Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-up/Redirect Virus.......Help!


  • This topic is locked This topic is locked
2 replies to this topic

#1 knr328

knr328

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:45 AM

Posted 03 October 2012 - 07:39 PM

Hi all,
So I have this virus that keeps causing pop-up ads when I'm browsing the internet, no matter which browser I use. It will also redirect me to random sites sometimes. It looks exactly like the virus from the forum "Pop Up Ad - Redirect Virus I cannot get rid of this ad virus" posted by Iwolfe63 on May 18 2012. I have run several anti-virus programs without success. Thus, I downloaded the programs from the Iwolfe63 forum and ran them. Here's what I got:
From toolbox:
MiniToolBox by Farbar Version: 23-07-2012
Ran by rikr3428 (administrator) on 03-10-2012 at 20:03:26
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost


68.168.222.226 www.google-analytics.com.
68.168.222.226 ad-emea.doubleclick.net.
68.168.222.226 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : rikr3428-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-E3-B5-52-B9-8D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : CC-AF-78-14-D3-29
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::98fb:edd9:4edd:9679%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.120(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, October 03, 2012 5:01:51 PM
Lease Expires . . . . . . . . . . : Thursday, October 04, 2012 7:26:05 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 248295288
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-97-DF-7E-CC-AF-78-14-D3-29
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{80D09103-9F39-48DF-BDE1-55BAE37D3049}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{03E610DF-9C52-49D1-B25A-8C9A4D99A81F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1024:3de1:bee7:7aac(Preferred)
Link-local IPv6 Address . . . . . : fe80::1024:3de1:bee7:7aac%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: DD-WRT
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4009:800::1009
74.125.225.36
74.125.225.37
74.125.225.39
74.125.225.41
74.125.225.34
74.125.225.35
74.125.225.32
74.125.225.38
74.125.225.40
74.125.225.46
74.125.225.33


Pinging google.com [74.125.225.33] with 32 bytes of data:
Reply from 74.125.225.33: bytes=32 time=28ms TTL=55
Reply from 74.125.225.33: bytes=32 time=31ms TTL=55

Ping statistics for 74.125.225.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 31ms, Average = 29ms
Server: DD-WRT
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=96ms TTL=51
Reply from 98.139.183.24: bytes=32 time=97ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 96ms, Maximum = 97ms, Average = 96ms
Server: DD-WRT
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=9ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 9ms, Average = 6ms
===========================================================================
Interface List
12...78 e3 b5 52 b9 8d ......Realtek PCIe FE Family Controller
11...cc af 78 14 d3 29 ......Ralink RT5390 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.120 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.120 281
192.168.1.120 255.255.255.255 On-link 192.168.1.120 281
192.168.1.255 255.255.255.255 On-link 192.168.1.120 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.120 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.120 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:1024:3de1:bee7:7aac/128
On-link
11 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::1024:3de1:bee7:7aac/128
On-link
11 281 fe80::98fb:edd9:4edd:9679/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/03/2012 07:43:51 PM) (Source: Application Hang) (User: )
Description: The program setup.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1520

Start Time: 01cda1b77e7d2eb2

Termination Time: 15

Application Path: C:\Users\rikr3428\AppData\Local\Temp\7zSBFC7.tmp\setup.exe

Report Id: 2a889ebb-0db4-11e2-bdbd-78e3b552b98d

Error: (10/03/2012 06:05:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: msiexec.exe, version: 5.0.7601.17514, time stamp: 0x4ce79d93
Faulting module name: RPCRT4.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c96e
Exception code: 0x80000001
Fault offset: 0x0000000000013cb4
Faulting process id: 0x85c
Faulting application start time: 0xmsiexec.exe0
Faulting application path: msiexec.exe1
Faulting module path: msiexec.exe2
Report Id: msiexec.exe3

Error: (10/03/2012 05:09:06 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (10/03/2012 05:09:06 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (10/03/2012 05:01:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2012 04:19:28 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (10/03/2012 04:19:28 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (10/03/2012 04:13:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2012 03:36:59 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (10/03/2012 03:36:59 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)NT AUTHORITY
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (10/03/2012 06:05:44 PM) (Source: Service Control Manager) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (10/03/2012 05:01:50 PM) (Source: Service Control Manager) (User: )
Description: The Norton Internet Security service terminated with service-specific error %%-1.

Error: (10/03/2012 04:13:18 PM) (Source: Service Control Manager) (User: )
Description: The Norton Internet Security service terminated with service-specific error %%-1.

Error: (10/03/2012 02:32:44 PM) (Source: Service Control Manager) (User: )
Description: The Norton Internet Security service terminated with service-specific error %%-1.

Error: (10/03/2012 02:32:36 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:28:00 PM on ?10/?3/?2012 was unexpected.

Error: (10/03/2012 00:50:54 PM) (Source: DCOM) (User: )
Description: {24DB46C8-C842-4E91-9AC4-8A9525A5551D}

Error: (10/03/2012 00:50:29 PM) (Source: Service Control Manager) (User: )
Description: The HP Connection Manager 4 Service service terminated unexpectedly. It has done this 1 time(s).

Error: (10/03/2012 00:47:20 PM) (Source: Service Control Manager) (User: )
Description: The Norton Internet Security service terminated with service-specific error %%-1.

Error: (10/03/2012 00:33:57 PM) (Source: Service Control Manager) (User: )
Description: The Norton Internet Security service terminated with service-specific error %%-1.

Error: (10/03/2012 00:20:34 PM) (Source: Service Control Manager) (User: )
Description: The Norton Internet Security service terminated with service-specific error %%-1.


Microsoft Office Sessions:
=========================
Error: (10/03/2012 07:43:51 PM) (Source: Application Hang)(User: )
Description: setup.exe1.0.0.0152001cda1b77e7d2eb215C:\Users\rikr3428\AppData\Local\Temp\7zSBFC7.tmp\setup.exe2a889ebb-0db4-11e2-bdbd-78e3b552b98d

Error: (10/03/2012 06:05:41 PM) (Source: Application Error)(User: )
Description: msiexec.exe5.0.7601.175144ce79d93RPCRT4.dll6.1.7601.175144ce7c96e800000010000000000013cb485c01cda1ad3373ed8fC:\Windows\system32\msiexec.exeC:\Windows\system32\RPCRT4.dll783fd861-0da6-11e2-bdbd-78e3b552b98d

Error: (10/03/2012 05:09:06 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (10/03/2012 05:09:06 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000

Error: (10/03/2012 05:01:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2012 04:19:28 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (10/03/2012 04:19:28 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000

Error: (10/03/2012 04:13:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2012 03:36:59 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (10/03/2012 03:36:59 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)NT AUTHORITY
Description: Performance1637070000000000000000000009030000


=========================== Installed Programs ============================

Adobe Flash Player 11 Plugin (Version: 11.4.402.278)
Adobe Reader X MUI (Version: 10.0.0)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bejeweled 3 (Version: 2.2.0.95)
Bing Bar (Version: 7.0.610.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.2.6699)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
CyberLink YouCam (Version: 3.5.1.3922)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Evernote v. 4.2.2 (Version: 4.2.2.3979)
Farm Frenzy (Version: 2.2.0.95)
FATE - The Traitor Soul (Version: 2.2.0.95)
Giant Savings (Version: 1.20.150.150)
Google Chrome (Version: 22.0.1229.79)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Connection Manager (Version: 4.1.22.1)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.2.0.0)
HP Games (Version: 1.0.2.4)
HP MovieStore (Version: 1.0.047)
HP MovieStore (Version: 2.0)
HP On Screen Display (Version: 1.3.5)
HP Power Manager (Version: 1.4.7)
HP Quick Launch (Version: 2.6.3)
HP Setup (Version: 8.6.4530.3651)
HP Setup Manager (Version: 1.1.13253.3682)
HP Software Framework (Version: 4.1.13.1)
HP Support Assistant (Version: 6.1.12.1)
IDT Audio (Version: 1.0.6351.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Processor Graphics (Version: 8.15.10.2279)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 24 (Version: 6.0.240)
Junk Mail filter update (Version: 15.4.3502.0922)
Logitech Unifying Software 2.00 (Version: 2.00.43)
Magic Desktop (Version: 3.0)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
McAfee Security Scan Plus (Version: 3.0.207.4)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Stolen in San Francisco (Version: 2.2.0.95)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Norton Internet Security (Version: 18.7.0.13)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
QuickTime (Version: 7.72.80.56)
Ralink RT5390 802.11b/g/n WiFi Adapter (Version: 3.2.13.0)
Realtek Ethernet Controller Driver (Version: 7.46.610.2011)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
Recovery Manager (Version: 2.0.0)
RoxioNow Player (Version: 1.9.5.103)
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
Slingo Supreme (Version: 2.2.0.95)
Synaptics TouchPad Driver (Version: 15.3.17.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 3893.86 MB
Available physical RAM: 1548.27 MB
Total Pagefile: 7785.91 MB
Available Pagefile: 5236.03 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.86 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:450.78 GB) (Free:400.56 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.69 GB) (Free:1.63 GB) NTFS
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

========================= Users: ========================================

User accounts for \\RIKR3428-HP

Administrator Guest rikr3428


**** End of log ****



From TDSSkiller:

20:24:07.0542 2552 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
20:24:07.0854 2552 ============================================================
20:24:07.0854 2552 Current date / time: 2012/10/03 20:24:07.0854
20:24:07.0854 2552 SystemInfo:
20:24:07.0854 2552
20:24:07.0854 2552 OS Version: 6.1.7601 ServicePack: 1.0
20:24:07.0854 2552 Product type: Workstation
20:24:07.0854 2552 ComputerName: RIKR3428-HP
20:24:07.0854 2552 UserName: rikr3428
20:24:07.0854 2552 Windows directory: C:\Windows
20:24:07.0854 2552 System windows directory: C:\Windows
20:24:07.0854 2552 Running under WOW64
20:24:07.0854 2552 Processor architecture: Intel x64
20:24:07.0854 2552 Number of processors: 4
20:24:07.0854 2552 Page size: 0x1000
20:24:07.0854 2552 Boot type: Normal boot
20:24:07.0854 2552 ============================================================
20:24:11.0177 2552 BG loaded
20:24:11.0785 2552 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:24:11.0801 2552 ============================================================
20:24:11.0801 2552 \Device\Harddisk0\DR0:
20:24:11.0801 2552 MBR partitions:
20:24:11.0801 2552 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
20:24:11.0801 2552 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3858D000
20:24:11.0801 2552 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x385F1000, BlocksNum 0x1D61000
20:24:11.0801 2552 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
20:24:11.0801 2552 ============================================================
20:24:12.0222 2552 C: <-> \Device\Harddisk0\DR0\Partition2
20:24:12.0300 2552 D: <-> \Device\Harddisk0\DR0\Partition3
20:24:12.0331 2552 F: <-> \Device\Harddisk0\DR0\Partition4
20:24:12.0331 2552 ============================================================
20:24:12.0331 2552 Initialize success
20:24:12.0331 2552 ============================================================
20:24:49.0975 2152 ============================================================
20:24:49.0975 2152 Scan started
20:24:49.0975 2152 Mode: Manual; TDLFS;
20:24:49.0975 2152 ============================================================
20:24:50.0865 2152 ================ Scan system memory ========================
20:24:50.0865 2152 System memory - ok
20:24:50.0865 2152 ================ Scan services =============================
20:24:51.0083 2152 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:24:51.0083 2152 1394ohci - ok
20:24:51.0130 2152 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:24:51.0130 2152 ACPI - ok
20:24:51.0161 2152 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:24:51.0161 2152 AcpiPmi - ok
20:24:51.0239 2152 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:24:51.0255 2152 adp94xx - ok
20:24:51.0317 2152 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:24:51.0317 2152 adpahci - ok
20:24:51.0379 2152 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:24:51.0379 2152 adpu320 - ok
20:24:51.0411 2152 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:24:51.0411 2152 AeLookupSvc - ok
20:24:51.0535 2152 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:24:51.0551 2152 AFD - ok
20:24:51.0582 2152 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:24:51.0582 2152 agp440 - ok
20:24:51.0645 2152 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:24:51.0660 2152 ALG - ok
20:24:51.0691 2152 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:24:51.0691 2152 aliide - ok
20:24:51.0707 2152 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:24:51.0707 2152 amdide - ok
20:24:51.0738 2152 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:24:51.0738 2152 AmdK8 - ok
20:24:51.0769 2152 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:24:51.0769 2152 AmdPPM - ok
20:24:51.0832 2152 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:24:51.0832 2152 amdsata - ok
20:24:51.0863 2152 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:24:51.0863 2152 amdsbs - ok
20:24:51.0910 2152 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:24:51.0910 2152 amdxata - ok
20:24:51.0957 2152 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:24:51.0957 2152 AppID - ok
20:24:51.0972 2152 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:24:51.0988 2152 AppIDSvc - ok
20:24:52.0019 2152 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:24:52.0019 2152 Appinfo - ok
20:24:52.0113 2152 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:24:52.0113 2152 Apple Mobile Device - ok
20:24:52.0144 2152 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:24:52.0144 2152 arc - ok
20:24:52.0175 2152 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:24:52.0191 2152 arcsas - ok
20:24:52.0206 2152 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:24:52.0206 2152 AsyncMac - ok
20:24:52.0237 2152 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:24:52.0237 2152 atapi - ok
20:24:52.0300 2152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:52.0300 2152 AudioEndpointBuilder - ok
20:24:52.0331 2152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:24:52.0331 2152 AudioSrv - ok
20:24:52.0393 2152 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:24:52.0393 2152 AxInstSV - ok
20:24:52.0425 2152 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:24:52.0440 2152 b06bdrv - ok
20:24:52.0487 2152 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:52.0487 2152 b57nd60a - ok
20:24:52.0565 2152 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:24:52.0565 2152 BBSvc - ok
20:24:52.0643 2152 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:24:52.0659 2152 BCM43XX - ok
20:24:52.0705 2152 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:24:52.0705 2152 BDESVC - ok
20:24:52.0721 2152 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:24:52.0721 2152 Beep - ok
20:24:52.0768 2152 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:24:52.0783 2152 BFE - ok
20:24:52.0908 2152 [ 6C64FA457C200874FAA87D74152E0D84 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120302.001\BHDrvx64.sys
20:24:52.0908 2152 BHDrvx64 - ok
20:24:52.0955 2152 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:24:52.0971 2152 BITS - ok
20:24:53.0002 2152 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:24:53.0017 2152 blbdrive - ok
20:24:53.0049 2152 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:24:53.0049 2152 bowser - ok
20:24:53.0080 2152 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:24:53.0080 2152 BrFiltLo - ok
20:24:53.0111 2152 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:24:53.0111 2152 BrFiltUp - ok
20:24:53.0173 2152 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:24:53.0173 2152 Browser - ok
20:24:53.0220 2152 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:24:53.0220 2152 Brserid - ok
20:24:53.0251 2152 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:53.0251 2152 BrSerWdm - ok
20:24:53.0283 2152 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:53.0283 2152 BrUsbMdm - ok
20:24:53.0314 2152 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:53.0329 2152 BrUsbSer - ok
20:24:53.0361 2152 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:24:53.0361 2152 BTHMODEM - ok
20:24:53.0407 2152 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:24:53.0407 2152 bthserv - ok
20:24:53.0423 2152 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:24:53.0423 2152 cdfs - ok
20:24:53.0470 2152 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:24:53.0470 2152 cdrom - ok
20:24:53.0532 2152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:24:53.0532 2152 CertPropSvc - ok
20:24:53.0563 2152 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:24:53.0563 2152 circlass - ok
20:24:53.0610 2152 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:24:53.0610 2152 CLFS - ok
20:24:53.0704 2152 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:53.0719 2152 clr_optimization_v2.0.50727_32 - ok
20:24:53.0829 2152 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:53.0829 2152 clr_optimization_v2.0.50727_64 - ok
20:24:53.0891 2152 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:53.0922 2152 clr_optimization_v4.0.30319_32 - ok
20:24:53.0985 2152 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:53.0985 2152 clr_optimization_v4.0.30319_64 - ok
20:24:54.0047 2152 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
20:24:54.0047 2152 clwvd - ok
20:24:54.0094 2152 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:24:54.0094 2152 CmBatt - ok
20:24:54.0125 2152 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:24:54.0125 2152 cmdide - ok
20:24:54.0234 2152 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:24:54.0234 2152 CNG - ok
20:24:54.0281 2152 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:24:54.0281 2152 Compbatt - ok
20:24:54.0328 2152 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:24:54.0328 2152 CompositeBus - ok
20:24:54.0343 2152 COMSysApp - ok
20:24:54.0375 2152 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:24:54.0375 2152 crcdisk - ok
20:24:54.0406 2152 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:24:54.0406 2152 CryptSvc - ok
20:24:54.0577 2152 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:24:54.0593 2152 cvhsvc - ok
20:24:54.0640 2152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:24:54.0655 2152 DcomLaunch - ok
20:24:54.0687 2152 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:24:54.0687 2152 defragsvc - ok
20:24:54.0718 2152 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:24:54.0733 2152 DfsC - ok
20:24:54.0765 2152 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:24:54.0765 2152 Dhcp - ok
20:24:54.0780 2152 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:24:54.0780 2152 discache - ok
20:24:54.0827 2152 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:24:54.0827 2152 Disk - ok
20:24:54.0858 2152 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:24:54.0858 2152 Dnscache - ok
20:24:54.0921 2152 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:24:54.0921 2152 dot3svc - ok
20:24:54.0983 2152 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:24:54.0983 2152 DPS - ok
20:24:55.0014 2152 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:24:55.0014 2152 drmkaud - ok
20:24:55.0061 2152 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:24:55.0061 2152 DXGKrnl - ok
20:24:55.0108 2152 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:24:55.0108 2152 EapHost - ok
20:24:55.0217 2152 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:24:55.0248 2152 ebdrv - ok
20:24:55.0295 2152 [ 0C3F9EFF8DDD9F9EB56D754B4620155F ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:24:55.0295 2152 eeCtrl - ok
20:24:55.0342 2152 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:24:55.0342 2152 EFS - ok
20:24:55.0404 2152 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:24:55.0420 2152 ehRecvr - ok
20:24:55.0435 2152 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:24:55.0435 2152 ehSched - ok
20:24:55.0482 2152 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:24:55.0498 2152 elxstor - ok
20:24:55.0513 2152 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:24:55.0513 2152 ErrDev - ok
20:24:55.0560 2152 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:24:55.0576 2152 EventSystem - ok
20:24:55.0607 2152 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:24:55.0607 2152 exfat - ok
20:24:55.0607 2152 ezSharedSvc - ok
20:24:55.0654 2152 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:24:55.0654 2152 fastfat - ok
20:24:55.0716 2152 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:24:55.0716 2152 Fax - ok
20:24:55.0747 2152 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:24:55.0747 2152 fdc - ok
20:24:55.0763 2152 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:24:55.0763 2152 fdPHost - ok
20:24:55.0794 2152 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:24:55.0794 2152 FDResPub - ok
20:24:55.0825 2152 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:24:55.0825 2152 FileInfo - ok
20:24:55.0841 2152 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:24:55.0841 2152 Filetrace - ok
20:24:55.0872 2152 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:24:55.0872 2152 flpydisk - ok
20:24:55.0888 2152 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:24:55.0888 2152 FltMgr - ok
20:24:55.0950 2152 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:24:55.0966 2152 FontCache - ok
20:24:56.0028 2152 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:56.0028 2152 FontCache3.0.0.0 - ok
20:24:56.0044 2152 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:24:56.0044 2152 FsDepends - ok
20:24:56.0091 2152 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:24:56.0091 2152 Fs_Rec - ok
20:24:56.0137 2152 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:24:56.0137 2152 fvevol - ok
20:24:56.0169 2152 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:24:56.0169 2152 gagp30kx - ok
20:24:56.0231 2152 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:24:56.0231 2152 GamesAppService - ok
20:24:56.0262 2152 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:24:56.0262 2152 GEARAspiWDM - ok
20:24:56.0309 2152 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:24:56.0325 2152 gpsvc - ok
20:24:56.0356 2152 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:24:56.0356 2152 hcw85cir - ok
20:24:56.0387 2152 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:24:56.0387 2152 HdAudAddService - ok
20:24:56.0418 2152 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:24:56.0418 2152 HDAudBus - ok
20:24:56.0449 2152 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:24:56.0449 2152 HECIx64 - ok
20:24:56.0481 2152 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:24:56.0481 2152 HidBatt - ok
20:24:56.0512 2152 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:24:56.0512 2152 HidBth - ok
20:24:56.0527 2152 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:24:56.0543 2152 HidIr - ok
20:24:56.0574 2152 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:24:56.0574 2152 hidserv - ok
20:24:56.0621 2152 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:24:56.0637 2152 HidUsb - ok
20:24:56.0652 2152 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:24:56.0652 2152 hkmsvc - ok
20:24:56.0683 2152 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:56.0683 2152 HomeGroupListener - ok
20:24:56.0715 2152 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:56.0715 2152 HomeGroupProvider - ok
20:24:56.0808 2152 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:24:56.0808 2152 HP Support Assistant Service - ok
20:24:56.0855 2152 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:24:56.0871 2152 HPClientSvc - ok
20:24:57.0027 2152 [ C5D2F308E1C12A5C328EF549696DBC05 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
20:24:57.0027 2152 hpCMSrv - ok
20:24:57.0089 2152 [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:24:57.0089 2152 HPDrvMntSvc.exe - ok
20:24:57.0151 2152 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:24:57.0167 2152 hpqwmiex - ok
20:24:57.0229 2152 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:24:57.0229 2152 HpSAMD - ok
20:24:57.0339 2152 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:24:57.0339 2152 HPWMISVC - ok
20:24:57.0385 2152 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:24:57.0401 2152 HTTP - ok
20:24:57.0432 2152 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:24:57.0432 2152 hwpolicy - ok
20:24:57.0448 2152 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:24:57.0448 2152 i8042prt - ok
20:24:57.0495 2152 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:24:57.0495 2152 iaStor - ok
20:24:57.0573 2152 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:24:57.0573 2152 IAStorDataMgrSvc - ok
20:24:57.0619 2152 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:24:57.0635 2152 iaStorV - ok
20:24:57.0744 2152 [ 3A0FF117B4ADC5ABE4D968E26A337158 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:24:57.0775 2152 IconMan_R - ok
20:24:57.0822 2152 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:24:57.0838 2152 idsvc - ok
20:24:57.0916 2152 [ 18C40C3F368323B203ACE403CB430DB1 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120309.002\IDSvia64.sys
20:24:57.0916 2152 IDSVia64 - ok
20:24:58.0243 2152 [ 78527E6A4D78B1153925914C55872BEB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:24:58.0399 2152 igfx - ok
20:24:58.0462 2152 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:24:58.0462 2152 iirsp - ok
20:24:58.0509 2152 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:24:58.0524 2152 IKEEXT - ok
20:24:58.0540 2152 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:24:58.0540 2152 Impcd - ok
20:24:58.0602 2152 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:24:58.0602 2152 IntcDAud - ok
20:24:58.0633 2152 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:24:58.0633 2152 intelide - ok
20:24:58.0680 2152 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:24:58.0680 2152 intelppm - ok
20:24:58.0727 2152 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:24:58.0727 2152 IPBusEnum - ok
20:24:58.0743 2152 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:58.0758 2152 IpFilterDriver - ok
20:24:58.0789 2152 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:24:58.0789 2152 iphlpsvc - ok
20:24:58.0821 2152 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:24:58.0821 2152 IPMIDRV - ok
20:24:58.0836 2152 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:24:58.0836 2152 IPNAT - ok
20:24:58.0899 2152 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:24:58.0899 2152 iPod Service - ok
20:24:58.0945 2152 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:24:58.0945 2152 IRENUM - ok
20:24:58.0961 2152 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:24:58.0961 2152 isapnp - ok
20:24:58.0977 2152 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:24:58.0992 2152 iScsiPrt - ok
20:24:59.0023 2152 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:24:59.0023 2152 kbdclass - ok
20:24:59.0055 2152 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:24:59.0055 2152 kbdhid - ok
20:24:59.0070 2152 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:24:59.0070 2152 KeyIso - ok
20:24:59.0117 2152 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:24:59.0117 2152 KSecDD - ok
20:24:59.0133 2152 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:24:59.0133 2152 KSecPkg - ok
20:24:59.0179 2152 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:24:59.0179 2152 ksthunk - ok
20:24:59.0211 2152 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:24:59.0211 2152 KtmRm - ok
20:24:59.0242 2152 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:24:59.0257 2152 LanmanServer - ok
20:24:59.0304 2152 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:24:59.0304 2152 LanmanWorkstation - ok
20:24:59.0351 2152 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:24:59.0351 2152 lltdio - ok
20:24:59.0398 2152 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:24:59.0398 2152 lltdsvc - ok
20:24:59.0429 2152 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:24:59.0429 2152 lmhosts - ok
20:24:59.0507 2152 [ 9D8B95C0EAE145C46BC4A727B23DA395 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:24:59.0523 2152 LMS - ok
20:24:59.0554 2152 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:24:59.0569 2152 LSI_FC - ok
20:24:59.0616 2152 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:24:59.0616 2152 LSI_SAS - ok
20:24:59.0647 2152 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:24:59.0647 2152 LSI_SAS2 - ok
20:24:59.0663 2152 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:24:59.0663 2152 LSI_SCSI - ok
20:24:59.0710 2152 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:24:59.0710 2152 luafv - ok
20:24:59.0772 2152 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:24:59.0772 2152 MBAMProtector - ok
20:24:59.0835 2152 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:24:59.0850 2152 MBAMScheduler - ok
20:24:59.0913 2152 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:24:59.0913 2152 MBAMService - ok
20:24:59.0975 2152 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
20:24:59.0991 2152 McComponentHostService - ok
20:25:00.0022 2152 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:25:00.0022 2152 Mcx2Svc - ok
20:25:00.0053 2152 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:25:00.0053 2152 megasas - ok
20:25:00.0069 2152 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:25:00.0084 2152 MegaSR - ok
20:25:00.0131 2152 Microsoft SharePoint Workspace Audit Service - ok
20:25:00.0162 2152 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:25:00.0162 2152 MMCSS - ok
20:25:00.0209 2152 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:25:00.0209 2152 Modem - ok
20:25:00.0225 2152 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:25:00.0225 2152 monitor - ok
20:25:00.0256 2152 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:25:00.0256 2152 mouclass - ok
20:25:00.0271 2152 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:25:00.0271 2152 mouhid - ok
20:25:00.0303 2152 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:25:00.0303 2152 mountmgr - ok
20:25:00.0396 2152 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:25:00.0396 2152 MozillaMaintenance - ok
20:25:00.0427 2152 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:25:00.0427 2152 mpio - ok
20:25:00.0490 2152 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:25:00.0490 2152 mpsdrv - ok
20:25:00.0583 2152 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:25:00.0583 2152 MpsSvc - ok
20:25:00.0615 2152 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:25:00.0615 2152 MRxDAV - ok
20:25:00.0661 2152 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:25:00.0661 2152 mrxsmb - ok
20:25:00.0677 2152 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:25:00.0677 2152 mrxsmb10 - ok
20:25:00.0693 2152 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:25:00.0708 2152 mrxsmb20 - ok
20:25:00.0724 2152 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:25:00.0724 2152 msahci - ok
20:25:00.0755 2152 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:25:00.0755 2152 msdsm - ok
20:25:00.0786 2152 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:25:00.0802 2152 MSDTC - ok
20:25:00.0833 2152 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:25:00.0833 2152 Msfs - ok
20:25:00.0864 2152 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:25:00.0864 2152 mshidkmdf - ok
20:25:00.0880 2152 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:25:00.0880 2152 msisadrv - ok
20:25:00.0911 2152 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:25:00.0911 2152 MSiSCSI - ok
20:25:00.0927 2152 msiserver - ok
20:25:00.0958 2152 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:25:00.0958 2152 MSKSSRV - ok
20:25:01.0005 2152 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:25:01.0005 2152 MSPCLOCK - ok
20:25:01.0020 2152 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:25:01.0020 2152 MSPQM - ok
20:25:01.0067 2152 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:25:01.0067 2152 MsRPC - ok
20:25:01.0098 2152 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:25:01.0098 2152 mssmbios - ok
20:25:01.0129 2152 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:25:01.0129 2152 MSTEE - ok
20:25:01.0145 2152 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:25:01.0145 2152 MTConfig - ok
20:25:01.0176 2152 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:25:01.0176 2152 Mup - ok
20:25:01.0207 2152 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:25:01.0223 2152 napagent - ok
20:25:01.0254 2152 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:25:01.0254 2152 NativeWifiP - ok
20:25:01.0332 2152 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120309.034\ENG64.SYS
20:25:01.0332 2152 NAVENG - ok
20:25:01.0395 2152 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120309.034\EX64.SYS
20:25:01.0426 2152 NAVEX15 - ok
20:25:01.0535 2152 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:25:01.0551 2152 NDIS - ok
20:25:01.0582 2152 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:25:01.0597 2152 NdisCap - ok
20:25:01.0629 2152 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:25:01.0629 2152 NdisTapi - ok
20:25:01.0644 2152 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:25:01.0660 2152 Ndisuio - ok
20:25:01.0675 2152 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:25:01.0675 2152 NdisWan - ok
20:25:01.0707 2152 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:25:01.0707 2152 NDProxy - ok
20:25:01.0753 2152 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:25:01.0753 2152 NetBIOS - ok
20:25:01.0769 2152 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:25:01.0769 2152 NetBT - ok
20:25:01.0800 2152 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:25:01.0800 2152 Netlogon - ok
20:25:01.0847 2152 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:25:01.0847 2152 Netman - ok
20:25:01.0863 2152 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:25:01.0878 2152 netprofm - ok
20:25:01.0956 2152 [ 31609B481CC202BFB441E37FEBCDEA05 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
20:25:01.0987 2152 netr28x - ok
20:25:02.0019 2152 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:25:02.0019 2152 NetTcpPortSharing - ok
20:25:02.0050 2152 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:25:02.0050 2152 nfrd960 - ok
20:25:02.0112 2152 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
20:25:02.0112 2152 NIS - ok
20:25:02.0159 2152 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:25:02.0159 2152 NlaSvc - ok
20:25:02.0190 2152 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:25:02.0190 2152 Npfs - ok
20:25:02.0206 2152 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:25:02.0206 2152 nsi - ok
20:25:02.0221 2152 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:25:02.0221 2152 nsiproxy - ok
20:25:02.0299 2152 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:25:02.0315 2152 Ntfs - ok
20:25:02.0362 2152 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:25:02.0362 2152 Null - ok
20:25:02.0393 2152 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:25:02.0409 2152 NVENETFD - ok
20:25:02.0455 2152 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:25:02.0455 2152 nvraid - ok
20:25:02.0487 2152 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:25:02.0487 2152 nvstor - ok
20:25:02.0518 2152 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:25:02.0518 2152 nv_agp - ok
20:25:02.0580 2152 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:25:02.0580 2152 ohci1394 - ok
20:25:02.0627 2152 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:25:02.0627 2152 ose - ok
20:25:02.0970 2152 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:25:03.0111 2152 osppsvc - ok
20:25:03.0173 2152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:25:03.0173 2152 p2pimsvc - ok
20:25:03.0235 2152 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:25:03.0251 2152 p2psvc - ok
20:25:03.0282 2152 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:25:03.0282 2152 Parport - ok
20:25:03.0438 2152 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:25:03.0438 2152 partmgr - ok
20:25:03.0547 2152 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:25:03.0547 2152 PcaSvc - ok
20:25:03.0625 2152 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:25:03.0625 2152 pci - ok
20:25:03.0641 2152 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:25:03.0641 2152 pciide - ok
20:25:03.0703 2152 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:25:03.0703 2152 pcmcia - ok
20:25:03.0797 2152 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:25:03.0797 2152 pcw - ok
20:25:03.0891 2152 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:25:03.0906 2152 PEAUTH - ok
20:25:04.0094 2152 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:25:04.0094 2152 PerfHost - ok
20:25:04.0234 2152 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:25:04.0250 2152 pla - ok
20:25:04.0359 2152 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:25:04.0374 2152 PlugPlay - ok
20:25:04.0452 2152 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:25:04.0452 2152 PNRPAutoReg - ok
20:25:04.0515 2152 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:25:04.0515 2152 PNRPsvc - ok
20:25:04.0624 2152 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:25:04.0640 2152 PolicyAgent - ok
20:25:04.0671 2152 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:25:04.0671 2152 Power - ok
20:25:04.0749 2152 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:25:04.0749 2152 PptpMiniport - ok
20:25:04.0780 2152 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:25:04.0780 2152 Processor - ok
20:25:04.0827 2152 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:25:04.0827 2152 ProfSvc - ok
20:25:04.0858 2152 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:25:04.0858 2152 ProtectedStorage - ok
20:25:04.0889 2152 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:25:04.0905 2152 Psched - ok
20:25:05.0092 2152 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:25:05.0108 2152 ql2300 - ok
20:25:05.0139 2152 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:25:05.0139 2152 ql40xx - ok
20:25:05.0186 2152 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:25:05.0201 2152 QWAVE - ok
20:25:05.0217 2152 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:25:05.0217 2152 QWAVEdrv - ok
20:25:05.0248 2152 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:25:05.0264 2152 RasAcd - ok
20:25:05.0295 2152 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:25:05.0295 2152 RasAgileVpn - ok
20:25:05.0342 2152 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:25:05.0342 2152 RasAuto - ok
20:25:05.0357 2152 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:25:05.0357 2152 Rasl2tp - ok
20:25:05.0388 2152 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:25:05.0513 2152 RasMan - ok
20:25:05.0622 2152 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:25:05.0622 2152 RasPppoe - ok
20:25:05.0685 2152 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:25:05.0700 2152 RasSstp - ok
20:25:05.0732 2152 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:25:05.0732 2152 rdbss - ok
20:25:05.0763 2152 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:25:05.0763 2152 rdpbus - ok
20:25:05.0825 2152 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:25:05.0825 2152 RDPCDD - ok
20:25:05.0903 2152 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:25:05.0903 2152 RDPENCDD - ok
20:25:05.0919 2152 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:25:05.0919 2152 RDPREFMP - ok
20:25:05.0950 2152 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:25:05.0950 2152 RDPWD - ok
20:25:06.0044 2152 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:25:06.0059 2152 rdyboost - ok
20:25:06.0122 2152 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:25:06.0122 2152 RemoteAccess - ok
20:25:06.0168 2152 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:25:06.0184 2152 RemoteRegistry - ok
20:25:06.0309 2152 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
20:25:06.0309 2152 RoxioNow Service - ok
20:25:06.0418 2152 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:25:06.0418 2152 RpcEptMapper - ok
20:25:06.0465 2152 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:25:06.0480 2152 RpcLocator - ok
20:25:06.0543 2152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:25:06.0558 2152 RpcSs - ok
20:25:06.0652 2152 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:25:06.0652 2152 RSPCIESTOR - ok
20:25:06.0714 2152 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:25:06.0714 2152 rspndr - ok
20:25:06.0824 2152 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:25:06.0839 2152 RTL8167 - ok
20:25:06.0870 2152 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:25:06.0870 2152 SamSs - ok
20:25:06.0933 2152 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:25:06.0933 2152 sbp2port - ok
20:25:06.0964 2152 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:25:06.0980 2152 SCardSvr - ok
20:25:07.0011 2152 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:25:07.0011 2152 scfilter - ok
20:25:07.0104 2152 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:25:07.0120 2152 Schedule - ok
20:25:07.0167 2152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:25:07.0167 2152 SCPolicySvc - ok
20:25:07.0198 2152 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:25:07.0214 2152 sdbus - ok
20:25:07.0245 2152 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:25:07.0245 2152 SDRSVC - ok
20:25:07.0354 2152 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:25:07.0354 2152 SeaPort - ok
20:25:07.0385 2152 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:25:07.0385 2152 secdrv - ok
20:25:07.0416 2152 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:25:07.0416 2152 seclogon - ok
20:25:07.0432 2152 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:25:07.0432 2152 SENS - ok
20:25:07.0479 2152 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:25:07.0479 2152 SensrSvc - ok
20:25:07.0510 2152 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:25:07.0510 2152 Serenum - ok
20:25:07.0588 2152 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:25:07.0588 2152 Serial - ok
20:25:07.0619 2152 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:25:07.0619 2152 sermouse - ok
20:25:07.0666 2152 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:25:07.0682 2152 SessionEnv - ok
20:25:07.0728 2152 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:25:07.0728 2152 sffdisk - ok
20:25:07.0760 2152 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:25:07.0760 2152 sffp_mmc - ok
20:25:07.0775 2152 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:25:07.0775 2152 sffp_sd - ok
20:25:07.0806 2152 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:25:07.0806 2152 sfloppy - ok
20:25:07.0853 2152 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:25:07.0869 2152 Sftfs - ok
20:25:07.0947 2152 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:25:07.0962 2152 sftlist - ok
20:25:07.0994 2152 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:25:07.0994 2152 Sftplay - ok
20:25:08.0025 2152 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:25:08.0025 2152 Sftredir - ok
20:25:08.0056 2152 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:25:08.0056 2152 Sftvol - ok
20:25:08.0118 2152 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:25:08.0118 2152 sftvsa - ok
20:25:08.0181 2152 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:25:08.0181 2152 SharedAccess - ok
20:25:08.0228 2152 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:25:08.0243 2152 ShellHWDetection - ok
20:25:08.0290 2152 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:25:08.0290 2152 SiSRaid2 - ok
20:25:08.0321 2152 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:25:08.0321 2152 SiSRaid4 - ok
20:25:08.0352 2152 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:25:08.0352 2152 Smb - ok
20:25:08.0415 2152 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:25:08.0415 2152 SNMPTRAP - ok
20:25:08.0477 2152 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:25:08.0477 2152 spldr - ok
20:25:08.0680 2152 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:25:08.0680 2152 Spooler - ok
20:25:08.0961 2152 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:25:09.0008 2152 sppsvc - ok
20:25:09.0054 2152 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:25:09.0054 2152 sppuinotify - ok
20:25:09.0132 2152 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207000.00D\SRTSP64.SYS
20:25:09.0132 2152 SRTSP - ok
20:25:09.0210 2152 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS
20:25:09.0210 2152 SRTSPX - ok
20:25:09.0273 2152 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:25:09.0273 2152 srv - ok
20:25:09.0320 2152 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:25:09.0320 2152 srv2 - ok
20:25:09.0366 2152 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:25:09.0366 2152 SrvHsfHDA - ok
20:25:09.0429 2152 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:25:09.0444 2152 SrvHsfV92 - ok
20:25:09.0476 2152 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:25:09.0491 2152 SrvHsfWinac - ok
20:25:09.0522 2152 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:25:09.0522 2152 srvnet - ok
20:25:09.0554 2152 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:25:09.0569 2152 SSDPSRV - ok
20:25:09.0585 2152 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:25:09.0585 2152 SstpSvc - ok
20:25:09.0678 2152 [ 7EAE822E0153D5815FF842FD57D2A49E ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
20:25:09.0678 2152 STacSV - ok
20:25:09.0741 2152 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:25:09.0741 2152 stexstor - ok
20:25:09.0803 2152 [ 6EFE5345D1C187973760AF3B7B10F636 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:25:09.0803 2152 STHDA - ok
20:25:09.0866 2152 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:25:09.0866 2152 stisvc - ok
20:25:09.0897 2152 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:25:09.0897 2152 swenum - ok
20:25:09.0944 2152 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:25:09.0944 2152 swprv - ok
20:25:09.0990 2152 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS
20:25:09.0990 2152 SymDS - ok
20:25:10.0037 2152 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS
20:25:10.0037 2152 SymEFA - ok
20:25:10.0084 2152 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:25:10.0084 2152 SymEvent - ok
20:25:10.0115 2152 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS
20:25:10.0131 2152 SymIRON - ok
20:25:10.0162 2152 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207000.00D\SYMNETS.SYS
20:25:10.0178 2152 SymNetS - ok
20:25:10.0240 2152 [ CC13EE4AF170ABB99F6449CBB62AB219 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:25:10.0271 2152 SynTP - ok
20:25:10.0334 2152 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:25:10.0349 2152 SysMain - ok
20:25:10.0365 2152 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:25:10.0380 2152 TabletInputService - ok
20:25:10.0396 2152 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:25:10.0396 2152 TapiSrv - ok
20:25:10.0427 2152 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:25:10.0427 2152 TBS - ok
20:25:10.0521 2152 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:25:10.0552 2152 Tcpip - ok
20:25:10.0599 2152 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:25:10.0630 2152 TCPIP6 - ok
20:25:10.0661 2152 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:25:10.0661 2152 tcpipreg - ok
20:25:10.0692 2152 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:25:10.0692 2152 TDPIPE - ok
20:25:10.0724 2152 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:25:10.0724 2152 TDTCP - ok
20:25:10.0770 2152 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:25:10.0770 2152 tdx - ok
20:25:10.0786 2152 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:25:10.0786 2152 TermDD - ok
20:25:10.0817 2152 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:25:10.0833 2152 TermService - ok
20:25:10.0864 2152 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:25:10.0864 2152 Themes - ok
20:25:10.0895 2152 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:25:10.0895 2152 THREADORDER - ok
20:25:10.0926 2152 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:25:10.0926 2152 TrkWks - ok
20:25:10.0973 2152 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:25:10.0973 2152 TrustedInstaller - ok
20:25:11.0004 2152 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:25:11.0004 2152 tssecsrv - ok
20:25:11.0036 2152 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:25:11.0036 2152 TsUsbFlt - ok
20:25:11.0067 2152 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:25:11.0067 2152 TsUsbGD - ok
20:25:11.0114 2152 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:25:11.0114 2152 tunnel - ok
20:25:11.0145 2152 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:25:11.0145 2152 uagp35 - ok
20:25:11.0285 2152 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:25:11.0285 2152 udfs - ok
20:25:11.0348 2152 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:25:11.0363 2152 UI0Detect - ok
20:25:11.0394 2152 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:25:11.0394 2152 uliagpkx - ok
20:25:11.0410 2152 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:25:11.0410 2152 umbus - ok
20:25:11.0441 2152 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:25:11.0441 2152 UmPass - ok
20:25:11.0722 2152 [ 0B0B9F55B12767A755932C26B5FED715 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:25:11.0769 2152 UNS - ok
20:25:11.0800 2152 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:25:11.0816 2152 upnphost - ok
20:25:11.0847 2152 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:25:11.0847 2152 usbccgp - ok
20:25:11.0878 2152 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:25:11.0878 2152 usbcir - ok
20:25:11.0909 2152 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:25:11.0909 2152 usbehci - ok
20:25:11.0940 2152 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:25:11.0940 2152 usbhub - ok
20:25:11.0972 2152 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:25:11.0972 2152 usbohci - ok
20:25:12.0003 2152 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:25:12.0003 2152 usbprint - ok
20:25:12.0050 2152 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:25:12.0050 2152 usbscan - ok
20:25:12.0096 2152 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:25:12.0096 2152 USBSTOR - ok
20:25:12.0128 2152 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:25:12.0128 2152 usbuhci - ok
20:25:12.0174 2152 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:25:12.0174 2152 usbvideo - ok
20:25:12.0206 2152 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:25:12.0206 2152 UxSms - ok
20:25:12.0237 2152 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:25:12.0252 2152 VaultSvc - ok
20:25:12.0268 2152 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:25:12.0268 2152 vdrvroot - ok
20:25:12.0299 2152 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:25:12.0315 2152 vds - ok
20:25:12.0362 2152 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:25:12.0362 2152 vga - ok
20:25:12.0377 2152 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:25:12.0377 2152 VgaSave - ok
20:25:12.0408 2152 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:25:12.0408 2152 vhdmp - ok
20:25:12.0424 2152 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:25:12.0424 2152 viaide - ok
20:25:12.0455 2152 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:25:12.0455 2152 volmgr - ok
20:25:12.0471 2152 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:25:12.0471 2152 volmgrx - ok
20:25:12.0502 2152 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:25:12.0502 2152 volsnap - ok
20:25:12.0564 2152 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:25:12.0564 2152 vsmraid - ok
20:25:12.0627 2152 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:25:12.0674 2152 VSS - ok
20:25:12.0689 2152 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:25:12.0689 2152 vwifibus - ok
20:25:12.0752 2152 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:25:12.0752 2152 vwififlt - ok
20:25:12.0830 2152 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:25:12.0845 2152 W32Time - ok
20:25:12.0861 2152 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:25:12.0861 2152 WacomPen - ok
20:25:12.0908 2152 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:25:12.0908 2152 WANARP - ok
20:25:12.0923 2152 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:25:12.0923 2152 Wanarpv6 - ok
20:25:13.0048 2152 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:25:13.0407 2152 WatAdminSvc - ok
20:25:13.0828 2152 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:25:13.0859 2152 wbengine - ok
20:25:13.0937 2152 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:25:13.0937 2152 WbioSrvc - ok
20:25:14.0171 2152 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:25:14.0171 2152 wcncsvc - ok
20:25:14.0202 2152 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:25:14.0202 2152 WcsPlugInService - ok
20:25:14.0655 2152 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:25:14.0655 2152 Wd - ok
20:25:14.0717 2152 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:25:14.0717 2152 Wdf01000 - ok
20:25:14.0795 2152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:25:14.0795 2152 WdiServiceHost - ok
20:25:14.0795 2152 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:25:14.0811 2152 WdiSystemHost - ok
20:25:14.0889 2152 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:25:14.0889 2152 WebClient - ok
20:25:14.0920 2152 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:25:14.0920 2152 Wecsvc - ok
20:25:14.0951 2152 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:25:14.0951 2152 wercplsupport - ok
20:25:14.0982 2152 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:25:14.0982 2152 WerSvc - ok
20:25:15.0014 2152 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:25:15.0014 2152 WfpLwf - ok
20:25:15.0060 2152 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:25:15.0060 2152 WIMMount - ok
20:25:15.0060 2152 WinDefend - ok
20:25:15.0076 2152 WinHttpAutoProxySvc - ok
20:25:15.0138 2152 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:25:15.0138 2152 Winmgmt - ok
20:25:15.0310 2152 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:25:15.0357 2152 WinRM - ok
20:25:15.0435 2152 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:25:15.0435 2152 WinUsb - ok
20:25:15.0482 2152 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:25:15.0497 2152 Wlansvc - ok
20:25:15.0544 2152 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:25:15.0544 2152 wlcrasvc - ok
20:25:15.0731 2152 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:25:15.0762 2152 wlidsvc - ok
20:25:15.0794 2152 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:25:15.0794 2152 WmiAcpi - ok
20:25:15.0856 2152 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:25:15.0856 2152 wmiApSrv - ok
20:25:15.0887 2152 WMPNetworkSvc - ok
20:25:15.0918 2152 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:25:15.0934 2152 WPCSvc - ok
20:25:15.0965 2152 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:25:15.0965 2152 WPDBusEnum - ok
20:25:15.0996 2152 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:25:15.0996 2152 ws2ifsl - ok
20:25:16.0012 2152 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:25:16.0012 2152 wscsvc - ok
20:25:16.0028 2152 WSearch - ok
20:25:16.0230 2152 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:25:16.0262 2152 wuauserv - ok
20:25:16.0308 2152 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:25:16.0308 2152 WudfPf - ok
20:25:16.0355 2152 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:25:16.0355 2152 WUDFRd - ok
20:25:16.0386 2152 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:25:16.0402 2152 wudfsvc - ok
20:25:16.0418 2152 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:25:16.0418 2152 WwanSvc - ok
20:25:16.0449 2152 ================ Scan global ===============================
20:25:16.0480 2152 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:25:16.0511 2152 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:25:16.0527 2152 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:25:16.0558 2152 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:25:16.0620 2152 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:25:16.0636 2152 [Global] - ok
20:25:16.0636 2152 ================ Scan MBR ==================================
20:25:16.0667 2152 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:25:16.0995 2152 \Device\Harddisk0\DR0 - ok
20:25:16.0995 2152 ================ Scan VBR ==================================
20:25:17.0010 2152 [ A6353D0A15A510429CEF091FE8EA0E24 ] \Device\Harddisk0\DR0\Partition1
20:25:17.0010 2152 \Device\Harddisk0\DR0\Partition1 - ok
20:25:17.0042 2152 [ C6E98C92C7787619753E8EF2CB5F1738 ] \Device\Harddisk0\DR0\Partition2
20:25:17.0042 2152 \Device\Harddisk0\DR0\Partition2 - ok
20:25:17.0073 2152 [ 6E0B9F244843D2F61E9F0C893076CBF0 ] \Device\Harddisk0\DR0\Partition3
20:25:17.0073 2152 \Device\Harddisk0\DR0\Partition3 - ok
20:25:17.0104 2152 [ 8E7DFC8F9F9EDA00435BA7C5FBF91D41 ] \Device\Harddisk0\DR0\Partition4
20:25:17.0104 2152 \Device\Harddisk0\DR0\Partition4 - ok
20:25:17.0104 2152 ============================================================
20:25:17.0104 2152 Scan finished
20:25:17.0104 2152 ============================================================
20:25:17.0166 3932 Detected object count: 0
20:25:17.0166 3932 Actual detected object count: 0
20:27:14.0433 4436 ============================================================
20:27:14.0433 4436 Scan started
20:27:14.0433 4436 Mode: Manual; TDLFS;
20:27:14.0433 4436 ============================================================
20:27:16.0102 4436 ================ Scan system memory ========================
20:27:16.0102 4436 System memory - ok
20:27:16.0102 4436 ================ Scan services =============================
20:27:16.0336 4436 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:27:16.0336 4436 1394ohci - ok
20:27:16.0367 4436 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:27:16.0383 4436 ACPI - ok
20:27:16.0398 4436 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:27:16.0398 4436 AcpiPmi - ok
20:27:16.0430 4436 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:27:16.0445 4436 adp94xx - ok
20:27:16.0492 4436 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:27:16.0492 4436 adpahci - ok
20:27:16.0539 4436 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:27:16.0539 4436 adpu320 - ok
20:27:16.0570 4436 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:27:16.0570 4436 AeLookupSvc - ok
20:27:16.0617 4436 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:27:16.0632 4436 AFD - ok
20:27:16.0664 4436 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:27:16.0664 4436 agp440 - ok
20:27:16.0695 4436 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:27:16.0695 4436 ALG - ok
20:27:16.0726 4436 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:27:16.0726 4436 aliide - ok
20:27:16.0773 4436 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:27:16.0773 4436 amdide - ok
20:27:16.0788 4436 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:27:16.0788 4436 AmdK8 - ok
20:27:16.0835 4436 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:27:16.0835 4436 AmdPPM - ok
20:27:16.0882 4436 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:27:16.0882 4436 amdsata - ok
20:27:16.0929 4436 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:27:16.0929 4436 amdsbs - ok
20:27:16.0976 4436 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:27:16.0976 4436 amdxata - ok
20:27:17.0007 4436 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:27:17.0007 4436 AppID - ok
20:27:17.0038 4436 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:27:17.0038 4436 AppIDSvc - ok
20:27:17.0054 4436 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:27:17.0069 4436 Appinfo - ok
20:27:17.0178 4436 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:27:17.0178 4436 Apple Mobile Device - ok
20:27:17.0210 4436 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:27:17.0210 4436 arc - ok
20:27:17.0256 4436 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:27:17.0256 4436 arcsas - ok
20:27:17.0272 4436 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:27:17.0272 4436 AsyncMac - ok
20:27:17.0303 4436 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:27:17.0303 4436 atapi - ok
20:27:17.0334 4436 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:27:17.0350 4436 AudioEndpointBuilder - ok
20:27:17.0366 4436 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:27:17.0366 4436 AudioSrv - ok
20:27:17.0397 4436 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:27:17.0397 4436 AxInstSV - ok
20:27:17.0475 4436 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:27:17.0490 4436 b06bdrv - ok
20:27:17.0522 4436 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:27:17.0522 4436 b57nd60a - ok
20:27:17.0615 4436 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:27:17.0631 4436 BBSvc - ok
20:27:17.0787 4436 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:27:17.0802 4436 BCM43XX - ok
20:27:17.0818 4436 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:27:17.0834 4436 BDESVC - ok
20:27:17.0849 4436 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:27:17.0849 4436 Beep - ok
20:27:17.0880 4436 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:27:17.0896 4436 BFE - ok
20:27:18.0177 4436 [ 6C64FA457C200874FAA87D74152E0D84 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120302.001\BHDrvx64.sys
20:27:18.0192 4436 BHDrvx64 - ok
20:27:18.0255 4436 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:27:18.0270 4436 BITS - ok
20:27:18.0317 4436 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:27:18.0317 4436 blbdrive - ok
20:27:18.0348 4436 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:27:18.0348 4436 bowser - ok
20:27:18.0380 4436 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:27:18.0380 4436 BrFiltLo - ok
20:27:18.0395 4436 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:27:18.0395 4436 BrFiltUp - ok
20:27:18.0442 4436 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:27:18.0442 4436 Browser - ok
20:27:18.0473 4436 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:27:18.0489 4436 Brserid - ok
20:27:18.0504 4436 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:27:18.0504 4436 BrSerWdm - ok
20:27:18.0520 4436 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:27:18.0520 4436 BrUsbMdm - ok
20:27:18.0551 4436 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:27:18.0551 4436 BrUsbSer - ok
20:27:18.0582 4436 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:27:18.0582 4436 BTHMODEM - ok
20:27:18.0629 4436 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:27:18.0645 4436 bthserv - ok
20:27:18.0676 4436 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:27:18.0676 4436 cdfs - ok
20:27:18.0707 4436 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:27:18.0707 4436 cdrom - ok
20:27:18.0738 4436 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:27:18.0754 4436 CertPropSvc - ok
20:27:18.0770 4436 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:27:18.0770 4436 circlass - ok
20:27:18.0816 4436 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:27:18.0816 4436 CLFS - ok
20:27:18.0910 4436 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:27:18.0910 4436 clr_optimization_v2.0.50727_32 - ok
20:27:18.0988 4436 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:27:18.0988 4436 clr_optimization_v2.0.50727_64 - ok
20:27:19.0066 4436 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:27:19.0066 4436 clr_optimization_v4.0.30319_32 - ok
20:27:19.0097 4436 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:27:19.0097 4436 clr_optimization_v4.0.30319_64 - ok
20:27:19.0113 4436 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
20:27:19.0113 4436 clwvd - ok
20:27:19.0144 4436 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:27:19.0144 4436 CmBatt - ok
20:27:19.0175 4436 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:27:19.0175 4436 cmdide - ok
20:27:19.0238 4436 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:27:19.0238 4436 CNG - ok
20:27:19.0284 4436 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:27:19.0284 4436 Compbatt - ok
20:27:19.0300 4436 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:27:19.0300 4436 CompositeBus - ok
20:27:19.0300 4436 COMSysApp - ok
20:27:19.0331 4436 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:27:19.0331 4436 crcdisk - ok
20:27:19.0394 4436 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:27:19.0394 4436 CryptSvc - ok
20:27:19.0518 4436 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:27:19.0534 4436 cvhsvc - ok
20:27:19.0596 4436 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:27:19.0596 4436 DcomLaunch - ok
20:27:19.0674 4436 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:27:19.0674 4436 defragsvc - ok
20:27:19.0721 4436 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:27:19.0721 4436 DfsC - ok
20:27:19.0768 4436 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:27:19.0784 4436 Dhcp - ok
20:27:19.0799 4436 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:27:19.0815 4436 discache - ok
20:27:19.0846 4436 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:27:19.0846 4436 Disk - ok
20:27:19.0877 4436 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:27:19.0877 4436 Dnscache - ok
20:27:19.0908 4436 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:27:19.0908 4436 dot3svc - ok
20:27:19.0940 4436 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:27:19.0940 4436 DPS - ok
20:27:19.0971 4436 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:27:19.0971 4436 drmkaud - ok
20:27:20.0033 4436 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:27:20.0049 4436 DXGKrnl - ok
20:27:20.0096 4436 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:27:20.0096 4436 EapHost - ok
20:27:20.0330 4436 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:27:20.0361 4436 ebdrv - ok
20:27:20.0439 4436 [ 0C3F9EFF8DDD9F9EB56D754B4620155F ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:27:20.0439 4436 eeCtrl - ok
20:27:20.0470 4436 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:27:20.0486 4436 EFS - ok
20:27:20.0564 4436 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:27:20.0564 4436 ehRecvr - ok
20:27:20.0626 4436 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:27:20.0626 4436 ehSched - ok
20:27:20.0704 4436 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:27:20.0704 4436 elxstor - ok
20:27:20.0735 4436 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:27:20.0735 4436 ErrDev - ok
20:27:20.0829 4436 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:27:20.0844 4436 EventSystem - ok
20:27:20.0876 4436 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:27:20.0876 4436 exfat - ok
20:27:20.0891 4436 ezSharedSvc - ok
20:27:20.0922 4436 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:27:20.0922 4436 fastfat - ok
20:27:21.0016 4436 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:27:21.0016 4436 Fax - ok
20:27:21.0047 4436 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:27:21.0047 4436 fdc - ok
20:27:21.0063 4436 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:27:21.0078 4436 fdPHost - ok
20:27:21.0094 4436 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:27:21.0110 4436 FDResPub - ok
20:27:21.0141 4436 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:27:21.0141 4436 FileInfo - ok
20:27:21.0156 4436 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:27:21.0156 4436 Filetrace - ok
20:27:21.0188 4436 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:27:21.0188 4436 flpydisk - ok
20:27:21.0219 4436 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:27:21.0219 4436 FltMgr - ok
20:27:21.0297 4436 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:27:21.0312 4436 FontCache - ok
20:27:21.0390 4436 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:27:21.0390 4436 FontCache3.0.0.0 - ok
20:27:21.0406 4436 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:27:21.0406 4436 FsDepends - ok
20:27:21.0453 4436 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:27:21.0453 4436 Fs_Rec - ok
20:27:21.0500 4436 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:27:21.0515 4436 fvevol - ok
20:27:21.0531 4436 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:27:21.0546 4436 gagp30kx - ok
20:27:21.0593 4436 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:27:21.0593 4436 GamesAppService - ok
20:27:21.0624 4436 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:27:21.0624 4436 GEARAspiWDM - ok
20:27:21.0702 4436 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:27:21.0702 4436 gpsvc - ok
20:27:21.0749 4436 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:27:21.0749 4436 hcw85cir - ok
20:27:21.0765 4436 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:27:21.0780 4436 HdAudAddService - ok
20:27:21.0812 4436 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:27:21.0812 4436 HDAudBus - ok
20:27:21.0874 4436 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:27:21.0874 4436 HECIx64 - ok
20:27:21.0921 4436 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:27:21.0921 4436 HidBatt - ok
20:27:21.0936 4436 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:27:21.0952 4436 HidBth - ok
20:27:21.0968 4436 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:27:21.0968 4436 HidIr - ok
20:27:22.0014 4436 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:27:22.0014 4436 hidserv - ok
20:27:22.0061 4436 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:27:22.0061 4436 HidUsb - ok
20:27:22.0092 4436 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:27:22.0092 4436 hkmsvc - ok
20:27:22.0155 4436 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:27:22.0155 4436 HomeGroupListener - ok
20:27:22.0217 4436 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:27:22.0217 4436 HomeGroupProvider - ok
20:27:22.0326 4436 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:27:22.0326 4436 HP Support Assistant Service - ok
20:27:22.0389 4436 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
20:27:22.0404 4436 HPClientSvc - ok
20:27:22.0529 4436 [ C5D2F308E1C12A5C328EF549696DBC05 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
20:27:22.0529 4436 hpCMSrv - ok
20:27:22.0576 4436 [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
20:27:22.0592 4436 HPDrvMntSvc.exe - ok
20:27:22.0685 4436 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:27:22.0701 4436 hpqwmiex - ok
20:27:22.0763 4436 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:27:22.0763 4436 HpSAMD - ok
20:27:22.0826 4436 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:27:22.0826 4436 HPWMISVC - ok
20:27:22.0872 4436 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:27:22.0888 4436 HTTP - ok
20:27:22.0919 4436 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:27:22.0919 4436 hwpolicy - ok
20:27:22.0950 4436 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:27:22.0950 4436 i8042prt - ok
20:27:22.0997 4436 [ D469B77687E12FE43E344806740B624D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:27:22.0997 4436 iaStor - ok
20:27:23.0091 4436 [ 983FC69644DDF0486C8DFEA262948D1A ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
20:27:23.0091 4436 IAStorDataMgrSvc - ok
20:27:23.0138 4436 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:27:23.0138 4436 iaStorV - ok
20:27:23.0309 4436 [ 3A0FF117B4ADC5ABE4D968E26A337158 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:27:23.0340 4436 IconMan_R - ok
20:27:23.0418 4436 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:27:23.0434 4436 idsvc - ok
20:27:23.0512 4436 [ 18C40C3F368323B203ACE403CB430DB1 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120309.002\IDSvia64.sys
20:27:23.0528 4436 IDSVia64 - ok
20:27:24.0074 4436 [ 78527E6A4D78B1153925914C55872BEB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:27:24.0214 4436 igfx - ok
20:27:24.0276 4436 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:27:24.0276 4436 iirsp - ok
20:27:24.0370 4436 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:27:24.0370 4436 IKEEXT - ok
20:27:24.0401 4436 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:27:24.0401 4436 Impcd - ok
20:27:24.0464 4436 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:27:24.0464 4436 IntcDAud - ok
20:27:24.0495 4436 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:27:24.0495 4436 intelide - ok
20:27:24.0526 4436 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:27:24.0526 4436 intelppm - ok
20:27:24.0557 4436 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:27:24.0557 4436 IPBusEnum - ok
20:27:24.0588 4436 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:27:24.0588 4436 IpFilterDriver - ok
20:27:24.0620 4436 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:27:24.0635 4436 iphlpsvc - ok
20:27:24.0666 4436 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:27:24.0666 4436 IPMIDRV - ok
20:27:24.0713 4436 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:27:24.0713 4436 IPNAT - ok
20:27:24.0791 4436 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:27:24.0791 4436 iPod Service - ok
20:27:24.0838 4436 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:27:24.0838 4436 IRENUM - ok
20:27:24.0869 4436 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:27:24.0869 4436 isapnp - ok
20:27:24.0900 4436 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:27:24.0900 4436 iScsiPrt - ok
20:27:24.0932 4436 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:27:24.0932 4436 kbdclass - ok
20:27:24.0963 4436 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:27:24.0963 4436 kbdhid - ok
20:27:24.0978 4436 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:27:24.0978 4436 KeyIso - ok
20:27:25.0025 4436 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:27:25.0025 4436 KSecDD - ok
20:27:25.0041 4436 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:27:25.0056 4436 KSecPkg - ok
20:27:25.0072 4436 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:27:25.0072 4436 ksthunk - ok
20:27:25.0119 4436 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:27:25.0134 4436 KtmRm - ok
20:27:25.0150 4436 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:27:25.0150 4436 LanmanServer - ok
20:27:25.0197 4436 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:27:25.0197 4436 LanmanWorkstation - ok
20:27:25.0244 4436 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:27:25.0244 4436 lltdio - ok
20:27:25.0290 4436 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:27:25.0290 4436 lltdsvc - ok
20:27:25.0322 4436 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:27:25.0322 4436 lmhosts - ok
20:27:25.0400 4436 [ 9D8B95C0EAE145C46BC4A727B23DA395 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:27:25.0415 4436 LMS - ok
20:27:25.0431 4436 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:27:25.0431 4436 LSI_FC - ok
20:27:25.0462 4436 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:27:25.0462 4436 LSI_SAS - ok
20:27:25.0493 4436 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:27:25.0493 4436 LSI_SAS2 - ok
20:27:25.0509 4436 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:27:25.0509 4436 LSI_SCSI - ok
20:27:25.0524 4436 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:27:25.0540 4436 luafv - ok
20:27:25.0571 4436 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:27:25.0571 4436 MBAMProtector - ok
20:27:25.0634 4436 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:27:25.0634 4436 MBAMScheduler - ok
20:27:25.0680 4436 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:27:25.0696 4436 MBAMService - ok
20:27:25.0774 4436 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
20:27:25.0774 4436 McComponentHostService - ok
20:27:25.0821 4436 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:27:25.0821 4436 Mcx2Svc - ok
20:27:25.0852 4436 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:27:25.0852 4436 megasas - ok
20:27:25.0883 4436 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:27:25.0899 4436 MegaSR - ok
20:27:26.0008 4436 Microsoft SharePoint Workspace Audit Service - ok
20:27:26.0024 4436 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:27:26.0024 4436 MMCSS - ok
20:27:26.0070 4436 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:27:26.0070 4436 Modem - ok
20:27:26.0102 4436 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:27:26.0102 4436 monitor - ok
20:27:26.0133 4436 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:27:26.0133 4436 mouclass - ok
20:27:26.0164 4436 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:27:26.0164 4436 mouhid - ok
20:27:26.0195 4436 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:27:26.0195 4436 mountmgr - ok
20:27:26.0258 4436 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:27:26.0258 4436 MozillaMaintenance - ok
20:27:26.0289 4436 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:27:26.0289 4436 mpio - ok
20:27:26.0336 4436 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:27:26.0336 4436 mpsdrv - ok
20:27:26.0429 4436 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:27:26.0445 4436 MpsSvc - ok
20:27:26.0476 4436 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:27:26.0476 4436 MRxDAV - ok
20:27:26.0507 4436 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:27:26.0523 4436 mrxsmb - ok
20:27:26.0554 4436 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:27:26.0570 4436 mrxsmb10 - ok
20:27:26.0585 4436 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:27:26.0585 4436 mrxsmb20 - ok
20:27:26.0648 4436 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:27:26.0648 4436 msahci - ok
20:27:26.0679 4436 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:27:26.0679 4436 msdsm - ok
20:27:26.0694 4436 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:27:26.0694 4436 MSDTC - ok
20:27:26.0726 4436 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:27:26.0726 4436 Msfs - ok
20:27:26.0757 4436 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:27:26.0757 4436 mshidkmdf - ok
20:27:26.0772 4436 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:27:26.0788 4436 msisadrv - ok
20:27:26.0835 4436 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:27:26.0835 4436 MSiSCSI - ok
20:27:26.0835 4436 msiserver - ok
20:27:26.0866 4436 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:27:26.0866 4436 MSKSSRV - ok
20:27:26.0897 4436 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:27:26.0897 4436 MSPCLOCK - ok
20:27:26.0913 4436 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:27:26.0913 4436 MSPQM - ok
20:27:26.0944 4436 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:27:26.0960 4436 MsRPC - ok
20:27:27.0006 4436 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:27:27.0006 4436 mssmbios - ok
20:27:27.0038 4436 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:27:27.0038 4436 MSTEE - ok
20:27:27.0053 4436 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:27:27.0053 4436 MTConfig - ok
20:27:27.0084 4436 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:27:27.0084 4436 Mup - ok
20:27:27.0131 4436 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:27:27.0131 4436 napagent - ok
20:27:27.0194 4436 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:27:27.0194 4436 NativeWifiP - ok
20:27:27.0272 4436 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120309.034\ENG64.SYS
20:27:27.0272 4436 NAVENG - ok
20:27:27.0443 4436 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120309.034\EX64.SYS
20:27:27.0474 4436 NAVEX15 - ok
20:27:27.0568 4436 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:27:27.0568 4436 NDIS - ok
20:27:27.0599 4436 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:27:27.0599 4436 NdisCap - ok
20:27:27.0630 4436 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:27:27.0630 4436 NdisTapi - ok
20:27:27.0677 4436 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:27:27.0677 4436 Ndisuio - ok
20:27:27.0724 4436 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:27:27.0724 4436 NdisWan - ok
20:27:27.0755 4436 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:27:27.0755 4436 NDProxy - ok
20:27:27.0786 4436 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:27:27.0786 4436 NetBIOS - ok
20:27:27.0802 4436 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:27:27.0818 4436 NetBT - ok
20:27:27.0833 4436 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:27:27.0833 4436 Netlogon - ok
20:27:27.0880 4436 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:27:27.0880 4436 Netman - ok
20:27:27.0896 4436 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:27:27.0911 4436 netprofm - ok
20:27:28.0005 4436 [ 31609B481CC202BFB441E37FEBCDEA05 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
20:27:28.0036 4436 netr28x - ok
20:27:28.0083 4436 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:27:28.0083 4436 NetTcpPortSharing - ok
20:27:28.0114 4436 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:27:28.0114 4436 nfrd960 - ok
20:27:28.0176 4436 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
20:27:28.0176 4436 NIS - ok
20:27:28.0208 4436 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:27:28.0223 4436 NlaSvc - ok
20:27:28.0254 4436 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:27:28.0254 4436 Npfs - ok
20:27:28.0286 4436 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:27:28.0286 4436 nsi - ok
20:27:28.0317 4436 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:27:28.0317 4436 nsiproxy - ok
20:27:28.0473 4436 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:27:28.0488 4436 Ntfs - ok
20:27:28.0535 4436 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:27:28.0535 4436 Null - ok
20:27:28.0566 4436 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
20:27:28.0566 4436 NVENETFD - ok
20:27:28.0613 4436 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:27:28.0613 4436 nvraid - ok
20:27:28.0644 4436 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:27:28.0644 4436 nvstor - ok
20:27:28.0676 4436 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:27:28.0676 4436 nv_agp - ok
20:27:28.0722 4436 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:27:28.0722 4436 ohci1394 - ok
20:27:28.0769 4436 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:27:28.0769 4436 ose - ok
20:27:29.0019 4436 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:27:29.0081 4436 osppsvc - ok
20:27:29.0112 4436 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:27:29.0128 4436 p2pimsvc - ok
20:27:29.0144 4436 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:27:29.0159 4436 p2psvc - ok
20:27:29.0222 4436 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:27:29.0222 4436 Parport - ok
20:27:29.0268 4436 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:27:29.0268 4436 partmgr - ok
20:27:29.0315 4436 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:27:29.0331 4436 PcaSvc - ok
20:27:29.0362 4436 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:27:29.0362 4436 pci - ok
20:27:29.0378 4436 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:27:29.0378 4436 pciide - ok
20:27:29.0409 4436 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:27:29.0409 4436 pcmcia - ok
20:27:29.0456 4436 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:27:29.0456 4436 pcw - ok
20:27:29.0487 4436 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:27:29.0502 4436 PEAUTH - ok
20:27:29.0580 4436 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:27:29.0580 4436 PerfHost - ok
20:27:29.0643 4436 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:27:29.0674 4436 pla - ok
20:27:29.0705 4436 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:27:29.0705 4436 PlugPlay - ok
20:27:29.0736 4436 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:27:29.0736 4436 PNRPAutoReg - ok
20:27:29.0768 4436 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:27:29.0768 4436 PNRPsvc - ok
20:27:29.0830 4436 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:27:29.0830 4436 PolicyAgent - ok
20:27:29.0861 4436 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:27:29.0861 4436 Power - ok
20:27:29.0908 4436 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:27:29.0908 4436 PptpMiniport - ok
20:27:29.0939 4436 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:27:29.0939 4436 Processor - ok
20:27:29.0986 4436 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:27:29.0986 4436 ProfSvc - ok
20:27:30.0017 4436 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:27:30.0017 4436 ProtectedStorage - ok
20:27:30.0048 4436 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:27:30.0064 4436 Psched - ok
20:27:30.0173 4436 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:27:30.0189 4436 ql2300 - ok
20:27:30.0220 4436 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:27:30.0220 4436 ql40xx - ok
20:27:30.0251 4436 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:27:30.0251 4436 QWAVE - ok
20:27:30.0282 4436 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:27:30.0282 4436 QWAVEdrv - ok
20:27:30.0329 4436 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:27:30.0345 4436 RasAcd - ok
20:27:30.0376 4436 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:27:30.0376 4436 RasAgileVpn - ok
20:27:30.0454 4436 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:27:30.0454 4436 RasAuto - ok
20:27:30.0470 4436 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:27:30.0470 4436 Rasl2tp - ok
20:27:30.0501 4436 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:27:30.0501 4436 RasMan - ok
20:27:30.0532 4436 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:27:30.0532 4436 RasPppoe - ok
20:27:30.0594 4436 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:27:30.0594 4436 RasSstp - ok
20:27:30.0626 4436 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:27:30.0626 4436 rdbss - ok
20:27:30.0657 4436 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:27:30.0657 4436 rdpbus - ok
20:27:30.0688 4436 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:27:30.0688 4436 RDPCDD - ok
20:27:30.0719 4436 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:27:30.0719 4436 RDPENCDD - ok
20:27:30.0735 4436 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:27:30.0735 4436 RDPREFMP - ok
20:27:30.0813 4436 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:27:30.0813 4436 RDPWD - ok
20:27:30.0860 4436 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:27:30.0875 4436 rdyboost - ok
20:27:30.0922 4436 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:27:30.0922 4436 RemoteAccess - ok
20:27:30.0953 4436 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:27:30.0953 4436 RemoteRegistry - ok
20:27:31.0016 4436 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
20:27:31.0031 4436 RoxioNow Service - ok
20:27:31.0078 4436 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:27:31.0078 4436 RpcEptMapper - ok
20:27:31.0094 4436 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:27:31.0094 4436 RpcLocator - ok
20:27:31.0156 4436 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:27:31.0156 4436 RpcSs - ok
20:27:31.0203 4436 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:27:31.0203 4436 RSPCIESTOR - ok
20:27:31.0250 4436 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:27:31.0250 4436 rspndr - ok
20:27:31.0312 4436 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:27:31.0328 4436 RTL8167 - ok
20:27:31.0343 4436 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:27:31.0343 4436 SamSs - ok
20:27:31.0390 4436 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:27:31.0390 4436 sbp2port - ok
20:27:31.0421 4436 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:27:31.0421 4436 SCardSvr - ok
20:27:31.0437 4436 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:27:31.0437 4436 scfilter - ok
20:27:31.0499 4436 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:27:31.0515 4436 Schedule - ok
20:27:31.0562 4436 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:27:31.0562 4436 SCPolicySvc - ok
20:27:31.0593 4436 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:27:31.0593 4436 sdbus - ok
20:27:31.0640 4436 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:27:31.0655 4436 SDRSVC - ok
20:27:31.0718 4436 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:27:31.0718 4436 SeaPort - ok
20:27:31.0764 4436 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:27:31.0764 4436 secdrv - ok
20:27:31.0796 4436 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:27:31.0796 4436 seclogon - ok
20:27:31.0827 4436 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:27:31.0827 4436 SENS - ok
20:27:31.0842 4436 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:27:31.0842 4436 SensrSvc - ok
20:27:31.0858 4436 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:27:31.0858 4436 Serenum - ok
20:27:31.0889 4436 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:27:31.0889 4436 Serial - ok
20:27:31.0905 4436 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:27:31.0905 4436 sermouse - ok
20:27:31.0967 4436 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:27:31.0983 4436 SessionEnv - ok
20:27:32.0030 4436 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:27:32.0030 4436 sffdisk - ok
20:27:32.0045 4436 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:27:32.0045 4436 sffp_mmc - ok
20:27:32.0076 4436 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:27:32.0076 4436 sffp_sd - ok
20:27:32.0092 4436 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:27:32.0092 4436 sfloppy - ok
20:27:32.0154 4436 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
20:27:32.0154 4436 Sftfs - ok
20:27:32.0232 4436 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:27:32.0232 4436 sftlist - ok
20:27:32.0264 4436 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:27:32.0264 4436 Sftplay - ok
20:27:32.0295 4436 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:27:32.0295 4436 Sftredir - ok
20:27:32.0342 4436 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
20:27:32.0342 4436 Sftvol - ok
20:27:32.0388 4436 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:27:32.0388 4436 sftvsa - ok
20:27:32.0451 4436 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:27:32.0451 4436 SharedAccess - ok
20:27:32.0498 4436 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:27:32.0513 4436 ShellHWDetection - ok
20:27:32.0560 4436 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:27:32.0560 4436 SiSRaid2 - ok
20:27:32.0591 4436 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:27:32.0591 4436 SiSRaid4 - ok
20:27:32.0638 4436 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:27:32.0638 4436 Smb - ok
20:27:32.0685 4436 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:27:32.0685 4436 SNMPTRAP - ok
20:27:32.0732 4436 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:27:32.0732 4436 spldr - ok
20:27:32.0825 4436 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:27:32.0841 4436 Spooler - ok
20:27:32.0981 4436 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:27:33.0028 4436 sppsvc - ok
20:27:33.0044 4436 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:27:33.0059 4436 sppuinotify - ok
20:27:33.0122 4436 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207000.00D\SRTSP64.SYS
20:27:33.0122 4436 SRTSP - ok
20:27:33.0168 4436 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS
20:27:33.0168 4436 SRTSPX - ok
20:27:33.0215 4436 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:27:33.0215 4436 srv - ok
20:27:33.0246 4436 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:27:33.0262 4436 srv2 - ok
20:27:33.0324 4436 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
20:27:33.0324 4436 SrvHsfHDA - ok
20:27:33.0449 4436 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
20:27:33.0465 4436 SrvHsfV92 - ok
20:27:33.0512 4436 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
20:27:33.0512 4436 SrvHsfWinac - ok
20:27:33.0543 4436 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:27:33.0543 4436 srvnet - ok
20:27:33.0590 4436 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:27:33.0590 4436 SSDPSRV - ok
20:27:33.0621 4436 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:27:33.0621 4436 SstpSvc - ok
20:27:33.0730 4436 [ 7EAE822E0153D5815FF842FD57D2A49E ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
20:27:33.0730 4436 STacSV - ok
20:27:33.0761 4436 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:27:33.0761 4436 stexstor - ok
20:27:33.0824 4436 [ 6EFE5345D1C187973760AF3B7B10F636 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
20:27:33.0839 4436 STHDA - ok
20:27:33.0886 4436 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:27:33.0902 4436 stisvc - ok
20:27:33.0948 4436 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:27:33.0948 4436 swenum - ok
20:27:34.0011 4436 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:27:34.0026 4436 swprv - ok
20:27:34.0073 4436 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS
20:27:34.0089 4436 SymDS - ok
20:27:34.0182 4436 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS
20:27:34.0198 4436 SymEFA - ok
20:27:34.0229 4436 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:27:34.0245 4436 SymEvent - ok
20:27:34.0276 4436 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS
20:27:34.0276 4436 SymIRON - ok
20:27:34.0323 4436 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207000.00D\SYMNETS.SYS
20:27:34.0323 4436 SymNetS - ok
20:27:34.0416 4436 [ CC13EE4AF170ABB99F6449CBB62AB219 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:27:34.0432 4436 SynTP - ok
20:27:34.0572 4436 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:27:34.0588 4436 SysMain - ok
20:27:34.0635 4436 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:27:34.0650 4436 TabletInputService - ok
20:27:34.0697 4436 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:27:34.0697 4436 TapiSrv - ok
20:27:34.0713 4436 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:27:34.0728 4436 TBS - ok
20:27:34.0900 4436 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:27:34.0916 4436 Tcpip - ok
20:27:35.0072 4436 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:27:35.0103 4436 TCPIP6 - ok
20:27:35.0134 4436 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:27:35.0134 4436 tcpipreg - ok
20:27:35.0165 4436 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:27:35.0165 4436 TDPIPE - ok
20:27:35.0212 4436 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:27:35.0212 4436 TDTCP - ok
20:27:35.0243 4436 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:27:35.0243 4436 tdx - ok
20:27:35.0274 4436 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:27:35.0274 4436 TermDD - ok
20:27:35.0352 4436 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:27:35.0368 4436 TermService - ok
20:27:35.0415 4436 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:27:35.0415 4436 Themes - ok
20:27:35.0430 4436 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:27:35.0446 4436 THREADORDER - ok
20:27:35.0462 4436 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:27:35.0477 4436 TrkWks - ok
20:27:35.0524 4436 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:27:35.0540 4436 TrustedInstaller - ok
20:27:35.0555 4436 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:27:35.0555 4436 tssecsrv - ok
20:27:35.0571 4436 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:27:35.0571 4436 TsUsbFlt - ok
20:27:35.0618 4436 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:27:35.0618 4436 TsUsbGD - ok
20:27:35.0649 4436 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:27:35.0649 4436 tunnel - ok
20:27:35.0680 4436 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:27:35.0680 4436 uagp35 - ok
20:27:35.0711 4436 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:27:35.0711 4436 udfs - ok
20:27:35.0742 4436 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:27:35.0742 4436 UI0Detect - ok
20:27:35.0789 4436 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:27:35.0789 4436 uliagpkx - ok
20:27:35.0805 4436 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:27:35.0805 4436 umbus - ok
20:27:35.0836 4436 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:27:35.0836 4436 UmPass - ok
20:27:36.0008 4436 [ 0B0B9F55B12767A755932C26B5FED715 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:27:36.0039 4436 UNS - ok
20:27:36.0070 4436 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:27:36.0086 4436 upnphost - ok
20:27:36.0148 4436 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:27:36.0148 4436 usbccgp - ok
20:27:36.0210 4436 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:27:36.0210 4436 usbcir - ok
20:27:36.0257 4436 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:27:36.0257 4436 usbehci - ok
20:27:36.0304 4436 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:27:36.0304 4436 usbhub - ok
20:27:36.0335 4436 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:27:36.0335 4436 usbohci - ok
20:27:36.0382 4436 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:27:36.0382 4436 usbprint - ok
20:27:36.0413 4436 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:27:36.0413 4436 usbscan - ok
20:27:36.0444 4436 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:27:36.0444 4436 USBSTOR - ok
20:27:36.0491 4436 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:27:36.0491 4436 usbuhci - ok
20:27:36.0522 4436 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:27:36.0522 4436 usbvideo - ok
20:27:36.0569 4436 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:27:36.0569 4436 UxSms - ok
20:27:36.0585 4436 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:27:36.0585 4436 VaultSvc - ok
20:27:36.0632 4436 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:27:36.0632 4436 vdrvroot - ok
20:27:36.0725 4436 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:27:36.0725 4436 vds - ok
20:27:36.0756 4436 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:27:36.0756 4436 vga - ok
20:27:36.0788 4436 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:27:36.0788 4436 VgaSave - ok
20:27:36.0819 4436 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:27:36.0819 4436 vhdmp - ok
20:27:36.0881 4436 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:27:36.0881 4436 viaide - ok
20:27:36.0944 4436 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:27:36.0944 4436 volmgr - ok
20:27:36.0975 4436 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:27:36.0975 4436 volmgrx - ok
20:27:37.0022 4436 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:27:37.0022 4436 volsnap - ok
20:27:37.0084 4436 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:27:37.0084 4436 vsmraid - ok
20:27:37.0209 4436 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:27:37.0240 4436 VSS - ok
20:27:37.0256 4436 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:27:37.0271 4436 vwifibus - ok
20:27:37.0302 4436 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:27:37.0302 4436 vwififlt - ok
20:27:37.0349 4436 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:27:37.0365 4436 W32Time - ok
20:27:37.0396 4436 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:27:37.0396 4436 WacomPen - ok
20:27:37.0427 4436 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:27:37.0443 4436 WANARP - ok
20:27:37.0443 4436 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:27:37.0443 4436 Wanarpv6 - ok
20:27:37.0614 4436 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:27:37.0630 4436 WatAdminSvc - ok
20:27:37.0755 4436 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:27:37.0786 4436 wbengine - ok
20:27:37.0833 4436 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:27:37.0833 4436 WbioSrvc - ok
20:27:37.0895 4436 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:27:37.0895 4436 wcncsvc - ok
20:27:37.0942 4436 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:27:37.0942 4436 WcsPlugInService - ok
20:27:38.0004 4436 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:27:38.0020 4436 Wd - ok
20:27:38.0051 4436 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:27:38.0067 4436 Wdf01000 - ok
20:27:38.0098 4436 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:27:38.0098 4436 WdiServiceHost - ok
20:27:38.0114 4436 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:27:38.0114 4436 WdiSystemHost - ok
20:27:38.0145 4436 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:27:38.0145 4436 WebClient - ok
20:27:38.0207 4436 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:27:38.0207 4436 Wecsvc - ok
20:27:38.0238 4436 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:27:38.0238 4436 wercplsupport - ok
20:27:38.0285 4436 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:27:38.0301 4436 WerSvc - ok
20:27:38.0332 4436 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:27:38.0332 4436 WfpLwf - ok
20:27:38.0426 4436 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:27:38.0441 4436 WIMMount - ok
20:27:38.0457 4436 WinDefend - ok
20:27:38.0472 4436 WinHttpAutoProxySvc - ok
20:27:38.0550 4436 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:27:38.0550 4436 Winmgmt - ok
20:27:38.0816 4436 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:27:38.0847 4436 WinRM - ok
20:27:38.0909 4436 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:27:38.0909 4436 WinUsb - ok
20:27:39.0034 4436 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:27:39.0050 4436 Wlansvc - ok
20:27:39.0143 4436 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:27:39.0143 4436 wlcrasvc - ok
20:27:39.0455 4436 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:27:39.0486 4436 wlidsvc - ok
20:27:39.0518 4436 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:27:39.0518 4436 WmiAcpi - ok
20:27:39.0549 4436 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:27:39.0564 4436 wmiApSrv - ok
20:27:39.0596 4436 WMPNetworkSvc - ok
20:27:39.0642 4436 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:27:39.0642 4436 WPCSvc - ok
20:27:39.0705 4436 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:27:39.0720 4436 WPDBusEnum - ok
20:27:39.0752 4436 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:27:39.0752 4436 ws2ifsl - ok
20:27:39.0767 4436 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:27:39.0767 4436 wscsvc - ok
20:27:39.0783 4436 WSearch - ok
20:27:40.0079 4436 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:27:40.0110 4436 wuauserv - ok
20:27:40.0142 4436 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:27:40.0142 4436 WudfPf - ok
20:27:40.0173 4436 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:27:40.0173 4436 WUDFRd - ok
20:27:40.0220 4436 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:27:40.0235 4436 wudfsvc - ok
20:27:40.0266 4436 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:27:40.0282 4436 WwanSvc - ok
20:27:40.0298 4436 ================ Scan global ===============================
20:27:40.0344 4436 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:27:40.0376 4436 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:27:40.0391 4436 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:27:40.0438 4436 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:27:40.0485 4436 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:27:40.0485 4436 [Global] - ok
20:27:40.0485 4436 ================ Scan MBR ==================================
20:27:40.0500 4436 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
20:27:41.0000 4436 \Device\Harddisk0\DR0 - ok
20:27:41.0000 4436 ================ Scan VBR ==================================
20:27:41.0015 4436 [ A6353D0A15A510429CEF091FE8EA0E24 ] \Device\Harddisk0\DR0\Partition1
20:27:41.0015 4436 \Device\Harddisk0\DR0\Partition1 - ok
20:27:41.0031 4436 [ C6E98C92C7787619753E8EF2CB5F1738 ] \Device\Harddisk0\DR0\Partition2
20:27:41.0031 4436 \Device\Harddisk0\DR0\Partition2 - ok
20:27:41.0078 4436 [ 6E0B9F244843D2F61E9F0C893076CBF0 ] \Device\Harddisk0\DR0\Partition3
20:27:41.0078 4436 \Device\Harddisk0\DR0\Partition3 - ok
20:27:41.0218 4436 [ 8E7DFC8F9F9EDA00435BA7C5FBF91D41 ] \Device\Harddisk0\DR0\Partition4
20:27:41.0218 4436 \Device\Harddisk0\DR0\Partition4 - ok
20:27:41.0218 4436 ============================================================
20:27:41.0218 4436 Scan finished
20:27:41.0218 4436 ============================================================
20:27:41.0249 4996 Detected object count: 0
20:27:41.0249 4996 Actual detected object count: 0

Avast:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-03 20:25:23
-----------------------------
20:25:23.765 OS Version: Windows x64 6.1.7601 Service Pack 1
20:25:23.765 Number of processors: 4 586 0x2505
20:25:23.765 ComputerName: RIKR3428-HP UserName: rikr3428
20:25:25.232 Initialize success
20:25:37.649 AVAST engine defs: 12100302
20:25:42.282 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:25:42.298 Disk 0 Vendor: TOSHIBA_ GS00 Size: 476940MB BusType: 3
20:25:42.314 Disk 0 MBR read successfully
20:25:42.314 Disk 0 MBR scan
20:25:42.314 Disk 0 Windows XP default MBR code
20:25:42.329 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
20:25:42.345 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 461594 MB offset 409600
20:25:42.376 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15042 MB offset 945754112
20:25:42.407 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
20:25:42.438 Disk 0 scanning C:\Windows\system32\drivers
20:25:55.137 Service scanning
20:26:37.601 Modules scanning
20:26:37.617 Disk 0 trace - called modules:
20:26:38.178 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
20:26:38.194 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005261790]
20:26:38.194 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fce050]
20:26:39.286 AVAST engine scan C:\Windows
20:26:41.797 AVAST engine scan C:\Windows\system32
20:31:46.694 AVAST engine scan C:\Windows\system32\drivers
20:32:03.539 AVAST engine scan C:\Users\rikr3428
20:32:41.600 Disk 0 MBR has been saved successfully to "C:\Users\rikr3428\Documents\MBR.dat"
20:32:41.618 The log file has been saved successfully to "C:\Users\rikr3428\Documents\aswMBR log.txt"
20:33:59.104 File: C:\Users\rikr3428\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\4d033170-1d857a67 **INFECTED** Win32:Downloader-NZA [Trj]
20:34:21.215 Disk 0 MBR has been saved successfully to "C:\Users\rikr3428\Documents\MBR.dat"
20:34:21.233 The log file has been saved successfully to "C:\Users\rikr3428\Documents\aswMBRlog.txt"
20:34:50.053 AVAST engine scan C:\ProgramData
20:36:24.266 Scan finished successfully
20:36:35.700 Disk 0 MBR has been saved successfully to "C:\Users\rikr3428\Documents\MBR.dat"
20:36:35.711 The log file has been saved successfully to "C:\Users\rikr3428\Documents\aswMBR log.txt"


If anyone can tell me where to go from here I would be extremely grateful!!

Edited by hamluis, 04 October 2012 - 01:50 PM.
Edited for readability - Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 03 October 2012 - 07:48 PM

Hello and welcome..
You have a Google Analytics infection and special instruxyion is reqired for removal.

We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.

Edited by boopme, 03 October 2012 - 09:50 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 hamluis

hamluis

    Moderator


  • Moderator
  • 55,742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:45 AM

Posted 04 October 2012 - 01:54 PM

Reference: http://www.bleepingcomputer.com/forums/topic470716.html/page__p__2859550#entry2859550

Now that you have properly posted a malware log topic, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on, the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

To avoid confusion, I am closing this topic.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users