0976 4872 BrFiltUp - ok
14:28:10.0016 4872 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
14:28:10.0019 4872 Browser - ok
14:28:10.0041 4872 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:28:10.0060 4872 Brserid - ok
14:28:10.0078 4872 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:28:10.0105 4872 BrSerWdm - ok
14:28:10.0115 4872 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:28:10.0120 4872 BrUsbMdm - ok
14:28:10.0131 4872 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:28:10.0132 4872 BrUsbSer - ok
14:28:10.0144 4872 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:28:10.0146 4872 BTHMODEM - ok
14:28:10.0181 4872 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:28:10.0207 4872 bthserv - ok
14:28:10.0292 4872 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
14:28:10.0297 4872 ccSet_N360 - ok
14:28:10.0315 4872 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:28:10.0317 4872 cdfs - ok
14:28:10.0355 4872 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:28:10.0358 4872 cdrom - ok
14:28:10.0395 4872 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
14:28:10.0398 4872 CertPropSvc - ok
14:28:10.0423 4872 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:28:10.0426 4872 circlass - ok
14:28:10.0455 4872 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:28:10.0460 4872 CLFS - ok
14:28:10.0546 4872 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:28:10.0561 4872 clr_optimization_v2.0.50727_32 - ok
14:28:10.0598 4872 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:28:10.0601 4872 clr_optimization_v2.0.50727_64 - ok
14:28:10.0660 4872 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:28:10.0666 4872 clr_optimization_v4.0.30319_32 - ok
14:28:10.0707 4872 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:28:10.0723 4872 clr_optimization_v4.0.30319_64 - ok
14:28:10.0765 4872 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:28:10.0779 4872 CmBatt - ok
14:28:10.0798 4872 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:28:10.0799 4872 cmdide - ok
14:28:10.0857 4872 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
14:28:10.0873 4872 CNG - ok
14:28:10.0893 4872 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:28:10.0925 4872 Compbatt - ok
14:28:10.0953 4872 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:28:10.0965 4872 CompositeBus - ok
14:28:10.0985 4872 COMSysApp - ok
14:28:11.0010 4872 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:28:11.0014 4872 crcdisk - ok
14:28:11.0076 4872 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:28:11.0078 4872 CryptSvc - ok
14:28:11.0182 4872 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:28:11.0191 4872 cvhsvc - ok
14:28:11.0276 4872 [ 87A70750325AFC300F0977DC3137A350 ] DCamUSBNovatek C:\Windows\system32\Drivers\nvtcam.sys
14:28:11.0359 4872 DCamUSBNovatek - ok
14:28:11.0413 4872 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:28:11.0420 4872 DcomLaunch - ok
14:28:11.0454 4872 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:28:11.0474 4872 defragsvc - ok
14:28:11.0513 4872 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:28:11.0518 4872 DfsC - ok
14:28:11.0548 4872 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
14:28:11.0552 4872 Dhcp - ok
14:28:11.0574 4872 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:28:11.0586 4872 discache - ok
14:28:11.0622 4872 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:28:11.0638 4872 Disk - ok
14:28:11.0683 4872 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:28:11.0685 4872 Dnscache - ok
14:28:11.0706 4872 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
14:28:11.0718 4872 dot3svc - ok
14:28:11.0744 4872 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
14:28:11.0750 4872 DPS - ok
14:28:11.0770 4872 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:28:11.0788 4872 drmkaud - ok
14:28:11.0849 4872 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:28:11.0873 4872 DXGKrnl - ok
14:28:11.0929 4872 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:28:11.0931 4872 EapHost - ok
14:28:11.0995 4872 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:28:12.0073 4872 ebdrv - ok
14:28:12.0144 4872 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:28:12.0150 4872 eeCtrl - ok
14:28:12.0185 4872 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
14:28:12.0187 4872 EFS - ok
14:28:12.0263 4872 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:28:12.0285 4872 ehRecvr - ok
14:28:12.0314 4872 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:28:12.0329 4872 ehSched - ok
14:28:12.0366 4872 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:28:12.0372 4872 elxstor - ok
14:28:12.0427 4872 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:28:12.0429 4872 EraserUtilRebootDrv - ok
14:28:12.0441 4872 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:28:12.0442 4872 ErrDev - ok
14:28:12.0498 4872 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:28:12.0503 4872 EventSystem - ok
14:28:12.0524 4872 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:28:12.0527 4872 exfat - ok
14:28:12.0546 4872 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:28:12.0551 4872 fastfat - ok
14:28:12.0599 4872 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
14:28:12.0606 4872 Fax - ok
14:28:12.0624 4872 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:28:12.0625 4872 fdc - ok
14:28:12.0645 4872 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:28:12.0653 4872 fdPHost - ok
14:28:12.0673 4872 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:28:12.0684 4872 FDResPub - ok
14:28:12.0729 4872 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:28:12.0750 4872 FileInfo - ok
14:28:12.0816 4872 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:28:12.0829 4872 Filetrace - ok
14:28:12.0846 4872 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:28:12.0848 4872 flpydisk - ok
14:28:12.0885 4872 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:28:12.0889 4872 FltMgr - ok
14:28:13.0060 4872 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
14:28:13.0093 4872 FontCache - ok
14:28:13.0158 4872 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:28:13.0204 4872 FontCache3.0.0.0 - ok
14:28:13.0239 4872 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:28:13.0254 4872 FsDepends - ok
14:28:13.0308 4872 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:28:13.0310 4872 Fs_Rec - ok
14:28:13.0353 4872 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:28:13.0366 4872 fvevol - ok
14:28:13.0401 4872 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:28:13.0420 4872 gagp30kx - ok
14:28:13.0508 4872 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
14:28:13.0513 4872 GameConsoleService - ok
14:28:13.0554 4872 [ 9BA22AEE7F531EF9CE085CC2E1112BC4 ] GIDv2 C:\Windows\system32\drivers\GIDv2.sys
14:28:13.0568 4872 GIDv2 - ok
14:28:13.0612 4872 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
14:28:13.0620 4872 gpsvc - ok
14:28:13.0672 4872 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
14:28:13.0674 4872 grmnusb - ok
14:28:13.0713 4872 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:28:13.0729 4872 hcw85cir - ok
14:28:13.0761 4872 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:28:13.0764 4872 HDAudBus - ok
14:28:13.0782 4872 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:28:13.0794 4872 HidBatt - ok
14:28:13.0821 4872 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:28:13.0824 4872 HidBth - ok
14:28:13.0844 4872 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:28:13.0846 4872 HidIr - ok
14:28:13.0874 4872 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:28:13.0876 4872 hidserv - ok
14:28:13.0908 4872 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:28:13.0922 4872 HidUsb - ok
14:28:13.0956 4872 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:28:13.0963 4872 hkmsvc - ok
14:28:13.0998 4872 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:28:14.0017 4872 HomeGroupListener - ok
14:28:14.0059 4872 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:28:14.0062 4872 HomeGroupProvider - ok
14:28:14.0124 4872 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:28:14.0126 4872 HP Support Assistant Service - ok
14:28:14.0161 4872 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:28:14.0169 4872 HPDrvMntSvc.exe - ok
14:28:14.0218 4872 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
14:28:14.0242 4872 hpqwmiex - ok
14:28:14.0264 4872 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:28:14.0266 4872 HpSAMD - ok
14:28:14.0350 4872 [ 5ECEC779312AD35B1B19951A4B53FAC1 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:28:14.0362 4872 HPSLPSVC - ok
14:28:14.0405 4872 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:28:14.0413 4872 HTTP - ok
14:28:14.0429 4872 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:28:14.0445 4872 hwpolicy - ok
14:28:14.0471 4872 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:28:14.0476 4872 i8042prt - ok
14:28:14.0530 4872 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:28:14.0535 4872 iaStorV - ok
14:28:14.0612 4872 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:28:14.0628 4872 idsvc - ok
14:28:14.0830 4872 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120906.002\IDSvia64.sys
14:28:14.0837 4872 IDSVia64 - ok
14:28:14.0923 4872 [ 7A0E3B3E204816723D4B3FA255F4060F ] IDVaultSvc C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
14:28:14.0926 4872 IDVaultSvc - ok
14:28:14.0954 4872 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:28:14.0972 4872 iirsp - ok
14:28:15.0018 4872 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
14:28:15.0027 4872 IKEEXT - ok
14:28:15.0097 4872 [ EF75C94792187A143871FBB87611B0B7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:28:15.0166 4872 IntcAzAudAddService - ok
14:28:15.0184 4872 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:28:15.0187 4872 intelide - ok
14:28:15.0225 4872 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:28:15.0227 4872 intelppm - ok
14:28:15.0257 4872 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:28:15.0259 4872 IPBusEnum - ok
14:28:15.0282 4872 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:28:15.0285 4872 IpFilterDriver - ok
14:28:15.0322 4872 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:28:15.0355 4872 iphlpsvc - ok
14:28:15.0368 4872 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:28:15.0386 4872 IPMIDRV - ok
14:28:15.0409 4872 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:28:15.0414 4872 IPNAT - ok
14:28:15.0433 4872 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:28:15.0451 4872 IRENUM - ok
14:28:15.0477 4872 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:28:15.0479 4872 isapnp - ok
14:28:15.0497 4872 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:28:15.0519 4872 iScsiPrt - ok
14:28:15.0570 4872 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:28:15.0571 4872 kbdclass - ok
14:28:15.0609 4872 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:28:15.0611 4872 kbdhid - ok
14:28:15.0625 4872 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
14:28:15.0627 4872 KeyIso - ok
14:28:15.0663 4872 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:28:15.0665 4872 KSecDD - ok
14:28:15.0681 4872 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:28:15.0695 4872 KSecPkg - ok
14:28:15.0715 4872 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:28:15.0724 4872 ksthunk - ok
14:28:15.0757 4872 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:28:15.0791 4872 KtmRm - ok
14:28:15.0847 4872 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:28:15.0850 4872 LanmanServer - ok
14:28:15.0877 4872 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:28:15.0881 4872 LanmanWorkstation - ok
14:28:15.0942 4872 [ 0EE66BDF485C6828AA65C0EF5D591133 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:28:15.0945 4872 LightScribeService - ok
14:28:15.0971 4872 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:28:15.0973 4872 lltdio - ok
14:28:16.0005 4872 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:28:16.0009 4872 lltdsvc - ok
14:28:16.0032 4872 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:28:16.0035 4872 lmhosts - ok
14:28:16.0066 4872 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:28:16.0079 4872 LSI_FC - ok
14:28:16.0118 4872 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:28:16.0120 4872 LSI_SAS - ok
14:28:16.0130 4872 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:28:16.0133 4872 LSI_SAS2 - ok
14:28:16.0154 4872 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:28:16.0161 4872 LSI_SCSI - ok
14:28:16.0183 4872 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:28:16.0186 4872 luafv - ok
14:28:16.0228 4872 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:28:16.0248 4872 Mcx2Svc - ok
14:28:16.0273 4872 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:28:16.0275 4872 megasas - ok
14:28:16.0304 4872 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:28:16.0320 4872 MegaSR - ok
14:28:16.0358 4872 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:28:16.0360 4872 MMCSS - ok
14:28:16.0373 4872 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:28:16.0375 4872 Modem - ok
14:28:16.0404 4872 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:28:16.0419 4872 monitor - ok
14:28:16.0448 4872 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:28:16.0466 4872 mouclass - ok
14:28:16.0498 4872 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:28:16.0509 4872 mouhid - ok
14:28:16.0532 4872 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:28:16.0536 4872 mountmgr - ok
14:28:16.0626 4872 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:28:16.0629 4872 MozillaMaintenance - ok
14:28:16.0661 4872 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:28:16.0664 4872 mpio - ok
14:28:16.0686 4872 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:28:16.0703 4872 mpsdrv - ok
14:28:16.0745 4872 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:28:16.0754 4872 MpsSvc - ok
14:28:16.0775 4872 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:28:16.0777 4872 MRxDAV - ok
14:28:16.0827 4872 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:28:16.0849 4872 mrxsmb - ok
14:28:16.0898 4872 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:28:16.0904 4872 mrxsmb10 - ok
14:28:16.0921 4872 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:28:16.0941 4872 mrxsmb20 - ok
14:28:16.0970 4872 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:28:16.0988 4872 msahci - ok
14:28:16.0999 4872 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:28:17.0004 4872 msdsm - ok
14:28:17.0050 4872 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:28:17.0056 4872 MSDTC - ok
14:28:17.0087 4872 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:28:17.0105 4872 Msfs - ok
14:28:17.0134 4872 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:28:17.0138 4872 mshidkmdf - ok
14:28:17.0154 4872 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:28:17.0157 4872 msisadrv - ok
14:28:17.0179 4872 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:28:17.0182 4872 MSiSCSI - ok
14:28:17.0194 4872 msiserver - ok
14:28:17.0221 4872 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:28:17.0239 4872 MSKSSRV - ok
14:28:17.0265 4872 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:28:17.0267 4872 MSPCLOCK - ok
14:28:17.0301 4872 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:28:17.0310 4872 MSPQM - ok
14:28:17.0333 4872 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:28:17.0343 4872 MsRPC - ok
14:28:17.0373 4872 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:28:17.0381 4872 mssmbios - ok
14:28:17.0393 4872 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:28:17.0407 4872 MSTEE - ok
14:28:17.0426 4872 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:28:17.0428 4872 MTConfig - ok
14:28:17.0444 4872 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:28:17.0459 4872 Mup - ok
14:28:17.0640 4872 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\6.3.0.14\ccSvcHst.exe
14:28:17.0642 4872 N360 - ok
14:28:17.0677 4872 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
14:28:17.0683 4872 napagent - ok
14:28:17.0717 4872 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:28:17.0732 4872 NativeWifiP - ok
14:28:17.0839 4872 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120906.002\ENG64.SYS
14:28:17.0842 4872 NAVENG - ok
14:28:17.0941 4872 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120906.002\EX64.SYS
14:28:17.0984 4872 NAVEX15 - ok
14:28:18.0035 4872 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:28:18.0045 4872 NDIS - ok
14:28:18.0069 4872 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:28:18.0071 4872 NdisCap - ok
14:28:18.0113 4872 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:28:18.0115 4872 NdisTapi - ok
14:28:18.0135 4872 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:28:18.0137 4872 Ndisuio - ok
14:28:18.0152 4872 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:28:18.0166 4872 NdisWan - ok
14:28:18.0193 4872 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:28:18.0387 4872 NDProxy - ok
14:28:18.0422 4872 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:28:18.0424 4872 Net Driver HPZ12 - ok
14:28:18.0443 4872 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:28:18.0446 4872 NetBIOS - ok
14:28:18.0463 4872 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:28:18.0482 4872 NetBT - ok
14:28:18.0512 4872 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
14:28:18.0513 4872 Netlogon - ok
14:28:18.0555 4872 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:28:18.0561 4872 Netman - ok
14:28:18.0584 4872 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:28:18.0590 4872 netprofm - ok
14:28:18.0625 4872 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:28:18.0634 4872 NetTcpPortSharing - ok
14:28:18.0661 4872 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:28:18.0663 4872 nfrd960 - ok
14:28:18.0696 4872 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:28:18.0702 4872 NlaSvc - ok
14:28:18.0722 4872 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:28:18.0724 4872 Npfs - ok
14:28:18.0751 4872 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:28:18.0752 4872 nsi - ok
14:28:18.0774 4872 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:28:18.0775 4872 nsiproxy - ok
14:28:18.0839 4872 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:28:18.0873 4872 Ntfs - ok
14:28:18.0906 4872 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:28:18.0916 4872 Null - ok
14:28:19.0208 4872 [ 181B6E6F49F9F3AD05589B48E29BA167 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:28:19.0431 4872 nvlddmkm - ok
14:28:19.0464 4872 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
14:28:19.0477 4872 NVNET - ok
14:28:19.0508 4872 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:28:19.0511 4872 nvraid - ok
14:28:19.0538 4872 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:28:19.0540 4872 nvstor - ok
14:28:19.0566 4872 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
14:28:19.0567 4872 nvstor64 - ok
14:28:19.0649 4872 [ B5B5DA18380F625C34B88B93D09D7D40 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:28:19.0660 4872 nvsvc - ok
14:28:19.0802 4872 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:28:19.0806 4872 nv_agp - ok
14:28:19.0822 4872 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:28:19.0831 4872 ohci1394 - ok
14:28:19.0870 4872 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:28:19.0881 4872 ose - ok
14:28:20.0048 4872 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:28:20.0187 4872 osppsvc - ok
14:28:20.0226 4872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:28:20.0246 4872 p2pimsvc - ok
14:28:20.0286 4872 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:28:20.0292 4872 p2psvc - ok
14:28:20.0323 4872 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:28:20.0335 4872 Parport - ok
14:28:20.0361 4872 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:28:20.0364 4872 partmgr - ok
14:28:20.0387 4872 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:28:20.0394 4872 PcaSvc - ok
14:28:20.0422 4872 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
14:28:20.0425 4872 pci - ok
14:28:20.0447 4872 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:28:20.0449 4872 pciide - ok
14:28:20.0472 4872 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:28:20.0488 4872 pcmcia - ok
14:28:20.0516 4872 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:28:20.0518 4872 pcw - ok
14:28:20.0540 4872 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:28:20.0550 4872 PEAUTH - ok
14:28:20.0641 4872 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:28:20.0660 4872 PerfHost - ok
14:28:20.0745 4872 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
14:28:20.0789 4872 pla - ok
14:28:20.0837 4872 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:28:20.0845 4872 PlugPlay - ok
14:28:20.0872 4872 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:28:20.0876 4872 Pml Driver HPZ12 - ok
14:28:20.0898 4872 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:28:20.0900 4872 PNRPAutoReg - ok
14:28:20.0931 4872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:28:20.0933 4872 PNRPsvc - ok
14:28:20.0987 4872 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:28:20.0993 4872 PolicyAgent - ok
14:28:21.0030 4872 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:28:21.0034 4872 Power - ok
14:28:21.0064 4872 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:28:21.0076 4872 PptpMiniport - ok
14:28:21.0103 4872 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:28:21.0121 4872 Processor - ok
14:28:21.0170 4872 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
14:28:21.0174 4872 ProfSvc - ok
14:28:21.0192 4872 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:28:21.0193 4872 ProtectedStorage - ok
14:28:21.0208 4872 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:28:21.0210 4872 Psched - ok
14:28:21.0258 4872 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:28:21.0292 4872 ql2300 - ok
14:28:21.0301 4872 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:28:21.0314 4872 ql40xx - ok
14:28:21.0343 4872 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:28:21.0346 4872 QWAVE - ok
14:28:21.0368 4872 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:28:21.0372 4872 QWAVEdrv - ok
14:28:21.0387 4872 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:28:21.0411 4872 RasAcd - ok
14:28:21.0475 4872 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:28:21.0477 4872 RasAgileVpn - ok
14:28:21.0495 4872 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:28:21.0523 4872 RasAuto - ok
14:28:21.0556 4872 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:28:21.0562 4872 Rasl2tp - ok
14:28:21.0591 4872 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
14:28:21.0597 4872 RasMan - ok
14:28:21.0627 4872 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:28:21.0631 4872 RasPppoe - ok
14:28:21.0659 4872 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:28:21.0667 4872 RasSstp - ok
14:28:21.0718 4872 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:28:21.0722 4872 rdbss - ok
14:28:21.0742 4872 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:28:21.0746 4872 rdpbus - ok
14:28:21.0759 4872 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:28:21.0761 4872 RDPCDD - ok
14:28:21.0797 4872 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:28:21.0799 4872 RDPENCDD - ok
14:28:21.0822 4872 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:28:21.0825 4872 RDPREFMP - ok
14:28:21.0862 4872 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:28:21.0866 4872 RDPWD - ok
14:28:21.0884 4872 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:28:21.0887 4872 rdyboost - ok
14:28:21.0914 4872 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:28:21.0917 4872 RemoteAccess - ok
14:28:21.0964 4872 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:28:21.0967 4872 RemoteRegistry - ok
14:28:22.0024 4872 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:28:22.0028 4872 RpcEptMapper - ok
14:28:22.0075 4872 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:28:22.0079 4872 RpcLocator - ok
14:28:22.0140 4872 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
14:28:22.0170 4872 RpcSs - ok
14:28:22.0244 4872 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:28:22.0267 4872 rspndr - ok
14:28:22.0297 4872 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
14:28:22.0298 4872 SamSs - ok
14:28:22.0322 4872 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:28:22.0324 4872 sbp2port - ok
14:28:22.0406 4872 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:28:22.0433 4872 SCardSvr - ok
14:28:22.0483 4872 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:28:22.0512 4872 scfilter - ok
14:28:22.0658 4872 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
14:28:22.0673 4872 Schedule - ok
14:28:22.0774 4872 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:28:22.0777 4872 SCPolicySvc - ok
14:28:22.0862 4872 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:28:22.0877 4872 SDRSVC - ok
14:28:22.0902 4872 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:28:22.0915 4872 secdrv - ok
14:28:22.0949 4872 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
14:28:22.0963 4872 seclogon - ok
14:28:22.0982 4872 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:28:22.0984 4872 SENS - ok
14:28:23.0007 4872 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:28:23.0043 4872 SensrSvc - ok
14:28:23.0063 4872 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:28:23.0066 4872 Serenum - ok
14:28:23.0082 4872 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:28:23.0157 4872 Serial - ok
14:28:23.0186 4872 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:28:23.0190 4872 sermouse - ok
14:28:23.0234 4872 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
14:28:23.0237 4872 SessionEnv - ok
14:28:23.0257 4872 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:28:23.0324 4872 sffdisk - ok
14:28:23.0397 4872 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:28:23.0417 4872 sffp_mmc - ok
14:28:23.0439 4872 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:28:23.0518 4872 sffp_sd - ok
14:28:23.0627 4872 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:28:23.0650 4872 sfloppy - ok
14:28:23.0730 4872 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
14:28:23.0760 4872 Sftfs - ok
14:28:23.0862 4872 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:28:23.0875 4872 sftlist - ok
14:28:23.0935 4872 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:28:23.0946 4872 Sftplay - ok
14:28:23.0961 4872 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:28:23.0973 4872 Sftredir - ok
14:28:24.0004 4872 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
14:28:24.0006 4872 Sftvol - ok
14:28:24.0030 4872 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:28:24.0032 4872 sftvsa - ok
14:28:24.0062 4872 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:28:24.0069 4872 SharedAccess - ok
14:28:24.0103 4872 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:28:24.0108 4872 ShellHWDetection - ok
14:28:24.0150 4872 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:28:24.0154 4872 SiSRaid2 - ok
14:28:24.0179 4872 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:28:24.0181 4872 SiSRaid4 - ok
14:28:24.0313 4872 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:28:24.0330 4872 SkypeUpdate - ok
14:28:24.0370 4872 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:28:24.0375 4872 Smb - ok
14:28:24.0414 4872 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:28:24.0416 4872 SNMPTRAP - ok
14:28:24.0431 4872 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:28:24.0433 4872 spldr - ok
14:28:24.0475 4872 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
14:28:24.0482 4872 Spooler - ok
14:28:24.0581 4872 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
14:28:24.0667 4872 sppsvc - ok
14:28:24.0683 4872 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:28:24.0688 4872 sppuinotify - ok
14:28:24.0767 4872 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
14:28:24.0775 4872 SRTSP - ok
14:28:24.0795 4872 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
14:28:24.0797 4872 SRTSPX - ok
14:28:24.0842 4872 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:28:24.0848 4872 srv - ok
14:28:24.0873 4872 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:28:24.0878 4872 srv2 - ok
14:28:24.0912 4872 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:28:24.0931 4872 srvnet - ok
14:28:24.0975 4872 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:28:24.0981 4872 SSDPSRV - ok
14:28:25.0001 4872 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:28:25.0004 4872 SstpSvc - ok
14:28:25.0045 4872 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:28:25.0062 4872 stexstor - ok
14:28:25.0114 4872 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:28:25.0116 4872 StillCam - ok
14:28:25.0169 4872 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
14:28:25.0178 4872 stisvc - ok
14:28:25.0199 4872 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:28:25.0213 4872 swenum - ok
14:28:25.0247 4872 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:28:25.0287 4872 swprv - ok
14:28:25.0344 4872 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
14:28:25.0350 4872 SymDS - ok
14:28:25.0424 4872 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
14:28:25.0448 4872 SymEFA - ok
14:28:25.0489 4872 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:28:25.0495 4872 SymEvent - ok
14:28:25.0530 4872 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
14:28:25.0537 4872 SymIRON - ok
14:28:25.0566 4872 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
14:28:25.0571 4872 SymNetS - ok
14:28:25.0637 4872 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
14:28:25.0680 4872 SysMain - ok
14:28:25.0704 4872 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:28:25.0717 4872 TabletInputService - ok
14:28:25.0947 4872 [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
14:28:26.0077 4872 TabletServicePen - ok
14:28:26.0120 4872 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
14:28:26.0128 4872 TapiSrv - ok
14:28:26.0153 4872 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:28:26.0179 4872 TBS - ok
14:28:26.0249 4872 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:28:26.0317 4872 Tcpip - ok
14:28:26.0374 4872 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:28:26.0389 4872 TCPIP6 - ok
14:28:26.0429 4872 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:28:26.0445 4872 tcpipreg - ok
14:28:26.0470 4872 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:28:26.0473 4872 TDPIPE - ok
14:28:26.0493 4872 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:28:26.0496 4872 TDTCP - ok
14:28:26.0525 4872 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:28:26.0540 4872 tdx - ok
14:28:26.0570 4872 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:28:26.0572 4872 TermDD - ok
14:28:26.0614 4872 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
14:28:26.0622 4872 TermService - ok
14:28:26.0656 4872 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:28:26.0658 4872 Themes - ok
14:28:26.0690 4872 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:28:26.0693 4872 THREADORDER - ok
14:28:26.0781 4872 [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
14:28:26.0788 4872 TouchServicePen - ok
14:28:26.0923 4872 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:28:26.0931 4872 TrkWks - ok
14:28:27.0001 4872 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:28:27.0019 4872 TrustedInstaller - ok
14:28:27.0078 4872 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:28:27.0079 4872 tssecsrv - ok
14:28:27.0127 4872 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:28:27.0129 4872 tunnel - ok
14:28:27.0145 4872 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:28:27.0163 4872 uagp35 - ok
14:28:27.0247 4872 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe
14:28:27.0250 4872 uCamMonitor - ok
14:28:27.0274 4872 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:28:27.0278 4872 udfs - ok
14:28:27.0322 4872 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:28:27.0346 4872 UI0Detect - ok
14:28:27.0418 4872 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:28:27.0453 4872 uliagpkx - ok
14:28:27.0501 4872 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:28:27.0506 4872 umbus - ok
14:28:27.0517 4872 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:28:27.0535 4872 UmPass - ok
14:28:27.0582 4872 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:28:27.0603 4872 upnphost - ok
14:28:27.0657 4872 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:28:27.0668 4872 usbaudio - ok
14:28:27.0694 4872 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:28:27.0696 4872 usbccgp - ok
14:28:27.0739 4872 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:28:27.0742 4872 usbcir - ok
14:28:27.0771 4872 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:28:27.0788 4872 usbehci - ok
14:28:27.0830 4872 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:28:27.0849 4872 usbhub - ok
14:28:27.0879 4872 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:28:27.0881 4872 usbohci - ok
14:28:27.0899 4872 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:28:27.0911 4872 usbprint - ok
14:28:27.0945 4872 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:28:27.0947 4872 USBSTOR - ok
14:28:27.0970 4872 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:28:27.0973 4872 usbuhci - ok
14:28:28.0000 4872 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:28:28.0002 4872 UxSms - ok
14:28:28.0019 4872 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
14:28:28.0020 4872 VaultSvc - ok
14:28:28.0042 4872 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:28:28.0071 4872 vdrvroot - ok
14:28:28.0091 4872 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
14:28:28.0107 4872 vds - ok
14:28:28.0131 4872 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:28:28.0133 4872 vga - ok
14:28:28.0154 4872 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:28:28.0157 4872 VgaSave - ok
14:28:28.0175 4872 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:28:28.0178 4872 vhdmp - ok
14:28:28.0194 4872 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:28:28.0195 4872 viaide - ok
14:28:28.0222 4872 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:28:28.0224 4872 volmgr - ok
14:28:28.0244 4872 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:28:28.0249 4872 volmgrx - ok
14:28:28.0265 4872 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
14:28:28.0271 4872 volsnap - ok
14:28:28.0294 4872 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:28:28.0299 4872 vsmraid - ok
14:28:28.0383 4872 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
14:28:28.0443 4872 VSS - ok
14:28:28.0462 4872 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:28:28.0464 4872 vwifibus - ok
14:28:28.0484 4872 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:28:28.0488 4872 vwififlt - ok
14:28:28.0519 4872 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:28:28.0522 4872 vwifimp - ok
14:28:28.0542 4872 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:28:28.0549 4872 W32Time - ok
14:28:28.0616 4872 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
14:28:28.0618 4872 wacmoumonitor - ok
14:28:28.0636 4872 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
14:28:28.0639 4872 wacommousefilter - ok
14:28:28.0676 4872 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:28:28.0749 4872 WacomPen - ok
14:28:28.0787 4872 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
14:28:29.0062 4872 wacomvhid - ok
14:28:29.0107 4872 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:28:29.0110 4872 WANARP - ok
14:28:29.0118 4872 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:28:29.0119 4872 Wanarpv6 - ok
14:28:29.0170 4872 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:28:29.0197 4872 WatAdminSvc - ok
14:28:29.0256 4872 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
14:28:29.0307 4872 wbengine - ok
14:28:29.0326 4872 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:28:29.0330 4872 WbioSrvc - ok
14:28:29.0372 4872 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:28:29.0387 4872 wcncsvc - ok
14:28:29.0426 4872 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:28:29.0461 4872 WcsPlugInService - ok
14:28:29.0515 4872 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:28:29.0516 4872 Wd - ok
14:28:29.0548 4872 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:28:29.0555 4872 Wdf01000 - ok
14:28:29.0570 4872 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:28:29.0581 4872 WdiServiceHost - ok
14:28:29.0589 4872 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:28:29.0594 4872 WdiSystemHost - ok
14:28:29.0635 4872 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
14:28:29.0640 4872 WebClient - ok
14:28:29.0661 4872 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:28:29.0665 4872 Wecsvc - ok
14:28:29.0682 4872 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:28:29.0684 4872 wercplsupport - ok
14:28:29.0713 4872 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:28:29.0718 4872 WerSvc - ok
14:28:29.0743 4872 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:28:29.0746 4872 WfpLwf - ok
14:28:29.0764 4872 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:28:29.0766 4872 WIMMount - ok
14:28:29.0783 4872 WinDefend - ok
14:28:29.0797 4872 WinHttpAutoProxySvc - ok
14:28:29.0852 4872 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:28:29.0855 4872 Winmgmt - ok
14:28:29.0910 4872 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
14:28:29.0943 4872 WinRM - ok
14:28:30.0009 4872 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:28:30.0011 4872 WinUsb - ok
14:28:30.0053 4872 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:28:30.0066 4872 Wlansvc - ok
14:28:30.0124 4872 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:28:30.0126 4872 wlcrasvc - ok
14:28:30.0201 4872 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:28:30.0241 4872 wlidsvc - ok
14:28:30.0267 4872 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:28:30.0268 4872 WmiAcpi - ok
14:28:30.0303 4872 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:28:30.0320 4872 wmiApSrv - ok
14:28:30.0351 4872 WMPNetworkSvc - ok
14:28:30.0375 4872 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:28:30.0387 4872 WPCSvc - ok
14:28:30.0408 4872 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:28:30.0411 4872 WPDBusEnum - ok
14:28:30.0426 4872 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:28:30.0428 4872 ws2ifsl - ok
14:28:30.0466 4872 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
14:28:30.0469 4872 wscsvc - ok
14:28:30.0512 4872 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:28:30.0521 4872 WSDPrintDevice - ok
14:28:30.0531 4872 WSearch - ok
14:28:30.0604 4872 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:28:30.0646 4872 wuauserv - ok
14:28:30.0668 4872 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:28:30.0681 4872 WudfPf - ok
14:28:30.0707 4872 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:28:30.0712 4872 WUDFRd - ok
14:28:30.0741 4872 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:28:30.0744 4872 wudfsvc - ok
14:28:30.0759 4872 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:28:30.0765 4872 WwanSvc - ok
14:28:30.0811 4872 ================ Scan global ===============================
14:28:30.0843 4872 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:28:30.0878 4872 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
14:28:30.0889 4872 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
14:28:30.0908 4872 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:28:30.0953 4872 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:28:30.0957 4872 [Global] - ok
14:28:30.0960 4872 ================ Scan MBR ==================================
14:28:30.0968 4872 [ 6A3BB38EF08BCB99A37E0133C3888935 ] \Device\Harddisk0\DR0
14:28:30.0968 4872 Suspicious mbr (Forged): \Device\Harddisk0\DR0
14:28:31.0017 4872 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
14:28:31.0017 4872 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
14:28:31.0021 4872 ================ Scan VBR ==================================
14:28:31.0034 4872 [ 8843360215EEBD0D261C371962810481 ] \Device\Harddisk0\DR0\Partition1
14:28:31.0035 4872 \Device\Harddisk0\DR0\Partition1 - ok
14:28:31.0045 4872 [ CFD77D42A444CF5803B248DC37A58AD5 ] \Device\Harddisk0\DR0\Partition2
14:28:31.0047 4872 \Device\Harddisk0\DR0\Partition2 - ok
14:28:31.0052 4872 ============================================================
14:28:31.0052 4872 Scan finished
14:28:31.0052 4872 ============================================================
14:28:31.0075 3872 Detected object count: 1
14:28:31.0075 3872 Actual detected object count: 1
14:28:48.0539 3872 \Device\Harddisk0\DR0\# - copied to quarantine
14:28:48.0541 3872 \Device\Harddisk0\DR0 - copied to quarantine
14:28:48.0610 3872 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
14:28:48.0613 3872 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
14:28:48.0619 3872 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
14:28:48.0625 3872 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
14:28:48.0649 3872 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
14:28:48.0658 3872 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
14:28:48.0660 3872 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
14:28:48.0661 3872 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
14:28:48.0664 3872 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
14:28:48.0673 3872 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
14:28:48.0676 3872 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
14:28:48.0678 3872 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
14:28:48.0680 3872 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
14:28:48.0682 3872 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
14:28:48.0698 3872 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
14:28:48.0729 3872 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
14:28:48.0753 3872 \Device\Harddisk0\DR0 - ok
14:28:50.0874 3872 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
14:29:10.0645 2900 Deinitialize success





aswmbr:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-06 14:31:03
-----------------------------
14:31:03.987 OS Version: Windows x64 6.1.7600
14:31:03.987 Number of processors: 1 586 0x602
14:31:03.988 ComputerName: KATELYN-PC UserName: Katelyn
14:31:07.203 Initialize success
14:32:09.959 AVAST engine defs: 12090600
14:32:25.839 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000066
14:32:25.842 Disk 0 Vendor: ST332041 HP35 Size: 305245MB BusType: 3
14:32:25.844 Device \Driver\nvstor64 -> MajorFunction fffffa800377c5e8
14:32:25.847 Disk 0 MBR read successfully
14:32:25.865 Disk 0 MBR scan
14:32:25.874 Disk 0 unknown MBR code
14:32:25.885 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:32:25.930 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 293239 MB offset 206848
14:32:25.963 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11904 MB offset 600760320
14:32:26.030 Disk 0 scanning C:\Windows\system32\drivers
14:32:37.410 Service scanning
14:32:38.321 Service 41617172 C:\Windows\system32\drivers\14440517.sys **HIDDEN**
14:33:07.408 Modules scanning
14:33:07.860 Disk 0 trace - called modules:
14:33:07.868 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8006414200]<<38877343.sys >>UNKNOWN [0xfffffa800377c5e8]<<
14:33:07.877 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80032ba060]
14:33:07.883 3 CLASSPNP.SYS[fffff8800100143f] -> nt!IofCallDriver -> [0xfffffa8002d97c40]
14:33:07.890 5 ACPI.sys[fffff88000e6d781] -> nt!IofCallDriver -> \Device\00000066[0xfffffa8002e899c0]
14:33:07.894 \Driver\nvstor64[0xfffffa80036f4060] -> IRP_MJ_CREATE -> 0xfffffa800377c5e8
14:33:10.357 AVAST engine scan C:\Windows
14:33:12.188 AVAST engine scan C:\Windows\system32
14:36:18.198 AVAST engine scan C:\Windows\system32\drivers
14:36:33.575 AVAST engine scan C:\Users\Katelyn
14:44:02.743 AVAST engine scan C:\ProgramData
14:53:21.876 Scan finished successfully
14:53:40.480 Disk 0 MBR has been saved successfully to "C:\Users\Katelyn\Documents\MBR.dat"
14:53:40.485 The log file has been saved successfully to "C:\Users\Katelyn\Documents\aswMBR.txt"

eset:
C:\TDSSKiller_Quarantine\06.09.2012_14.28.00\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.09.2012_14.28.00\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.09.2012_14.28.00\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.09.2012_14.28.00\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.09.2012_14.28.00\mbr0000\tdlfs0000\tsk0014.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 06 September 2012 - 03:25 PM

Restart the PC and run TDSSkiller once again and post the new log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Loopyloo

Loopyloo
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 07 September 2012 - 10:25 AM

I haven't finished all the steps you listed but just wanted to post my progress. I restarted the computer and got bsod again, but it managed to restart. I ran tdss killer and got this log:

17:29:20.0266 5792 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:29:20.0609 5792 ============================================================
17:29:20.0609 5792 Current date / time: 2012/09/06 17:29:20.0609
17:29:20.0609 5792 SystemInfo:
17:29:20.0609 5792
17:29:20.0609 5792 OS Version: 6.1.7600 ServicePack: 0.0
17:29:20.0609 5792 Product type: Workstation
17:29:20.0609 5792 ComputerName: KATELYN-PC
17:29:20.0609 5792 UserName: Katelyn
17:29:20.0625 5792 Windows directory: C:\Windows
17:29:20.0625 5792 System windows directory: C:\Windows
17:29:20.0625 5792 Running under WOW64
17:29:20.0625 5792 Processor architecture: Intel x64
17:29:20.0625 5792 Number of processors: 1
17:29:20.0625 5792 Page size: 0x1000
17:29:20.0625 5792 Boot type: Normal boot
17:29:20.0625 5792 ============================================================
17:29:22.0403 5792 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:29:22.0403 5792 ============================================================
17:29:22.0403 5792 \Device\Harddisk0\DR0:
17:29:22.0403 5792 MBR partitions:
17:29:22.0403 5792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:29:22.0403 5792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x23CBB800
17:29:22.0403 5792 ============================================================
17:29:22.0481 5792 C: <-> \Device\Harddisk0\DR0\Partition2
17:29:22.0481 5792 ============================================================
17:29:22.0481 5792 Initialize success
17:29:22.0481 5792 ============================================================
17:29:24.0259 5820 ============================================================
17:29:24.0259 5820 Scan started
17:29:24.0259 5820 Mode: Manual;
17:29:24.0259 5820 ============================================================
17:29:28.0331 5820 ================ Scan system memory ========================
17:29:28.0331 5820 System memory - ok
17:29:28.0331 5820 ================ Scan services =============================
17:29:28.0643 5820 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:29:28.0659 5820 1394ohci - ok
17:29:28.0939 5820 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:29:28.0939 5820 ACDaemon - ok
17:29:28.0986 5820 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:29:28.0986 5820 ACPI - ok
17:29:29.0017 5820 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:29:29.0017 5820 AcpiPmi - ok
17:29:29.0173 5820 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:29:29.0173 5820 AdobeARMservice - ok
17:29:29.0220 5820 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:29:29.0220 5820 adp94xx - ok
17:29:29.0251 5820 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:29:29.0267 5820 adpahci - ok
17:29:29.0283 5820 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:29:29.0283 5820 adpu320 - ok
17:29:29.0423 5820 [ E005682AE8F8EC4EB05F2A70A16EA1C5 ] AE1000 C:\Windows\system32\DRIVERS\ae1000w7.sys
17:29:29.0454 5820 AE1000 - ok
17:29:29.0485 5820 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:29:29.0485 5820 AeLookupSvc - ok
17:29:29.0548 5820 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
17:29:29.0548 5820 AFD - ok
17:29:29.0595 5820 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:29:29.0595 5820 agp440 - ok
17:29:29.0610 5820 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:29:29.0610 5820 ALG - ok
17:29:29.0626 5820 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:29:29.0626 5820 aliide - ok
17:29:29.0657 5820 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:29:29.0657 5820 amdide - ok
17:29:29.0673 5820 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:29:29.0688 5820 AmdK8 - ok
17:29:29.0719 5820 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:29:29.0719 5820 AmdPPM - ok
17:29:29.0829 5820 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:29:29.0844 5820 amdsata - ok
17:29:29.0891 5820 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:29:29.0891 5820 amdsbs - ok
17:29:29.0953 5820 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:29:29.0953 5820 amdxata - ok
17:29:29.0969 5820 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:29:29.0969 5820 AppID - ok
17:29:30.0000 5820 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:29:30.0063 5820 AppIDSvc - ok
17:29:30.0094 5820 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:29:30.0094 5820 Appinfo - ok
17:29:30.0141 5820 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:29:30.0141 5820 arc - ok
17:29:30.0156 5820 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:29:30.0156 5820 arcsas - ok
17:29:30.0203 5820 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
17:29:30.0203 5820 ArcSoftKsUFilter - ok
17:29:30.0219 5820 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:29:30.0234 5820 AsyncMac - ok
17:29:30.0250 5820 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:29:30.0250 5820 atapi - ok
17:29:30.0281 5820 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:29:30.0297 5820 AudioEndpointBuilder - ok
17:29:30.0312 5820 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:29:30.0312 5820 AudioSrv - ok
17:29:30.0343 5820 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:29:30.0343 5820 AxInstSV - ok
17:29:30.0390 5820 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:29:30.0390 5820 b06bdrv - ok
17:29:30.0453 5820 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:29:30.0484 5820 b57nd60a - ok
17:29:30.0562 5820 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:29:30.0577 5820 BDESVC - ok
17:29:30.0609 5820 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:29:30.0609 5820 Beep - ok
17:29:30.0655 5820 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:29:30.0671 5820 BFE - ok
17:29:30.0952 5820 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120905.001\BHDrvx64.sys
17:29:30.0967 5820 BHDrvx64 - ok
17:29:31.0014 5820 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:29:31.0030 5820 BITS - ok
17:29:31.0061 5820 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:29:31.0061 5820 blbdrive - ok
17:29:31.0108 5820 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:29:31.0108 5820 bowser - ok
17:29:31.0170 5820 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:29:31.0186 5820 BrFiltLo - ok
17:29:31.0201 5820 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:29:31.0201 5820 BrFiltUp - ok
17:29:31.0248 5820 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
17:29:31.0248 5820 Browser - ok
17:29:31.0279 5820 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:29:31.0279 5820 Brserid - ok
17:29:31.0295 5820 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:29:31.0295 5820 BrSerWdm - ok
17:29:31.0311 5820 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:29:31.0311 5820 BrUsbMdm - ok
17:29:31.0326 5820 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:29:31.0326 5820 BrUsbSer - ok
17:29:31.0342 5820 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:29:31.0342 5820 BTHMODEM - ok
17:29:31.0373 5820 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:29:31.0513 5820 bthserv - ok
17:29:31.0607 5820 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
17:29:31.0623 5820 ccSet_N360 - ok
17:29:31.0638 5820 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:29:31.0638 5820 cdfs - ok
17:29:31.0701 5820 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:29:31.0716 5820 cdrom - ok
17:29:31.0747 5820 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:29:31.0779 5820 CertPropSvc - ok
17:29:31.0794 5820 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:29:31.0810 5820 circlass - ok
17:29:31.0872 5820 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:29:31.0872 5820 CLFS - ok
17:29:31.0950 5820 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:29:31.0950 5820 clr_optimization_v2.0.50727_32 - ok
17:29:32.0059 5820 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:29:32.0075 5820 clr_optimization_v2.0.50727_64 - ok
17:29:32.0169 5820 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:29:32.0169 5820 clr_optimization_v4.0.30319_32 - ok
17:29:32.0215 5820 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:29:32.0215 5820 clr_optimization_v4.0.30319_64 - ok
17:29:32.0293 5820 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:29:32.0293 5820 CmBatt - ok
17:29:32.0293 5820 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:29:32.0293 5820 cmdide - ok
17:29:32.0371 5820 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
17:29:32.0371 5820 CNG - ok
17:29:32.0403 5820 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:29:32.0403 5820 Compbatt - ok
17:29:32.0418 5820 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:29:32.0418 5820 CompositeBus - ok
17:29:32.0434 5820 COMSysApp - ok
17:29:32.0465 5820 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:29:32.0465 5820 crcdisk - ok
17:29:32.0527 5820 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:29:32.0543 5820 CryptSvc - ok
17:29:32.0715 5820 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:29:32.0746 5820 cvhsvc - ok
17:29:32.0902 5820 [ 87A70750325AFC300F0977DC3137A350 ] DCamUSBNovatek C:\Windows\system32\Drivers\nvtcam.sys
17:29:32.0980 5820 DCamUSBNovatek - ok
17:29:33.0058 5820 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:29:33.0073 5820 DcomLaunch - ok
17:29:33.0105 5820 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:29:33.0105 5820 defragsvc - ok
17:29:33.0151 5820 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:29:33.0151 5820 DfsC - ok
17:29:33.0214 5820 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:29:33.0229 5820 Dhcp - ok
17:29:33.0261 5820 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:29:33.0261 5820 discache - ok
17:29:33.0292 5820 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:29:33.0292 5820 Disk - ok
17:29:33.0401 5820 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:29:33.0401 5820 Dnscache - ok
17:29:33.0448 5820 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:29:33.0463 5820 dot3svc - ok
17:29:33.0651 5820 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:29:33.0651 5820 DPS - ok
17:29:33.0713 5820 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:29:33.0713 5820 drmkaud - ok
17:29:33.0807 5820 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:29:33.0822 5820 DXGKrnl - ok
17:29:33.0885 5820 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:29:33.0885 5820 EapHost - ok
17:29:34.0197 5820 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:29:34.0275 5820 ebdrv - ok
17:29:34.0384 5820 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:29:34.0399 5820 eeCtrl - ok
17:29:34.0446 5820 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
17:29:34.0446 5820 EFS - ok
17:29:34.0555 5820 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:29:34.0571 5820 ehRecvr - ok
17:29:34.0696 5820 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:29:34.0711 5820 ehSched - ok
17:29:34.0758 5820 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:29:34.0774 5820 elxstor - ok
17:29:34.0914 5820 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:29:34.0930 5820 EraserUtilRebootDrv - ok
17:29:34.0945 5820 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:29:34.0961 5820 ErrDev - ok
17:29:35.0039 5820 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:29:35.0055 5820 EventSystem - ok
17:29:35.0101 5820 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:29:35.0117 5820 exfat - ok
17:29:35.0273 5820 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:29:35.0289 5820 fastfat - ok
17:29:35.0429 5820 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:29:35.0460 5820 Fax - ok
17:29:35.0491 5820 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:29:35.0491 5820 fdc - ok
17:29:35.0523 5820 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:29:35.0523 5820 fdPHost - ok
17:29:35.0538 5820 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:29:35.0569 5820 FDResPub - ok
17:29:35.0601 5820 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:29:35.0601 5820 FileInfo - ok
17:29:35.0632 5820 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:29:35.0632 5820 Filetrace - ok
17:29:35.0647 5820 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:29:35.0647 5820 flpydisk - ok
17:29:35.0694 5820 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:29:35.0710 5820 FltMgr - ok
17:29:35.0772 5820 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
17:29:35.0788 5820 FontCache - ok
17:29:35.0959 5820 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:29:35.0959 5820 FontCache3.0.0.0 - ok
17:29:36.0006 5820 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:29:36.0006 5820 FsDepends - ok
17:29:36.0037 5820 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:29:36.0053 5820 Fs_Rec - ok
17:29:36.0115 5820 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:29:36.0115 5820 fvevol - ok
17:29:36.0147 5820 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:29:36.0147 5820 gagp30kx - ok
17:29:36.0240 5820 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:29:36.0256 5820 GameConsoleService - ok
17:29:36.0334 5820 [ 9BA22AEE7F531EF9CE085CC2E1112BC4 ] GIDv2 C:\Windows\system32\drivers\GIDv2.sys
17:29:36.0349 5820 GIDv2 - ok
17:29:36.0381 5820 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:29:36.0396 5820 gpsvc - ok
17:29:36.0427 5820 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
17:29:36.0427 5820 grmnusb - ok
17:29:36.0474 5820 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:29:36.0474 5820 hcw85cir - ok
17:29:36.0537 5820 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:29:36.0537 5820 HDAudBus - ok
17:29:36.0552 5820 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:29:36.0552 5820 HidBatt - ok
17:29:36.0583 5820 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:29:36.0583 5820 HidBth - ok
17:29:36.0615 5820 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:29:36.0615 5820 HidIr - ok
17:29:36.0646 5820 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:29:36.0646 5820 hidserv - ok
17:29:36.0677 5820 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:29:36.0677 5820 HidUsb - ok
17:29:36.0708 5820 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:29:36.0755 5820 hkmsvc - ok
17:29:36.0817 5820 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:29:36.0849 5820 HomeGroupListener - ok
17:29:36.0895 5820 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:29:36.0895 5820 HomeGroupProvider - ok
17:29:37.0051 5820 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:29:37.0083 5820 HP Support Assistant Service - ok
17:29:37.0395 5820 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:29:37.0426 5820 HPDrvMntSvc.exe - ok
17:29:37.0473 5820 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:29:37.0488 5820 hpqwmiex - ok
17:29:37.0504 5820 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:29:37.0504 5820 HpSAMD - ok
17:29:37.0629 5820 [ 5ECEC779312AD35B1B19951A4B53FAC1 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:29:37.0644 5820 HPSLPSVC - ok
17:29:37.0691 5820 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:29:37.0707 5820 HTTP - ok
17:29:37.0722 5820 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:29:37.0722 5820 hwpolicy - ok
17:29:37.0753 5820 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:29:37.0753 5820 i8042prt - ok
17:29:37.0816 5820 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:29:37.0816 5820 iaStorV - ok
17:29:37.0925 5820 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:29:37.0956 5820 idsvc - ok
17:29:38.0611 5820 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120906.002\IDSvia64.sys
17:29:38.0627 5820 IDSVia64 - ok
17:29:38.0736 5820 [ 7A0E3B3E204816723D4B3FA255F4060F ] IDVaultSvc C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
17:29:38.0752 5820 IDVaultSvc - ok
17:29:38.0814 5820 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:29:38.0814 5820 iirsp - ok
17:29:39.0423 5820 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:29:39.0438 5820 IKEEXT - ok
17:29:39.0516 5820 [ EF75C94792187A143871FBB87611B0B7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:29:39.0547 5820 IntcAzAudAddService - ok
17:29:39.0579 5820 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:29:39.0579 5820 intelide - ok
17:29:39.0625 5820 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:29:39.0625 5820 intelppm - ok
17:29:39.0672 5820 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:29:39.0672 5820 IPBusEnum - ok
17:29:39.0688 5820 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:29:39.0703 5820 IpFilterDriver - ok
17:29:39.0735 5820 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:29:39.0735 5820 iphlpsvc - ok
17:29:39.0750 5820 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:29:39.0750 5820 IPMIDRV - ok
17:29:39.0766 5820 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:29:39.0766 5820 IPNAT - ok
17:29:39.0813 5820 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:29:39.0828 5820 IRENUM - ok
17:29:40.0047 5820 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:29:40.0047 5820 isapnp - ok
17:29:40.0405 5820 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:29:40.0405 5820 iScsiPrt - ok
17:29:40.0421 5820 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:29:40.0437 5820 kbdclass - ok
17:29:40.0468 5820 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:29:40.0468 5820 kbdhid - ok
17:29:40.0483 5820 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
17:29:40.0483 5820 KeyIso - ok
17:29:40.0515 5820 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:29:40.0530 5820 KSecDD - ok
17:29:40.0577 5820 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:29:40.0577 5820 KSecPkg - ok
17:29:40.0608 5820 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:29:40.0608 5820 ksthunk - ok
17:29:40.0639 5820 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:29:40.0655 5820 KtmRm - ok
17:29:40.0733 5820 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:29:40.0749 5820 LanmanServer - ok
17:29:40.0764 5820 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:29:40.0780 5820 LanmanWorkstation - ok
17:29:40.0827 5820 [ 0EE66BDF485C6828AA65C0EF5D591133 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:29:40.0827 5820 LightScribeService - ok
17:29:41.0154 5820 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:29:41.0232 5820 lltdio - ok
17:29:41.0279 5820 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:29:41.0295 5820 lltdsvc - ok
17:29:41.0310 5820 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:29:41.0326 5820 lmhosts - ok
17:29:41.0357 5820 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:29:41.0357 5820 LSI_FC - ok
17:29:41.0388 5820 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:29:41.0388 5820 LSI_SAS - ok
17:29:41.0419 5820 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:29:41.0419 5820 LSI_SAS2 - ok
17:29:41.0435 5820 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:29:41.0435 5820 LSI_SCSI - ok
17:29:41.0451 5820 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:29:41.0466 5820 luafv - ok
17:29:41.0529 5820 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:29:41.0560 5820 Mcx2Svc - ok
17:29:41.0575 5820 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:29:41.0575 5820 megasas - ok
17:29:41.0591 5820 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:29:41.0607 5820 MegaSR - ok
17:29:41.0638 5820 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:29:41.0638 5820 MMCSS - ok
17:29:41.0653 5820 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:29:41.0653 5820 Modem - ok
17:29:41.0685 5820 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:29:41.0685 5820 monitor - ok
17:29:41.0700 5820 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:29:41.0716 5820 mouclass - ok
17:29:41.0778 5820 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:29:41.0794 5820 mouhid - ok
17:29:41.0825 5820 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:29:41.0825 5820 mountmgr - ok
17:29:41.0950 5820 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:29:41.0997 5820 MozillaMaintenance - ok
17:29:42.0028 5820 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:29:42.0028 5820 mpio - ok
17:29:42.0059 5820 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:29:42.0059 5820 mpsdrv - ok
17:29:42.0090 5820 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:29:42.0106 5820 MpsSvc - ok
17:29:42.0137 5820 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:29:42.0137 5820 MRxDAV - ok
17:29:42.0215 5820 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:29:42.0215 5820 mrxsmb - ok
17:29:42.0262 5820 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:29:42.0262 5820 mrxsmb10 - ok
17:29:42.0324 5820 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:29:42.0324 5820 mrxsmb20 - ok
17:29:42.0355 5820 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:29:42.0355 5820 msahci - ok
17:29:42.0387 5820 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:29:42.0387 5820 msdsm - ok
17:29:42.0418 5820 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:29:42.0496 5820 MSDTC - ok
17:29:42.0543 5820 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:29:42.0558 5820 Msfs - ok
17:29:42.0589 5820 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:29:42.0589 5820 mshidkmdf - ok
17:29:42.0683 5820 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:29:42.0699 5820 msisadrv - ok
17:29:42.0714 5820 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:29:42.0730 5820 MSiSCSI - ok
17:29:42.0745 5820 msiserver - ok
17:29:42.0808 5820 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:29:42.0823 5820 MSKSSRV - ok
17:29:42.0855 5820 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:29:42.0855 5820 MSPCLOCK - ok
17:29:42.0870 5820 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:29:42.0886 5820 MSPQM - ok
17:29:42.0901 5820 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:29:42.0917 5820 MsRPC - ok
17:29:42.0964 5820 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:29:42.0964 5820 mssmbios - ok
17:29:42.0979 5820 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:29:42.0979 5820 MSTEE - ok
17:29:42.0995 5820 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:29:43.0026 5820 MTConfig - ok
17:29:43.0042 5820 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:29:43.0042 5820 Mup - ok
17:29:43.0479 5820 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\6.3.0.14\ccSvcHst.exe
17:29:43.0479 5820 N360 - ok
17:29:43.0619 5820 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:29:43.0635 5820 napagent - ok
17:29:43.0728 5820 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:29:43.0728 5820 NativeWifiP - ok
17:29:43.0900 5820 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120906.002\ENG64.SYS
17:29:43.0900 5820 NAVENG - ok
17:29:44.0243 5820 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120906.002\EX64.SYS
17:29:44.0290 5820 NAVEX15 - ok
17:29:44.0337 5820 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:29:44.0352 5820 NDIS - ok
17:29:44.0383 5820 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:29:44.0383 5820 NdisCap - ok
17:29:44.0415 5820 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:29:44.0415 5820 NdisTapi - ok
17:29:44.0446 5820 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:29:44.0446 5820 Ndisuio - ok
17:29:44.0461 5820 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:29:44.0461 5820 NdisWan - ok
17:29:44.0477 5820 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:29:44.0493 5820 NDProxy - ok
17:29:44.0524 5820 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:29:44.0524 5820 Net Driver HPZ12 - ok
17:29:44.0555 5820 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:29:44.0555 5820 NetBIOS - ok
17:29:44.0586 5820 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:29:44.0586 5820 NetBT - ok
17:29:44.0617 5820 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
17:29:44.0617 5820 Netlogon - ok
17:29:44.0695 5820 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:29:44.0695 5820 Netman - ok
17:29:44.0727 5820 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:29:44.0742 5820 netprofm - ok
17:29:44.0773 5820 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:29:44.0773 5820 NetTcpPortSharing - ok
17:29:44.0805 5820 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:29:44.0805 5820 nfrd960 - ok
17:29:44.0851 5820 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:29:44.0851 5820 NlaSvc - ok
17:29:44.0867 5820 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:29:44.0867 5820 Npfs - ok
17:29:44.0898 5820 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:29:44.0898 5820 nsi - ok
17:29:44.0929 5820 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:29:44.0929 5820 nsiproxy - ok
17:29:45.0148 5820 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:29:45.0179 5820 Ntfs - ok
17:29:45.0226 5820 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:29:45.0226 5820 Null - ok
17:29:45.0694 5820 [ 181B6E6F49F9F3AD05589B48E29BA167 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:29:45.0881 5820 nvlddmkm - ok
17:29:45.0959 5820 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
17:29:45.0959 5820 NVNET - ok
17:29:45.0990 5820 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:29:45.0990 5820 nvraid - ok
17:29:46.0006 5820 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:29:46.0006 5820 nvstor - ok
17:29:46.0037 5820 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
17:29:46.0037 5820 nvstor64 - ok
17:29:46.0115 5820 [ B5B5DA18380F625C34B88B93D09D7D40 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:29:46.0131 5820 nvsvc - ok
17:29:46.0162 5820 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:29:46.0162 5820 nv_agp - ok
17:29:46.0177 5820 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:29:46.0177 5820 ohci1394 - ok
17:29:46.0365 5820 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:29:46.0380 5820 ose - ok
17:29:46.0895 5820 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:29:47.0004 5820 osppsvc - ok
17:29:47.0067 5820 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:29:47.0067 5820 p2pimsvc - ok
17:29:47.0098 5820 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:29:47.0098 5820 p2psvc - ok
17:29:47.0145 5820 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:29:47.0145 5820 Parport - ok
17:29:47.0176 5820 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:29:47.0176 5820 partmgr - ok
17:29:47.0207 5820 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:29:47.0207 5820 PcaSvc - ok
17:29:47.0223 5820 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:29:47.0223 5820 pci - ok
17:29:47.0238 5820 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:29:47.0254 5820 pciide - ok
17:29:47.0269 5820 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:29:47.0269 5820 pcmcia - ok
17:29:47.0301 5820 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:29:47.0301 5820 pcw - ok
17:29:47.0332 5820 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:29:47.0347 5820 PEAUTH - ok
17:29:47.0410 5820 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:29:47.0425 5820 PerfHost - ok
17:29:47.0503 5820 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:29:47.0535 5820 pla - ok
17:29:47.0566 5820 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:29:47.0566 5820 PlugPlay - ok
17:29:47.0613 5820 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:29:47.0613 5820 Pml Driver HPZ12 - ok
17:29:47.0628 5820 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:29:47.0628 5820 PNRPAutoReg - ok
17:29:47.0659 5820 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:29:47.0659 5820 PNRPsvc - ok
17:29:47.0691 5820 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:29:47.0691 5820 PolicyAgent - ok
17:29:47.0753 5820 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:29:47.0753 5820 Power - ok
17:29:47.0800 5820 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:29:47.0800 5820 PptpMiniport - ok
17:29:47.0862 5820 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:29:47.0878 5820 Processor - ok
17:29:47.0987 5820 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
17:29:47.0987 5820 ProfSvc - ok
17:29:48.0018 5820 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:29:48.0018 5820 ProtectedStorage - ok
17:29:48.0065 5820 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:29:48.0065 5820 Psched - ok
17:29:48.0252 5820 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:29:48.0299 5820 ql2300 - ok
17:29:48.0299 5820 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:29:48.0315 5820 ql40xx - ok
17:29:48.0346 5820 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:29:48.0361 5820 QWAVE - ok
17:29:48.0393 5820 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:29:48.0393 5820 QWAVEdrv - ok
17:29:48.0408 5820 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:29:48.0408 5820 RasAcd - ok
17:29:48.0439 5820 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:29:48.0439 5820 RasAgileVpn - ok
17:29:48.0471 5820 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:29:48.0471 5820 RasAuto - ok
17:29:48.0517 5820 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:29:48.0533 5820 Rasl2tp - ok
17:29:48.0549 5820 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:29:48.0564 5820 RasMan - ok
17:29:48.0580 5820 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:29:48.0580 5820 RasPppoe - ok
17:29:48.0611 5820 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:29:48.0611 5820 RasSstp - ok
17:29:48.0642 5820 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:29:48.0642 5820 rdbss - ok
17:29:48.0673 5820 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:29:48.0673 5820 rdpbus - ok
17:29:48.0705 5820 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:29:48.0705 5820 RDPCDD - ok
17:29:48.0736 5820 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:29:48.0736 5820 RDPENCDD - ok
17:29:48.0767 5820 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:29:48.0767 5820 RDPREFMP - ok
17:29:48.0798 5820 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:29:48.0798 5820 RDPWD - ok
17:29:48.0829 5820 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:29:48.0829 5820 rdyboost - ok
17:29:48.0861 5820 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:29:48.0861 5820 RemoteAccess - ok
17:29:48.0923 5820 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:29:48.0923 5820 RemoteRegistry - ok
17:29:48.0985 5820 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:29:49.0001 5820 RpcEptMapper - ok
17:29:49.0032 5820 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:29:49.0032 5820 RpcLocator - ok
17:29:49.0063 5820 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
17:29:49.0063 5820 RpcSs - ok
17:29:49.0095 5820 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:29:49.0110 5820 rspndr - ok
17:29:49.0126 5820 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
17:29:49.0126 5820 SamSs - ok
17:29:49.0157 5820 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:29:49.0157 5820 sbp2port - ok
17:29:49.0360 5820 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:29:49.0360 5820 SCardSvr - ok
17:29:49.0407 5820 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:29:49.0407 5820 scfilter - ok
17:29:49.0797 5820 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
17:29:49.0828 5820 Schedule - ok
17:29:49.0875 5820 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:29:49.0875 5820 SCPolicySvc - ok
17:29:49.0906 5820 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:29:49.0921 5820 SDRSVC - ok
17:29:49.0937 5820 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:29:49.0937 5820 secdrv - ok
17:29:49.0968 5820 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:29:49.0984 5820 seclogon - ok
17:29:50.0015 5820 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:29:50.0015 5820 SENS - ok
17:29:50.0062 5820 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:29:50.0062 5820 SensrSvc - ok
17:29:50.0093 5820 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:29:50.0093 5820 Serenum - ok
17:29:50.0109 5820 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:29:50.0140 5820 Serial - ok
17:29:50.0155 5820 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:29:50.0155 5820 sermouse - ok
17:29:50.0202 5820 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:29:50.0218 5820 SessionEnv - ok
17:29:50.0233 5820 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:29:50.0233 5820 sffdisk - ok
17:29:50.0265 5820 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:29:50.0265 5820 sffp_mmc - ok
17:29:50.0280 5820 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:29:50.0280 5820 sffp_sd - ok
17:29:50.0296 5820 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:29:50.0296 5820 sfloppy - ok
17:29:50.0452 5820 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:29:50.0467 5820 Sftfs - ok
17:29:50.0577 5820 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:29:50.0577 5820 sftlist - ok
17:29:50.0608 5820 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:29:50.0608 5820 Sftplay - ok
17:29:50.0639 5820 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:29:50.0639 5820 Sftredir - ok
17:29:50.0670 5820 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:29:50.0670 5820 Sftvol - ok
17:29:50.0686 5820 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:29:50.0686 5820 sftvsa - ok
17:29:50.0764 5820 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:29:50.0764 5820 SharedAccess - ok
17:29:50.0795 5820 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:29:50.0811 5820 ShellHWDetection - ok
17:29:50.0826 5820 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:29:50.0842 5820 SiSRaid2 - ok
17:29:50.0873 5820 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:29:50.0873 5820 SiSRaid4 - ok
17:29:50.0951 5820 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:29:50.0951 5820 SkypeUpdate - ok
17:29:50.0982 5820 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:29:50.0998 5820 Smb - ok
17:29:51.0123 5820 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:29:51.0154 5820 SNMPTRAP - ok
17:29:51.0185 5820 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:29:51.0201 5820 spldr - ok
17:29:51.0263 5820 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
17:29:51.0263 5820 Spooler - ok
17:29:51.0357 5820 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:29:51.0419 5820 sppsvc - ok
17:29:51.0450 5820 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:29:51.0450 5820 sppuinotify - ok
17:29:51.0559 5820 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
17:29:51.0559 5820 SRTSP - ok
17:29:51.0591 5820 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
17:29:51.0591 5820 SRTSPX - ok
17:29:51.0653 5820 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:29:51.0653 5820 srv - ok
17:29:51.0700 5820 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:29:51.0715 5820 srv2 - ok
17:29:51.0747 5820 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:29:51.0747 5820 srvnet - ok
17:29:51.0809 5820 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:29:51.0809 5820 SSDPSRV - ok
17:29:51.0825 5820 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:29:51.0871 5820 SstpSvc - ok
17:29:51.0903 5820 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:29:51.0903 5820 stexstor - ok
17:29:51.0949 5820 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:29:51.0949 5820 StillCam - ok
17:29:52.0027 5820 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:29:52.0043 5820 stisvc - ok
17:29:52.0105 5820 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:29:52.0137 5820 swenum - ok
17:29:52.0168 5820 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:29:52.0199 5820 swprv - ok
17:29:52.0308 5820 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
17:29:52.0324 5820 SymDS - ok
17:29:52.0417 5820 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
17:29:52.0449 5820 SymEFA - ok
17:29:52.0636 5820 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:29:52.0651 5820 SymEvent - ok
17:29:52.0698 5820 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
17:29:52.0714 5820 SymIRON - ok
17:29:52.0745 5820 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
17:29:52.0745 5820 SymNetS - ok
17:29:52.0823 5820 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:29:52.0932 5820 SysMain - ok
17:29:52.0963 5820 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:29:52.0963 5820 TabletInputService - ok
17:29:53.0275 5820 [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
17:29:53.0447 5820 TabletServicePen - ok
17:29:53.0494 5820 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:29:53.0509 5820 TapiSrv - ok
17:29:53.0541 5820 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:29:53.0556 5820 TBS - ok
17:29:53.0665 5820 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:29:53.0712 5820 Tcpip - ok
17:29:53.0775 5820 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:29:53.0790 5820 TCPIP6 - ok
17:29:53.0821 5820 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:29:53.0821 5820 tcpipreg - ok
17:29:53.0837 5820 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:29:53.0853 5820 TDPIPE - ok
17:29:53.0868 5820 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:29:53.0884 5820 TDTCP - ok
17:29:53.0915 5820 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:29:53.0915 5820 tdx - ok
17:29:53.0931 5820 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:29:53.0931 5820 TermDD - ok
17:29:53.0977 5820 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:29:53.0977 5820 TermService - ok
17:29:54.0009 5820 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:29:54.0009 5820 Themes - ok
17:29:54.0040 5820 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:29:54.0055 5820 THREADORDER - ok
17:29:54.0118 5820 [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
17:29:54.0133 5820 TouchServicePen - ok
17:29:54.0165 5820 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:29:54.0165 5820 TrkWks - ok
17:29:54.0211 5820 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:29:54.0227 5820 TrustedInstaller - ok
17:29:54.0258 5820 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:29:54.0258 5820 tssecsrv - ok
17:29:54.0305 5820 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:29:54.0321 5820 tunnel - ok
17:29:54.0336 5820 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:29:54.0352 5820 uagp35 - ok
17:29:54.0430 5820 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe
17:29:54.0430 5820 uCamMonitor - ok
17:29:54.0461 5820 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:29:54.0461 5820 udfs - ok
17:29:54.0508 5820 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:29:54.0523 5820 UI0Detect - ok
17:29:54.0555 5820 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:29:54.0555 5820 uliagpkx - ok
17:29:54.0586 5820 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:29:54.0586 5820 umbus - ok
17:29:54.0617 5820 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:29:54.0617 5820 UmPass - ok
17:29:54.0648 5820 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:29:54.0664 5820 upnphost - ok
17:29:54.0711 5820 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:29:54.0711 5820 usbaudio - ok
17:29:54.0757 5820 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:29:54.0757 5820 usbccgp - ok
17:29:54.0789 5820 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:29:54.0789 5820 usbcir - ok
17:29:54.0820 5820 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:29:54.0820 5820 usbehci - ok
17:29:54.0867 5820 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:29:54.0867 5820 usbhub - ok
17:29:54.0882 5820 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:29:54.0882 5820 usbohci - ok
17:29:54.0913 5820 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:29:54.0913 5820 usbprint - ok
17:29:54.0945 5820 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:29:54.0945 5820 USBSTOR - ok
17:29:54.0976 5820 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:29:54.0976 5820 usbuhci - ok
17:29:55.0007 5820 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:29:55.0007 5820 UxSms - ok
17:29:55.0023 5820 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
17:29:55.0023 5820 VaultSvc - ok
17:29:55.0085 5820 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:29:55.0085 5820 vdrvroot - ok
17:29:55.0116 5820 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:29:55.0147 5820 vds - ok
17:29:55.0179 5820 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:29:55.0179 5820 vga - ok
17:29:55.0210 5820 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:29:55.0210 5820 VgaSave - ok
17:29:55.0225 5820 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:29:55.0241 5820 vhdmp - ok
17:29:55.0241 5820 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:29:55.0257 5820 viaide - ok
17:29:55.0303 5820 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:29:55.0303 5820 volmgr - ok
17:29:55.0319 5820 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:29:55.0335 5820 volmgrx - ok
17:29:55.0350 5820 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:29:55.0366 5820 volsnap - ok
17:29:55.0381 5820 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:29:55.0381 5820 vsmraid - ok
17:29:55.0444 5820 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:29:55.0475 5820 VSS - ok
17:29:55.0506 5820 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:29:55.0506 5820 vwifibus - ok
17:29:55.0522 5820 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:29:55.0522 5820 vwififlt - ok
17:29:55.0569 5820 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:29:55.0569 5820 vwifimp - ok
17:29:55.0584 5820 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:29:55.0600 5820 W32Time - ok
17:29:55.0662 5820 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
17:29:55.0662 5820 wacmoumonitor - ok
17:29:55.0678 5820 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
17:29:55.0678 5820 wacommousefilter - ok
17:29:55.0709 5820 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:29:55.0709 5820 WacomPen - ok
17:29:55.0756 5820 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
17:29:55.0771 5820 wacomvhid - ok
17:29:55.0818 5820 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:29:55.0818 5820 WANARP - ok
17:29:55.0834 5820 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:29:55.0834 5820 Wanarpv6 - ok
17:29:55.0896 5820 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:29:55.0959 5820 WatAdminSvc - ok
17:29:56.0005 5820 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:29:56.0037 5820 wbengine - ok
17:29:56.0052 5820 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:29:56.0052 5820 WbioSrvc - ok
17:29:56.0099 5820 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:29:56.0115 5820 wcncsvc - ok
17:29:56.0130 5820 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:29:56.0130 5820 WcsPlugInService - ok
17:29:56.0193 5820 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:29:56.0193 5820 Wd - ok
17:29:56.0224 5820 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:29:56.0239 5820 Wdf01000 - ok
17:29:56.0286 5820 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:29:56.0286 5820 WdiServiceHost - ok
17:29:56.0302 5820 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:29:56.0302 5820 WdiSystemHost - ok
17:29:56.0380 5820 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
17:29:56.0427 5820 WebClient - ok
17:29:56.0458 5820 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:29:56.0458 5820 Wecsvc - ok
17:29:56.0473 5820 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:29:56.0489 5820 wercplsupport - ok
17:29:56.0505 5820 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:29:56.0505 5820 WerSvc - ok
17:29:56.0536 5820 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:29:56.0536 5820 WfpLwf - ok
17:29:56.0551 5820 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:29:56.0551 5820 WIMMount - ok
17:29:56.0598 5820 WinDefend - ok
17:29:56.0614 5820 WinHttpAutoProxySvc - ok
17:29:56.0661 5820 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:29:56.0661 5820 Winmgmt - ok
17:29:56.0707 5820 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:29:56.0754 5820 WinRM - ok
17:29:56.0832 5820 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:29:56.0832 5820 WinUsb - ok
17:29:56.0879 5820 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:29:56.0895 5820 Wlansvc - ok
17:29:56.0941 5820 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:29:56.0941 5820 wlcrasvc - ok
17:29:57.0019 5820 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:29:57.0051 5820 wlidsvc - ok
17:29:57.0082 5820 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:29:57.0082 5820 WmiAcpi - ok
17:29:57.0129 5820 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:29:57.0129 5820 wmiApSrv - ok
17:29:57.0160 5820 WMPNetworkSvc - ok
17:29:57.0207 5820 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:29:57.0222 5820 WPCSvc - ok
17:29:57.0238 5820 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:29:57.0238 5820 WPDBusEnum - ok
17:29:57.0269 5820 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:29:57.0269 5820 ws2ifsl - ok
17:29:57.0316 5820 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
17:29:57.0331 5820 wscsvc - ok
17:29:57.0378 5820 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:29:57.0394 5820 WSDPrintDevice - ok
17:29:57.0409 5820 WSearch - ok
17:29:57.0534 5820 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:29:57.0581 5820 wuauserv - ok
17:29:57.0628 5820 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:29:57.0628 5820 WudfPf - ok
17:29:57.0659 5820 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:29:57.0675 5820 WUDFRd - ok
17:29:57.0721 5820 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:29:57.0721 5820 wudfsvc - ok
17:29:57.0784 5820 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:29:57.0799 5820 WwanSvc - ok
17:29:57.0893 5820 ================ Scan global ===============================
17:29:58.0080 5820 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:29:58.0205 5820 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:29:58.0252 5820 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:29:58.0267 5820 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:29:58.0345 5820 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:29:58.0361 5820 [Global] - ok
17:29:58.0361 5820 ================ Scan MBR ==================================
17:29:58.0377 5820 [ 6A3BB38EF08BCB99A37E0133C3888935 ] \Device\Harddisk0\DR0
17:29:58.0377 5820 Suspicious mbr (Forged): \Device\Harddisk0\DR0
17:29:58.0564 5820 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
17:29:58.0564 5820 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
17:29:58.0564 5820 ================ Scan VBR ==================================
17:29:58.0579 5820 [ 8843360215EEBD0D261C371962810481 ] \Device\Harddisk0\DR0\Partition1
17:29:58.0657 5820 \Device\Harddisk0\DR0\Partition1 - ok
17:29:58.0782 5820 [ CFD77D42A444CF5803B248DC37A58AD5 ] \Device\Harddisk0\DR0\Partition2
17:29:58.0923 5820 \Device\Harddisk0\DR0\Partition2 - ok
17:29:58.0923 5820 ============================================================
17:29:58.0923 5820 Scan finished
17:29:58.0923 5820 ============================================================
17:29:58.0969 0828 Detected object count: 1
17:29:58.0969 0828 Actual detected object count: 1
17:30:07.0409 0828 \Device\Harddisk0\DR0\# - copied to quarantine
17:30:07.0409 0828 \Device\Harddisk0\DR0 - copied to quarantine
17:30:07.0456 0828 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
17:30:07.0471 0828 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
17:30:07.0471 0828 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
17:30:07.0487 0828 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
17:30:07.0503 0828 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
17:30:07.0518 0828 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
17:30:07.0518 0828 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
17:30:07.0518 0828 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
17:30:07.0534 0828 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
17:30:07.0534 0828 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
17:30:07.0534 0828 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
17:30:07.0534 0828 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
17:30:07.0549 0828 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
17:30:07.0549 0828 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
17:30:07.0565 0828 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
17:30:07.0596 0828 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
17:30:07.0612 0828 \Device\Harddisk0\DR0 - ok
17:30:07.0612 0828 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
17:33:22.0967 3636 Deinitialize success


After I tried to run mbam and it stopped responding. I had to close it out and start it again. Once it finished scanning it said I had a trojan virus and needed to restart. So the comp was restarted and when it did it said windows closed unexpectedly from an unexpected shutdown a pop up also appeared that asked if I wanted "Kasperskylab" to make changes to my computer. I clicked no and ran mbam again. It is still scanning at the moment but during the scan a pop up appeared that mbam had found a virus called svchost.exe and asked me to quarantine it I clicked quarantine. It is still scanning and I'm still trying to get a clean log...

#6 Loopyloo

Loopyloo
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 07 September 2012 - 12:09 PM

Mbam finished scanning and I'm about to restart the computer again. Here is the mbam log:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.07.09

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Katelyn :: KATELYN-PC [administrator]

Protection: Enabled

9/7/2012 11:09:15 AM
mbam-log-2012-09-07 (11-09-15).txt

Scan type: Full scan (C:\|E:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 439790
Time elapsed: 1 hour(s), 57 minute(s), 51 second(s)

Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 4068 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

I am scanning again and the same thing happened. A pop up from mbam appeared and it asked me to quarantine C:\Windows\svchost.exe . It seems like mbam isn't getting rid of it...

Edited by Loopyloo, 07 September 2012 - 12:31 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 07 September 2012 - 12:42 PM

Download

FIXTDSS

Launch it ,It may ask for restart,reboot the PC

On reboot ,click on REPAIR

Now run TDSSkiller and post the new log

#8 Loopyloo

Loopyloo
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 07 September 2012 - 03:30 PM

Here is the new log:
16:28:57.0174 5408 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
16:28:57.0548 5408 ============================================================
16:28:57.0548 5408 Current date / time: 2012/09/07 16:28:57.0548
16:28:57.0548 5408 SystemInfo:
16:28:57.0548 5408
16:28:57.0548 5408 OS Version: 6.1.7600 ServicePack: 0.0
16:28:57.0548 5408 Product type: Workstation
16:28:57.0548 5408 ComputerName: KATELYN-PC
16:28:57.0549 5408 UserName: Katelyn
16:28:57.0549 5408 Windows directory: C:\Windows
16:28:57.0549 5408 System windows directory: C:\Windows
16:28:57.0549 5408 Running under WOW64
16:28:57.0549 5408 Processor architecture: Intel x64
16:28:57.0549 5408 Number of processors: 1
16:28:57.0549 5408 Page size: 0x1000
16:28:57.0549 5408 Boot type: Normal boot
16:28:57.0549 5408 ============================================================
16:29:02.0970 5408 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
16:29:02.0973 5408 ============================================================
16:29:02.0973 5408 \Device\Harddisk0\DR0:
16:29:02.0973 5408 MBR partitions:
16:29:02.0973 5408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:29:02.0973 5408 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x23CBB800
16:29:02.0973 5408 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23CEE000, BlocksNum 0x1740000
16:29:02.0973 5408 ============================================================
16:29:03.0026 5408 C: <-> \Device\Harddisk0\DR0\Partition2
16:29:03.0142 5408 F: <-> \Device\Harddisk0\DR0\Partition3
16:29:03.0142 5408 ============================================================
16:29:03.0142 5408 Initialize success
16:29:03.0142 5408 ============================================================
16:29:04.0792 5532 ============================================================
16:29:04.0792 5532 Scan started
16:29:04.0792 5532 Mode: Manual;
16:29:04.0792 5532 ============================================================
16:29:08.0740 5532 ================ Scan system memory ========================
16:29:08.0740 5532 System memory - ok
16:29:08.0748 5532 ================ Scan services =============================
16:29:08.0986 5532 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:29:09.0031 5532 1394ohci - ok
16:29:09.0182 5532 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:29:09.0185 5532 ACDaemon - ok
16:29:09.0241 5532 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
16:29:09.0249 5532 ACPI - ok
16:29:09.0280 5532 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
16:29:09.0282 5532 AcpiPmi - ok
16:29:09.0438 5532 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:29:09.0454 5532 AdobeARMservice - ok
16:29:09.0508 5532 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:29:09.0515 5532 adp94xx - ok
16:29:09.0555 5532 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:29:09.0573 5532 adpahci - ok
16:29:09.0613 5532 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:29:09.0642 5532 adpu320 - ok
16:29:09.0707 5532 [ E005682AE8F8EC4EB05F2A70A16EA1C5 ] AE1000 C:\Windows\system32\DRIVERS\ae1000w7.sys
16:29:09.0725 5532 AE1000 - ok
16:29:09.0749 5532 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:29:09.0750 5532 AeLookupSvc - ok
16:29:09.0812 5532 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
16:29:09.0831 5532 AFD - ok
16:29:09.0874 5532 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
16:29:09.0889 5532 agp440 - ok
16:29:09.0908 5532 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:29:09.0911 5532 ALG - ok
16:29:09.0964 5532 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
16:29:09.0975 5532 aliide - ok
16:29:10.0026 5532 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
16:29:10.0027 5532 amdide - ok
16:29:10.0045 5532 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:29:10.0047 5532 AmdK8 - ok
16:29:10.0072 5532 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:29:10.0074 5532 AmdPPM - ok
16:29:10.0097 5532 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:29:10.0112 5532 amdsata - ok
16:29:10.0135 5532 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:29:10.0138 5532 amdsbs - ok
16:29:10.0156 5532 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:29:10.0157 5532 amdxata - ok
16:29:10.0183 5532 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
16:29:10.0185 5532 AppID - ok
16:29:10.0209 5532 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:29:10.0219 5532 AppIDSvc - ok
16:29:10.0262 5532 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
16:29:10.0263 5532 Appinfo - ok
16:29:10.0282 5532 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:29:10.0284 5532 arc - ok
16:29:10.0312 5532 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:29:10.0314 5532 arcsas - ok
16:29:10.0347 5532 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:29:10.0358 5532 ArcSoftKsUFilter - ok
16:29:10.0384 5532 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:29:10.0392 5532 AsyncMac - ok
16:29:10.0417 5532 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
16:29:10.0418 5532 atapi - ok
16:29:10.0450 5532 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:29:10.0456 5532 AudioEndpointBuilder - ok
16:29:10.0469 5532 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:29:10.0474 5532 AudioSrv - ok
16:29:10.0510 5532 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:29:10.0512 5532 AxInstSV - ok
16:29:10.0549 5532 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:29:10.0566 5532 b06bdrv - ok
16:29:10.0594 5532 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:29:10.0598 5532 b57nd60a - ok
16:29:10.0620 5532 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:29:10.0623 5532 BDESVC - ok
16:29:10.0642 5532 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:29:10.0644 5532 Beep - ok
16:29:10.0679 5532 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
16:29:10.0685 5532 BFE - ok
16:29:11.0041 5532 [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120905.001\BHDrvx64.sys
16:29:11.0062 5532 BHDrvx64 - ok
16:29:11.0224 5532 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
16:29:11.0266 5532 BITS - ok
16:29:11.0302 5532 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:29:11.0304 5532 blbdrive - ok
16:29:11.0341 5532 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:29:11.0366 5532 bowser - ok
16:29:11.0396 5532 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:29:11.0399 5532 BrFiltLo - ok
16:29:11.0420 5532 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:29:11.0421 5532 BrFiltUp - ok
16:29:11.0466 5532 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
16:29:11.0468 5532 Browser - ok
16:29:11.0479 5532 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:29:11.0495 5532 Brserid - ok
16:29:11.0504 5532 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:29:11.0506 5532 BrSerWdm - ok
16:29:11.0516 5532 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:29:11.0517 5532 BrUsbMdm - ok
16:29:11.0525 5532 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:29:11.0526 5532 BrUsbSer - ok
16:29:11.0563 5532 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:29:11.0565 5532 BTHMODEM - ok
16:29:11.0594 5532 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:29:11.0596 5532 bthserv - ok
16:29:11.0741 5532 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys
16:29:11.0759 5532 ccSet_N360 - ok
16:29:11.0811 5532 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:29:11.0813 5532 cdfs - ok
16:29:11.0851 5532 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:29:11.0864 5532 cdrom - ok
16:29:11.0900 5532 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
16:29:11.0925 5532 CertPropSvc - ok
16:29:11.0950 5532 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:29:11.0952 5532 circlass - ok
16:29:11.0976 5532 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:29:11.0982 5532 CLFS - ok
16:29:12.0168 5532 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:29:12.0185 5532 clr_optimization_v2.0.50727_32 - ok
16:29:12.0236 5532 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:29:12.0239 5532 clr_optimization_v2.0.50727_64 - ok
16:29:12.0310 5532 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:29:12.0350 5532 clr_optimization_v4.0.30319_32 - ok
16:29:12.0422 5532 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:29:12.0428 5532 clr_optimization_v4.0.30319_64 - ok
16:29:12.0469 5532 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:29:12.0481 5532 CmBatt - ok
16:29:12.0491 5532 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
16:29:12.0498 5532 cmdide - ok
16:29:12.0553 5532 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
16:29:12.0571 5532 CNG - ok
16:29:12.0589 5532 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:29:12.0601 5532 Compbatt - ok
16:29:12.0617 5532 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:29:12.0619 5532 CompositeBus - ok
16:29:12.0637 5532 COMSysApp - ok
16:29:12.0655 5532 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:29:12.0656 5532 crcdisk - ok
16:29:12.0696 5532 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:29:12.0698 5532 CryptSvc - ok
16:29:12.0919 5532 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:29:12.0935 5532 cvhsvc - ok
16:29:13.0202 5532 [ 87A70750325AFC300F0977DC3137A350 ] DCamUSBNovatek C:\Windows\system32\Drivers\nvtcam.sys
16:29:13.0295 5532 DCamUSBNovatek - ok
16:29:13.0376 5532 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:29:13.0389 5532 DcomLaunch - ok
16:29:13.0477 5532 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:29:13.0486 5532 defragsvc - ok
16:29:13.0523 5532 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:29:13.0536 5532 DfsC - ok
16:29:13.0568 5532 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
16:29:13.0573 5532 Dhcp - ok
16:29:13.0595 5532 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:29:13.0602 5532 discache - ok
16:29:13.0634 5532 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:29:13.0643 5532 Disk - ok
16:29:13.0680 5532 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:29:13.0690 5532 Dnscache - ok
16:29:13.0720 5532 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
16:29:13.0741 5532 dot3svc - ok
16:29:13.0765 5532 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
16:29:13.0767 5532 DPS - ok
16:29:13.0808 5532 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:29:13.0830 5532 drmkaud - ok
16:29:14.0125 5532 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:29:14.0156 5532 DXGKrnl - ok
16:29:14.0199 5532 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:29:14.0201 5532 EapHost - ok
16:29:14.0283 5532 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:29:14.0333 5532 ebdrv - ok
16:29:14.0416 5532 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:29:14.0419 5532 eeCtrl - ok
16:29:14.0456 5532 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
16:29:14.0458 5532 EFS - ok
16:29:14.0550 5532 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:29:14.0585 5532 ehRecvr - ok
16:29:14.0617 5532 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:29:14.0653 5532 ehSched - ok
16:29:14.0723 5532 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:29:14.0747 5532 elxstor - ok
16:29:14.0808 5532 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:29:14.0824 5532 EraserUtilRebootDrv - ok
16:29:14.0839 5532 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
16:29:14.0840 5532 ErrDev - ok
16:29:14.0921 5532 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:29:14.0925 5532 EventSystem - ok
16:29:14.0953 5532 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:29:14.0955 5532 exfat - ok
16:29:14.0991 5532 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:29:14.0995 5532 fastfat - ok
16:29:15.0108 5532 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
16:29:15.0135 5532 Fax - ok
16:29:15.0169 5532 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:29:15.0171 5532 fdc - ok
16:29:15.0215 5532 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:29:15.0217 5532 fdPHost - ok
16:29:15.0235 5532 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:29:15.0237 5532 FDResPub - ok
16:29:15.0256 5532 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:29:15.0267 5532 FileInfo - ok
16:29:15.0283 5532 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:29:15.0285 5532 Filetrace - ok
16:29:15.0342 5532 [ 00940C5E43282206994659D16B4AC412 ] FixTDSS C:\Windows\system32\drivers\FixTDSS.sys
16:29:15.0342 5532 FixTDSS - ok
16:29:15.0358 5532 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:29:15.0359 5532 flpydisk - ok
16:29:15.0387 5532 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:29:15.0390 5532 FltMgr - ok
16:29:15.0563 5532 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
16:29:15.0593 5532 FontCache - ok
16:29:15.0629 5532 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:29:15.0629 5532 FontCache3.0.0.0 - ok
16:29:15.0643 5532 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:29:15.0644 5532 FsDepends - ok
16:29:15.0678 5532 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:29:15.0685 5532 Fs_Rec - ok
16:29:15.0739 5532 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:29:15.0741 5532 fvevol - ok
16:29:15.0772 5532 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:29:15.0774 5532 gagp30kx - ok
16:29:15.0841 5532 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
16:29:15.0852 5532 GameConsoleService - ok
16:29:15.0901 5532 [ 9BA22AEE7F531EF9CE085CC2E1112BC4 ] GIDv2 C:\Windows\system32\drivers\GIDv2.sys
16:29:15.0916 5532 GIDv2 - ok
16:29:16.0032 5532 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
16:29:16.0053 5532 gpsvc - ok
16:29:16.0117 5532 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
16:29:16.0145 5532 grmnusb - ok
16:29:16.0192 5532 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:29:16.0202 5532 hcw85cir - ok
16:29:16.0240 5532 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:29:16.0243 5532 HDAudBus - ok
16:29:16.0303 5532 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:29:16.0317 5532 HidBatt - ok
16:29:16.0351 5532 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:29:16.0354 5532 HidBth - ok
16:29:16.0373 5532 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:29:16.0374 5532 HidIr - ok
16:29:16.0403 5532 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
16:29:16.0403 5532 hidserv - ok
16:29:16.0445 5532 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:29:16.0456 5532 HidUsb - ok
16:29:16.0482 5532 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:29:16.0485 5532 hkmsvc - ok
16:29:16.0502 5532 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:29:16.0506 5532 HomeGroupListener - ok
16:29:16.0552 5532 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:29:16.0556 5532 HomeGroupProvider - ok
16:29:16.0703 5532 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:29:16.0705 5532 HP Support Assistant Service - ok
16:29:16.0765 5532 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:29:16.0767 5532 HPDrvMntSvc.exe - ok
16:29:16.0815 5532 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:29:16.0837 5532 hpqwmiex - ok
16:29:16.0867 5532 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
16:29:16.0883 5532 HpSAMD - ok
16:29:17.0095 5532 [ 5ECEC779312AD35B1B19951A4B53FAC1 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:29:17.0550 5532 HPSLPSVC - ok
16:29:17.0619 5532 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:29:17.0657 5532 HTTP - ok
16:29:17.0673 5532 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:29:17.0675 5532 hwpolicy - ok
16:29:17.0699 5532 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:29:17.0702 5532 i8042prt - ok
16:29:17.0743 5532 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:29:17.0757 5532 iaStorV - ok
16:29:17.0807 5532 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:29:17.0834 5532 idsvc - ok
16:29:17.0901 5532 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120906.008\IDSvia64.sys
16:29:17.0904 5532 IDSVia64 - ok
16:29:17.0963 5532 [ 7A0E3B3E204816723D4B3FA255F4060F ] IDVaultSvc C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
16:29:17.0979 5532 IDVaultSvc - ok
16:29:18.0024 5532 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:29:18.0038 5532 iirsp - ok
16:29:18.0104 5532 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
16:29:18.0121 5532 IKEEXT - ok
16:29:18.0183 5532 [ EF75C94792187A143871FBB87611B0B7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:29:18.0202 5532 IntcAzAudAddService - ok
16:29:18.0213 5532 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:29:18.0226 5532 intelide - ok
16:29:18.0268 5532 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:29:18.0276 5532 intelppm - ok
16:29:18.0308 5532 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:29:18.0320 5532 IPBusEnum - ok
16:29:18.0344 5532 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:29:18.0346 5532 IpFilterDriver - ok
16:29:18.0413 5532 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:29:18.0421 5532 iphlpsvc - ok
16:29:18.0433 5532 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:29:18.0449 5532 IPMIDRV - ok
16:29:18.0460 5532 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:29:18.0462 5532 IPNAT - ok
16:29:18.0503 5532 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:29:18.0504 5532 IRENUM - ok
16:29:18.0515 5532 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
16:29:18.0516 5532 isapnp - ok
16:29:18.0565 5532 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:29:18.0568 5532 iScsiPrt - ok
16:29:18.0596 5532 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:29:18.0604 5532 kbdclass - ok
16:29:18.0629 5532 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:29:18.0630 5532 kbdhid - ok
16:29:18.0644 5532 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
16:29:18.0645 5532 KeyIso - ok
16:29:18.0674 5532 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:29:18.0697 5532 KSecDD - ok
16:29:18.0741 5532 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:29:18.0743 5532 KSecPkg - ok
16:29:18.0768 5532 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:29:18.0782 5532 ksthunk - ok
16:29:18.0819 5532 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:29:18.0844 5532 KtmRm - ok
16:29:18.0934 5532 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:29:18.0940 5532 LanmanServer - ok
16:29:18.0972 5532 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:29:18.0974 5532 LanmanWorkstation - ok
16:29:19.0030 5532 [ 0EE66BDF485C6828AA65C0EF5D591133 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:29:19.0033 5532 LightScribeService - ok
16:29:19.0075 5532 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:29:19.0077 5532 lltdio - ok
16:29:19.0116 5532 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:29:19.0129 5532 lltdsvc - ok
16:29:19.0143 5532 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:29:19.0144 5532 lmhosts - ok
16:29:19.0176 5532 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:29:19.0180 5532 LSI_FC - ok
16:29:19.0212 5532 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:29:19.0214 5532 LSI_SAS - ok
16:29:19.0223 5532 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:29:19.0231 5532 LSI_SAS2 - ok
16:29:19.0248 5532 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:29:19.0251 5532 LSI_SCSI - ok
16:29:19.0268 5532 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:29:19.0271 5532 luafv - ok
16:29:19.0329 5532 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:29:19.0342 5532 MBAMProtector - ok
16:29:19.0442 5532 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:29:19.0464 5532 MBAMService - ok
16:29:19.0498 5532 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:29:19.0523 5532 Mcx2Svc - ok
16:29:19.0575 5532 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:29:19.0586 5532 megasas - ok
16:29:19.0616 5532 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:29:19.0633 5532 MegaSR - ok
16:29:19.0688 5532 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:29:19.0690 5532 MMCSS - ok
16:29:19.0705 5532 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:29:19.0707 5532 Modem - ok
16:29:19.0740 5532 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:29:19.0741 5532 monitor - ok
16:29:19.0767 5532 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:29:19.0768 5532 mouclass - ok
16:29:19.0785 5532 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:29:19.0797 5532 mouhid - ok
16:29:19.0818 5532 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:29:19.0820 5532 mountmgr - ok
16:29:19.0912 5532 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:29:19.0934 5532 MozillaMaintenance - ok
16:29:20.0032 5532 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
16:29:20.0041 5532 mpio - ok
16:29:20.0071 5532 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:29:20.0079 5532 mpsdrv - ok
16:29:20.0115 5532 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:29:20.0125 5532 MpsSvc - ok
16:29:20.0152 5532 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:29:20.0156 5532 MRxDAV - ok
16:29:20.0202 5532 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:29:20.0204 5532 mrxsmb - ok
16:29:20.0243 5532 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:29:20.0254 5532 mrxsmb10 - ok
16:29:20.0274 5532 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:29:20.0287 5532 mrxsmb20 - ok
16:29:20.0314 5532 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
16:29:20.0322 5532 msahci - ok
16:29:20.0342 5532 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
16:29:20.0348 5532 msdsm - ok
16:29:20.0403 5532 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:29:20.0406 5532 MSDTC - ok
16:29:20.0430 5532 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:29:20.0445 5532 Msfs - ok
16:29:20.0470 5532 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:29:20.0472 5532 mshidkmdf - ok
16:29:20.0483 5532 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
16:29:20.0483 5532 msisadrv - ok
16:29:20.0519 5532 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:29:20.0563 5532 MSiSCSI - ok
16:29:20.0573 5532 msiserver - ok
16:29:20.0598 5532 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:29:20.0620 5532 MSKSSRV - ok
16:29:20.0643 5532 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:29:20.0644 5532 MSPCLOCK - ok
16:29:20.0679 5532 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:29:20.0690 5532 MSPQM - ok
16:29:20.0719 5532 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:29:20.0741 5532 MsRPC - ok
16:29:20.0792 5532 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:29:20.0793 5532 mssmbios - ok
16:29:20.0824 5532 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:29:20.0831 5532 MSTEE - ok
16:29:20.0854 5532 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:29:20.0856 5532 MTConfig - ok
16:29:20.0872 5532 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:29:20.0873 5532 Mup - ok
16:29:20.0971 5532 [ F2840DBFE9322F35557219AE82CC4597 ] N360 C:\Program Files (x86)\Norton Security Suite\Engine\6.3.0.14\ccSvcHst.exe
16:29:20.0975 5532 N360 - ok
16:29:21.0052 5532 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
16:29:21.0082 5532 napagent - ok
16:29:21.0174 5532 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:29:21.0207 5532 NativeWifiP - ok
16:29:21.0357 5532 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120907.001\ENG64.SYS
16:29:21.0358 5532 NAVENG - ok
16:29:21.0464 5532 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120907.001\EX64.SYS
16:29:21.0487 5532 NAVEX15 - ok
16:29:21.0571 5532 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
16:29:21.0580 5532 NDIS - ok
16:29:21.0605 5532 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:29:21.0615 5532 NdisCap - ok
16:29:21.0632 5532 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:29:21.0634 5532 NdisTapi - ok
16:29:21.0646 5532 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:29:21.0648 5532 Ndisuio - ok
16:29:21.0659 5532 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:29:21.0662 5532 NdisWan - ok
16:29:21.0678 5532 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:29:21.0687 5532 NDProxy - ok
16:29:21.0725 5532 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:29:21.0726 5532 Net Driver HPZ12 - ok
16:29:21.0745 5532 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:29:21.0747 5532 NetBIOS - ok
16:29:21.0765 5532 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:29:21.0779 5532 NetBT - ok
16:29:21.0798 5532 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
16:29:21.0799 5532 Netlogon - ok
16:29:21.0841 5532 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:29:21.0845 5532 Netman - ok
16:29:21.0862 5532 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:29:21.0866 5532 netprofm - ok
16:29:21.0893 5532 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:29:21.0904 5532 NetTcpPortSharing - ok
16:29:21.0930 5532 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:29:21.0932 5532 nfrd960 - ok
16:29:21.0966 5532 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:29:21.0969 5532 NlaSvc - ok
16:29:21.0983 5532 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:29:21.0985 5532 Npfs - ok
16:29:22.0010 5532 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:29:22.0011 5532 nsi - ok
16:29:22.0026 5532 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:29:22.0028 5532 nsiproxy - ok
16:29:22.0089 5532 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:29:22.0167 5532 Ntfs - ok
16:29:22.0191 5532 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:29:22.0192 5532 Null - ok
16:29:22.0397 5532 [ 181B6E6F49F9F3AD05589B48E29BA167 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:29:22.0482 5532 nvlddmkm - ok
16:29:22.0517 5532 [ 909EEDCBD365BB81027D8E742E6B3416 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
16:29:22.0534 5532 NVNET - ok
16:29:22.0551 5532 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:29:22.0554 5532 nvraid - ok
16:29:22.0571 5532 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:29:22.0573 5532 nvstor - ok
16:29:22.0592 5532 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
16:29:22.0595 5532 nvstor64 - ok
16:29:22.0649 5532 [ B5B5DA18380F625C34B88B93D09D7D40 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:29:22.0654 5532 nvsvc - ok
16:29:22.0679 5532 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
16:29:22.0681 5532 nv_agp - ok
16:29:22.0699 5532 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:29:22.0701 5532 ohci1394 - ok
16:29:22.0745 5532 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:29:22.0756 5532 ose - ok
16:29:22.0885 5532 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:29:22.0974 5532 osppsvc - ok
16:29:23.0004 5532 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:29:23.0008 5532 p2pimsvc - ok
16:29:23.0044 5532 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:29:23.0064 5532 p2psvc - ok
16:29:23.0092 5532 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:29:23.0094 5532 Parport - ok
16:29:23.0131 5532 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:29:23.0148 5532 partmgr - ok
16:29:23.0165 5532 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:29:23.0168 5532 PcaSvc - ok
16:29:23.0187 5532 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
16:29:23.0195 5532 pci - ok
16:29:23.0208 5532 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
16:29:23.0232 5532 pciide - ok
16:29:23.0248 5532 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:29:23.0252 5532 pcmcia - ok
16:29:23.0268 5532 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:29:23.0269 5532 pcw - ok
16:29:23.0292 5532 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:29:23.0299 5532 PEAUTH - ok
16:29:23.0411 5532 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:29:23.0419 5532 PerfHost - ok
16:29:23.0585 5532 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
16:29:23.0615 5532 pla - ok
16:29:23.0708 5532 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:29:23.0722 5532 PlugPlay - ok
16:29:23.0763 5532 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:29:23.0767 5532 Pml Driver HPZ12 - ok
16:29:23.0792 5532 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:29:23.0801 5532 PNRPAutoReg - ok
16:29:23.0820 5532 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:29:23.0822 5532 PNRPsvc - ok
16:29:23.0864 5532 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:29:23.0869 5532 PolicyAgent - ok
16:29:23.0892 5532 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:29:23.0894 5532 Power - ok
16:29:23.0926 5532 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:29:23.0928 5532 PptpMiniport - ok
16:29:23.0951 5532 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:29:23.0962 5532 Processor - ok
16:29:24.0007 5532 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
16:29:24.0017 5532 ProfSvc - ok
16:29:24.0029 5532 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:29:24.0030 5532 ProtectedStorage - ok
16:29:24.0053 5532 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:29:24.0055 5532 Psched - ok
16:29:24.0095 5532 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:29:24.0144 5532 ql2300 - ok
16:29:24.0156 5532 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:29:24.0164 5532 ql40xx - ok
16:29:24.0188 5532 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:29:24.0197 5532 QWAVE - ok
16:29:24.0213 5532 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:29:24.0214 5532 QWAVEdrv - ok
16:29:24.0224 5532 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:29:24.0226 5532 RasAcd - ok
16:29:24.0254 5532 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:29:24.0255 5532 RasAgileVpn - ok
16:29:24.0273 5532 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:29:24.0276 5532 RasAuto - ok
16:29:24.0291 5532 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:29:24.0293 5532 Rasl2tp - ok
16:29:24.0309 5532 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
16:29:24.0321 5532 RasMan - ok
16:29:24.0338 5532 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:29:24.0343 5532 RasPppoe - ok
16:29:24.0354 5532 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:29:24.0356 5532 RasSstp - ok
16:29:24.0373 5532 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:29:24.0376 5532 rdbss - ok
16:29:24.0394 5532 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:29:24.0401 5532 rdpbus - ok
16:29:24.0421 5532 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:29:24.0422 5532 RDPCDD - ok
16:29:24.0450 5532 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:29:24.0458 5532 RDPENCDD - ok
16:29:24.0481 5532 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:29:24.0482 5532 RDPREFMP - ok
16:29:24.0518 5532 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:29:24.0532 5532 RDPWD - ok
16:29:24.0551 5532 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:29:24.0557 5532 rdyboost - ok
16:29:24.0584 5532 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:29:24.0587 5532 RemoteAccess - ok
16:29:24.0616 5532 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:29:24.0619 5532 RemoteRegistry - ok
16:29:24.0639 5532 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:29:24.0640 5532 RpcEptMapper - ok
16:29:24.0658 5532 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:29:24.0660 5532 RpcLocator - ok
16:29:24.0685 5532 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
16:29:24.0689 5532 RpcSs - ok
16:29:24.0723 5532 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:29:24.0738 5532 rspndr - ok
16:29:24.0755 5532 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
16:29:24.0756 5532 SamSs - ok
16:29:24.0772 5532 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
16:29:24.0775 5532 sbp2port - ok
16:29:24.0801 5532 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:29:24.0804 5532 SCardSvr - ok
16:29:24.0818 5532 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:29:24.0820 5532 scfilter - ok
16:29:24.0913 5532 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
16:29:24.0932 5532 Schedule - ok
16:29:24.0961 5532 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:29:24.0961 5532 SCPolicySvc - ok
16:29:24.0993 5532 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:29:25.0006 5532 SDRSVC - ok
16:29:25.0039 5532 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:29:25.0047 5532 secdrv - ok
16:29:25.0070 5532 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
16:29:25.0076 5532 seclogon - ok
16:29:25.0093 5532 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:29:25.0094 5532 SENS - ok
16:29:25.0119 5532 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:29:25.0245 5532 SensrSvc - ok
16:29:25.0277 5532 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:29:25.0280 5532 Serenum - ok
16:29:25.0304 5532 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:29:25.0308 5532 Serial - ok
16:29:25.0332 5532 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:29:25.0333 5532 sermouse - ok
16:29:25.0384 5532 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
16:29:25.0402 5532 SessionEnv - ok
16:29:25.0412 5532 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:29:25.0421 5532 sffdisk - ok
16:29:25.0441 5532 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:29:25.0443 5532 sffp_mmc - ok
16:29:25.0451 5532 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:29:25.0452 5532 sffp_sd - ok
16:29:25.0462 5532 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:29:25.0464 5532 sfloppy - ok
16:29:25.0572 5532 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
16:29:25.0596 5532 Sftfs - ok
16:29:25.0738 5532 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:29:25.0755 5532 sftlist - ok
16:29:25.0789 5532 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:29:25.0792 5532 Sftplay - ok
16:29:25.0815 5532 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:29:25.0828 5532 Sftredir - ok
16:29:25.0848 5532 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
16:29:25.0855 5532 Sftvol - ok
16:29:25.0878 5532 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:29:25.0880 5532 sftvsa - ok
16:29:25.0905 5532 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:29:25.0910 5532 SharedAccess - ok
16:29:25.0938 5532 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:29:25.0943 5532 ShellHWDetection - ok
16:29:25.0970 5532 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:29:25.0983 5532 SiSRaid2 - ok
16:29:25.0998 5532 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:29:26.0000 5532 SiSRaid4 - ok
16:29:26.0060 5532 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:29:26.0062 5532 SkypeUpdate - ok
16:29:26.0083 5532 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:29:26.0091 5532 Smb - ok
16:29:26.0135 5532 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:29:26.0146 5532 SNMPTRAP - ok
16:29:26.0161 5532 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:29:26.0162 5532 spldr - ok
16:29:26.0204 5532 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
16:29:26.0210 5532 Spooler - ok
16:29:26.0311 5532 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
16:29:26.0377 5532 sppsvc - ok
16:29:26.0396 5532 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:29:26.0400 5532 sppuinotify - ok
16:29:26.0504 5532 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS
16:29:26.0529 5532 SRTSP - ok
16:29:26.0566 5532 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS
16:29:26.0578 5532 SRTSPX - ok
16:29:26.0613 5532 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:29:26.0619 5532 srv - ok
16:29:26.0641 5532 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:29:26.0647 5532 srv2 - ok
16:29:26.0665 5532 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:29:26.0680 5532 srvnet - ok
16:29:26.0733 5532 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:29:26.0735 5532 SSDPSRV - ok
16:29:26.0753 5532 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:29:26.0766 5532 SstpSvc - ok
16:29:26.0793 5532 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:29:26.0813 5532 stexstor - ok
16:29:26.0851 5532 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:29:26.0866 5532 StillCam - ok
16:29:26.0953 5532 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
16:29:26.0968 5532 stisvc - ok
16:29:27.0004 5532 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:29:27.0020 5532 swenum - ok
16:29:27.0052 5532 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:29:27.0069 5532 swprv - ok
16:29:27.0125 5532 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\N360x64\0603000.00E\SYMDS64.SYS
16:29:27.0146 5532 SymDS - ok
16:29:27.0262 5532 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\N360x64\0603000.00E\SYMEFA64.SYS
16:29:27.0314 5532 SymEFA - ok
16:29:27.0367 5532 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:29:27.0379 5532 SymEvent - ok
16:29:27.0428 5532 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS
16:29:27.0430 5532 SymIRON - ok
16:29:27.0530 5532 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS
16:29:27.0548 5532 SymNetS - ok
16:29:27.0647 5532 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
16:29:27.0681 5532 SysMain - ok
16:29:27.0741 5532 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:29:27.0743 5532 TabletInputService - ok
16:29:28.0123 5532 [ C4C20CFA4F42E9B7454E895C5C47BCD3 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
16:29:28.0307 5532 TabletServicePen - ok
16:29:28.0340 5532 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
16:29:28.0354 5532 TapiSrv - ok
16:29:28.0382 5532 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:29:28.0444 5532 TBS - ok
16:29:28.0596 5532 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:29:28.0642 5532 Tcpip - ok
16:29:28.0919 5532 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:29:28.0929 5532 TCPIP6 - ok
16:29:28.0955 5532 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:29:28.0967 5532 tcpipreg - ok
16:29:28.0999 5532 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:29:29.0000 5532 TDPIPE - ok
16:29:29.0046 5532 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:29:29.0061 5532 TDTCP - ok
16:29:29.0091 5532 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:29:29.0131 5532 tdx - ok
16:29:29.0175 5532 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:29:29.0176 5532 TermDD - ok
16:29:29.0314 5532 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
16:29:29.0349 5532 TermService - ok
16:29:29.0384 5532 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:29:29.0395 5532 Themes - ok
16:29:29.0409 5532 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:29:29.0410 5532 THREADORDER - ok
16:29:29.0459 5532 [ 7625DCF246E488E523DC1F64C38ABDA2 ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
16:29:29.0464 5532 TouchServicePen - ok
16:29:29.0488 5532 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:29:29.0490 5532 TrkWks - ok
16:29:29.0534 5532 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:29:29.0602 5532 TrustedInstaller - ok
16:29:29.0673 5532 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:29:29.0675 5532 tssecsrv - ok
16:29:29.0720 5532 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:29:29.0729 5532 tunnel - ok
16:29:29.0747 5532 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:29:29.0756 5532 uagp35 - ok
16:29:29.0909 5532 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\HP Webcam Software Suite\Magic-i Visual Effects 2\uCamMonitor.exe
16:29:29.0920 5532 uCamMonitor - ok
16:29:29.0965 5532 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:29:29.0969 5532 udfs - ok
16:29:30.0005 5532 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:29:30.0032 5532 UI0Detect - ok
16:29:30.0112 5532 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
16:29:32.0576 5532 uliagpkx - ok
16:29:32.0600 5532 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:29:32.0601 5532 umbus - ok
16:29:32.0621 5532 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:29:32.0624 5532 UmPass - ok
16:29:32.0657 5532 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:29:32.0667 5532 upnphost - ok
16:29:32.0723 5532 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:29:32.0753 5532 usbaudio - ok
16:29:32.0787 5532 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:29:32.0789 5532 usbccgp - ok
16:29:32.0808 5532 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:29:32.0810 5532 usbcir - ok
16:29:32.0838 5532 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:29:32.0840 5532 usbehci - ok
16:29:32.0871 5532 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:29:32.0888 5532 usbhub - ok
16:29:32.0903 5532 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:29:32.0910 5532 usbohci - ok
16:29:32.0925 5532 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:29:32.0935 5532 usbprint - ok
16:29:32.0961 5532 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:29:32.0985 5532 USBSTOR - ok
16:29:33.0013 5532 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:29:33.0023 5532 usbuhci - ok
16:29:33.0067 5532 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:29:33.0068 5532 UxSms - ok
16:29:33.0086 5532 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
16:29:33.0087 5532 VaultSvc - ok
16:29:33.0151 5532 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
16:29:33.0262 5532 vdrvroot - ok
16:29:33.0300 5532 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
16:29:33.0326 5532 vds - ok
16:29:33.0373 5532 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:29:33.0375 5532 vga - ok
16:29:33.0395 5532 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:29:33.0396 5532 VgaSave - ok
16:29:33.0417 5532 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
16:29:33.0420 5532 vhdmp - ok
16:29:33.0431 5532 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
16:29:33.0432 5532 viaide - ok
16:29:33.0448 5532 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
16:29:33.0458 5532 volmgr - ok
16:29:33.0480 5532 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:29:33.0484 5532 volmgrx - ok
16:29:33.0497 5532 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
16:29:33.0512 5532 volsnap - ok
16:29:33.0528 5532 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:29:33.0531 5532 vsmraid - ok
16:29:33.0574 5532 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
16:29:33.0609 5532 VSS - ok
16:29:33.0621 5532 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:29:33.0633 5532 vwifibus - ok
16:29:33.0661 5532 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:29:33.0663 5532 vwififlt - ok
16:29:33.0698 5532 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:29:33.0700 5532 vwifimp - ok
16:29:33.0713 5532 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:29:33.0717 5532 W32Time - ok
16:29:33.0781 5532 [ FE75777289278A4941FE6139E82B3BD9 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
16:29:33.0790 5532 wacmoumonitor - ok
16:29:33.0861 5532 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
16:29:33.0862 5532 wacommousefilter - ok
16:29:33.0887 5532 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:29:33.0898 5532 WacomPen - ok
16:29:33.0938 5532 [ EC1CEB237E365330C1FCFC4876AA0AC0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
16:29:33.0956 5532 wacomvhid - ok
16:29:33.0991 5532 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:29:34.0008 5532 WANARP - ok
16:29:34.0018 5532 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:29:34.0019 5532 Wanarpv6 - ok
16:29:34.0201 5532 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:29:34.0241 5532 WatAdminSvc - ok
16:29:34.0403 5532 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
16:29:34.0481 5532 wbengine - ok
16:29:34.0509 5532 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:29:34.0512 5532 WbioSrvc - ok
16:29:34.0569 5532 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:29:34.0594 5532 wcncsvc - ok
16:29:34.0641 5532 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:29:34.0649 5532 WcsPlugInService - ok
16:29:34.0682 5532 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:29:34.0692 5532 Wd - ok
16:29:34.0752 5532 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:29:34.0768 5532 Wdf01000 - ok
16:29:34.0786 5532 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:29:34.0788 5532 WdiServiceHost - ok
16:29:34.0796 5532 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:29:34.0800 5532 WdiSystemHost - ok
16:29:34.0853 5532 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
16:29:34.0867 5532 WebClient - ok
16:29:34.0886 5532 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:29:34.0890 5532 Wecsvc - ok
16:29:34.0916 5532 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:29:34.0925 5532 wercplsupport - ok
16:29:34.0956 5532 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:29:34.0958 5532 WerSvc - ok
16:29:34.0982 5532 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:29:35.0007 5532 WfpLwf - ok
16:29:35.0040 5532 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:29:35.0042 5532 WIMMount - ok
16:29:35.0059 5532 WinDefend - ok
16:29:35.0072 5532 WinHttpAutoProxySvc - ok
16:29:35.0120 5532 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:29:35.0122 5532 Winmgmt - ok
16:29:35.0362 5532 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
16:29:35.0460 5532 WinRM - ok
16:29:35.0551 5532 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:29:35.0553 5532 WinUsb - ok
16:29:35.0595 5532 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:29:35.0608 5532 Wlansvc - ok
16:29:35.0666 5532 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:29:35.0668 5532 wlcrasvc - ok
16:29:35.0748 5532 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:29:35.0811 5532 wlidsvc - ok
16:29:35.0850 5532 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:29:35.0852 5532 WmiAcpi - ok
16:29:35.0893 5532 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:29:35.0896 5532 wmiApSrv - ok
16:29:35.0918 5532 WMPNetworkSvc - ok
16:29:35.0959 5532 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:29:35.0967 5532 WPCSvc - ok
16:29:35.0992 5532 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:29:35.0994 5532 WPDBusEnum - ok
16:29:36.0010 5532 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:29:36.0020 5532 ws2ifsl - ok
16:29:36.0058 5532 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
16:29:36.0061 5532 wscsvc - ok
16:29:36.0096 5532 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
16:29:36.0109 5532 WSDPrintDevice - ok
16:29:36.0117 5532 WSearch - ok
16:29:36.0211 5532 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:29:36.0271 5532 wuauserv - ok
16:29:36.0284 5532 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:29:36.0311 5532 WudfPf - ok
16:29:36.0333 5532 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:29:36.0335 5532 WUDFRd - ok
16:29:36.0366 5532 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:29:36.0368 5532 wudfsvc - ok
16:29:36.0393 5532 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:29:36.0397 5532 WwanSvc - ok
16:29:36.0443 5532 ================ Scan global ===============================
16:29:36.0477 5532 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:29:36.0528 5532 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
16:29:36.0548 5532 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
16:29:36.0575 5532 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:29:36.0611 5532 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:29:36.0615 5532 [Global] - ok
16:29:36.0619 5532 ================ Scan MBR ==================================
16:29:36.0626 5532 [ 6A3BB38EF08BCB99A37E0133C3888935 ] \Device\Harddisk0\DR0
16:29:36.0788 5532 \Device\Harddisk0\DR0 - ok
16:29:36.0792 5532 ================ Scan VBR ==================================
16:29:36.0809 5532 [ 8843360215EEBD0D261C371962810481 ] \Device\Harddisk0\DR0\Partition1
16:29:36.0817 5532 \Device\Harddisk0\DR0\Partition1 - ok
16:29:36.0837 5532 [ CFD77D42A444CF5803B248DC37A58AD5 ] \Device\Harddisk0\DR0\Partition2
16:29:36.0838 5532 \Device\Harddisk0\DR0\Partition2 - ok
16:29:36.0870 5532 [ C18857E7EE67036509B16CAA703ACF1D ] \Device\Harddisk0\DR0\Partition3
16:29:36.0895 5532 \Device\Harddisk0\DR0\Partition3 - ok
16:29:36.0898 5532 ============================================================
16:29:36.0898 5532 Scan finished
16:29:36.0898 5532 ============================================================
16:29:36.0913 5524 Detected object count: 0
16:29:36.0913 5524 Actual detected object count: 0
16:29:47.0958 5404 Deinitialize success

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 07 September 2012 - 04:00 PM

ESET log?

Run malwarebytes again.Remove infections and scan again.It should come clean

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#10 Loopyloo

Loopyloo
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 07 September 2012 - 04:09 PM

Do you want me to scan with ESET again?
Also when I just tried to scan with mbam it just blue screened and restarted itself. I'm trying to open mbam and scan again now though.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 07 September 2012 - 04:16 PM

Run both ESET and malwarebytes in safemode with networking

#12 Loopyloo

Loopyloo
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 07 September 2012 - 04:55 PM

Ok I shut it down and tried to start it in safe mode. but when I tried to start it up it said windows failed to start and it tried pc repair which failed. I'm using my phone to write this and I cant access my computer. its now stuck on the hp recovery screen.. which has a few options. not sure what to do

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 07 September 2012 - 05:15 PM

Restart the PC

Press F8 on bootup

Select REPAIR YOUR COMPUTER

Click on REPAIR

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

Can you get to this screen?

#14 Loopyloo

Loopyloo
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:05:11 PM

Posted 07 September 2012 - 07:20 PM

Yes I got to the screen

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:11 PM

Posted 07 September 2012 - 07:24 PM

Click on STARTUP REPAIR

After startup repair finishes,try to boot normally




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users