Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Ransomware Help


  • This topic is locked This topic is locked
3 replies to this topic

#1 beklanmaia

beklanmaia

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 25 September 2012 - 03:19 PM

Hi guys. This annoying FBI thing popped up yesterday. I ran some of the scans that I saw recommended in another post and wanted to post the logs for help. Thanks in advance. Here's TDSkiller:

18:29:55.0414 1580 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
18:29:55.0759 1580 ============================================================
18:29:55.0759 1580 Current date / time: 2012/09/24 18:29:55.0759
18:29:55.0759 1580 SystemInfo:
18:29:55.0759 1580
18:29:55.0764 1580 OS Version: 6.1.7601 ServicePack: 1.0
18:29:55.0764 1580 Product type: Workstation
18:29:55.0764 1580 ComputerName: BYRDFAM-HP
18:29:55.0764 1580 UserName: Byrd Fam
18:29:55.0764 1580 Windows directory: C:\Windows
18:29:55.0764 1580 System windows directory: C:\Windows
18:29:55.0764 1580 Running under WOW64
18:29:55.0764 1580 Processor architecture: Intel x64
18:29:55.0764 1580 Number of processors: 2
18:29:55.0764 1580 Page size: 0x1000
18:29:55.0764 1580 Boot type: Safe boot with network
18:29:55.0764 1580 ============================================================
18:29:56.0704 1580 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:29:56.0709 1580 ============================================================
18:29:56.0709 1580 \Device\Harddisk0\DR0:
18:29:56.0709 1580 MBR partitions:
18:29:56.0709 1580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:29:56.0709 1580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x223F3000
18:29:56.0709 1580 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22457000, BlocksNum 0x27E7800
18:29:56.0709 1580 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x24C3E800, BlocksNum 0x7EF800
18:29:56.0709 1580 ============================================================
18:29:56.0744 1580 C: <-> \Device\Harddisk0\DR0\Partition2
18:29:56.0799 1580 D: <-> \Device\Harddisk0\DR0\Partition3
18:29:56.0809 1580 E: <-> \Device\Harddisk0\DR0\Partition4
18:29:56.0809 1580 ============================================================
18:29:56.0809 1580 Initialize success
18:29:56.0809 1580 ============================================================
18:30:15.0334 1828 ============================================================
18:30:15.0334 1828 Scan started
18:30:15.0334 1828 Mode: Manual; SigCheck; TDLFS;
18:30:15.0334 1828 ============================================================
18:30:16.0144 1828 ================ Scan system memory ========================
18:30:16.0144 1828 System memory - ok
18:30:16.0144 1828 ================ Scan services =============================
18:30:16.0444 1828 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:30:16.0639 1828 1394ohci - ok
18:30:16.0724 1828 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:30:16.0739 1828 ACPI - ok
18:30:16.0784 1828 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:30:16.0839 1828 AcpiPmi - ok
18:30:16.0934 1828 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:30:16.0949 1828 AdobeARMservice - ok
18:30:17.0099 1828 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:30:17.0114 1828 AdobeFlashPlayerUpdateSvc - ok
18:30:17.0164 1828 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:30:17.0184 1828 adp94xx - ok
18:30:17.0219 1828 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:30:17.0239 1828 adpahci - ok
18:30:17.0289 1828 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:30:17.0304 1828 adpu320 - ok
18:30:17.0334 1828 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:30:17.0459 1828 AeLookupSvc - ok
18:30:17.0504 1828 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:30:17.0559 1828 AFD - ok
18:30:17.0599 1828 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:30:17.0609 1828 agp440 - ok
18:30:17.0639 1828 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:30:17.0684 1828 ALG - ok
18:30:17.0734 1828 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:30:17.0744 1828 aliide - ok
18:30:17.0794 1828 [ 850F0C8034225FA3F50D551A905FA503 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:30:17.0869 1828 AMD External Events Utility - ok
18:30:17.0919 1828 AMD FUEL Service - ok
18:30:17.0944 1828 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:30:17.0959 1828 amdide - ok
18:30:17.0989 1828 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
18:30:18.0019 1828 amdiox64 - ok
18:30:18.0064 1828 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:30:18.0094 1828 AmdK8 - ok
18:30:18.0294 1828 [ 7979BF4A66EFDADF3D00A052409609B1 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:30:18.0584 1828 amdkmdag - ok
18:30:18.0619 1828 [ 7D5CDB0161E91951D3DD99E55CEA4D01 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:30:18.0674 1828 amdkmdap - ok
18:30:18.0709 1828 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:30:18.0739 1828 AmdPPM - ok
18:30:18.0759 1828 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:30:18.0774 1828 amdsata - ok
18:30:18.0804 1828 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:30:18.0819 1828 amdsbs - ok
18:30:18.0854 1828 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:30:18.0864 1828 amdxata - ok
18:30:18.0884 1828 [ BB4FE7889DB9CBBE61A308E99697F53C ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
18:30:18.0889 1828 amd_sata - ok
18:30:18.0909 1828 [ 5631CBA53F1CBEA3F9E88348E6723391 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
18:30:18.0919 1828 amd_xata - ok
18:30:18.0954 1828 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:30:19.0074 1828 AppID - ok
18:30:19.0104 1828 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:30:19.0154 1828 AppIDSvc - ok
18:30:19.0184 1828 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:30:19.0234 1828 Appinfo - ok
18:30:19.0299 1828 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:30:19.0314 1828 Apple Mobile Device - ok
18:30:19.0349 1828 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:30:19.0359 1828 arc - ok
18:30:19.0399 1828 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:30:19.0414 1828 arcsas - ok
18:30:19.0509 1828 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:30:19.0569 1828 aspnet_state - ok
18:30:19.0604 1828 [ 21C9835D0E5AD2FF0F16134BCB32CC71 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:30:19.0614 1828 aswMonFlt - ok
18:30:19.0644 1828 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:30:19.0689 1828 AsyncMac - ok
18:30:19.0724 1828 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:30:19.0734 1828 atapi - ok
18:30:19.0824 1828 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:30:19.0834 1828 AtiHDAudioService - ok
18:30:19.0884 1828 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:30:19.0939 1828 AudioEndpointBuilder - ok
18:30:19.0949 1828 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:30:19.0989 1828 AudioSrv - ok
18:30:20.0024 1828 [ 4041D31508A2A084DFB42C595854090F ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:30:20.0039 1828 avast! Antivirus - ok
18:30:20.0084 1828 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:30:20.0209 1828 AxInstSV - ok
18:30:20.0279 1828 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:30:20.0324 1828 b06bdrv - ok
18:30:20.0359 1828 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:30:20.0394 1828 b57nd60a - ok
18:30:20.0469 1828 [ 28A4012E68BC9597BCB9B26B51AAC4B6 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:30:20.0489 1828 BBSvc - ok
18:30:20.0514 1828 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:30:20.0529 1828 BBUpdate - ok
18:30:20.0579 1828 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:30:20.0624 1828 BCM43XX - ok
18:30:20.0654 1828 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:30:20.0704 1828 BDESVC - ok
18:30:20.0734 1828 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:30:20.0784 1828 Beep - ok
18:30:20.0839 1828 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:30:20.0889 1828 BFE - ok
18:30:21.0059 1828 [ 41DA5845E1F8AF445BD626CF085C4541 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys
18:30:21.0094 1828 BHDrvx64 - ok
18:30:21.0129 1828 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:30:21.0319 1828 BITS - ok
18:30:21.0349 1828 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:30:21.0379 1828 blbdrive - ok
18:30:21.0429 1828 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:30:21.0444 1828 Bonjour Service - ok
18:30:21.0469 1828 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:30:21.0509 1828 bowser - ok
18:30:21.0539 1828 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:30:21.0564 1828 BrFiltLo - ok
18:30:21.0579 1828 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:30:21.0594 1828 BrFiltUp - ok
18:30:21.0634 1828 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
18:30:21.0684 1828 Browser - ok
18:30:21.0724 1828 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:30:21.0774 1828 Brserid - ok
18:30:21.0799 1828 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:30:21.0829 1828 BrSerWdm - ok
18:30:21.0859 1828 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:30:21.0889 1828 BrUsbMdm - ok
18:30:21.0919 1828 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:30:21.0944 1828 BrUsbSer - ok
18:30:21.0969 1828 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:30:21.0989 1828 BTHMODEM - ok
18:30:22.0034 1828 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:30:22.0084 1828 bthserv - ok
18:30:22.0164 1828 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys
18:30:22.0179 1828 ccSet_NIS - ok
18:30:22.0214 1828 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:30:22.0264 1828 cdfs - ok
18:30:22.0324 1828 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:30:22.0359 1828 cdrom - ok
18:30:22.0404 1828 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:30:22.0454 1828 CertPropSvc - ok
18:30:22.0494 1828 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:30:22.0519 1828 circlass - ok
18:30:22.0559 1828 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:30:22.0584 1828 CLFS - ok
18:30:22.0664 1828 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:30:22.0679 1828 clr_optimization_v2.0.50727_32 - ok
18:30:22.0709 1828 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:30:22.0744 1828 clr_optimization_v2.0.50727_64 - ok
18:30:22.0809 1828 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:30:22.0919 1828 clr_optimization_v4.0.30319_32 - ok
18:30:22.0944 1828 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:30:22.0999 1828 clr_optimization_v4.0.30319_64 - ok
18:30:23.0039 1828 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
18:30:23.0049 1828 clwvd - ok
18:30:23.0084 1828 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:30:23.0124 1828 CmBatt - ok
18:30:23.0134 1828 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:30:23.0149 1828 cmdide - ok
18:30:23.0194 1828 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
18:30:23.0234 1828 CNG - ok
18:30:23.0274 1828 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:30:23.0289 1828 Compbatt - ok
18:30:23.0314 1828 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:30:23.0339 1828 CompositeBus - ok
18:30:23.0354 1828 COMSysApp - ok
18:30:23.0379 1828 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:30:23.0389 1828 crcdisk - ok
18:30:23.0419 1828 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:30:23.0469 1828 CryptSvc - ok
18:30:23.0559 1828 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:30:23.0584 1828 cvhsvc - ok
18:30:23.0629 1828 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:30:23.0679 1828 DcomLaunch - ok
18:30:23.0724 1828 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:30:23.0769 1828 defragsvc - ok
18:30:23.0804 1828 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:30:23.0849 1828 DfsC - ok
18:30:23.0879 1828 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:30:23.0924 1828 Dhcp - ok
18:30:23.0949 1828 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:30:23.0994 1828 discache - ok
18:30:24.0024 1828 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:30:24.0039 1828 Disk - ok
18:30:24.0059 1828 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:30:24.0099 1828 Dnscache - ok
18:30:24.0124 1828 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:30:24.0169 1828 dot3svc - ok
18:30:24.0194 1828 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:30:24.0234 1828 DPS - ok
18:30:24.0274 1828 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:30:24.0294 1828 drmkaud - ok
18:30:24.0339 1828 [ A4F408AD1065C7AD2ED332C68025B435 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:30:24.0369 1828 DXGKrnl - ok
18:30:24.0404 1828 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:30:24.0449 1828 EapHost - ok
18:30:24.0524 1828 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:30:24.0584 1828 ebdrv - ok
18:30:24.0654 1828 [ 5E3A50930447F464C66032E05A4632F5 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:30:24.0674 1828 eeCtrl - ok
18:30:24.0704 1828 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:30:24.0749 1828 EFS - ok
18:30:24.0799 1828 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:30:24.0859 1828 ehRecvr - ok
18:30:24.0894 1828 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:30:24.0909 1828 ehSched - ok
18:30:24.0944 1828 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:30:24.0964 1828 elxstor - ok
18:30:24.0984 1828 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:30:25.0009 1828 ErrDev - ok
18:30:25.0039 1828 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:30:25.0089 1828 EventSystem - ok
18:30:25.0129 1828 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:30:25.0164 1828 exfat - ok
18:30:25.0184 1828 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:30:25.0249 1828 fastfat - ok
18:30:25.0294 1828 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:30:25.0349 1828 Fax - ok
18:30:25.0364 1828 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:30:25.0394 1828 fdc - ok
18:30:25.0424 1828 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:30:25.0474 1828 fdPHost - ok
18:30:25.0489 1828 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:30:25.0524 1828 FDResPub - ok
18:30:25.0564 1828 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:30:25.0574 1828 FileInfo - ok
18:30:25.0589 1828 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:30:25.0639 1828 Filetrace - ok
18:30:25.0674 1828 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:30:25.0684 1828 flpydisk - ok
18:30:25.0709 1828 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:30:25.0724 1828 FltMgr - ok
18:30:25.0759 1828 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:30:25.0809 1828 FontCache - ok
18:30:25.0854 1828 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:30:25.0864 1828 FontCache3.0.0.0 - ok
18:30:25.0879 1828 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:30:25.0894 1828 FsDepends - ok
18:30:25.0924 1828 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:30:25.0939 1828 Fs_Rec - ok
18:30:25.0969 1828 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:30:25.0989 1828 fvevol - ok
18:30:26.0014 1828 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:30:26.0029 1828 gagp30kx - ok
18:30:26.0079 1828 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:30:26.0094 1828 GamesAppService - ok
18:30:26.0129 1828 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:30:26.0134 1828 GEARAspiWDM - ok
18:30:26.0184 1828 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:30:26.0229 1828 gpsvc - ok
18:30:26.0269 1828 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:30:26.0279 1828 gupdate - ok
18:30:26.0284 1828 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:30:26.0294 1828 gupdatem - ok
18:30:26.0324 1828 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:30:26.0369 1828 hcw85cir - ok
18:30:26.0394 1828 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:30:26.0424 1828 HdAudAddService - ok
18:30:26.0444 1828 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:30:26.0474 1828 HDAudBus - ok
18:30:26.0514 1828 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:30:26.0539 1828 HidBatt - ok
18:30:26.0559 1828 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:30:26.0589 1828 HidBth - ok
18:30:26.0614 1828 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:30:26.0629 1828 HidIr - ok
18:30:26.0644 1828 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:30:26.0694 1828 hidserv - ok
18:30:26.0734 1828 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:30:26.0749 1828 HidUsb - ok
18:30:26.0794 1828 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:30:26.0844 1828 hkmsvc - ok
18:30:26.0874 1828 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:30:26.0909 1828 HomeGroupListener - ok
18:30:26.0934 1828 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:30:26.0959 1828 HomeGroupProvider - ok
18:30:27.0059 1828 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:30:27.0074 1828 HP Support Assistant Service - ok
18:30:27.0109 1828 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
18:30:27.0129 1828 HPClientSvc - ok
18:30:27.0184 1828 [ 02CE63D8DD5E6DD5CEFF336191C0859E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
18:30:27.0199 1828 HPDrvMntSvc.exe - ok
18:30:27.0234 1828 [ E7C7829BA0395E48F8C8FE16B8832344 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:30:27.0264 1828 hpqwmiex - ok
18:30:27.0289 1828 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:30:27.0304 1828 HpSAMD - ok
18:30:27.0354 1828 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
18:30:27.0364 1828 HPWMISVC - ok
18:30:27.0419 1828 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:30:27.0479 1828 HTTP - ok
18:30:27.0494 1828 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:30:27.0504 1828 hwpolicy - ok
18:30:27.0544 1828 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:30:27.0559 1828 i8042prt - ok
18:30:27.0599 1828 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:30:27.0619 1828 iaStorV - ok
18:30:27.0669 1828 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:30:27.0694 1828 idsvc - ok
18:30:27.0764 1828 [ 0B97F1A640AD3D159A7B5D2164C42E50 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys
18:30:27.0779 1828 IDSVia64 - ok
18:30:27.0814 1828 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:30:27.0829 1828 iirsp - ok
18:30:27.0859 1828 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:30:27.0919 1828 IKEEXT - ok
18:30:27.0959 1828 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:30:27.0969 1828 intelide - ok
18:30:27.0999 1828 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:30:28.0014 1828 intelppm - ok
18:30:28.0059 1828 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:30:28.0109 1828 IPBusEnum - ok
18:30:28.0124 1828 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:30:28.0159 1828 IpFilterDriver - ok
18:30:28.0189 1828 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:30:28.0249 1828 iphlpsvc - ok
18:30:28.0274 1828 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:30:28.0294 1828 IPMIDRV - ok
18:30:28.0309 1828 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:30:28.0359 1828 IPNAT - ok
18:30:28.0424 1828 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:30:28.0454 1828 iPod Service - ok
18:30:28.0484 1828 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:30:28.0504 1828 IRENUM - ok
18:30:28.0534 1828 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:30:28.0544 1828 isapnp - ok
18:30:28.0584 1828 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:30:28.0599 1828 iScsiPrt - ok
18:30:28.0629 1828 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:30:28.0639 1828 kbdclass - ok
18:30:28.0669 1828 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:30:28.0694 1828 kbdhid - ok
18:30:28.0729 1828 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:30:28.0739 1828 KeyIso - ok
18:30:28.0769 1828 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:30:28.0784 1828 KSecDD - ok
18:30:28.0794 1828 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:30:28.0804 1828 KSecPkg - ok
18:30:28.0839 1828 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:30:28.0894 1828 ksthunk - ok
18:30:28.0934 1828 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:30:28.0984 1828 KtmRm - ok
18:30:29.0024 1828 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:30:29.0079 1828 LanmanServer - ok
18:30:29.0104 1828 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:30:29.0149 1828 LanmanWorkstation - ok
18:30:29.0184 1828 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:30:29.0234 1828 lltdio - ok
18:30:29.0269 1828 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:30:29.0314 1828 lltdsvc - ok
18:30:29.0329 1828 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:30:29.0364 1828 lmhosts - ok
18:30:29.0404 1828 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:30:29.0419 1828 LSI_FC - ok
18:30:29.0434 1828 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:30:29.0449 1828 LSI_SAS - ok
18:30:29.0474 1828 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:30:29.0489 1828 LSI_SAS2 - ok
18:30:29.0504 1828 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:30:29.0514 1828 LSI_SCSI - ok
18:30:29.0529 1828 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:30:29.0574 1828 luafv - ok
18:30:29.0639 1828 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
18:30:29.0654 1828 McComponentHostService - ok
18:30:29.0674 1828 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:30:29.0704 1828 Mcx2Svc - ok
18:30:29.0734 1828 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:30:29.0744 1828 megasas - ok
18:30:29.0779 1828 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:30:29.0794 1828 MegaSR - ok
18:30:29.0819 1828 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:30:29.0854 1828 MMCSS - ok
18:30:29.0874 1828 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:30:29.0909 1828 Modem - ok
18:30:29.0939 1828 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:30:29.0964 1828 monitor - ok
18:30:29.0994 1828 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:30:30.0004 1828 mouclass - ok
18:30:30.0029 1828 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:30:30.0054 1828 mouhid - ok
18:30:30.0079 1828 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:30:30.0089 1828 mountmgr - ok
18:30:30.0144 1828 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:30:30.0154 1828 MozillaMaintenance - ok
18:30:30.0209 1828 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:30:30.0224 1828 MpFilter - ok
18:30:30.0254 1828 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:30:30.0269 1828 mpio - ok
18:30:30.0294 1828 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:30:30.0329 1828 mpsdrv - ok
18:30:30.0369 1828 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:30:30.0434 1828 MpsSvc - ok
18:30:30.0459 1828 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:30:30.0484 1828 MRxDAV - ok
18:30:30.0509 1828 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:30:30.0544 1828 mrxsmb - ok
18:30:30.0569 1828 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:30:30.0584 1828 mrxsmb10 - ok
18:30:30.0604 1828 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:30:30.0614 1828 mrxsmb20 - ok
18:30:30.0644 1828 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:30:30.0654 1828 msahci - ok
18:30:30.0684 1828 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:30:30.0699 1828 msdsm - ok
18:30:30.0719 1828 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:30:30.0744 1828 MSDTC - ok
18:30:30.0779 1828 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:30:30.0814 1828 Msfs - ok
18:30:30.0819 1828 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:30:30.0859 1828 mshidkmdf - ok
18:30:30.0884 1828 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:30:30.0894 1828 msisadrv - ok
18:30:30.0929 1828 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:30:30.0974 1828 MSiSCSI - ok
18:30:30.0979 1828 msiserver - ok
18:30:30.0994 1828 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:30:31.0034 1828 MSKSSRV - ok
18:30:31.0089 1828 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:30:31.0099 1828 MsMpSvc - ok
18:30:31.0139 1828 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:30:31.0179 1828 MSPCLOCK - ok
18:30:31.0199 1828 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:30:31.0249 1828 MSPQM - ok
18:30:31.0274 1828 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:30:31.0294 1828 MsRPC - ok
18:30:31.0309 1828 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:30:31.0319 1828 mssmbios - ok
18:30:31.0359 1828 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:30:31.0409 1828 MSTEE - ok
18:30:31.0419 1828 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:30:31.0434 1828 MTConfig - ok
18:30:31.0454 1828 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:30:31.0464 1828 Mup - ok
18:30:31.0509 1828 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:30:31.0544 1828 napagent - ok
18:30:31.0594 1828 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:30:31.0624 1828 NativeWifiP - ok
18:30:31.0689 1828 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS
18:30:31.0704 1828 NAVENG - ok
18:30:31.0754 1828 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS
18:30:31.0799 1828 NAVEX15 - ok
18:30:31.0844 1828 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:30:31.0874 1828 NDIS - ok
18:30:31.0904 1828 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:30:31.0949 1828 NdisCap - ok
18:30:31.0969 1828 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:30:32.0004 1828 NdisTapi - ok
18:30:32.0014 1828 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:30:32.0069 1828 Ndisuio - ok
18:30:32.0094 1828 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:30:32.0144 1828 NdisWan - ok
18:30:32.0164 1828 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:30:32.0194 1828 NDProxy - ok
18:30:32.0239 1828 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:30:32.0284 1828 NetBIOS - ok
18:30:32.0289 1828 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:30:32.0324 1828 NetBT - ok
18:30:32.0349 1828 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:30:32.0364 1828 Netlogon - ok
18:30:32.0399 1828 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:30:32.0464 1828 Netman - ok
18:30:32.0494 1828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:32.0539 1828 NetMsmqActivator - ok
18:30:32.0544 1828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:32.0554 1828 NetPipeActivator - ok
18:30:32.0589 1828 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:30:32.0639 1828 netprofm - ok
18:30:32.0659 1828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:32.0669 1828 NetTcpActivator - ok
18:30:32.0679 1828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:32.0689 1828 NetTcpPortSharing - ok
18:30:32.0739 1828 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:30:32.0754 1828 nfrd960 - ok
18:30:32.0814 1828 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
18:30:32.0824 1828 NIS - ok
18:30:32.0879 1828 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:30:32.0889 1828 NisDrv - ok
18:30:32.0919 1828 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:30:32.0934 1828 NisSrv - ok
18:30:32.0974 1828 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:30:33.0029 1828 NlaSvc - ok
18:30:33.0059 1828 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:30:33.0094 1828 Npfs - ok
18:30:33.0109 1828 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:30:33.0164 1828 nsi - ok
18:30:33.0179 1828 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:30:33.0229 1828 nsiproxy - ok
18:30:33.0284 1828 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:30:33.0324 1828 Ntfs - ok
18:30:33.0354 1828 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:30:33.0389 1828 Null - ok
18:30:33.0419 1828 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
18:30:33.0454 1828 NVENETFD - ok
18:30:33.0469 1828 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:30:33.0494 1828 nvraid - ok
18:30:33.0519 1828 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:30:33.0529 1828 nvstor - ok
18:30:33.0559 1828 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:30:33.0569 1828 nv_agp - ok
18:30:33.0584 1828 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:30:33.0599 1828 ohci1394 - ok
18:30:33.0639 1828 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:30:33.0649 1828 ose - ok
18:30:33.0799 1828 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:30:33.0969 1828 osppsvc - ok
18:30:34.0004 1828 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:30:34.0044 1828 p2pimsvc - ok
18:30:34.0059 1828 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:30:34.0079 1828 p2psvc - ok
18:30:34.0099 1828 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:30:34.0114 1828 Parport - ok
18:30:34.0134 1828 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:30:34.0144 1828 partmgr - ok
18:30:34.0179 1828 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:30:34.0209 1828 PcaSvc - ok
18:30:34.0234 1828 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:30:34.0249 1828 pci - ok
18:30:34.0279 1828 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:30:34.0289 1828 pciide - ok
18:30:34.0319 1828 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:30:34.0334 1828 pcmcia - ok
18:30:34.0349 1828 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:30:34.0359 1828 pcw - ok
18:30:34.0384 1828 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:30:34.0444 1828 PEAUTH - ok
18:30:34.0529 1828 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:30:34.0654 1828 PerfHost - ok
18:30:34.0719 1828 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:30:34.0774 1828 pla - ok
18:30:34.0824 1828 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:30:34.0864 1828 PlugPlay - ok
18:30:34.0899 1828 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:30:34.0924 1828 PNRPAutoReg - ok
18:30:34.0949 1828 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:30:34.0964 1828 PNRPsvc - ok
18:30:34.0989 1828 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:30:35.0044 1828 PolicyAgent - ok
18:30:35.0079 1828 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:30:35.0124 1828 Power - ok
18:30:35.0159 1828 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:30:35.0209 1828 PptpMiniport - ok
18:30:35.0224 1828 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:30:35.0254 1828 Processor - ok
18:30:35.0284 1828 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
18:30:35.0329 1828 ProfSvc - ok
18:30:35.0349 1828 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:30:35.0364 1828 ProtectedStorage - ok
18:30:35.0379 1828 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:30:35.0414 1828 Psched - ok
18:30:35.0459 1828 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:30:35.0504 1828 ql2300 - ok
18:30:35.0519 1828 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:30:35.0534 1828 ql40xx - ok
18:30:35.0569 1828 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:30:35.0589 1828 QWAVE - ok
18:30:35.0609 1828 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:30:35.0639 1828 QWAVEdrv - ok
18:30:35.0654 1828 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:30:35.0699 1828 RasAcd - ok
18:30:35.0739 1828 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:30:35.0769 1828 RasAgileVpn - ok
18:30:35.0804 1828 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:30:35.0849 1828 RasAuto - ok
18:30:35.0869 1828 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:30:35.0914 1828 Rasl2tp - ok
18:30:35.0944 1828 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:30:35.0984 1828 RasMan - ok
18:30:35.0999 1828 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:30:36.0044 1828 RasPppoe - ok
18:30:36.0074 1828 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:30:36.0124 1828 RasSstp - ok
18:30:36.0139 1828 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:30:36.0189 1828 rdbss - ok
18:30:36.0209 1828 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:30:36.0239 1828 rdpbus - ok
18:30:36.0269 1828 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:30:36.0299 1828 RDPCDD - ok
18:30:36.0314 1828 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:30:36.0359 1828 RDPENCDD - ok
18:30:36.0399 1828 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:30:36.0434 1828 RDPREFMP - ok
18:30:36.0469 1828 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:30:36.0509 1828 RDPWD - ok
18:30:36.0534 1828 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:30:36.0544 1828 rdyboost - ok
18:30:36.0574 1828 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:30:36.0629 1828 RemoteAccess - ok
18:30:36.0654 1828 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:30:36.0704 1828 RemoteRegistry - ok
18:30:36.0724 1828 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:30:36.0774 1828 RpcEptMapper - ok
18:30:36.0799 1828 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:30:36.0814 1828 RpcLocator - ok
18:30:36.0834 1828 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:30:36.0869 1828 RpcSs - ok
18:30:36.0914 1828 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
18:30:36.0929 1828 RSPCIESTOR - ok
18:30:36.0969 1828 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:30:37.0004 1828 rspndr - ok
18:30:37.0039 1828 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:30:37.0049 1828 RTL8167 - ok
18:30:37.0094 1828 [ 508D997A5E9F400FADE6C85251BF13DF ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
18:30:37.0114 1828 RTL8192Ce - ok
18:30:37.0129 1828 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:30:37.0139 1828 SamSs - ok
18:30:37.0164 1828 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:30:37.0179 1828 sbp2port - ok
18:30:37.0214 1828 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:30:37.0254 1828 SCardSvr - ok
18:30:37.0269 1828 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:30:37.0319 1828 scfilter - ok
18:30:37.0354 1828 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:30:37.0424 1828 Schedule - ok
18:30:37.0459 1828 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:30:37.0489 1828 SCPolicySvc - ok
18:30:37.0539 1828 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:30:37.0564 1828 sdbus - ok
18:30:37.0589 1828 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:30:37.0629 1828 SDRSVC - ok
18:30:37.0654 1828 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:30:37.0699 1828 secdrv - ok
18:30:37.0724 1828 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:30:37.0764 1828 seclogon - ok
18:30:37.0799 1828 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:30:37.0844 1828 SENS - ok
18:30:37.0864 1828 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:30:37.0899 1828 SensrSvc - ok
18:30:37.0934 1828 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:30:37.0954 1828 Serenum - ok
18:30:37.0989 1828 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:30:38.0009 1828 Serial - ok
18:30:38.0054 1828 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:30:38.0074 1828 sermouse - ok
18:30:38.0119 1828 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:30:38.0159 1828 SessionEnv - ok
18:30:38.0184 1828 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:30:38.0199 1828 sffdisk - ok
18:30:38.0224 1828 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:30:38.0244 1828 sffp_mmc - ok
18:30:38.0259 1828 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:30:38.0289 1828 sffp_sd - ok
18:30:38.0314 1828 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:30:38.0339 1828 sfloppy - ok
18:30:38.0399 1828 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:30:38.0419 1828 Sftfs - ok
18:30:38.0469 1828 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:30:38.0484 1828 sftlist - ok
18:30:38.0534 1828 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:30:38.0544 1828 Sftplay - ok
18:30:38.0564 1828 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:30:38.0574 1828 Sftredir - ok
18:30:38.0584 1828 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:30:38.0594 1828 Sftvol - ok
18:30:38.0604 1828 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:30:38.0614 1828 sftvsa - ok
18:30:38.0649 1828 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:30:38.0689 1828 SharedAccess - ok
18:30:38.0719 1828 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:30:38.0774 1828 ShellHWDetection - ok
18:30:38.0829 1828 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:30:38.0839 1828 SiSRaid2 - ok
18:30:38.0859 1828 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:30:38.0869 1828 SiSRaid4 - ok
18:30:38.0929 1828 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:30:38.0939 1828 SkypeUpdate - ok
18:30:38.0974 1828 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:30:39.0019 1828 Smb - ok
18:30:39.0059 1828 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:30:39.0084 1828 SNMPTRAP - ok
18:30:39.0114 1828 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:30:39.0124 1828 spldr - ok
18:30:39.0149 1828 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
18:30:39.0189 1828 Spooler - ok
18:30:39.0259 1828 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:30:39.0364 1828 sppsvc - ok
18:30:39.0379 1828 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:30:39.0419 1828 sppuinotify - ok
18:30:39.0494 1828 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1308000.00E\SRTSP64.SYS
18:30:39.0519 1828 SRTSP - ok
18:30:39.0539 1828 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1308000.00E\SRTSPX64.SYS
18:30:39.0549 1828 SRTSPX - ok
18:30:39.0574 1828 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:30:39.0624 1828 srv - ok
18:30:39.0639 1828 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:30:39.0669 1828 srv2 - ok
18:30:39.0714 1828 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:30:39.0734 1828 SrvHsfHDA - ok
18:30:39.0764 1828 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:30:39.0809 1828 SrvHsfV92 - ok
18:30:39.0839 1828 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:30:39.0859 1828 SrvHsfWinac - ok
18:30:39.0889 1828 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:30:39.0899 1828 srvnet - ok
18:30:39.0929 1828 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:30:39.0974 1828 SSDPSRV - ok
18:30:39.0984 1828 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:30:40.0019 1828 SstpSvc - ok
18:30:40.0104 1828 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:30:40.0184 1828 STacSV - ok
18:30:40.0214 1828 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:30:40.0224 1828 stexstor - ok
18:30:40.0284 1828 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
18:30:40.0319 1828 STHDA - ok
18:30:40.0369 1828 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:30:40.0394 1828 stisvc - ok
18:30:40.0419 1828 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:30:40.0429 1828 swenum - ok
18:30:40.0514 1828 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:30:40.0564 1828 swprv - ok
18:30:40.0594 1828 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS
18:30:40.0609 1828 SymDS - ok
18:30:40.0674 1828 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS
18:30:40.0704 1828 SymEFA - ok
18:30:40.0734 1828 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:30:40.0744 1828 SymEvent - ok
18:30:40.0764 1828 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS
18:30:40.0784 1828 SymIRON - ok
18:30:40.0799 1828 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS
18:30:40.0819 1828 SymNetS - ok
18:30:40.0879 1828 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:30:40.0909 1828 SynTP - ok
18:30:40.0964 1828 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:30:41.0019 1828 SysMain - ok
18:30:41.0024 1828 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:30:41.0044 1828 TabletInputService - ok
18:30:41.0064 1828 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:30:41.0119 1828 TapiSrv - ok
18:30:41.0149 1828 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:30:41.0184 1828 TBS - ok
18:30:41.0239 1828 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:30:41.0289 1828 Tcpip - ok
18:30:41.0319 1828 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:30:41.0359 1828 TCPIP6 - ok
18:30:41.0389 1828 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:30:41.0429 1828 tcpipreg - ok
18:30:41.0449 1828 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:30:41.0459 1828 TDPIPE - ok
18:30:41.0489 1828 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:30:41.0509 1828 TDTCP - ok
18:30:41.0529 1828 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:30:41.0564 1828 tdx - ok
18:30:41.0584 1828 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:30:41.0594 1828 TermDD - ok
18:30:41.0639 1828 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:30:41.0694 1828 TermService - ok
18:30:41.0709 1828 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:30:41.0729 1828 Themes - ok
18:30:41.0754 1828 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:30:41.0789 1828 THREADORDER - ok
18:30:41.0799 1828 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:30:41.0849 1828 TrkWks - ok
18:30:41.0904 1828 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:30:41.0954 1828 TrustedInstaller - ok
18:30:41.0989 1828 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:30:42.0029 1828 tssecsrv - ok
18:30:42.0069 1828 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:30:42.0099 1828 TsUsbFlt - ok
18:30:42.0114 1828 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:30:42.0139 1828 TsUsbGD - ok
18:30:42.0159 1828 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:30:42.0209 1828 tunnel - ok
18:30:42.0234 1828 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:30:42.0244 1828 uagp35 - ok
18:30:42.0274 1828 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:30:42.0319 1828 udfs - ok
18:30:42.0354 1828 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:30:42.0364 1828 UI0Detect - ok
18:30:42.0399 1828 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:30:42.0414 1828 uliagpkx - ok
18:30:42.0439 1828 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:30:42.0459 1828 umbus - ok
18:30:42.0494 1828 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:30:42.0519 1828 UmPass - ok
18:30:42.0554 1828 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:30:42.0609 1828 upnphost - ok
18:30:42.0634 1828 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:30:42.0654 1828 usbccgp - ok
18:30:42.0684 1828 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:30:42.0699 1828 usbcir - ok
18:30:42.0724 1828 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:30:42.0744 1828 usbehci - ok
18:30:42.0774 1828 [ B7037444DC5138FC7D3D3968B4DE5C4B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
18:30:42.0779 1828 usbfilter - ok
18:30:42.0804 1828 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
18:30:42.0839 1828 usbhub - ok
18:30:42.0869 1828 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:30:42.0894 1828 usbohci - ok
18:30:42.0934 1828 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:30:42.0959 1828 usbprint - ok
18:30:42.0979 1828 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:30:43.0019 1828 USBSTOR - ok
18:30:43.0049 1828 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:30:43.0069 1828 usbuhci - ok
18:30:43.0099 1828 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:30:43.0114 1828 usbvideo - ok
18:30:43.0134 1828 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:30:43.0179 1828 UxSms - ok
18:30:43.0194 1828 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:30:43.0209 1828 VaultSvc - ok
18:30:43.0219 1828 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:30:43.0229 1828 vdrvroot - ok
18:30:43.0244 1828 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:30:43.0304 1828 vds - ok
18:30:43.0344 1828 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:30:43.0359 1828 vga - ok
18:30:43.0374 1828 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:30:43.0419 1828 VgaSave - ok
18:30:43.0454 1828 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:30:43.0469 1828 vhdmp - ok
18:30:43.0479 1828 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:30:43.0494 1828 viaide - ok
18:30:43.0514 1828 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:30:43.0529 1828 volmgr - ok
18:30:43.0549 1828 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:30:43.0564 1828 volmgrx - ok
18:30:43.0579 1828 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:30:43.0599 1828 volsnap - ok
18:30:43.0629 1828 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:30:43.0644 1828 vsmraid - ok
18:30:43.0689 1828 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:30:43.0759 1828 VSS - ok
18:30:43.0789 1828 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:30:43.0814 1828 vwifibus - ok
18:30:43.0839 1828 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:30:43.0874 1828 vwififlt - ok
18:30:43.0899 1828 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:30:43.0914 1828 vwifimp - ok
18:30:43.0944 1828 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:30:43.0984 1828 W32Time - ok
18:30:44.0019 1828 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:30:44.0049 1828 WacomPen - ok
18:30:44.0084 1828 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:30:44.0129 1828 WANARP - ok
18:30:44.0134 1828 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:30:44.0169 1828 Wanarpv6 - ok
18:30:44.0219 1828 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:30:44.0254 1828 WatAdminSvc - ok
18:30:44.0304 1828 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:30:44.0359 1828 wbengine - ok
18:30:44.0369 1828 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:30:44.0394 1828 WbioSrvc - ok
18:30:44.0419 1828 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:30:44.0459 1828 wcncsvc - ok
18:30:44.0489 1828 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:30:44.0514 1828 WcsPlugInService - ok
18:30:44.0544 1828 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:30:44.0554 1828 Wd - ok
18:30:44.0584 1828 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:30:44.0604 1828 Wdf01000 - ok
18:30:44.0619 1828 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:30:44.0704 1828 WdiServiceHost - ok
18:30:44.0704 1828 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:30:44.0724 1828 WdiSystemHost - ok
18:30:44.0759 1828 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:30:44.0789 1828 WebClient - ok
18:30:44.0809 1828 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:30:44.0859 1828 Wecsvc - ok
18:30:44.0894 1828 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:30:44.0929 1828 wercplsupport - ok
18:30:44.0949 1828 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:30:44.0994 1828 WerSvc - ok
18:30:45.0019 1828 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:30:45.0054 1828 WfpLwf - ok
18:30:45.0069 1828 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:30:45.0079 1828 WIMMount - ok
18:30:45.0094 1828 WinDefend - ok
18:30:45.0099 1828 WinHttpAutoProxySvc - ok
18:30:45.0154 1828 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:30:45.0189 1828 Winmgmt - ok
18:30:45.0249 1828 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:30:45.0314 1828 WinRM - ok
18:30:45.0384 1828 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:30:45.0399 1828 WinUsb - ok
18:30:45.0429 1828 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:30:45.0469 1828 Wlansvc - ok
18:30:45.0514 1828 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:30:45.0524 1828 wlcrasvc - ok
18:30:45.0654 1828 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:30:45.0709 1828 wlidsvc - ok
18:30:45.0749 1828 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:30:45.0774 1828 WmiAcpi - ok
18:30:45.0809 1828 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:30:45.0839 1828 wmiApSrv - ok
18:30:45.0869 1828 WMPNetworkSvc - ok
18:30:45.0899 1828 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:30:45.0924 1828 WPCSvc - ok
18:30:45.0944 1828 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:30:45.0979 1828 WPDBusEnum - ok
18:30:46.0009 1828 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:30:46.0044 1828 ws2ifsl - ok
18:30:46.0074 1828 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:30:46.0104 1828 wscsvc - ok
18:30:46.0109 1828 WSearch - ok
18:30:46.0174 1828 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
18:30:46.0254 1828 wuauserv - ok
18:30:46.0274 1828 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:30:46.0319 1828 WudfPf - ok
18:30:46.0369 1828 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:30:46.0409 1828 WUDFRd - ok
18:30:46.0444 1828 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:30:46.0479 1828 wudfsvc - ok
18:30:46.0519 1828 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
18:30:46.0564 1828 WwanSvc - ok
18:30:46.0589 1828 ================ Scan global ===============================
18:30:46.0614 1828 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:30:46.0634 1828 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:30:46.0644 1828 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:30:46.0659 1828 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:30:46.0684 1828 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:30:46.0689 1828 [Global] - ok
18:30:46.0689 1828 ================ Scan MBR ==================================
18:30:46.0694 1828 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:30:47.0004 1828 \Device\Harddisk0\DR0 - ok
18:30:47.0004 1828 ================ Scan VBR ==================================
18:30:47.0014 1828 [ F9C258A6BA93BB02EBD888013088862F ] \Device\Harddisk0\DR0\Partition1
18:30:47.0019 1828 \Device\Harddisk0\DR0\Partition1 - ok
18:30:47.0034 1828 [ 8270DC7142A2DCBFD905D42BE831979C ] \Device\Harddisk0\DR0\Partition2
18:30:47.0034 1828 \Device\Harddisk0\DR0\Partition2 - ok
18:30:47.0064 1828 [ 5DDAC8626787D597FD4B6B109BB09C8E ] \Device\Harddisk0\DR0\Partition3
18:30:47.0069 1828 \Device\Harddisk0\DR0\Partition3 - ok
18:30:47.0079 1828 [ 15457F28E0ED7335BB4E2B9A2984483A ] \Device\Harddisk0\DR0\Partition4
18:30:47.0084 1828 \Device\Harddisk0\DR0\Partition4 - ok
18:30:47.0084 1828 ============================================================
18:30:47.0084 1828 Scan finished
18:30:47.0084 1828 ============================================================
18:30:47.0094 2000 Detected object count: 0
18:30:47.0094 2000 Actual detected object count: 0
18:49:54.0166 1260 ============================================================
18:49:54.0166 1260 Scan started
18:49:54.0166 1260 Mode: Manual; SigCheck; TDLFS;
18:49:54.0166 1260 ============================================================
18:49:54.0361 1260 ================ Scan system memory ========================
18:49:54.0361 1260 System memory - ok
18:49:54.0361 1260 ================ Scan services =============================
18:49:54.0546 1260 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:49:54.0566 1260 1394ohci - ok
18:49:54.0601 1260 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:49:54.0621 1260 ACPI - ok
18:49:54.0641 1260 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:49:54.0656 1260 AcpiPmi - ok
18:49:54.0736 1260 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:49:54.0746 1260 AdobeARMservice - ok
18:49:54.0871 1260 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:49:54.0886 1260 AdobeFlashPlayerUpdateSvc - ok
18:49:54.0911 1260 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:49:54.0931 1260 adp94xx - ok
18:49:54.0971 1260 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:49:54.0986 1260 adpahci - ok
18:49:55.0006 1260 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:49:55.0016 1260 adpu320 - ok
18:49:55.0051 1260 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:49:55.0086 1260 AeLookupSvc - ok
18:49:55.0121 1260 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:49:55.0136 1260 AFD - ok
18:49:55.0166 1260 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:49:55.0176 1260 agp440 - ok
18:49:55.0206 1260 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:49:55.0221 1260 ALG - ok
18:49:55.0246 1260 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:49:55.0256 1260 aliide - ok
18:49:55.0296 1260 [ 850F0C8034225FA3F50D551A905FA503 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:49:55.0311 1260 AMD External Events Utility - ok
18:49:55.0356 1260 AMD FUEL Service - ok
18:49:55.0381 1260 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:49:55.0391 1260 amdide - ok
18:49:55.0411 1260 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
18:49:55.0421 1260 amdiox64 - ok
18:49:55.0456 1260 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:49:55.0466 1260 AmdK8 - ok
18:49:55.0661 1260 [ 7979BF4A66EFDADF3D00A052409609B1 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:49:55.0786 1260 amdkmdag - ok
18:49:55.0801 1260 [ 7D5CDB0161E91951D3DD99E55CEA4D01 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:49:55.0816 1260 amdkmdap - ok
18:49:55.0841 1260 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:49:55.0856 1260 AmdPPM - ok
18:49:55.0886 1260 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:49:55.0896 1260 amdsata - ok
18:49:55.0926 1260 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:49:55.0941 1260 amdsbs - ok
18:49:55.0976 1260 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:49:55.0986 1260 amdxata - ok
18:49:56.0006 1260 [ BB4FE7889DB9CBBE61A308E99697F53C ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
18:49:56.0016 1260 amd_sata - ok
18:49:56.0021 1260 [ 5631CBA53F1CBEA3F9E88348E6723391 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
18:49:56.0031 1260 amd_xata - ok
18:49:56.0046 1260 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:49:56.0076 1260 AppID - ok
18:49:56.0106 1260 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:49:56.0136 1260 AppIDSvc - ok
18:49:56.0156 1260 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:49:56.0186 1260 Appinfo - ok
18:49:56.0236 1260 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:49:56.0246 1260 Apple Mobile Device - ok
18:49:56.0271 1260 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:49:56.0286 1260 arc - ok
18:49:56.0311 1260 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:49:56.0326 1260 arcsas - ok
18:49:56.0431 1260 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:49:56.0441 1260 aspnet_state - ok
18:49:56.0486 1260 [ 21C9835D0E5AD2FF0F16134BCB32CC71 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:49:56.0496 1260 aswMonFlt - ok
18:49:56.0546 1260 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:49:56.0581 1260 AsyncMac - ok
18:49:56.0591 1260 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:49:56.0601 1260 atapi - ok
18:49:56.0641 1260 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:49:56.0651 1260 AtiHDAudioService - ok
18:49:56.0686 1260 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:49:56.0726 1260 AudioEndpointBuilder - ok
18:49:56.0736 1260 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:49:56.0776 1260 AudioSrv - ok
18:49:56.0816 1260 [ 4041D31508A2A084DFB42C595854090F ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:49:56.0826 1260 avast! Antivirus - ok
18:49:56.0856 1260 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:49:56.0871 1260 AxInstSV - ok
18:49:56.0906 1260 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:49:56.0921 1260 b06bdrv - ok
18:49:56.0941 1260 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:49:56.0956 1260 b57nd60a - ok
18:49:57.0006 1260 [ 28A4012E68BC9597BCB9B26B51AAC4B6 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:49:57.0021 1260 BBSvc - ok
18:49:57.0051 1260 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:49:57.0061 1260 BBUpdate - ok
18:49:57.0116 1260 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:49:57.0141 1260 BCM43XX - ok
18:49:57.0171 1260 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:49:57.0181 1260 BDESVC - ok
18:49:57.0191 1260 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:49:57.0221 1260 Beep - ok
18:49:57.0251 1260 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:49:57.0291 1260 BFE - ok
18:49:57.0441 1260 [ 41DA5845E1F8AF445BD626CF085C4541 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys
18:49:57.0466 1260 BHDrvx64 - ok
18:49:57.0496 1260 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:49:57.0541 1260 BITS - ok
18:49:57.0576 1260 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:49:57.0586 1260 blbdrive - ok
18:49:57.0631 1260 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:49:57.0646 1260 Bonjour Service - ok
18:49:57.0676 1260 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:49:57.0686 1260 bowser - ok
18:49:57.0711 1260 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:49:57.0726 1260 BrFiltLo - ok
18:49:57.0736 1260 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:49:57.0751 1260 BrFiltUp - ok
18:49:57.0781 1260 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
18:49:57.0816 1260 Browser - ok
18:49:57.0841 1260 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:49:57.0851 1260 Brserid - ok
18:49:57.0866 1260 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:49:57.0881 1260 BrSerWdm - ok
18:49:57.0896 1260 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:49:57.0911 1260 BrUsbMdm - ok
18:49:57.0931 1260 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:49:57.0941 1260 BrUsbSer - ok
18:49:57.0971 1260 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:49:57.0981 1260 BTHMODEM - ok
18:49:57.0991 1260 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:49:58.0026 1260 bthserv - ok
18:49:58.0101 1260 [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys
18:49:58.0111 1260 ccSet_NIS - ok
18:49:58.0126 1260 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:49:58.0161 1260 cdfs - ok
18:49:58.0181 1260 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:49:58.0196 1260 cdrom - ok
18:49:58.0226 1260 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:49:58.0261 1260 CertPropSvc - ok
18:49:58.0276 1260 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:49:58.0286 1260 circlass - ok
18:49:58.0316 1260 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:49:58.0331 1260 CLFS - ok
18:49:58.0401 1260 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:49:58.0411 1260 clr_optimization_v2.0.50727_32 - ok
18:49:58.0446 1260 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:49:58.0456 1260 clr_optimization_v2.0.50727_64 - ok
18:49:58.0501 1260 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:49:58.0511 1260 clr_optimization_v4.0.30319_32 - ok
18:49:58.0526 1260 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:49:58.0536 1260 clr_optimization_v4.0.30319_64 - ok
18:49:58.0566 1260 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
18:49:58.0571 1260 clwvd - ok
18:49:58.0596 1260 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:49:58.0606 1260 CmBatt - ok
18:49:58.0626 1260 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:49:58.0636 1260 cmdide - ok
18:49:58.0686 1260 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
18:49:58.0706 1260 CNG - ok
18:49:58.0746 1260 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:49:58.0756 1260 Compbatt - ok
18:49:58.0781 1260 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:49:58.0796 1260 CompositeBus - ok
18:49:58.0801 1260 COMSysApp - ok
18:49:58.0816 1260 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:49:58.0826 1260 crcdisk - ok
18:49:58.0856 1260 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:49:58.0891 1260 CryptSvc - ok
18:49:58.0946 1260 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:49:58.0971 1260 cvhsvc - ok
18:49:59.0011 1260 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:49:59.0051 1260 DcomLaunch - ok
18:49:59.0091 1260 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:49:59.0126 1260 defragsvc - ok
18:49:59.0151 1260 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:49:59.0181 1260 DfsC - ok
18:49:59.0196 1260 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:49:59.0231 1260 Dhcp - ok
18:49:59.0241 1260 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:49:59.0271 1260 discache - ok
18:49:59.0281 1260 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:49:59.0296 1260 Disk - ok
18:49:59.0321 1260 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:49:59.0331 1260 Dnscache - ok
18:49:59.0351 1260 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:49:59.0381 1260 dot3svc - ok
18:49:59.0396 1260 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:49:59.0431 1260 DPS - ok
18:49:59.0466 1260 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:49:59.0481 1260 drmkaud - ok
18:49:59.0521 1260 [ A4F408AD1065C7AD2ED332C68025B435 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:49:59.0546 1260 DXGKrnl - ok
18:49:59.0561 1260 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:49:59.0596 1260 EapHost - ok
18:49:59.0671 1260 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:49:59.0716 1260 ebdrv - ok
18:49:59.0746 1260 [ 5E3A50930447F464C66032E05A4632F5 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:49:59.0761 1260 eeCtrl - ok
18:49:59.0786 1260 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:49:59.0796 1260 EFS - ok
18:49:59.0846 1260 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:49:59.0866 1260 ehRecvr - ok
18:49:59.0886 1260 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:49:59.0896 1260 ehSched - ok
18:49:59.0936 1260 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:49:59.0956 1260 elxstor - ok
18:49:59.0966 1260 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:49:59.0976 1260 ErrDev - ok
18:50:00.0006 1260 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:50:00.0046 1260 EventSystem - ok
18:50:00.0061 1260 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:50:00.0096 1260 exfat - ok
18:50:00.0116 1260 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:50:00.0156 1260 fastfat - ok
18:50:00.0176 1260 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:50:00.0196 1260 Fax - ok
18:50:00.0226 1260 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:50:00.0236 1260 fdc - ok
18:50:00.0246 1260 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:50:00.0281 1260 fdPHost - ok
18:50:00.0306 1260 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:50:00.0341 1260 FDResPub - ok
18:50:00.0366 1260 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:50:00.0376 1260 FileInfo - ok
18:50:00.0391 1260 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:50:00.0441 1260 Filetrace - ok
18:50:00.0451 1260 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:50:00.0461 1260 flpydisk - ok
18:50:00.0491 1260 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:50:00.0501 1260 FltMgr - ok
18:50:00.0536 1260 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:50:00.0561 1260 FontCache - ok
18:50:00.0611 1260 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:50:00.0621 1260 FontCache3.0.0.0 - ok
18:50:00.0636 1260 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:50:00.0651 1260 FsDepends - ok
18:50:00.0671 1260 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:50:00.0681 1260 Fs_Rec - ok
18:50:00.0716 1260 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:50:00.0731 1260 fvevol - ok
18:50:00.0751 1260 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:50:00.0761 1260 gagp30kx - ok
18:50:00.0806 1260 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:50:00.0816 1260 GamesAppService - ok
18:50:00.0841 1260 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:50:00.0851 1260 GEARAspiWDM - ok
18:50:00.0886 1260 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:50:00.0926 1260 gpsvc - ok
18:50:00.0971 1260 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:50:00.0981 1260 gupdate - ok
18:50:00.0986 1260 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:50:00.0996 1260 gupdatem - ok
18:50:01.0016 1260 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:50:01.0026 1260 hcw85cir - ok
18:50:01.0051 1260 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:50:01.0066 1260 HdAudAddService - ok
18:50:01.0081 1260 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:50:01.0096 1260 HDAudBus - ok
18:50:01.0116 1260 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:50:01.0126 1260 HidBatt - ok
18:50:01.0141 1260 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:50:01.0156 1260 HidBth - ok
18:50:01.0171 1260 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:50:01.0186 1260 HidIr - ok
18:50:01.0201 1260 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:50:01.0236 1260 hidserv - ok
18:50:01.0251 1260 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:50:01.0261 1260 HidUsb - ok
18:50:01.0296 1260 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:50:01.0331 1260 hkmsvc - ok
18:50:01.0351 1260 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:50:01.0366 1260 HomeGroupListener - ok
18:50:01.0391 1260 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:50:01.0401 1260 HomeGroupProvider - ok
18:50:01.0486 1260 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:50:01.0496 1260 HP Support Assistant Service - ok
18:50:01.0536 1260 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
18:50:01.0546 1260 HPClientSvc - ok
18:50:01.0576 1260 [ 02CE63D8DD5E6DD5CEFF336191C0859E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
18:50:01.0586 1260 HPDrvMntSvc.exe - ok
18:50:01.0616 1260 [ E7C7829BA0395E48F8C8FE16B8832344 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:50:01.0636 1260 hpqwmiex - ok
18:50:01.0671 1260 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:50:01.0681 1260 HpSAMD - ok
18:50:01.0726 1260 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
18:50:01.0731 1260 HPWMISVC - ok
18:50:01.0776 1260 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:50:01.0821 1260 HTTP - ok
18:50:01.0826 1260 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:50:01.0836 1260 hwpolicy - ok
18:50:01.0871 1260 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:50:01.0881 1260 i8042prt - ok
18:50:01.0901 1260 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:50:01.0916 1260 iaStorV - ok
18:50:01.0961 1260 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:50:01.0981 1260 idsvc - ok
18:50:02.0041 1260 [ 0B97F1A640AD3D159A7B5D2164C42E50 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys
18:50:02.0056 1260 IDSVia64 - ok
18:50:02.0071 1260 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:50:02.0086 1260 iirsp - ok
18:50:02.0121 1260 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:50:02.0161 1260 IKEEXT - ok
18:50:02.0191 1260 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:50:02.0201 1260 intelide - ok
18:50:02.0231 1260 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:50:02.0246 1260 intelppm - ok
18:50:02.0261 1260 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:50:02.0296 1260 IPBusEnum - ok
18:50:02.0316 1260 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:50:02.0351 1260 IpFilterDriver - ok
18:50:02.0381 1260 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:50:02.0421 1260 iphlpsvc - ok
18:50:02.0436 1260 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:50:02.0446 1260 IPMIDRV - ok
18:50:02.0451 1260 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:50:02.0486 1260 IPNAT - ok
18:50:02.0526 1260 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:50:02.0551 1260 iPod Service - ok
18:50:02.0566 1260 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:50:02.0581 1260 IRENUM - ok
18:50:02.0616 1260 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:50:02.0626 1260 isapnp - ok
18:50:02.0666 1260 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:50:02.0681 1260 iScsiPrt - ok
18:50:02.0701 1260 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:50:02.0711 1260 kbdclass - ok
18:50:02.0731 1260 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:50:02.0741 1260 kbdhid - ok
18:50:02.0776 1260 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:50:02.0786 1260 KeyIso - ok
18:50:02.0816 1260 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:50:02.0826 1260 KSecDD - ok
18:50:02.0841 1260 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:50:02.0851 1260 KSecPkg - ok
18:50:02.0876 1260 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:50:02.0911 1260 ksthunk - ok
18:50:02.0946 1260 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:50:02.0986 1260 KtmRm - ok
18:50:03.0016 1260 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:50:03.0051 1260 LanmanServer - ok
18:50:03.0071 1260 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:50:03.0106 1260 LanmanWorkstation - ok
18:50:03.0121 1260 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:50:03.0156 1260 lltdio - ok
18:50:03.0171 1260 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:50:03.0206 1260 lltdsvc - ok
18:50:03.0221 1260 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:50:03.0256 1260 lmhosts - ok
18:50:03.0286 1260 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:50:03.0296 1260 LSI_FC - ok
18:50:03.0316 1260 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:50:03.0326 1260 LSI_SAS - ok
18:50:03.0356 1260 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:50:03.0366 1260 LSI_SAS2 - ok
18:50:03.0381 1260 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:50:03.0396 1260 LSI_SCSI - ok
18:50:03.0411 1260 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:50:03.0446 1260 luafv - ok
18:50:03.0501 1260 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
18:50:03.0511 1260 McComponentHostService - ok
18:50:03.0536 1260 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:50:03.0546 1260 Mcx2Svc - ok
18:50:03.0581 1260 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:50:03.0591 1260 megasas - ok
18:50:03.0626 1260 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:50:03.0636 1260 MegaSR - ok
18:50:03.0666 1260 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:50:03.0701 1260 MMCSS - ok
18:50:03.0721 1260 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:50:03.0751 1260 Modem - ok
18:50:03.0776 1260 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:50:03.0786 1260 monitor - ok
18:50:03.0796 1260 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:50:03.0806 1260 mouclass - ok
18:50:03.0821 1260 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:50:03.0836 1260 mouhid - ok
18:50:03.0846 1260 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:50:03.0861 1260 mountmgr - ok
18:50:03.0901 1260 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:50:03.0911 1260 MozillaMaintenance - ok
18:50:03.0946 1260 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:50:03.0956 1260 MpFilter - ok
18:50:03.0991 1260 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:50:04.0006 1260 mpio - ok
18:50:04.0021 1260 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:50:04.0051 1260 mpsdrv - ok
18:50:04.0096 1260 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:50:04.0136 1260 MpsSvc - ok
18:50:04.0151 1260 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:50:04.0171 1260 MRxDAV - ok
18:50:04.0201 1260 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:50:04.0211 1260 mrxsmb - ok
18:50:04.0226 1260 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:50:04.0236 1260 mrxsmb10 - ok
18:50:04.0251 1260 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:50:04.0261 1260 mrxsmb20 - ok
18:50:04.0291 1260 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:50:04.0301 1260 msahci - ok
18:50:04.0331 1260 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:50:04.0346 1260 msdsm - ok
18:50:04.0356 1260 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:50:04.0371 1260 MSDTC - ok
18:50:04.0391 1260 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:50:04.0426 1260 Msfs - ok
18:50:04.0446 1260 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:50:04.0476 1260 mshidkmdf - ok
18:50:04.0506 1260 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:50:04.0516 1260 msisadrv - ok
18:50:04.0546 1260 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:50:04.0581 1260 MSiSCSI - ok
18:50:04.0586 1260 msiserver - ok
18:50:04.0596 1260 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:50:04.0631 1260 MSKSSRV - ok
18:50:04.0671 1260 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:50:04.0681 1260 MsMpSvc - ok
18:50:04.0696 1260 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:50:04.0731 1260 MSPCLOCK - ok
18:50:04.0746 1260 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:50:04.0781 1260 MSPQM - ok
18:50:04.0801 1260 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:50:04.0816 1260 MsRPC - ok
18:50:04.0836 1260 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:50:04.0846 1260 mssmbios - ok
18:50:04.0851 1260 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:50:04.0886 1260 MSTEE - ok
18:50:04.0901 1260 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:50:04.0911 1260 MTConfig - ok
18:50:04.0936 1260 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:50:04.0946 1260 Mup - ok
18:50:04.0986 1260 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:50:05.0026 1260 napagent - ok
18:50:05.0041 1260 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:50:05.0061 1260 NativeWifiP - ok
18:50:05.0126 1260 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS
18:50:05.0136 1260 NAVENG - ok
18:50:05.0181 1260 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS
18:50:05.0216 1260 NAVEX15 - ok
18:50:05.0256 1260 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:50:05.0281 1260 NDIS - ok
18:50:05.0306 1260 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:50:05.0336 1260 NdisCap - ok
18:50:05.0361 1260 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:50:05.0391 1260 NdisTapi - ok
18:50:05.0406 1260 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:50:05.0441 1260 Ndisuio - ok
18:50:05.0451 1260 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:50:05.0481 1260 NdisWan - ok
18:50:05.0501 1260 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:50:05.0531 1260 NDProxy - ok
18:50:05.0551 1260 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:50:05.0586 1260 NetBIOS - ok
18:50:05.0591 1260 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:50:05.0626 1260 NetBT - ok
18:50:05.0641 1260 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:50:05.0651 1260 Netlogon - ok
18:50:05.0691 1260 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:50:05.0731 1260 Netman - ok
18:50:05.0751 1260 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:50:05.0761 1260 NetMsmqActivator - ok
18:50:05.0766 1260 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:50:05.0776 1260 NetPipeActivator - ok
18:50:05.0801 1260 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:50:05.0841 1260 netprofm - ok
18:50:05.0846 1260 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:50:05.0856 1260 NetTcpActivator - ok
18:50:05.0861 1260 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:50:05.0871 1260 NetTcpPortSharing - ok
18:50:05.0901 1260 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:50:05.0911 1260 nfrd960 - ok
18:50:05.0961 1260 [ F2840DBFE9322F35557219AE82CC4597 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
18:50:05.0971 1260 NIS - ok
18:50:06.0006 1260 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:50:06.0016 1260 NisDrv - ok
18:50:06.0046 1260 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
18:50:06.0061 1260 NisSrv - ok
18:50:06.0086 1260 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:50:06.0121 1260 NlaSvc - ok
18:50:06.0151 1260 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:50:06.0186 1260 Npfs - ok
18:50:06.0201 1260 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:50:06.0236 1260 nsi - ok
18:50:06.0246 1260 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:50:06.0281 1260 nsiproxy - ok
18:50:06.0331 1260 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:50:06.0366 1260 Ntfs - ok
18:50:06.0401 1260 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:50:06.0436 1260 Null - ok
18:50:06.0456 1260 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
18:50:06.0471 1260 NVENETFD - ok
18:50:06.0491 1260 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:50:06.0506 1260 nvraid - ok
18:50:06.0521 1260 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:50:06.0531 1260 nvstor - ok
18:50:06.0561 1260 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:50:06.0571 1260 nv_agp - ok
18:50:06.0601 1260 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:50:06.0611 1260 ohci1394 - ok
18:50:06.0631 1260 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:50:06.0641 1260 ose - ok
18:50:06.0776 1260 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:50:06.0861 1260 osppsvc - ok
18:50:06.0896 1260 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:50:06.0911 1260 p2pimsvc - ok
18:50:06.0931 1260 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:50:06.0946 1260 p2psvc - ok
18:50:06.0971 1260 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:50:06.0981 1260 Parport - ok
18:50:07.0001 1260 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:50:07.0011 1260 partmgr - ok
18:50:07.0046 1260 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:50:07.0066 1260 PcaSvc - ok
18:50:07.0091 1260 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:50:07.0106 1260 pci - ok
18:50:07.0136 1260 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:50:07.0146 1260 pciide - ok
18:50:07.0181 1260 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:50:07.0191 1260 pcmcia - ok
18:50:07.0206 1260 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:50:07.0216 1260 pcw - ok
18:50:07.0246 1260 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:50:07.0281 1260 PEAUTH - ok
18:50:07.0376 1260 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:50:07.0391 1260 PerfHost - ok
18:50:07.0446 1260 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:50:07.0491 1260 pla - ok
18:50:07.0526 1260 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:50:07.0541 1260 PlugPlay - ok
18:50:07.0566 1260 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:50:07.0576 1260 PNRPAutoReg - ok
18:50:07.0596 1260 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:50:07.0611 1260 PNRPsvc - ok
18:50:07.0636 1260 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:50:07.0676 1260 PolicyAgent - ok
18:50:07.0706 1260 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:50:07.0741 1260 Power - ok
18:50:07.0761 1260 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:50:07.0796 1260 PptpMiniport - ok
18:50:07.0816 1260 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:50:07.0826 1260 Processor - ok
18:50:07.0851 1260 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
18:50:07.0886 1260 ProfSvc - ok
18:50:07.0896 1260 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:50:07.0906 1260 ProtectedStorage - ok
18:50:07.0926 1260 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:50:07.0961 1260 Psched - ok
18:50:08.0006 1260 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:50:08.0041 1260 ql2300 - ok
18:50:08.0076 1260 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:50:08.0091 1260 ql40xx - ok
18:50:08.0126 1260 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:50:08.0146 1260 QWAVE - ok
18:50:08.0156 1260 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:50:08.0171 1260 QWAVEdrv - ok
18:50:08.0191 1260 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:50:08.0221 1260 RasAcd - ok
18:50:08.0241 1260 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:50:08.0271 1260 RasAgileVpn - ok
18:50:08.0296 1260 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:50:08.0331 1260 RasAuto - ok
18:50:08.0361 1260 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:50:08.0391 1260 Rasl2tp - ok
18:50:08.0426 1260 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:50:08.0461 1260 RasMan - ok
18:50:08.0481 1260 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:50:08.0516 1260 RasPppoe - ok
18:50:08.0531 1260 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:50:08.0566 1260 RasSstp - ok
18:50:08.0586 1260 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:50:08.0621 1260 rdbss - ok
18:50:08.0636 1260 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:50:08.0646 1260 rdpbus - ok
18:50:08.0671 1260 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:50:08.0701 1260 RDPCDD - ok
18:50:08.0716 1260 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:50:08.0751 1260 RDPENCDD - ok
18:50:08.0791 1260 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:50:08.0821 1260 RDPREFMP - ok
18:50:08.0851 1260 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:50:08.0861 1260 RDPWD - ok
18:50:08.0866 1260 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:50:08.0881 1260 rdyboost - ok
18:50:08.0921 1260 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:50:08.0956 1260 RemoteAccess - ok
18:50:08.0981 1260 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:50:09.0016 1260 RemoteRegistry - ok
18:50:09.0026 1260 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:50:09.0061 1260 RpcEptMapper - ok
18:50:09.0081 1260 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:50:09.0091 1260 RpcLocator - ok
18:50:09.0111 1260 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:50:09.0151 1260 RpcSs - ok
18:50:09.0186 1260 [ 1F5E7AF59B390261A85F5BEDB1BB88B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
18:50:09.0196 1260 RSPCIESTOR - ok
18:50:09.0236 1260 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:50:09.0271 1260 rspndr - ok
18:50:09.0296 1260 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:50:09.0311 1260 RTL8167 - ok
18:50:09.0351 1260 [ 508D997A5E9F400FADE6C85251BF13DF ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
18:50:09.0376 1260 RTL8192Ce - ok
18:50:09.0386 1260 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:50:09.0396 1260 SamSs - ok
18:50:09.0411 1260 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:50:09.0421 1260 sbp2port - ok
18:50:09.0461 1260 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:50:09.0496 1260 SCardSvr - ok
18:50:09.0531 1260 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:50:09.0561 1260 scfilter - ok
18:50:09.0591 1260 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:50:09.0636 1260 Schedule - ok
18:50:09.0661 1260 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:50:09.0696 1260 SCPolicySvc - ok
18:50:09.0716 1260 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:50:09.0731 1260 sdbus - ok
18:50:09.0756 1260 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:50:09.0771 1260 SDRSVC - ok
18:50:09.0786 1260 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:50:09.0821 1260 secdrv - ok
18:50:09.0836 1260 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:50:09.0871 1260 seclogon - ok
18:50:09.0891 1260 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:50:09.0921 1260 SENS - ok
18:50:09.0956 1260 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:50:09.0966 1260 SensrSvc - ok
18:50:09.0991 1260 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:50:10.0001 1260 Serenum - ok
18:50:10.0011 1260 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:50:10.0026 1260 Serial - ok
18:50:10.0056 1260 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:50:10.0066 1260 sermouse - ok
18:50:10.0106 1260 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:50:10.0141 1260 SessionEnv - ok
18:50:10.0166 1260 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:50:10.0181 1260 sffdisk - ok
18:50:10.0196 1260 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:50:10.0206 1260 sffp_mmc - ok
18:50:10.0216 1260 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:50:10.0231 1260 sffp_sd - ok
18:50:10.0251 1260 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:50:10.0261 1260 sfloppy - ok
18:50:10.0301 1260 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:50:10.0321 1260 Sftfs - ok
18:50:10.0356 1260 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:50:10.0376 1260 sftlist - ok
18:50:10.0401 1260 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:50:10.0416 1260 Sftplay - ok
18:50:10.0431 1260 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:50:10.0441 1260 Sftredir - ok
18:50:10.0451 1260 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:50:10.0461 1260 Sftvol - ok
18:50:10.0481 1260 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:50:10.0491 1260 sftvsa - ok
18:50:10.0531 1260 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:50:10.0571 1260 SharedAccess - ok
18:50:10.0601 1260 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:50:10.0636 1260 ShellHWDetection - ok
18:50:10.0676 1260 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:50:10.0686 1260 SiSRaid2 - ok
18:50:10.0706 1260 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:50:10.0716 1260 SiSRaid4 - ok
18:50:10.0766 1260 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:50:10.0776 1260 SkypeUpdate - ok
18:50:10.0791 1260 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:50:10.0826 1260 Smb - ok
18:50:10.0861 1260 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:50:10.0871 1260 SNMPTRAP - ok
18:50:10.0901 1260 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:50:10.0911 1260 spldr - ok
18:50:10.0941 1260 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
18:50:10.0976 1260 Spooler - ok
18:50:11.0051 1260 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:50:11.0121 1260 sppsvc - ok
18:50:11.0141 1260 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:50:11.0176 1260 sppuinotify - ok
18:50:11.0256 1260 [ 891793E00432FA055CF040605C260E49 ] SRTSP C:\Windows\System32\Drivers\NISx64\1308000.00E\SRTSP64.SYS
18:50:11.0271 1260 SRTSP - ok
18:50:11.0286 1260 [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX C:\Windows\system32\drivers\NISx64\1308000.00E\SRTSPX64.SYS
18:50:11.0296 1260 SRTSPX - ok
18:50:11.0321 1260 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:50:11.0336 1260 srv - ok
18:50:11.0356 1260 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:50:11.0371 1260 srv2 - ok
18:50:11.0406 1260 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:50:11.0421 1260 SrvHsfHDA - ok
18:50:11.0456 1260 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:50:11.0486 1260 SrvHsfV92 - ok
18:50:11.0516 1260 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:50:11.0536 1260 SrvHsfWinac - ok
18:50:11.0566 1260 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:50:11.0581 1260 srvnet - ok
18:50:11.0606 1260 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:50:11.0646 1260 SSDPSRV - ok
18:50:11.0651 1260 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:50:11.0686 1260 SstpSvc - ok
18:50:11.0761 1260 [ A6B2EC3A2B6AD7C3F7B2F3495CADE4C0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
18:50:11.0776 1260 STacSV - ok
18:50:11.0806 1260 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:50:11.0816 1260 stexstor - ok
18:50:11.0851 1260 [ EBA98394A7D58F7552C52192BD8FA7E6 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
18:50:11.0871 1260 STHDA - ok
18:50:11.0906 1260 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:50:11.0926 1260 stisvc - ok
18:50:11.0946 1260 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:50:11.0956 1260 swenum - ok
18:50:11.0991 1260 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:50:12.0031 1260 swprv - ok
18:50:12.0061 1260 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS
18:50:12.0076 1260 SymDS - ok
18:50:12.0126 1260 [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA C:\Windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS
18:50:12.0151 1260 SymEFA - ok
18:50:12.0181 1260 [ 898BB48C797483420DF523B2BBC1ECDB ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:50:12.0191 1260 SymEvent - ok
18:50:12.0201 1260 [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON C:\Windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS
18:50:12.0211 1260 SymIRON - ok
18:50:12.0236 1260 [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS C:\Windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS
18:50:12.0251 1260 SymNetS - ok
18:50:12.0301 1260 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:50:12.0331 1260 SynTP - ok
18:50:12.0386 1260 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:50:12.0421 1260 SysMain - ok
18:50:12.0431 1260 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:50:12.0446 1260 TabletInputService - ok
18:50:12.0456 1260 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:50:12.0491 1260 TapiSrv - ok
18:50:12.0506 1260 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:50:12.0541 1260 TBS - ok
18:50:12.0596 1260 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:50:12.0636 1260 Tcpip - ok
18:50:12.0661 1260 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:50:12.0701 1260 TCPIP6 - ok
18:50:12.0736 1260 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:50:12.0766 1260 tcpipreg - ok
18:50:12.0786 1260 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:50:12.0796 1260 TDPIPE - ok
18:50:12.0826 1260 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:50:12.0836 1260 TDTCP - ok
18:50:12.0856 1260 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:50:12.0891 1260 tdx - ok
18:50:12.0901 1260 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:50:12.0911 1260 TermDD - ok
18:50:12.0951 1260 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:50:12.0991 1260 TermService - ok
18:50:13.0011 1260 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:50:13.0026 1260 Themes - ok
18:50:13.0046 1260 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:50:13.0076 1260 THREADORDER - ok
18:50:13.0091 1260 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:50:13.0126 1260 TrkWks - ok
18:50:13.0181 1260 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:50:13.0216 1260 TrustedInstaller - ok
18:50:13.0246 1260 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:50:13.0281 1260 tssecsrv - ok
18:50:13.0296 1260 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:50:13.0306 1260 TsUsbFlt - ok
18:50:13.0326 1260 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:50:13.0336 1260 TsUsbGD - ok
18:50:13.0351 1260 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:50:13.0386 1260 tunnel - ok
18:50:13.0401 1260 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:50:13.0411 1260 uagp35 - ok
18:50:13.0431 1260 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:50:13.0466 1260 udfs - ok
18:50:13.0501 1260 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:50:13.0511 1260 UI0Detect - ok
18:50:13.0536 1260 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:50:13.0546 1260 uliagpkx - ok
18:50:13.0566 1260 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:50:13.0576 1260 umbus - ok
18:50:13.0596 1260 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:50:13.0606 1260 UmPass - ok
18:50:13.0631 1260 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:50:13.0671 1260 upnphost - ok
18:50:13.0691 1260 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:50:13.0706 1260 usbccgp - ok
18:50:13.0721 1260 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:50:13.0736 1260 usbcir - ok
18:50:13.0761 1260 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:50:13.0771 1260 usbehci - ok
18:50:13.0786 1260 [ B7037444DC5138FC7D3D3968B4DE5C4B ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
18:50:13.0796 1260 usbfilter - ok
18:50:13.0816 1260 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
18:50:13.0831 1260 usbhub - ok
18:50:13.0841 1260 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:50:13.0851 1260 usbohci - ok
18:50:13.0871 1260 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:50:13.0881 1260 usbprint - ok
18:50:13.0906 1260 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:50:13.0916 1260 USBSTOR - ok
18:50:13.0926 1260 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:50:13.0936 1260 usbuhci - ok
18:50:13.0966 1260 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:50:13.0981 1260 usbvideo - ok
18:50:14.0026 1260 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:50:14.0061 1260 UxSms - ok
18:50:14.0076 1260 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:50:14.0086 1260 VaultSvc - ok
18:50:14.0096 1260 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:50:14.0106 1260 vdrvroot - ok
18:50:14.0126 1260 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:50:14.0166 1260 vds - ok
18:50:14.0181 1260 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:50:14.0196 1260 vga - ok
18:50:14.0211 1260 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:50:14.0246 1260 VgaSave - ok
18:50:14.0281 1260 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:50:14.0291 1260 vhdmp - ok
18:50:14.0316 1260 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:50:14.0326 1260 viaide - ok
18:50:14.0341 1260 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:50:14.0351 1260 volmgr - ok
18:50:14.0371 1260 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:50:14.0391 1260 volmgrx - ok
18:50:14.0416 1260 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:50:14.0431 1260 volsnap - ok
18:50:14.0451 1260 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:50:14.0466 1260 vsmraid - ok
18:50:14.0516 1260 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:50:14.0566 1260 VSS - ok
18:50:14.0591 1260 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:50:14.0601 1260 vwifibus - ok
18:50:14.0621 1260 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:50:14.0636 1260 vwififlt - ok
18:50:14.0656 1260 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:50:14.0671 1260 vwifimp - ok
18:50:14.0691 1260 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:50:14.0731 1260 W32Time - ok
18:50:14.0766 1260 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:50:14.0776 1260 WacomPen - ok
18:50:14.0796 1260 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:50:14.0831 1260 WANARP - ok
18:50:14.0831 1260 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:50:14.0871 1260 Wanarpv6 - ok
18:50:14.0921 1260 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:50:14.0951 1260 WatAdminSvc - ok
18:50:15.0006 1260 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:50:15.0036 1260 wbengine - ok
18:50:15.0041 1260 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:50:15.0061 1260 WbioSrvc - ok
18:50:15.0071 1260 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:50:15.0091 1260 wcncsvc - ok
18:50:15.0106 1260 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:50:15.0116 1260 WcsPlugInService - ok
18:50:15.0136 1260 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:50:15.0146 1260 Wd - ok
18:50:15.0176 1260 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:50:15.0196 1260 Wdf01000 - ok
18:50:15.0206 1260 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:50:15.0226 1260 WdiServiceHost - ok
18:50:15.0231 1260 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:50:15.0246 1260 WdiSystemHost - ok
18:50:15.0281 1260 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:50:15.0301 1260 WebClient - ok
18:50:15.0321 1260 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:50:15.0356 1260 Wecsvc - ok
18:50:15.0376 1260 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:50:15.0411 1260 wercplsupport - ok
18:50:15.0431 1260 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:50:15.0466 1260 WerSvc - ok
18:50:15.0486 1260 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:50:15.0521 1260 WfpLwf - ok
18:50:15.0536 1260 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:50:15.0546 1260 WIMMount - ok
18:50:15.0561 1260 WinDefend - ok
18:50:15.0571 1260 WinHttpAutoProxySvc - ok
18:50:15.0631 1260 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:50:15.0671 1260 Winmgmt - ok
18:50:15.0731 1260 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:50:15.0786 1260 WinRM - ok
18:50:15.0816 1260 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:50:15.0831 1260 WinUsb - ok
18:50:15.0861 1260 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:50:15.0891 1260 Wlansvc - ok
18:50:15.0941 1260 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:50:15.0951 1260 wlcrasvc - ok
18:50:16.0081 1260 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:50:16.0121 1260 wlidsvc - ok
18:50:16.0151 1260 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:50:16.0161 1260 WmiAcpi - ok
18:50:16.0191 1260 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:50:16.0206 1260 wmiApSrv - ok
18:50:16.0226 1260 WMPNetworkSvc - ok
18:50:16.0256 1260 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:50:16.0271 1260 WPCSvc - ok
18:50:16.0281 1260 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:50:16.0296 1260 WPDBusEnum - ok
18:50:16.0321 1260 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:50:16.0356 1260 ws2ifsl - ok
18:50:16.0376 1260 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:50:16.0391 1260 wscsvc - ok
18:50:16.0396 1260 WSearch - ok
18:50:16.0456 1260 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
18:50:16.0516 1260 wuauserv - ok
18:50:16.0531 1260 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:50:16.0566 1260 WudfPf - ok
18:50:16.0581 1260 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:50:16.0616 1260 WUDFRd - ok
18:50:16.0651 1260 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:50:16.0681 1260 wudfsvc - ok
18:50:16.0721 1260 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
18:50:16.0731 1260 WwanSvc - ok
18:50:16.0746 1260 ================ Scan global ===============================
18:50:16.0771 1260 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:50:16.0796 1260 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:50:16.0801 1260 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
18:50:16.0816 1260 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:50:16.0841 1260 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:50:16.0841 1260 [Global] - ok
18:50:16.0841 1260 ================ Scan MBR ==================================
18:50:16.0851 1260 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:50:17.0196 1260 \Device\Harddisk0\DR0 - ok
18:50:17.0196 1260 ================ Scan VBR ==================================
18:50:17.0206 1260 [ F9C258A6BA93BB02EBD888013088862F ] \Device\Harddisk0\DR0\Partition1
18:50:17.0211 1260 \Device\Harddisk0\DR0\Partition1 - ok
18:50:17.0226 1260 [ 8270DC7142A2DCBFD905D42BE831979C ] \Device\Harddisk0\DR0\Partition2
18:50:17.0226 1260 \Device\Harddisk0\DR0\Partition2 - ok
18:50:17.0256 1260 [ 5DDAC8626787D597FD4B6B109BB09C8E ] \Device\Harddisk0\DR0\Partition3
18:50:17.0261 1260 \Device\Harddisk0\DR0\Partition3 - ok
18:50:17.0281 1260 [ 15457F28E0ED7335BB4E2B9A2984483A ] \Device\Harddisk0\DR0\Partition4
18:50:17.0286 1260 \Device\Harddisk0\DR0\Partition4 - ok
18:50:17.0286 1260 ============================================================
18:50:17.0286 1260 Scan finished
18:50:17.0286 1260 ============================================================
18:50:17.0296 1632 Detected object count: 0
18:50:17.0296 1632 Actual detected object count: 0
18:50:42.0066 1976 Deinitialize success


ASWMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-24 18:51:33
-----------------------------
18:51:33.147 OS Version: Windows x64 6.1.7601 Service Pack 1
18:51:33.147 Number of processors: 2 586 0x100
18:51:33.147 ComputerName: BYRDFAM-HP UserName: Byrd Fam
18:51:34.187 Initialize success
18:51:35.412 AVAST engine defs: 12092401
18:52:15.952 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006f
18:52:15.952 Disk 0 Vendor: Hitachi_ ES2O Size: 305245MB BusType: 11
18:52:15.962 Disk 0 MBR read successfully
18:52:15.967 Disk 0 MBR scan
18:52:16.387 Disk 0 Windows 7 default MBR code
18:52:16.407 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:52:16.887 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 280550 MB offset 409600
18:52:16.932 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 20431 MB offset 574976000
18:52:17.012 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 616818688
18:52:17.622 Disk 0 scanning C:\Windows\system32\drivers
18:52:31.467 Service scanning
18:52:58.562 Modules scanning
18:52:58.572 Disk 0 trace - called modules:
18:52:58.597 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
18:52:58.607 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004159060]
18:52:58.612 3 CLASSPNP.SYS[fffff880019a343f] -> nt!IofCallDriver -> [0xfffffa800368a040]
18:52:58.617 5 amd_xata.sys[fffff8800107ab3f] -> nt!IofCallDriver -> \Device\0000006f[0xfffffa800407c060]
18:52:59.452 AVAST engine scan C:\Windows
18:53:01.882 AVAST engine scan C:\Windows\system32
18:55:34.117 AVAST engine scan C:\Windows\system32\drivers
18:55:44.152 AVAST engine scan C:\Users\Byrd Fam
19:05:32.160 AVAST engine scan C:\ProgramData
19:06:28.875 Scan finished successfully
19:31:47.313 Disk 0 MBR has been saved successfully to "C:\Users\Byrd Fam\Documents\MBR.dat"
19:31:47.323 The log file has been saved successfully to "C:\Users\Byrd Fam\Documents\aswMBR.txt"


ESET


C:\Users\Byrd Fam\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\1796865b-53284f60 a variant of Java/Exploit.CVE-2012-1723.AL trojan deleted - quarantined
C:\Users\Byrd Fam\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\7f8aaf5f-73307aaa multiple threats deleted - quarantined
C:\Users\Byrd Fam\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\2de7f422-7e0e6ff4 Java/Exploit.CVE-2012-1723.T trojan deleted - quarantined
C:\Users\Byrd Fam\Downloads\setup (1).zip a variant of Win32/Kryptik.AGQS trojan deleted - quarantined
C:\Users\Byrd Fam\Downloads\setup.zip a variant of Win32/Kryptik.AGQS trojan deleted - quarantined



MBAM in Safe Mode



Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.25.05

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Byrd Fam :: BYRDFAM-HP [administrator]

9/25/2012 6:00:12 AM
mbam-log-2012-09-25 (06-00-12).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 329759
Time elapsed: 32 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



I still can't get my regular mode working. The FBI message no longer appears but I'm still locked out. Any thoughts?

Thanks.

BC AdBot (Login to Remove)

 


#2 beklanmaia

beklanmaia
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 25 September 2012 - 03:24 PM

Also MINITOOL log:



MiniToolBox by Farbar Version: 23-07-2012
Ran by Byrd Fam (administrator) on 25-09-2012 at 06:43:09
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ByrdFam-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sc.rr.com

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 20-10-7A-28-1A-68
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : sc.rr.com
Description . . . . . . . . . . . : Realtek RTL8188CE 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 20-10-7A-28-1A-68
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1c2d:9ff8:e66:86dc%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.130(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, September 24, 2012 10:38:53 PM
Lease Expires . . . . . . . . . . : Tuesday, September 25, 2012 10:39:05 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 320868474
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-88-9E-D1-80-C1-6E-42-EA-2A
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 80-C1-6E-42-EA-2A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.sc.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0E6B1095-19B6-42F1-BE89-D2E5555EAD14}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4002:c03::8a
74.125.45.101
74.125.45.102
74.125.45.113
74.125.45.138
74.125.45.139
74.125.45.100


Pinging google.com [74.125.137.113] with 32 bytes of data:
Reply from 74.125.137.113: bytes=32 time=34ms TTL=48
Reply from 74.125.137.113: bytes=32 time=32ms TTL=48

Ping statistics for 74.125.137.113:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 34ms, Average = 33ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=124ms TTL=48
Reply from 98.138.253.109: bytes=32 time=173ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 124ms, Maximum = 173ms, Average = 148ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...20 10 7a 28 1a 68 ......Microsoft Virtual WiFi Miniport Adapter
13...20 10 7a 28 1a 68 ......Realtek RTL8188CE 802.11b/g/n WiFi Adapter
11...80 c1 6e 42 ea 2a ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.130 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.130 281
192.168.1.130 255.255.255.255 On-link 192.168.1.130 281
192.168.1.255 255.255.255.255 On-link 192.168.1.130 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.130 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.130 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::1c2d:9ff8:e66:86dc/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/24/2012 10:51:37 PM) (Source: PerfNet) (User: )
Description:
Error: (09/24/2012 10:45:37 PM) (Source: PerfNet) (User: )
Description:

Error: (09/24/2012 10:43:32 PM) (Source: PerfNet) (User: )
Description:

Error: (09/24/2012 10:39:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2012 09:45:06 PM) (Source: PerfNet) (User: )
Description:

Error: (09/24/2012 09:37:06 PM) (Source: PerfNet) (User: )
Description:

Error: (09/24/2012 09:31:06 PM) (Source: PerfNet) (User: )
Description:

Error: (09/24/2012 09:29:00 PM) (Source: PerfNet) (User: )
Description:

Error: (09/24/2012 09:15:26 PM) (Source: PerfNet) (User: )
Description:

Error: (09/24/2012 09:09:26 PM) (Source: PerfNet) (User: )
Description:


System errors:
=============
Error: (09/25/2012 06:43:02 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 06:43:02 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 06:43:02 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 06:38:32 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 06:38:32 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 06:38:32 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 06:38:02 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 06:38:02 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 06:38:02 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/25/2012 06:36:36 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (09/24/2012 10:51:37 PM) (Source: PerfNet)(User: )
Description:

Error: (09/24/2012 10:45:37 PM) (Source: PerfNet)(User: )
Description:

Error: (09/24/2012 10:43:32 PM) (Source: PerfNet)(User: )
Description:

Error: (09/24/2012 10:39:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/24/2012 09:45:06 PM) (Source: PerfNet)(User: )
Description:

Error: (09/24/2012 09:37:06 PM) (Source: PerfNet)(User: )
Description:

Error: (09/24/2012 09:31:06 PM) (Source: PerfNet)(User: )
Description:

Error: (09/24/2012 09:29:00 PM) (Source: PerfNet)(User: )
Description:

Error: (09/24/2012 09:15:26 PM) (Source: PerfNet)(User: )
Description:

Error: (09/24/2012 09:09:26 PM) (Source: PerfNet)(User: )
Description:


=========================== Installed Programs ============================

Adobe AIR (Version: 3.3.0.3670)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Amazon Music Importer (Version: 2.0.0)
AMD APP SDK Runtime (Version: 2.5.775.2)
AMD Catalyst Install Manager (Version: 3.0.847.0)
AMD Fuel (Version: 2011.0928.607.9079)
AMD Media Foundation Decoders (Version: 1.0.60928.0618)
AMD Steady Video Plug-In (Version: 2.02.0000)
AMD System Monitor (Version: 1.0.9)
AMD VISION Engine Control Center (Version: 2011.0928.607.9079)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 7.0.1426.0)
Bejeweled 3 (Version: 2.2.0.97)
Bing Bar (Version: 7.0.826.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blio (Version: 2.2.8188)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0928.607.9079)
Catalyst Control Center InstallProxy (Version: 2011.0928.607.9079)
Catalyst Control Center Localization All (Version: 2011.0928.607.9079)
ccc-utility64 (Version: 2011.0928.607.9079)
CCC Help Chinese Standard (Version: 2011.0928.0606.9079)
CCC Help Chinese Traditional (Version: 2011.0928.0606.9079)
CCC Help Czech (Version: 2011.0928.0606.9079)
CCC Help Danish (Version: 2011.0928.0606.9079)
CCC Help Dutch (Version: 2011.0928.0606.9079)
CCC Help English (Version: 2011.0928.0606.9079)
CCC Help Finnish (Version: 2011.0928.0606.9079)
CCC Help French (Version: 2011.0928.0606.9079)
CCC Help German (Version: 2011.0928.0606.9079)
CCC Help Greek (Version: 2011.0928.0606.9079)
CCC Help Hungarian (Version: 2011.0928.0606.9079)
CCC Help Italian (Version: 2011.0928.0606.9079)
CCC Help Japanese (Version: 2011.0928.0606.9079)
CCC Help Korean (Version: 2011.0928.0606.9079)
CCC Help Norwegian (Version: 2011.0928.0606.9079)
CCC Help Polish (Version: 2011.0928.0606.9079)
CCC Help Portuguese (Version: 2011.0928.0606.9079)
CCC Help Russian (Version: 2011.0928.0606.9079)
CCC Help Spanish (Version: 2011.0928.0606.9079)
CCC Help Swedish (Version: 2011.0928.0606.9079)
CCC Help Thai (Version: 2011.0928.0606.9079)
CCC Help Turkish (Version: 2011.0928.0606.9079)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Coupon Printer for Windows (Version: 5.0.0.1)
Cradle of Rome 2 (Version: 2.2.0.98)
CyberLink YouCam (Version: 3.5.0.4528)
D3DX10 (Version: 15.4.2368.0902)
Dora's World Adventure (Version: 2.2.0.95)
ESET Online Scanner v3
ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)
Evernote v. 4.2.3 (Version: 4.2.3.22)
Farm Frenzy (Version: 2.2.0.98)
Farmscapes (Version: 2.2.0.98)
FATE (Version: 2.2.0.97)
Final Drive Fury (Version: 2.2.0.95)
Google Chrome (Version: 21.0.1180.89)
Google Talk Plugin (Version: 3.6.1.9117)
Google Update Helper (Version: 1.3.21.123)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Hoyle Card Games (Version: 2.2.0.95)
HP Application Assistant (Version: 1.0.409.3882)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Documentation (Version: 1.1.0.0)
HP Games (Version: 1.0.2.5)
HP Launch Box (Version: 1.1.5)
HP MovieStore (Version: 2.1.091)
HP MovieStore (Version: 2.1.21091.0)
HP On Screen Display (Version: 1.3.5)
HP Power Manager (Version: 1.4.7)
HP Quick Launch (Version: 2.7.2)
HP QuickWeb (Version: 3.1.1.10197)
HP Recovery Manager (Version: 2.0.0)
HP Security Assistant (Version: 1.0.12)
HP Setup (Version: 9.0.15076.3891)
HP Setup Manager (Version: 1.2.14901.3869)
HP Software Framework (Version: 4.5.10.1)
HP Support Assistant (Version: 6.1.12.1)
IDT Audio (Version: 1.0.6341.0)
iTunes (Version: 10.6.0.40)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Jewel Match 3 (Version: 2.2.0.98)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (Version: 2.2.0.98)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Letters from Nowhere 2 (Version: 2.2.0.97)
Luxor HD (Version: 2.2.0.98)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Security Scan Plus (Version: 2.0.181.2)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5139.5005)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Internet Security (Version: 19.8.0.14)
opensource (Version: 1.0.14960.3876)
Penguins! (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
Realtek Ethernet Controller Driver (Version: 7.40.126.2011)
Realtek PCIE Card Reader (Version: 6.1.7601.83)
REALTEK Wireless LAN Driver (Version: 1.00.11.0706)
RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.8.4.124.ga3559d86)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.11.0)
The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98)
Torchlight (Version: 2.2.0.98)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)
VLC media player 2.0.1 (Version: 2.0.1)
WildTangent Games App (HP Games) (Version: 4.0.5.32)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zuma's Revenge (Version: 2.2.0.98)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3561.41 MB
Available physical RAM: 2129.07 MB
Total Pagefile: 7121 MB
Available Pagefile: 5861.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.16 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:273.97 GB) (Free:219.36 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:19.95 GB) (Free:2.16 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
4 Drive f: (CARDIO_X) (CDROM) (Total:2.91 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\BYRDFAM-HP

Administrator Byrd Fam Guest


**** End of log ****




and

Moderator Edit: Moved topic from Windows 7 to the more appropriate forum
Roger

Edited by rotor123, 25 September 2012 - 04:06 PM.


#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 AM

Posted 27 September 2012 - 10:46 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

The following topic will help you in removing the malwre.

Remove the FBI MoneyPak Ransomware or the Reveton Trojan
http://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomware

If at any time you need advice on how to continue please ask.

===

When completed with the instructions download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
    • DDS.scr <- not recommended if you use Chrome to download this .scr file. Use the other options.
    • DDS.pif
    • DDS.COM
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.

Let me know what problem persists.

#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:32 AM

Posted 03 October 2012 - 12:50 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users