Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with multiple virus


  • Please log in to reply
6 replies to this topic

#1 Frazzled7

Frazzled7

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 20 October 2012 - 04:12 PM

Hello,

I had my MSE anti-virus pop up with several virus'. These include Sirefef (a few varities), Alureon.A, Blacoleref.CI, and many java exploit infections. Everything runs slow, my services seem to be broken or messed up, can't load some things. I had to reinstall my BITS under services to get it back as the virus seems to have removed that as well. Any help would be greatly appreciated as this is an urgent matter. Thanks.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:07 PM

Posted 20 October 2012 - 04:20 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Frazzled7

Frazzled7
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 20 October 2012 - 05:06 PM

TDSS LOG:

15:23:21.0771 3988 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
15:23:22.0173 3988 ============================================================
15:23:22.0173 3988 Current date / time: 2012/10/20 15:23:22.0173
15:23:22.0173 3988 SystemInfo:
15:23:22.0173 3988
15:23:22.0173 3988 OS Version: 6.1.7600 ServicePack: 0.0
15:23:22.0173 3988 Product type: Workstation
15:23:22.0173 3988 ComputerName: ZACHARY-PC
15:23:22.0173 3988 UserName: Zach 2
15:23:22.0173 3988 Windows directory: C:\Windows
15:23:22.0173 3988 System windows directory: C:\Windows
15:23:22.0173 3988 Running under WOW64
15:23:22.0173 3988 Processor architecture: Intel x64
15:23:22.0173 3988 Number of processors: 2
15:23:22.0173 3988 Page size: 0x1000
15:23:22.0173 3988 Boot type: Normal boot
15:23:22.0173 3988 ============================================================
15:23:24.0136 3988 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:23:30.0313 3988 Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:23:30.0319 3988 ============================================================
15:23:30.0319 3988 \Device\Harddisk0\DR0:
15:23:30.0320 3988 MBR partitions:
15:23:30.0320 3988 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:23:30.0320 3988 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55AD6301
15:23:30.0320 3988 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55B08B01, BlocksNum 0x1A3C800
15:23:30.0320 3988 \Device\Harddisk2\DR2:
15:23:30.0321 3988 MBR partitions:
15:23:30.0321 3988 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
15:23:30.0321 3988 ============================================================
15:23:30.0322 3988 C: <-> \Device\Harddisk0\DR0\Partition2
15:23:30.0363 3988 D: <-> \Device\Harddisk0\DR0\Partition3
15:23:30.0394 3988 H: <-> \Device\Harddisk2\DR2\Partition1
15:23:30.0394 3988 ============================================================
15:23:30.0394 3988 Initialize success
15:23:30.0395 3988 ============================================================
15:24:00.0956 6992 ============================================================
15:24:00.0956 6992 Scan started
15:24:00.0956 6992 Mode: Manual; TDLFS;
15:24:00.0956 6992 ============================================================
15:24:01.0720 6992 ================ Scan system memory ========================
15:24:01.0720 6992 System memory - ok
15:24:01.0722 6992 ================ Scan services =============================
15:24:02.0022 6992 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:24:02.0025 6992 1394ohci - ok
15:24:02.0046 6992 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:24:02.0051 6992 ACPI - ok
15:24:02.0061 6992 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:24:02.0068 6992 AcpiPmi - ok
15:24:02.0093 6992 [ DE7E8D852A806BE6091983838BF9697F ] ACPIService C:\Windows\system32\DRIVERS\OSDACPI.SYS
15:24:02.0094 6992 ACPIService - ok
15:24:02.0185 6992 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:24:02.0186 6992 AdobeARMservice - ok
15:24:02.0198 6992 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:24:02.0205 6992 adp94xx - ok
15:24:02.0218 6992 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:24:02.0222 6992 adpahci - ok
15:24:02.0238 6992 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:24:02.0241 6992 adpu320 - ok
15:24:02.0263 6992 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:24:02.0266 6992 AeLookupSvc - ok
15:24:02.0293 6992 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
15:24:02.0294 6992 AERTFilters - ok
15:24:02.0339 6992 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
15:24:02.0346 6992 AFD - ok
15:24:02.0357 6992 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:24:02.0362 6992 agp440 - ok
15:24:02.0382 6992 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:24:02.0384 6992 ALG - ok
15:24:02.0396 6992 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:24:02.0398 6992 aliide - ok
15:24:02.0411 6992 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:24:02.0413 6992 amdide - ok
15:24:02.0436 6992 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:24:02.0437 6992 AmdK8 - ok
15:24:02.0443 6992 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:24:02.0445 6992 AmdPPM - ok
15:24:02.0453 6992 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
15:24:02.0456 6992 amdsata - ok
15:24:02.0468 6992 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:24:02.0473 6992 amdsbs - ok
15:24:02.0492 6992 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
15:24:02.0493 6992 amdxata - ok
15:24:02.0511 6992 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
15:24:02.0513 6992 AppID - ok
15:24:02.0532 6992 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:24:02.0535 6992 AppIDSvc - ok
15:24:02.0558 6992 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
15:24:02.0560 6992 Appinfo - ok
15:24:02.0614 6992 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:24:02.0615 6992 Apple Mobile Device - ok
15:24:02.0622 6992 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:24:02.0624 6992 arc - ok
15:24:02.0634 6992 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:24:02.0636 6992 arcsas - ok
15:24:02.0721 6992 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:24:02.0745 6992 aspnet_state - ok
15:24:02.0767 6992 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:24:02.0768 6992 AsyncMac - ok
15:24:02.0782 6992 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:24:02.0784 6992 atapi - ok
15:24:02.0824 6992 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:24:02.0832 6992 AudioEndpointBuilder - ok
15:24:02.0845 6992 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:24:02.0849 6992 AudioSrv - ok
15:24:02.0900 6992 [ A63B31D668424F7C20D0773769DBBB1E ] AVerAVF2 C:\Windows\system32\DRIVERS\AVerAVF2.sys
15:24:02.0913 6992 AVerAVF2 - ok
15:24:02.0931 6992 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:24:02.0933 6992 AxInstSV - ok
15:24:02.0956 6992 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:24:02.0962 6992 b06bdrv - ok
15:24:02.0983 6992 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:24:02.0988 6992 b57nd60a - ok
15:24:03.0001 6992 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:24:03.0003 6992 BDESVC - ok
15:24:03.0018 6992 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:24:03.0019 6992 Beep - ok
15:24:03.0061 6992 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
15:24:03.0070 6992 BFE - ok
15:24:03.0127 6992 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
15:24:03.0139 6992 BITS - ok
15:24:03.0150 6992 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:24:03.0151 6992 blbdrive - ok
15:24:03.0201 6992 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:24:03.0204 6992 Bonjour Service - ok
15:24:03.0231 6992 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:24:03.0233 6992 bowser - ok
15:24:03.0242 6992 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:24:03.0244 6992 BrFiltLo - ok
15:24:03.0250 6992 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:24:03.0251 6992 BrFiltUp - ok
15:24:03.0295 6992 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
15:24:03.0297 6992 Browser - ok
15:24:03.0307 6992 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:24:03.0312 6992 Brserid - ok
15:24:03.0339 6992 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:24:03.0341 6992 BrSerWdm - ok
15:24:03.0354 6992 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:24:03.0356 6992 BrUsbMdm - ok
15:24:03.0362 6992 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:24:03.0363 6992 BrUsbSer - ok
15:24:03.0408 6992 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:24:03.0410 6992 BthEnum - ok
15:24:03.0425 6992 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:24:03.0427 6992 BTHMODEM - ok
15:24:03.0447 6992 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:24:03.0450 6992 BthPan - ok
15:24:03.0487 6992 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:24:03.0493 6992 BTHPORT - ok
15:24:03.0507 6992 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:24:03.0509 6992 bthserv - ok
15:24:03.0520 6992 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:24:03.0522 6992 BTHUSB - ok
15:24:03.0545 6992 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:24:03.0549 6992 btwaudio - ok
15:24:03.0564 6992 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
15:24:03.0566 6992 btwavdt - ok
15:24:03.0630 6992 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:24:03.0639 6992 btwdins - ok
15:24:03.0658 6992 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:24:03.0659 6992 btwl2cap - ok
15:24:03.0678 6992 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:24:03.0679 6992 btwrchid - ok
15:24:03.0718 6992 [ A7784F6DD505672E11DBD7ACDC718E75 ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
15:24:03.0719 6992 CalendarSynchService - ok
15:24:03.0735 6992 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:24:03.0743 6992 cdfs - ok
15:24:03.0761 6992 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:24:03.0763 6992 cdrom - ok
15:24:03.0786 6992 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
15:24:03.0788 6992 CertPropSvc - ok
15:24:03.0803 6992 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:24:03.0804 6992 circlass - ok
15:24:03.0819 6992 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:24:03.0824 6992 CLFS - ok
15:24:03.0862 6992 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:24:03.0865 6992 clr_optimization_v2.0.50727_32 - ok
15:24:03.0891 6992 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:24:03.0892 6992 clr_optimization_v2.0.50727_64 - ok
15:24:03.0946 6992 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:24:03.0974 6992 clr_optimization_v4.0.30319_32 - ok
15:24:03.0993 6992 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:24:03.0996 6992 clr_optimization_v4.0.30319_64 - ok
15:24:04.0010 6992 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:24:04.0012 6992 CmBatt - ok
15:24:04.0025 6992 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:24:04.0027 6992 cmdide - ok
15:24:04.0054 6992 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
15:24:04.0060 6992 CNG - ok
15:24:04.0070 6992 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:24:04.0072 6992 Compbatt - ok
15:24:04.0091 6992 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:24:04.0094 6992 CompositeBus - ok
15:24:04.0101 6992 COMSysApp - ok
15:24:04.0122 6992 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:24:04.0123 6992 crcdisk - ok
15:24:04.0162 6992 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:24:04.0164 6992 CryptSvc - ok
15:24:04.0212 6992 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:24:04.0221 6992 DcomLaunch - ok
15:24:04.0249 6992 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:24:04.0253 6992 defragsvc - ok
15:24:04.0283 6992 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:24:04.0285 6992 DfsC - ok
15:24:04.0299 6992 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
15:24:04.0303 6992 Dhcp - ok
15:24:04.0309 6992 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:24:04.0311 6992 discache - ok
15:24:04.0320 6992 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:24:04.0321 6992 Disk - ok
15:24:04.0347 6992 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:24:04.0350 6992 Dnscache - ok
15:24:04.0369 6992 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
15:24:04.0373 6992 dot3svc - ok
15:24:04.0392 6992 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
15:24:04.0395 6992 DPS - ok
15:24:04.0419 6992 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:24:04.0420 6992 drmkaud - ok
15:24:04.0461 6992 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:24:04.0467 6992 DXGKrnl - ok
15:24:04.0492 6992 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:24:04.0495 6992 EapHost - ok
15:24:04.0560 6992 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:24:04.0621 6992 ebdrv - ok
15:24:04.0641 6992 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
15:24:04.0643 6992 EFS - ok
15:24:04.0703 6992 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:24:04.0711 6992 ehRecvr - ok
15:24:04.0734 6992 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:24:04.0737 6992 ehSched - ok
15:24:04.0767 6992 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:24:04.0774 6992 elxstor - ok
15:24:04.0789 6992 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:24:04.0790 6992 ErrDev - ok
15:24:04.0814 6992 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:24:04.0819 6992 EventSystem - ok
15:24:04.0829 6992 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:24:04.0833 6992 exfat - ok
15:24:04.0852 6992 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:24:04.0855 6992 fastfat - ok
15:24:04.0897 6992 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
15:24:04.0906 6992 Fax - ok
15:24:04.0912 6992 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:24:04.0914 6992 fdc - ok
15:24:04.0951 6992 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:24:04.0953 6992 fdPHost - ok
15:24:04.0961 6992 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:24:04.0963 6992 FDResPub - ok
15:24:04.0973 6992 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:24:04.0975 6992 FileInfo - ok
15:24:04.0991 6992 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:24:04.0993 6992 Filetrace - ok
15:24:05.0002 6992 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:24:05.0004 6992 flpydisk - ok
15:24:05.0014 6992 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:24:05.0019 6992 FltMgr - ok
15:24:05.0046 6992 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
15:24:05.0072 6992 FontCache - ok
15:24:05.0199 6992 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:24:05.0201 6992 FontCache3.0.0.0 - ok
15:24:05.0211 6992 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:24:05.0283 6992 FsDepends - ok
15:24:05.0341 6992 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:24:05.0342 6992 Fs_Rec - ok
15:24:05.0370 6992 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:24:05.0373 6992 fvevol - ok
15:24:05.0386 6992 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:24:05.0389 6992 gagp30kx - ok
15:24:05.0444 6992 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
15:24:05.0448 6992 GameConsoleService - ok
15:24:05.0467 6992 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:24:05.0468 6992 GEARAspiWDM - ok
15:24:05.0499 6992 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
15:24:05.0508 6992 gpsvc - ok
15:24:05.0582 6992 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:24:05.0584 6992 gupdate - ok
15:24:05.0590 6992 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:24:05.0591 6992 gupdatem - ok
15:24:05.0619 6992 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:24:05.0621 6992 hcw85cir - ok
15:24:05.0646 6992 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:24:05.0648 6992 HDAudBus - ok
15:24:05.0663 6992 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:24:05.0665 6992 HidBatt - ok
15:24:05.0674 6992 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:24:05.0682 6992 HidBth - ok
15:24:05.0698 6992 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:24:05.0699 6992 HidIr - ok
15:24:05.0712 6992 [ D4BFBA2EEC009E26854FE61110EF509F ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
15:24:05.0713 6992 hidkmdf - ok
15:24:05.0728 6992 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:24:05.0731 6992 hidserv - ok
15:24:05.0749 6992 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:24:05.0768 6992 HidUsb - ok
15:24:05.0800 6992 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:24:05.0803 6992 hkmsvc - ok
15:24:05.0816 6992 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:24:05.0821 6992 HomeGroupListener - ok
15:24:05.0849 6992 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:24:05.0852 6992 HomeGroupProvider - ok
15:24:05.0895 6992 [ 0141816A095A3F5A83FFA5B4A47B8023 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
15:24:05.0897 6992 HP Health Check Service - ok
15:24:05.0920 6992 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:24:05.0923 6992 hpqwmiex - ok
15:24:05.0939 6992 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:24:05.0942 6992 HpSAMD - ok
15:24:05.0970 6992 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:24:05.0986 6992 HTTP - ok
15:24:05.0998 6992 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:24:05.0999 6992 hwpolicy - ok
15:24:06.0014 6992 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:24:06.0016 6992 i8042prt - ok
15:24:06.0030 6992 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
15:24:06.0037 6992 iaStorV - ok
15:24:06.0082 6992 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:24:06.0093 6992 idsvc - ok
15:24:06.0106 6992 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:24:06.0108 6992 iirsp - ok
15:24:06.0151 6992 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
15:24:06.0160 6992 IKEEXT - ok
15:24:06.0213 6992 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:24:06.0225 6992 IntcAzAudAddService - ok
15:24:06.0242 6992 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:24:06.0243 6992 intelide - ok
15:24:06.0266 6992 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:24:06.0267 6992 intelppm - ok
15:24:06.0286 6992 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:24:06.0290 6992 IPBusEnum - ok
15:24:06.0308 6992 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:24:06.0311 6992 IpFilterDriver - ok
15:24:06.0316 6992 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:24:06.0320 6992 IPMIDRV - ok
15:24:06.0344 6992 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:24:06.0347 6992 IPNAT - ok
15:24:06.0389 6992 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:24:06.0399 6992 iPod Service - ok
15:24:06.0423 6992 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:24:06.0425 6992 IRENUM - ok
15:24:06.0431 6992 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:24:06.0432 6992 isapnp - ok
15:24:06.0453 6992 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:24:06.0457 6992 iScsiPrt - ok
15:24:06.0463 6992 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:24:06.0465 6992 kbdclass - ok
15:24:06.0475 6992 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:24:06.0476 6992 kbdhid - ok
15:24:06.0489 6992 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
15:24:06.0491 6992 KeyIso - ok
15:24:06.0542 6992 [ 613CC08496F1FA91FB43303FB65D37C6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
15:24:06.0545 6992 Kodak AiO Network Discovery Service - ok
15:24:06.0570 6992 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:24:06.0572 6992 KSecDD - ok
15:24:06.0579 6992 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:24:06.0582 6992 KSecPkg - ok
15:24:06.0591 6992 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:24:06.0592 6992 ksthunk - ok
15:24:06.0622 6992 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:24:06.0628 6992 KtmRm - ok
15:24:06.0648 6992 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:24:06.0652 6992 LanmanServer - ok
15:24:06.0681 6992 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:24:06.0686 6992 LanmanWorkstation - ok
15:24:06.0704 6992 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:24:06.0706 6992 lltdio - ok
15:24:06.0729 6992 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:24:06.0734 6992 lltdsvc - ok
15:24:06.0752 6992 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:24:06.0754 6992 lmhosts - ok
15:24:06.0772 6992 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:24:06.0774 6992 LSI_FC - ok
15:24:06.0784 6992 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:24:06.0786 6992 LSI_SAS - ok
15:24:06.0824 6992 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:24:06.0826 6992 LSI_SAS2 - ok
15:24:06.0833 6992 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:24:06.0836 6992 LSI_SCSI - ok
15:24:06.0845 6992 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:24:06.0848 6992 luafv - ok
15:24:06.0875 6992 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
15:24:06.0877 6992 LVRS64 - ok
15:24:07.0175 6992 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
15:24:07.0205 6992 LVUVC64 - ok
15:24:07.0230 6992 [ F6216C0549996D6CF3006F743C8A0618 ] LWWLicenseService C:\Program Files (x86)\Common Files\WoltersKluwerLWW Shared\Service\LWWLicenseService.exe
15:24:07.0231 6992 LWWLicenseService - ok
15:24:07.0250 6992 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:24:07.0252 6992 Mcx2Svc - ok
15:24:07.0260 6992 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:24:07.0262 6992 megasas - ok
15:24:07.0272 6992 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:24:07.0277 6992 MegaSR - ok
15:24:07.0340 6992 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:24:07.0342 6992 Microsoft Office Groove Audit Service - ok
15:24:07.0359 6992 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:24:07.0362 6992 MMCSS - ok
15:24:07.0374 6992 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:24:07.0376 6992 Modem - ok
15:24:07.0383 6992 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:24:07.0384 6992 monitor - ok
15:24:07.0396 6992 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:24:07.0397 6992 mouclass - ok
15:24:07.0405 6992 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:24:07.0407 6992 mouhid - ok
15:24:07.0415 6992 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:24:07.0418 6992 mountmgr - ok
15:24:07.0450 6992 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:24:07.0452 6992 MpFilter - ok
15:24:07.0461 6992 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:24:07.0465 6992 mpio - ok
15:24:07.0538 6992 MpKsl065e5569 - ok
15:24:07.0544 6992 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:24:07.0547 6992 mpsdrv - ok
15:24:07.0578 6992 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:24:07.0595 6992 MpsSvc - ok
15:24:07.0610 6992 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:24:07.0613 6992 MRxDAV - ok
15:24:07.0635 6992 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:24:07.0637 6992 mrxsmb - ok
15:24:07.0658 6992 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:24:07.0662 6992 mrxsmb10 - ok
15:24:07.0681 6992 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:24:07.0683 6992 mrxsmb20 - ok
15:24:07.0691 6992 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:24:07.0693 6992 msahci - ok
15:24:07.0703 6992 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:24:07.0706 6992 msdsm - ok
15:24:07.0734 6992 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:24:07.0738 6992 MSDTC - ok
15:24:07.0758 6992 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:24:07.0761 6992 Msfs - ok
15:24:07.0790 6992 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:24:07.0791 6992 mshidkmdf - ok
15:24:07.0801 6992 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:24:07.0802 6992 msisadrv - ok
15:24:07.0825 6992 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:24:07.0828 6992 MSiSCSI - ok
15:24:07.0834 6992 msiserver - ok
15:24:07.0859 6992 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:24:07.0860 6992 MSKSSRV - ok
15:24:07.0908 6992 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:24:07.0908 6992 MsMpSvc - ok
15:24:07.0923 6992 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:24:07.0924 6992 MSPCLOCK - ok
15:24:07.0936 6992 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:24:07.0937 6992 MSPQM - ok
15:24:07.0956 6992 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:24:07.0961 6992 MsRPC - ok
15:24:07.0971 6992 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:24:07.0973 6992 mssmbios - ok
15:24:07.0982 6992 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:24:07.0983 6992 MSTEE - ok
15:24:08.0005 6992 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:24:08.0006 6992 MTConfig - ok
15:24:08.0014 6992 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:24:08.0015 6992 Mup - ok
15:24:08.0037 6992 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
15:24:08.0044 6992 napagent - ok
15:24:08.0072 6992 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:24:08.0077 6992 NativeWifiP - ok
15:24:08.0109 6992 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:24:08.0134 6992 NDIS - ok
15:24:08.0158 6992 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:24:08.0159 6992 NdisCap - ok
15:24:08.0172 6992 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:24:08.0173 6992 NdisTapi - ok
15:24:08.0191 6992 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:24:08.0192 6992 Ndisuio - ok
15:24:08.0203 6992 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:24:08.0206 6992 NdisWan - ok
15:24:08.0212 6992 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:24:08.0213 6992 NDProxy - ok
15:24:08.0222 6992 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:24:08.0223 6992 NetBIOS - ok
15:24:08.0234 6992 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:24:08.0238 6992 NetBT - ok
15:24:08.0262 6992 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
15:24:08.0264 6992 Netlogon - ok
15:24:08.0303 6992 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:24:08.0308 6992 Netman - ok
15:24:08.0335 6992 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:08.0339 6992 NetMsmqActivator - ok
15:24:08.0344 6992 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:08.0346 6992 NetPipeActivator - ok
15:24:08.0373 6992 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:24:08.0382 6992 netprofm - ok
15:24:08.0421 6992 [ 44D4BD55191624C82A2745296BA42814 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
15:24:08.0429 6992 netr28x - ok
15:24:08.0436 6992 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:08.0437 6992 NetTcpActivator - ok
15:24:08.0443 6992 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:24:08.0445 6992 NetTcpPortSharing - ok
15:24:08.0462 6992 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:24:08.0463 6992 nfrd960 - ok
15:24:08.0503 6992 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:24:08.0506 6992 NisDrv - ok
15:24:08.0544 6992 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:24:08.0547 6992 NisSrv - ok
15:24:08.0575 6992 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:24:08.0581 6992 NlaSvc - ok
15:24:08.0590 6992 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:24:08.0592 6992 Npfs - ok
15:24:08.0606 6992 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:24:08.0608 6992 nsi - ok
15:24:08.0614 6992 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:24:08.0615 6992 nsiproxy - ok
15:24:08.0665 6992 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:24:08.0698 6992 Ntfs - ok
15:24:08.0711 6992 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:24:08.0712 6992 Null - ok
15:24:08.0992 6992 [ 2218C0F9D4C694460340F2F8ADCCC9C0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:24:09.0203 6992 nvlddmkm - ok
15:24:09.0245 6992 [ 9C3024E48DB4C98E50AF7D8B72D0EF89 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
15:24:09.0249 6992 NVNET - ok
15:24:09.0265 6992 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
15:24:09.0267 6992 nvraid - ok
15:24:09.0283 6992 [ AFDE3015BB8D76E26BEC3B287C5443A0 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
15:24:09.0284 6992 nvsmu - ok
15:24:09.0296 6992 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
15:24:09.0299 6992 nvstor - ok
15:24:09.0321 6992 [ 6BA747B1A9297A6C0271700D12FDD495 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
15:24:09.0322 6992 nvstor64 - ok
15:24:09.0339 6992 [ 5218967E54DBC9CB4AAEA53247A0F275 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:24:09.0345 6992 nvsvc - ok
15:24:09.0364 6992 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:24:09.0367 6992 nv_agp - ok
15:24:09.0380 6992 [ 1A71763DD0DF7AB7B435EFA1DDE710C6 ] NW1950 C:\Windows\system32\DRIVERS\NW1950.sys
15:24:09.0382 6992 NW1950 - ok
15:24:09.0455 6992 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:24:09.0460 6992 odserv - ok
15:24:09.0477 6992 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:24:09.0479 6992 ohci1394 - ok
15:24:09.0510 6992 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:24:09.0512 6992 ose - ok
15:24:09.0536 6992 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:24:09.0542 6992 p2pimsvc - ok
15:24:09.0558 6992 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:24:09.0566 6992 p2psvc - ok
15:24:09.0582 6992 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:24:09.0585 6992 Parport - ok
15:24:09.0606 6992 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:24:09.0608 6992 partmgr - ok
15:24:09.0627 6992 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:24:09.0631 6992 PcaSvc - ok
15:24:09.0641 6992 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
15:24:09.0644 6992 pci - ok
15:24:09.0658 6992 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:24:09.0659 6992 pciide - ok
15:24:09.0686 6992 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:24:09.0691 6992 pcmcia - ok
15:24:09.0698 6992 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:24:09.0701 6992 pcw - ok
15:24:09.0723 6992 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:24:09.0730 6992 PEAUTH - ok
15:24:09.0796 6992 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:24:09.0798 6992 PerfHost - ok
15:24:09.0848 6992 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
15:24:09.0885 6992 pla - ok
15:24:09.0914 6992 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:24:09.0920 6992 PlugPlay - ok
15:24:09.0936 6992 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:24:09.0939 6992 PNRPAutoReg - ok
15:24:09.0950 6992 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:24:09.0953 6992 PNRPsvc - ok
15:24:09.0996 6992 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:24:10.0002 6992 PolicyAgent - ok
15:24:10.0034 6992 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:24:10.0038 6992 Power - ok
15:24:10.0052 6992 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:24:10.0054 6992 PptpMiniport - ok
15:24:10.0074 6992 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:24:10.0076 6992 Processor - ok
15:24:10.0097 6992 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
15:24:10.0101 6992 ProfSvc - ok
15:24:10.0110 6992 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:24:10.0112 6992 ProtectedStorage - ok
15:24:10.0127 6992 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:24:10.0129 6992 Psched - ok
15:24:10.0163 6992 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:24:10.0196 6992 ql2300 - ok
15:24:10.0209 6992 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:24:10.0212 6992 ql40xx - ok
15:24:10.0250 6992 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:24:10.0254 6992 QWAVE - ok
15:24:10.0265 6992 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:24:10.0267 6992 QWAVEdrv - ok
15:24:10.0285 6992 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:24:10.0286 6992 RasAcd - ok
15:24:10.0305 6992 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:24:10.0306 6992 RasAgileVpn - ok
15:24:10.0321 6992 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:24:10.0325 6992 RasAuto - ok
15:24:10.0334 6992 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:24:10.0337 6992 Rasl2tp - ok
15:24:10.0359 6992 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
15:24:10.0364 6992 RasMan - ok
15:24:10.0371 6992 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:24:10.0373 6992 RasPppoe - ok
15:24:10.0383 6992 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:24:10.0385 6992 RasSstp - ok
15:24:10.0396 6992 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:24:10.0400 6992 rdbss - ok
15:24:10.0418 6992 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:24:10.0420 6992 rdpbus - ok
15:24:10.0439 6992 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:24:10.0441 6992 RDPCDD - ok
15:24:10.0458 6992 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:24:10.0459 6992 RDPENCDD - ok
15:24:10.0468 6992 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:24:10.0469 6992 RDPREFMP - ok
15:24:10.0505 6992 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:24:10.0508 6992 RDPWD - ok
15:24:10.0541 6992 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:24:10.0548 6992 rdyboost - ok
15:24:10.0579 6992 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:24:10.0583 6992 RemoteAccess - ok
15:24:10.0598 6992 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:24:10.0602 6992 RemoteRegistry - ok
15:24:10.0612 6992 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:24:10.0614 6992 RFCOMM - ok
15:24:10.0630 6992 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:24:10.0633 6992 RpcEptMapper - ok
15:24:10.0640 6992 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:24:10.0642 6992 RpcLocator - ok
15:24:10.0664 6992 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
15:24:10.0669 6992 RpcSs - ok
15:24:10.0686 6992 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:24:10.0688 6992 rspndr - ok
15:24:10.0694 6992 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
15:24:10.0697 6992 SamSs - ok
15:24:10.0747 6992 [ F444EBA4C58AD1D6D1DA9850C2B5D829 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
15:24:10.0749 6992 SbieDrv - ok
15:24:10.0760 6992 [ 9E92ABAE6F6A63C4307FE7CC4AC95831 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
15:24:10.0762 6992 SbieSvc - ok
15:24:10.0770 6992 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:24:10.0772 6992 sbp2port - ok
15:24:10.0783 6992 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:24:10.0786 6992 SCardSvr - ok
15:24:10.0820 6992 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:24:10.0827 6992 scfilter - ok
15:24:10.0878 6992 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
15:24:10.0904 6992 Schedule - ok
15:24:10.0928 6992 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:24:10.0930 6992 SCPolicySvc - ok
15:24:10.0938 6992 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:24:10.0943 6992 SDRSVC - ok
15:24:10.0958 6992 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:24:10.0959 6992 secdrv - ok
15:24:10.0971 6992 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
15:24:10.0974 6992 seclogon - ok
15:24:10.0986 6992 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:24:10.0989 6992 SENS - ok
15:24:10.0998 6992 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:24:11.0002 6992 SensrSvc - ok
15:24:11.0014 6992 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:24:11.0016 6992 Serenum - ok
15:24:11.0030 6992 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:24:11.0032 6992 Serial - ok
15:24:11.0048 6992 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:24:11.0050 6992 sermouse - ok
15:24:11.0118 6992 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
15:24:11.0201 6992 SessionEnv - ok
15:24:11.0209 6992 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:24:11.0212 6992 sffdisk - ok
15:24:11.0218 6992 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:24:11.0221 6992 sffp_mmc - ok
15:24:11.0228 6992 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:24:11.0230 6992 sffp_sd - ok
15:24:11.0257 6992 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:24:11.0259 6992 sfloppy - ok
15:24:11.0278 6992 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:24:11.0283 6992 SharedAccess - ok
15:24:11.0307 6992 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:24:11.0312 6992 ShellHWDetection - ok
15:24:11.0320 6992 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:24:11.0322 6992 SiSRaid2 - ok
15:24:11.0330 6992 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:24:11.0332 6992 SiSRaid4 - ok
15:24:11.0367 6992 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:24:11.0371 6992 SkypeUpdate - ok
15:24:11.0388 6992 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:24:11.0391 6992 Smb - ok
15:24:11.0411 6992 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:24:11.0414 6992 SNMPTRAP - ok
15:24:11.0421 6992 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:24:11.0424 6992 spldr - ok
15:24:11.0453 6992 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
15:24:11.0460 6992 Spooler - ok
15:24:11.0528 6992 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
15:24:11.0587 6992 sppsvc - ok
15:24:11.0606 6992 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:24:11.0611 6992 sppuinotify - ok
15:24:11.0646 6992 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:24:11.0650 6992 srv - ok
15:24:11.0676 6992 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:24:11.0681 6992 srv2 - ok
15:24:11.0701 6992 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:24:11.0703 6992 srvnet - ok
15:24:11.0721 6992 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:24:11.0728 6992 SSDPSRV - ok
15:24:11.0735 6992 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:24:11.0743 6992 SstpSvc - ok
15:24:11.0758 6992 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:24:11.0760 6992 stexstor - ok
15:24:11.0803 6992 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
15:24:11.0813 6992 stisvc - ok
15:24:11.0828 6992 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:24:11.0834 6992 swenum - ok
15:24:11.0869 6992 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:24:11.0878 6992 swprv - ok
15:24:11.0953 6992 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
15:24:11.0989 6992 SysMain - ok
15:24:12.0006 6992 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:24:12.0010 6992 TabletInputService - ok
15:24:12.0025 6992 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
15:24:12.0033 6992 TapiSrv - ok
15:24:12.0044 6992 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:24:12.0047 6992 TBS - ok
15:24:12.0098 6992 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:24:12.0141 6992 Tcpip - ok
15:24:12.0322 6992 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:24:12.0333 6992 TCPIP6 - ok
15:24:12.0391 6992 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:24:12.0425 6992 tcpipreg - ok
15:24:12.0451 6992 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:24:12.0453 6992 TDPIPE - ok
15:24:12.0475 6992 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:24:12.0478 6992 TDTCP - ok
15:24:12.0490 6992 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:24:12.0493 6992 tdx - ok
15:24:12.0705 6992 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
15:24:12.0730 6992 TeamViewer7 - ok
15:24:12.0739 6992 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:24:12.0741 6992 TermDD - ok
15:24:12.0776 6992 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
15:24:12.0787 6992 TermService - ok
15:24:12.0799 6992 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:24:12.0802 6992 Themes - ok
15:24:12.0859 6992 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:24:12.0860 6992 THREADORDER - ok
15:24:12.0873 6992 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:24:12.0877 6992 TrkWks - ok
15:24:12.0917 6992 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:24:12.0920 6992 TrustedInstaller - ok
15:24:12.0936 6992 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:24:12.0937 6992 tssecsrv - ok
15:24:12.0961 6992 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:24:12.0963 6992 tunnel - ok
15:24:12.0977 6992 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:24:12.0978 6992 uagp35 - ok
15:24:12.0994 6992 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:24:13.0000 6992 udfs - ok
15:24:13.0022 6992 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:24:13.0026 6992 UI0Detect - ok
15:24:13.0033 6992 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:24:13.0035 6992 uliagpkx - ok
15:24:13.0042 6992 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:24:13.0046 6992 umbus - ok
15:24:13.0060 6992 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:24:13.0062 6992 UmPass - ok
15:24:13.0111 6992 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
15:24:13.0116 6992 UMVPFSrv - ok
15:24:13.0136 6992 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:24:13.0143 6992 upnphost - ok
15:24:13.0167 6992 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:24:13.0169 6992 usbaudio - ok
15:24:13.0188 6992 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:24:13.0190 6992 usbccgp - ok
15:24:13.0197 6992 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:24:13.0199 6992 usbcir - ok
15:24:13.0227 6992 [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:24:13.0229 6992 usbehci - ok
15:24:13.0253 6992 [ 372A91BC3C6603080A793880B0873785 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:24:13.0257 6992 usbhub - ok
15:24:13.0286 6992 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:24:13.0289 6992 usbohci - ok
15:24:13.0299 6992 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:24:13.0300 6992 usbprint - ok
15:24:13.0338 6992 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:24:13.0340 6992 usbscan - ok
15:24:13.0355 6992 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:24:13.0357 6992 USBSTOR - ok
15:24:13.0381 6992 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:24:13.0384 6992 usbuhci - ok
15:24:13.0423 6992 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:24:13.0426 6992 usbvideo - ok
15:24:13.0439 6992 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:24:13.0443 6992 UxSms - ok
15:24:13.0455 6992 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
15:24:13.0457 6992 VaultSvc - ok
15:24:13.0483 6992 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:24:13.0485 6992 vdrvroot - ok
15:24:13.0510 6992 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
15:24:13.0519 6992 vds - ok
15:24:13.0550 6992 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:24:13.0551 6992 vga - ok
15:24:13.0559 6992 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:24:13.0561 6992 VgaSave - ok
15:24:13.0573 6992 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:24:13.0578 6992 vhdmp - ok
15:24:13.0594 6992 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:24:13.0596 6992 viaide - ok
15:24:13.0612 6992 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:24:13.0614 6992 volmgr - ok
15:24:13.0626 6992 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:24:13.0631 6992 volmgrx - ok
15:24:13.0642 6992 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:24:13.0646 6992 volsnap - ok
15:24:13.0653 6992 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:24:13.0657 6992 vsmraid - ok
15:24:13.0699 6992 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
15:24:13.0735 6992 VSS - ok
15:24:13.0751 6992 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:24:13.0752 6992 vwifibus - ok
15:24:13.0760 6992 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:24:13.0761 6992 vwififlt - ok
15:24:13.0783 6992 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:24:13.0793 6992 W32Time - ok
15:24:13.0812 6992 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:24:13.0815 6992 WacomPen - ok
15:24:13.0821 6992 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:24:13.0823 6992 WANARP - ok
15:24:13.0830 6992 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:24:13.0831 6992 Wanarpv6 - ok
15:24:13.0911 6992 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:24:13.0936 6992 WatAdminSvc - ok
15:24:13.0987 6992 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
15:24:14.0021 6992 wbengine - ok
15:24:14.0035 6992 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:24:14.0042 6992 WbioSrvc - ok
15:24:14.0062 6992 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:24:14.0070 6992 wcncsvc - ok
15:24:14.0085 6992 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:24:14.0090 6992 WcsPlugInService - ok
15:24:14.0117 6992 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:24:14.0119 6992 Wd - ok
15:24:14.0134 6992 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:24:14.0143 6992 Wdf01000 - ok
15:24:14.0158 6992 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:24:14.0161 6992 WdiServiceHost - ok
15:24:14.0169 6992 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:24:14.0172 6992 WdiSystemHost - ok
15:24:14.0202 6992 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
15:24:14.0207 6992 WebClient - ok
15:24:14.0226 6992 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:24:14.0232 6992 Wecsvc - ok
15:24:14.0245 6992 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:24:14.0249 6992 wercplsupport - ok
15:24:14.0269 6992 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:24:14.0273 6992 WerSvc - ok
15:24:14.0290 6992 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:24:14.0292 6992 WfpLwf - ok
15:24:14.0306 6992 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:24:14.0308 6992 WIMMount - ok
15:24:14.0320 6992 WinHttpAutoProxySvc - ok
15:24:14.0367 6992 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:24:14.0370 6992 Winmgmt - ok
15:24:14.0429 6992 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
15:24:14.0465 6992 WinRM - ok
15:24:14.0527 6992 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:24:14.0539 6992 Wlansvc - ok
15:24:14.0633 6992 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:24:14.0679 6992 wlidsvc - ok
15:24:14.0695 6992 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:24:14.0695 6992 WmiAcpi - ok
15:24:14.0714 6992 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:24:14.0717 6992 wmiApSrv - ok
15:24:14.0741 6992 WMPNetworkSvc - ok
15:24:14.0748 6992 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:24:14.0751 6992 WPCSvc - ok
15:24:14.0768 6992 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:24:14.0771 6992 WPDBusEnum - ok
15:24:14.0790 6992 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:24:14.0792 6992 ws2ifsl - ok
15:24:14.0819 6992 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
15:24:14.0822 6992 wscsvc - ok
15:24:14.0830 6992 WSearch - ok
15:24:14.0919 6992 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:24:14.0971 6992 wuauserv - ok
15:24:14.0989 6992 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:24:14.0991 6992 WudfPf - ok
15:24:15.0005 6992 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:24:15.0007 6992 WUDFRd - ok
15:24:15.0019 6992 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:24:15.0023 6992 wudfsvc - ok
15:24:15.0038 6992 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:24:15.0043 6992 WwanSvc - ok
15:24:15.0100 6992 [ 74983ADDCA2D9618512C088D856D6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
15:24:15.0102 6992 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
15:24:15.0118 6992 ================ Scan global ===============================
15:24:15.0136 6992 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:24:15.0168 6992 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
15:24:15.0183 6992 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
15:24:15.0211 6992 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:24:15.0232 6992 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:24:15.0238 6992 [Global] - ok
15:24:15.0239 6992 ================ Scan MBR ==================================
15:24:15.0242 6992 [ DC7A1003446BE08FE7824D3300129B8D ] \Device\Harddisk0\DR0
15:24:15.0243 6992 Suspicious mbr (Forged): \Device\Harddisk0\DR0
15:24:15.0270 6992 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:24:15.0270 6992 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:24:15.0303 6992 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:24:15.0303 6992 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:24:15.0309 6992 [ BBB0A0725AD66F38B1A32135F3CB55D6 ] \Device\Harddisk2\DR2
15:24:15.0464 6992 \Device\Harddisk2\DR2 - ok
15:24:15.0465 6992 ================ Scan VBR ==================================
15:24:15.0477 6992 [ B0F0F6EFCEEE81682B6EDC1C1080186D ] \Device\Harddisk0\DR0\Partition1
15:24:15.0480 6992 \Device\Harddisk0\DR0\Partition1 - ok
15:24:15.0491 6992 [ 6014FD11EF208D9FFC0A8D708E1AA739 ] \Device\Harddisk0\DR0\Partition2
15:24:15.0493 6992 \Device\Harddisk0\DR0\Partition2 - ok
15:24:15.0517 6992 [ E7BBD09BC00C059FE405B0EE41D9DC40 ] \Device\Harddisk0\DR0\Partition3
15:24:15.0518 6992 \Device\Harddisk0\DR0\Partition3 - ok
15:24:15.0523 6992 [ EA917A48676CB86A5DF9429BF003D718 ] \Device\Harddisk2\DR2\Partition1
15:24:15.0528 6992 \Device\Harddisk2\DR2\Partition1 - ok
15:24:15.0528 6992 ============================================================
15:24:15.0529 6992 Scan finished
15:24:15.0529 6992 ============================================================
15:24:15.0544 6076 Detected object count: 2
15:24:15.0544 6076 Actual detected object count: 2

aswMBR LOG:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-20 15:26:09
-----------------------------
15:26:09.723 OS Version: Windows x64 6.1.7600
15:26:09.723 Number of processors: 2 586 0x1706
15:26:09.725 ComputerName: ZACHARY-PC UserName: Zach 2
15:26:11.732 Initialize success
15:28:31.383 AVAST engine defs: 12102001
15:28:41.308 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005c
15:28:41.311 Disk 0 Vendor: ST375052 HP22 Size: 715404MB BusType: 3
15:28:41.314 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000008c
15:28:41.317 Disk 2 Vendor: Size: 715404MB BusType: 0
15:28:41.320 Device \Driver\nvstor64 -> MajorFunction fffffa8004e035e8
15:28:41.323 Disk 0 MBR read successfully
15:28:41.327 Disk 0 MBR scan
15:28:41.333 Disk 0 unknown MBR code
15:28:41.346 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:28:41.384 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 701868 MB offset 206848
15:28:41.444 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13433 MB offset 1437633281
15:28:41.541 Disk 0 scanning C:\Windows\system32\drivers
15:28:53.831 Service scanning
15:29:26.025 Modules scanning
15:29:26.038 Disk 0 trace - called modules:
15:29:26.046 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8004e035e8]<<
15:29:26.052 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800459e130]
15:29:26.059 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa80040867b0]
15:29:26.068 5 ACPI.sys[fffff88000ee7781] -> nt!IofCallDriver -> \Device\0000005c[0xfffffa8004086060]
15:29:26.075 \Driver\nvstor64[0xfffffa8004c88d10] -> IRP_MJ_CREATE -> 0xfffffa8004e035e8
15:29:28.489 AVAST engine scan C:\Windows
15:29:32.324 AVAST engine scan C:\Windows\system32
15:34:26.383 AVAST engine scan C:\Windows\system32\drivers
15:34:54.785 AVAST engine scan C:\Users\Zach 2
15:36:24.602 AVAST engine scan C:\ProgramData
15:39:44.100 Scan finished successfully
15:40:16.659 Disk 0 MBR has been saved successfully to "C:\Users\Zach 2\Documents\MBR.dat"
15:40:16.668 The log file has been saved successfully to "C:\Users\Zach 2\Documents\aswMBR.txt"


ESET RESULTS:

C:\Sandbox\Zachary\DefaultBox\user\current\Downloads\PlayBryte_FA_Setup.exe a variant of Win32/Adware.iBryte.C application cleaned by deleting - quarantined
C:\Users\Zachary\AppData\Local\GamesLeapSA\bin\1.0.7.0\gamesleapSA.exe probably a variant of Win32/Adware.180Solutions application cleaned by deleting - quarantined
C:\Users\Zachary\Downloads\SoftonicDownloader_for_yahoo-messenger.exe a variant of Win32/SoftonicDownloader.E application cleaned by deleting - quarantined
H:\CAREER STEP THINGS I WANT TO KEEP\2011-10-02 180029\C\Program Files (x86)\WhiteSmoke\html\english\dictClientDic\index.html HTML/WhiteSmoke application cleaned by deleting - quarantined
H:\CAREER STEP THINGS I WANT TO KEEP\2011-10-02 180029\C\Program Files (x86)\WhiteSmoke\html\english\dictClientDic\translator.html HTML/WhiteSmoke application cleaned by deleting - quarantined
H:\CAREER STEP THINGS I WANT TO KEEP\2011-10-03 012055\C\Program Files (x86)\WhiteSmoke\html\english\dictClientDic\index.html HTML/WhiteSmoke application cleaned by deleting - quarantined
H:\CAREER STEP THINGS I WANT TO KEEP\2011-10-03 012055\C\Program Files (x86)\WhiteSmoke\html\english\dictClientDic\translator.html HTML/WhiteSmoke application cleaned by deleting - quarantined
H:\CAREER STEP THINGS I WANT TO KEEP\2011-10-03 012055\C\Users\User\AppData\Local\Temp\YontooLayers\background.html Win32/Adware.Yontoo.C application cleaned by deleting - quarantined

Edited by Frazzled7, 20 October 2012 - 06:38 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:07 PM

Posted 20 October 2012 - 05:08 PM

15:24:15.0270 6992 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
15:24:15.0270 6992 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
15:24:15.0303 6992 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:24:15.0303 6992 \Device\Harddisk0\DR0 - detected TDSS File System (1)


You missed it? Run TDSSkiller again and select

Rootkit.Boot.Pihar.c-CURE
TDSS File System-DELETE

Rescan and post the clean log

Edited by narenxp, 20 October 2012 - 05:08 PM.


#5 Frazzled7

Frazzled7
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 20 October 2012 - 05:09 PM

No I did not miss it. I still have those programs open. I just did not want to remove anything until you gave the okay.

aswMBR also found some stuff. Should I fix it (fix mbr)? Thanks.

Edited by Frazzled7, 20 October 2012 - 05:11 PM.


#6 Frazzled7

Frazzled7
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:07 PM

Posted 20 October 2012 - 06:46 PM

RESCAN WITH TDDS AFTER CLEANING

17:44:03.0387 3156 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:44:03.0850 3156 ============================================================
17:44:03.0850 3156 Current date / time: 2012/10/20 17:44:03.0850
17:44:03.0850 3156 SystemInfo:
17:44:03.0850 3156
17:44:03.0850 3156 OS Version: 6.1.7600 ServicePack: 0.0
17:44:03.0850 3156 Product type: Workstation
17:44:03.0850 3156 ComputerName: ZACHARY-PC
17:44:03.0850 3156 UserName: Zach 2
17:44:03.0850 3156 Windows directory: C:\Windows
17:44:03.0850 3156 System windows directory: C:\Windows
17:44:03.0850 3156 Running under WOW64
17:44:03.0850 3156 Processor architecture: Intel x64
17:44:03.0850 3156 Number of processors: 2
17:44:03.0850 3156 Page size: 0x1000
17:44:03.0850 3156 Boot type: Normal boot
17:44:03.0850 3156 ============================================================
17:44:05.0771 3156 BG loaded
17:44:06.0094 3156 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:44:06.0110 3156 Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:44:06.0113 3156 ============================================================
17:44:06.0113 3156 \Device\Harddisk0\DR0:
17:44:06.0113 3156 MBR partitions:
17:44:06.0113 3156 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:44:06.0113 3156 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x55AD6301
17:44:06.0113 3156 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x55B08B01, BlocksNum 0x1A3C800
17:44:06.0113 3156 \Device\Harddisk2\DR2:
17:44:06.0114 3156 MBR partitions:
17:44:06.0114 3156 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
17:44:06.0114 3156 ============================================================
17:44:06.0133 3156 C: <-> \Device\Harddisk0\DR0\Partition2
17:44:06.0173 3156 D: <-> \Device\Harddisk0\DR0\Partition3
17:44:06.0217 3156 H: <-> \Device\Harddisk2\DR2\Partition1
17:44:06.0217 3156 ============================================================
17:44:06.0217 3156 Initialize success
17:44:06.0217 3156 ============================================================
17:44:08.0231 5744 ============================================================
17:44:08.0231 5744 Scan started
17:44:08.0231 5744 Mode: Manual;
17:44:08.0231 5744 ============================================================
17:44:08.0835 5744 ================ Scan system memory ========================
17:44:08.0835 5744 System memory - ok
17:44:08.0835 5744 ================ Scan services =============================
17:44:08.0970 5744 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:44:08.0972 5744 1394ohci - ok
17:44:08.0993 5744 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:44:08.0997 5744 ACPI - ok
17:44:09.0007 5744 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:44:09.0008 5744 AcpiPmi - ok
17:44:09.0033 5744 [ DE7E8D852A806BE6091983838BF9697F ] ACPIService C:\Windows\system32\DRIVERS\OSDACPI.SYS
17:44:09.0033 5744 ACPIService - ok
17:44:09.0098 5744 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:44:09.0099 5744 AdobeARMservice - ok
17:44:09.0109 5744 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:44:09.0115 5744 adp94xx - ok
17:44:09.0123 5744 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:44:09.0127 5744 adpahci - ok
17:44:09.0144 5744 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:44:09.0146 5744 adpu320 - ok
17:44:09.0169 5744 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:44:09.0170 5744 AeLookupSvc - ok
17:44:09.0199 5744 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
17:44:09.0200 5744 AERTFilters - ok
17:44:09.0236 5744 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
17:44:09.0240 5744 AFD - ok
17:44:09.0255 5744 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:44:09.0257 5744 agp440 - ok
17:44:09.0280 5744 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:44:09.0282 5744 ALG - ok
17:44:09.0294 5744 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:44:09.0295 5744 aliide - ok
17:44:09.0326 5744 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:44:09.0327 5744 amdide - ok
17:44:09.0342 5744 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:44:09.0343 5744 AmdK8 - ok
17:44:09.0361 5744 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:44:09.0362 5744 AmdPPM - ok
17:44:09.0368 5744 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:44:09.0370 5744 amdsata - ok
17:44:09.0377 5744 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:44:09.0380 5744 amdsbs - ok
17:44:09.0384 5744 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:44:09.0386 5744 amdxata - ok
17:44:09.0401 5744 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:44:09.0403 5744 AppID - ok
17:44:09.0422 5744 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:44:09.0423 5744 AppIDSvc - ok
17:44:09.0440 5744 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:44:09.0441 5744 Appinfo - ok
17:44:09.0495 5744 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:44:09.0496 5744 Apple Mobile Device - ok
17:44:09.0502 5744 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:44:09.0504 5744 arc - ok
17:44:09.0509 5744 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:44:09.0511 5744 arcsas - ok
17:44:09.0577 5744 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:44:09.0602 5744 aspnet_state - ok
17:44:09.0623 5744 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:44:09.0625 5744 AsyncMac - ok
17:44:09.0636 5744 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:44:09.0638 5744 atapi - ok
17:44:09.0663 5744 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:44:09.0668 5744 AudioEndpointBuilder - ok
17:44:09.0681 5744 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:44:09.0687 5744 AudioSrv - ok
17:44:09.0714 5744 [ A63B31D668424F7C20D0773769DBBB1E ] AVerAVF2 C:\Windows\system32\DRIVERS\AVerAVF2.sys
17:44:09.0722 5744 AVerAVF2 - ok
17:44:09.0737 5744 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:44:09.0739 5744 AxInstSV - ok
17:44:09.0750 5744 Scan interrupted by user!
17:44:09.0750 5744 ================ Scan global ===============================
17:44:09.0750 5744 Scan interrupted by user!
17:44:09.0750 5744 ================ Scan MBR ==================================
17:44:09.0750 5744 Scan interrupted by user!
17:44:09.0750 5744 ================ Scan VBR ==================================
17:44:09.0750 5744 Scan interrupted by user!
17:44:09.0750 5744 ============================================================
17:44:09.0750 5744 Scan finished
17:44:09.0750 5744 ============================================================
17:44:09.0760 2768 Detected object count: 0
17:44:09.0760 2768 Actual detected object count: 0
17:44:16.0173 2744 ============================================================
17:44:16.0173 2744 Scan started
17:44:16.0173 2744 Mode: Manual; TDLFS;
17:44:16.0173 2744 ============================================================
17:44:16.0380 2744 ================ Scan system memory ========================
17:44:16.0380 2744 System memory - ok
17:44:16.0381 2744 ================ Scan services =============================
17:44:16.0471 2744 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:44:16.0474 2744 1394ohci - ok
17:44:16.0494 2744 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:44:16.0497 2744 ACPI - ok
17:44:16.0503 2744 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:44:16.0503 2744 AcpiPmi - ok
17:44:16.0517 2744 [ DE7E8D852A806BE6091983838BF9697F ] ACPIService C:\Windows\system32\DRIVERS\OSDACPI.SYS
17:44:16.0517 2744 ACPIService - ok
17:44:16.0566 2744 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:44:16.0566 2744 AdobeARMservice - ok
17:44:16.0577 2744 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:44:16.0580 2744 adp94xx - ok
17:44:16.0588 2744 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:44:16.0590 2744 adpahci - ok
17:44:16.0598 2744 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:44:16.0599 2744 adpu320 - ok
17:44:16.0620 2744 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:44:16.0621 2744 AeLookupSvc - ok
17:44:16.0641 2744 [ 3AC22A3DFA8A050E35F0E3CD99D0CDF2 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
17:44:16.0642 2744 AERTFilters - ok
17:44:16.0670 2744 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
17:44:16.0674 2744 AFD - ok
17:44:16.0689 2744 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:44:16.0690 2744 agp440 - ok
17:44:16.0706 2744 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:44:16.0707 2744 ALG - ok
17:44:16.0720 2744 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:44:16.0720 2744 aliide - ok
17:44:16.0735 2744 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:44:16.0735 2744 amdide - ok
17:44:16.0740 2744 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:44:16.0741 2744 AmdK8 - ok
17:44:16.0747 2744 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:44:16.0748 2744 AmdPPM - ok
17:44:16.0754 2744 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:44:16.0755 2744 amdsata - ok
17:44:16.0762 2744 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:44:16.0764 2744 amdsbs - ok
17:44:16.0769 2744 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:44:16.0770 2744 amdxata - ok
17:44:16.0785 2744 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:44:16.0786 2744 AppID - ok
17:44:16.0797 2744 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:44:16.0798 2744 AppIDSvc - ok
17:44:16.0803 2744 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:44:16.0804 2744 Appinfo - ok
17:44:16.0846 2744 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:44:16.0847 2744 Apple Mobile Device - ok
17:44:16.0853 2744 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:44:16.0854 2744 arc - ok
17:44:16.0861 2744 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:44:16.0862 2744 arcsas - ok
17:44:16.0928 2744 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:44:16.0929 2744 aspnet_state - ok
17:44:16.0949 2744 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:44:16.0950 2744 AsyncMac - ok
17:44:16.0956 2744 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:44:16.0956 2744 atapi - ok
17:44:16.0988 2744 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:44:16.0992 2744 AudioEndpointBuilder - ok
17:44:17.0004 2744 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:44:17.0008 2744 AudioSrv - ok
17:44:17.0039 2744 [ A63B31D668424F7C20D0773769DBBB1E ] AVerAVF2 C:\Windows\system32\DRIVERS\AVerAVF2.sys
17:44:17.0045 2744 AVerAVF2 - ok
17:44:17.0054 2744 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:44:17.0055 2744 AxInstSV - ok
17:44:17.0080 2744 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:44:17.0086 2744 b06bdrv - ok
17:44:17.0106 2744 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:44:17.0110 2744 b57nd60a - ok
17:44:17.0131 2744 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:44:17.0133 2744 BDESVC - ok
17:44:17.0150 2744 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:44:17.0150 2744 Beep - ok
17:44:17.0175 2744 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
17:44:17.0181 2744 BFE - ok
17:44:17.0233 2744 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
17:44:17.0243 2744 BITS - ok
17:44:17.0255 2744 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:44:17.0256 2744 blbdrive - ok
17:44:17.0308 2744 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:44:17.0311 2744 Bonjour Service - ok
17:44:17.0337 2744 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:44:17.0338 2744 bowser - ok
17:44:17.0343 2744 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:44:17.0344 2744 BrFiltLo - ok
17:44:17.0350 2744 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:44:17.0351 2744 BrFiltUp - ok
17:44:17.0393 2744 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
17:44:17.0394 2744 Browser - ok
17:44:17.0403 2744 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:44:17.0407 2744 Brserid - ok
17:44:17.0421 2744 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:44:17.0428 2744 BrSerWdm - ok
17:44:17.0434 2744 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:44:17.0435 2744 BrUsbMdm - ok
17:44:17.0440 2744 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:44:17.0441 2744 BrUsbSer - ok
17:44:17.0473 2744 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:44:17.0474 2744 BthEnum - ok
17:44:17.0480 2744 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:44:17.0481 2744 BTHMODEM - ok
17:44:17.0496 2744 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:44:17.0497 2744 BthPan - ok
17:44:17.0534 2744 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:44:17.0537 2744 BTHPORT - ok
17:44:17.0548 2744 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:44:17.0548 2744 bthserv - ok
17:44:17.0560 2744 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:44:17.0561 2744 BTHUSB - ok
17:44:17.0586 2744 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:44:17.0587 2744 btwaudio - ok
17:44:17.0604 2744 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
17:44:17.0605 2744 btwavdt - ok
17:44:17.0688 2744 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:44:17.0695 2744 btwdins - ok
17:44:17.0705 2744 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
17:44:17.0706 2744 btwl2cap - ok
17:44:17.0719 2744 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:44:17.0719 2744 btwrchid - ok
17:44:17.0750 2744 [ A7784F6DD505672E11DBD7ACDC718E75 ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
17:44:17.0750 2744 CalendarSynchService - ok
17:44:17.0767 2744 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:44:17.0768 2744 cdfs - ok
17:44:17.0785 2744 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:44:17.0786 2744 cdrom - ok
17:44:17.0801 2744 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:44:17.0803 2744 CertPropSvc - ok
17:44:17.0808 2744 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:44:17.0809 2744 circlass - ok
17:44:17.0826 2744 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:44:17.0830 2744 CLFS - ok
17:44:17.0869 2744 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:44:17.0872 2744 clr_optimization_v2.0.50727_32 - ok
17:44:17.0906 2744 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:44:17.0908 2744 clr_optimization_v2.0.50727_64 - ok
17:44:17.0954 2744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:44:18.0000 2744 clr_optimization_v4.0.30319_32 - ok
17:44:18.0016 2744 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:44:18.0027 2744 clr_optimization_v4.0.30319_64 - ok
17:44:18.0043 2744 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:44:18.0044 2744 CmBatt - ok
17:44:18.0057 2744 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:44:18.0059 2744 cmdide - ok
17:44:18.0086 2744 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
17:44:18.0092 2744 CNG - ok
17:44:18.0105 2744 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:44:18.0106 2744 Compbatt - ok
17:44:18.0116 2744 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:44:18.0117 2744 CompositeBus - ok
17:44:18.0169 2744 COMSysApp - ok
17:44:18.0179 2744 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:44:18.0180 2744 crcdisk - ok
17:44:18.0219 2744 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:44:18.0220 2744 CryptSvc - ok
17:44:18.0244 2744 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:44:18.0248 2744 DcomLaunch - ok
17:44:18.0272 2744 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:44:18.0276 2744 defragsvc - ok
17:44:18.0298 2744 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:44:18.0299 2744 DfsC - ok
17:44:18.0314 2744 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:44:18.0317 2744 Dhcp - ok
17:44:18.0329 2744 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:44:18.0330 2744 discache - ok
17:44:18.0336 2744 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:44:18.0338 2744 Disk - ok
17:44:18.0363 2744 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:44:18.0364 2744 Dnscache - ok
17:44:18.0393 2744 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:44:18.0396 2744 dot3svc - ok
17:44:18.0407 2744 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:44:18.0409 2744 DPS - ok
17:44:18.0426 2744 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:44:18.0427 2744 drmkaud - ok
17:44:18.0468 2744 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:44:18.0476 2744 DXGKrnl - ok
17:44:18.0499 2744 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:44:18.0501 2744 EapHost - ok
17:44:18.0570 2744 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:44:18.0631 2744 ebdrv - ok
17:44:18.0656 2744 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
17:44:18.0658 2744 EFS - ok
17:44:18.0719 2744 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:44:18.0729 2744 ehRecvr - ok
17:44:18.0749 2744 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:44:18.0752 2744 ehSched - ok
17:44:18.0764 2744 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:44:18.0771 2744 elxstor - ok
17:44:18.0796 2744 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:44:18.0797 2744 ErrDev - ok
17:44:18.0822 2744 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:44:18.0826 2744 EventSystem - ok
17:44:18.0834 2744 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:44:18.0837 2744 exfat - ok
17:44:18.0851 2744 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:44:18.0855 2744 fastfat - ok
17:44:18.0888 2744 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:44:18.0892 2744 Fax - ok
17:44:18.0897 2744 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:44:18.0899 2744 fdc - ok
17:44:18.0908 2744 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:44:18.0909 2744 fdPHost - ok
17:44:18.0934 2744 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:44:18.0935 2744 FDResPub - ok
17:44:18.0940 2744 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:44:18.0942 2744 FileInfo - ok
17:44:18.0957 2744 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:44:18.0958 2744 Filetrace - ok
17:44:18.0965 2744 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:44:18.0966 2744 flpydisk - ok
17:44:18.0974 2744 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:44:18.0976 2744 FltMgr - ok
17:44:19.0002 2744 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
17:44:19.0010 2744 FontCache - ok
17:44:19.0040 2744 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:44:19.0041 2744 FontCache3.0.0.0 - ok
17:44:19.0052 2744 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:44:19.0053 2744 FsDepends - ok
17:44:19.0082 2744 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:44:19.0083 2744 Fs_Rec - ok
17:44:19.0108 2744 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:44:19.0111 2744 fvevol - ok
17:44:19.0126 2744 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:44:19.0128 2744 gagp30kx - ok
17:44:19.0176 2744 [ C44D560E441F091EA3B72F778EC60DE2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:44:19.0181 2744 GameConsoleService - ok
17:44:19.0199 2744 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:44:19.0199 2744 GEARAspiWDM - ok
17:44:19.0232 2744 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:44:19.0236 2744 gpsvc - ok
17:44:19.0315 2744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:19.0316 2744 gupdate - ok
17:44:19.0321 2744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:19.0323 2744 gupdatem - ok
17:44:19.0343 2744 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:44:19.0345 2744 hcw85cir - ok
17:44:19.0362 2744 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:44:19.0364 2744 HDAudBus - ok
17:44:19.0370 2744 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:44:19.0371 2744 HidBatt - ok
17:44:19.0390 2744 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:44:19.0392 2744 HidBth - ok
17:44:19.0398 2744 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:44:19.0399 2744 HidIr - ok
17:44:19.0411 2744 [ D4BFBA2EEC009E26854FE61110EF509F ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
17:44:19.0413 2744 hidkmdf - ok
17:44:19.0427 2744 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:44:19.0428 2744 hidserv - ok
17:44:19.0441 2744 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:44:19.0454 2744 HidUsb - ok
17:44:19.0482 2744 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:44:19.0484 2744 hkmsvc - ok
17:44:19.0498 2744 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:44:19.0500 2744 HomeGroupListener - ok
17:44:19.0523 2744 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:44:19.0525 2744 HomeGroupProvider - ok
17:44:19.0561 2744 [ 0141816A095A3F5A83FFA5B4A47B8023 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
17:44:19.0562 2744 HP Health Check Service - ok
17:44:19.0594 2744 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:44:19.0597 2744 hpqwmiex - ok
17:44:19.0603 2744 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:44:19.0604 2744 HpSAMD - ok
17:44:19.0634 2744 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:44:19.0639 2744 HTTP - ok
17:44:19.0648 2744 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:44:19.0649 2744 hwpolicy - ok
17:44:19.0663 2744 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:44:19.0666 2744 i8042prt - ok
17:44:19.0676 2744 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
17:44:19.0682 2744 iaStorV - ok
17:44:19.0722 2744 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:44:19.0732 2744 idsvc - ok
17:44:19.0741 2744 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:44:19.0743 2744 iirsp - ok
17:44:19.0766 2744 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:44:19.0771 2744 IKEEXT - ok
17:44:19.0823 2744 [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:44:19.0836 2744 IntcAzAudAddService - ok
17:44:19.0850 2744 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:44:19.0851 2744 intelide - ok
17:44:19.0865 2744 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:44:19.0866 2744 intelppm - ok
17:44:19.0877 2744 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:44:19.0879 2744 IPBusEnum - ok
17:44:19.0899 2744 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:44:19.0901 2744 IpFilterDriver - ok
17:44:19.0909 2744 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:44:19.0911 2744 IPMIDRV - ok
17:44:19.0917 2744 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:44:19.0919 2744 IPNAT - ok
17:44:19.0963 2744 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:44:19.0969 2744 iPod Service - ok
17:44:19.0981 2744 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:44:19.0982 2744 IRENUM - ok
17:44:19.0988 2744 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:44:19.0989 2744 isapnp - ok
17:44:20.0002 2744 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:44:20.0005 2744 iScsiPrt - ok
17:44:20.0011 2744 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:44:20.0011 2744 kbdclass - ok
17:44:20.0017 2744 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:44:20.0018 2744 kbdhid - ok
17:44:20.0030 2744 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
17:44:20.0031 2744 KeyIso - ok
17:44:20.0083 2744 [ 613CC08496F1FA91FB43303FB65D37C6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
17:44:20.0086 2744 Kodak AiO Network Discovery Service - ok
17:44:20.0110 2744 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:44:20.0112 2744 KSecDD - ok
17:44:20.0120 2744 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:44:20.0123 2744 KSecPkg - ok
17:44:20.0128 2744 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:44:20.0129 2744 ksthunk - ok
17:44:20.0172 2744 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:44:20.0179 2744 KtmRm - ok
17:44:20.0198 2744 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:44:20.0201 2744 LanmanServer - ok
17:44:20.0221 2744 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:44:20.0223 2744 LanmanWorkstation - ok
17:44:20.0238 2744 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:44:20.0238 2744 lltdio - ok
17:44:20.0262 2744 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:44:20.0266 2744 lltdsvc - ok
17:44:20.0276 2744 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:44:20.0277 2744 lmhosts - ok
17:44:20.0285 2744 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:44:20.0288 2744 LSI_FC - ok
17:44:20.0293 2744 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:44:20.0295 2744 LSI_SAS - ok
17:44:20.0307 2744 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:44:20.0309 2744 LSI_SAS2 - ok
17:44:20.0315 2744 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:44:20.0317 2744 LSI_SCSI - ok
17:44:20.0326 2744 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:44:20.0327 2744 luafv - ok
17:44:20.0357 2744 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
17:44:20.0359 2744 LVRS64 - ok
17:44:20.0461 2744 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
17:44:20.0491 2744 LVUVC64 - ok
17:44:20.0521 2744 [ F6216C0549996D6CF3006F743C8A0618 ] LWWLicenseService C:\Program Files (x86)\Common Files\WoltersKluwerLWW Shared\Service\LWWLicenseService.exe
17:44:23.0815 2744 LWWLicenseService - ok
17:44:23.0837 2744 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:44:23.0839 2744 Mcx2Svc - ok
17:44:23.0844 2744 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:44:23.0845 2744 megasas - ok
17:44:23.0853 2744 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:44:23.0857 2744 MegaSR - ok
17:44:23.0920 2744 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:44:23.0922 2744 Microsoft Office Groove Audit Service - ok
17:44:23.0939 2744 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:44:23.0941 2744 MMCSS - ok
17:44:23.0954 2744 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:44:23.0956 2744 Modem - ok
17:44:23.0962 2744 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:44:23.0962 2744 monitor - ok
17:44:23.0971 2744 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:44:23.0972 2744 mouclass - ok
17:44:23.0978 2744 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:44:23.0979 2744 mouhid - ok
17:44:23.0986 2744 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:44:23.0988 2744 mountmgr - ok
17:44:24.0021 2744 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:44:24.0022 2744 MpFilter - ok
17:44:24.0029 2744 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:44:24.0035 2744 mpio - ok
17:44:24.0042 2744 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:44:24.0043 2744 mpsdrv - ok
17:44:24.0065 2744 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:44:24.0070 2744 MpsSvc - ok
17:44:24.0089 2744 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:44:24.0093 2744 MRxDAV - ok
17:44:24.0115 2744 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:44:24.0116 2744 mrxsmb - ok
17:44:24.0130 2744 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:44:24.0132 2744 mrxsmb10 - ok
17:44:24.0144 2744 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:44:24.0145 2744 mrxsmb20 - ok
17:44:24.0151 2744 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:44:24.0152 2744 msahci - ok
17:44:24.0159 2744 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:44:24.0161 2744 msdsm - ok
17:44:24.0173 2744 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:44:24.0175 2744 MSDTC - ok
17:44:24.0194 2744 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:44:24.0195 2744 Msfs - ok
17:44:24.0211 2744 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:44:24.0212 2744 mshidkmdf - ok
17:44:24.0223 2744 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:44:24.0224 2744 msisadrv - ok
17:44:24.0247 2744 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:44:24.0250 2744 MSiSCSI - ok
17:44:24.0255 2744 msiserver - ok
17:44:24.0280 2744 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:44:24.0281 2744 MSKSSRV - ok
17:44:24.0312 2744 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:44:24.0313 2744 MsMpSvc - ok
17:44:24.0327 2744 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:44:24.0328 2744 MSPCLOCK - ok
17:44:24.0340 2744 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:44:24.0341 2744 MSPQM - ok
17:44:24.0361 2744 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:44:24.0365 2744 MsRPC - ok
17:44:24.0373 2744 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:44:24.0373 2744 mssmbios - ok
17:44:24.0378 2744 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:44:24.0380 2744 MSTEE - ok
17:44:24.0401 2744 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:44:24.0402 2744 MTConfig - ok
17:44:24.0409 2744 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:44:24.0411 2744 Mup - ok
17:44:24.0425 2744 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:44:24.0429 2744 napagent - ok
17:44:24.0450 2744 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:44:24.0453 2744 NativeWifiP - ok
17:44:24.0488 2744 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:44:24.0505 2744 NDIS - ok
17:44:24.0521 2744 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:44:24.0522 2744 NdisCap - ok
17:44:24.0535 2744 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:44:24.0536 2744 NdisTapi - ok
17:44:24.0541 2744 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:44:24.0542 2744 Ndisuio - ok
17:44:24.0548 2744 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:44:24.0550 2744 NdisWan - ok
17:44:24.0555 2744 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:44:24.0556 2744 NDProxy - ok
17:44:24.0562 2744 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:44:24.0563 2744 NetBIOS - ok
17:44:24.0571 2744 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:44:24.0573 2744 NetBT - ok
17:44:24.0584 2744 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
17:44:24.0585 2744 Netlogon - ok
17:44:24.0624 2744 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:44:24.0627 2744 Netman - ok
17:44:24.0657 2744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:24.0674 2744 NetMsmqActivator - ok
17:44:24.0680 2744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:24.0681 2744 NetPipeActivator - ok
17:44:24.0702 2744 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:44:24.0706 2744 netprofm - ok
17:44:24.0741 2744 [ 44D4BD55191624C82A2745296BA42814 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
17:44:24.0746 2744 netr28x - ok
17:44:24.0751 2744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:24.0753 2744 NetTcpActivator - ok
17:44:24.0758 2744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:24.0759 2744 NetTcpPortSharing - ok
17:44:24.0774 2744 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:44:24.0776 2744 nfrd960 - ok
17:44:24.0799 2744 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:44:24.0801 2744 NisDrv - ok
17:44:24.0832 2744 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:44:24.0836 2744 NisSrv - ok
17:44:24.0863 2744 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:44:24.0866 2744 NlaSvc - ok
17:44:24.0872 2744 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:44:24.0873 2744 Npfs - ok
17:44:24.0886 2744 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:44:24.0887 2744 nsi - ok
17:44:24.0891 2744 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:44:24.0892 2744 nsiproxy - ok
17:44:24.0935 2744 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:44:24.0970 2744 Ntfs - ok
17:44:24.0983 2744 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:44:24.0983 2744 Null - ok
17:44:25.0203 2744 [ 2218C0F9D4C694460340F2F8ADCCC9C0 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:44:25.0270 2744 nvlddmkm - ok
17:44:25.0291 2744 [ 9C3024E48DB4C98E50AF7D8B72D0EF89 ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
17:44:25.0294 2744 NVNET - ok
17:44:25.0311 2744 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:44:25.0314 2744 nvraid - ok
17:44:25.0321 2744 [ AFDE3015BB8D76E26BEC3B287C5443A0 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
17:44:25.0322 2744 nvsmu - ok
17:44:25.0328 2744 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
17:44:25.0331 2744 nvstor - ok
17:44:25.0342 2744 [ 6BA747B1A9297A6C0271700D12FDD495 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
17:44:25.0344 2744 nvstor64 - ok
17:44:25.0360 2744 [ 5218967E54DBC9CB4AAEA53247A0F275 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:44:25.0364 2744 nvsvc - ok
17:44:25.0378 2744 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:44:25.0380 2744 nv_agp - ok
17:44:25.0392 2744 [ 1A71763DD0DF7AB7B435EFA1DDE710C6 ] NW1950 C:\Windows\system32\DRIVERS\NW1950.sys
17:44:25.0393 2744 NW1950 - ok
17:44:25.0452 2744 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:44:25.0458 2744 odserv - ok
17:44:25.0474 2744 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:44:25.0476 2744 ohci1394 - ok
17:44:25.0499 2744 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:44:25.0502 2744 ose - ok
17:44:25.0525 2744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:44:25.0528 2744 p2pimsvc - ok
17:44:25.0547 2744 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:44:25.0552 2744 p2psvc - ok
17:44:25.0571 2744 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:44:25.0573 2744 Parport - ok
17:44:25.0594 2744 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:44:25.0596 2744 partmgr - ok
17:44:25.0607 2744 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:44:25.0609 2744 PcaSvc - ok
17:44:25.0616 2744 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:44:25.0619 2744 pci - ok
17:44:25.0630 2744 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:44:25.0631 2744 pciide - ok
17:44:25.0650 2744 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:44:25.0652 2744 pcmcia - ok
17:44:25.0669 2744 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:44:25.0671 2744 pcw - ok
17:44:25.0685 2744 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:44:25.0689 2744 PEAUTH - ok
17:44:25.0751 2744 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:44:25.0753 2744 PerfHost - ok
17:44:25.0797 2744 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:44:25.0831 2744 pla - ok
17:44:25.0860 2744 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:44:25.0863 2744 PlugPlay - ok
17:44:25.0875 2744 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:44:25.0877 2744 PNRPAutoReg - ok
17:44:25.0884 2744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:44:25.0889 2744 PNRPsvc - ok
17:44:25.0909 2744 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:44:25.0913 2744 PolicyAgent - ok
17:44:25.0939 2744 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:44:25.0942 2744 Power - ok
17:44:25.0966 2744 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:44:25.0967 2744 PptpMiniport - ok
17:44:25.0979 2744 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:44:25.0981 2744 Processor - ok
17:44:26.0002 2744 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
17:44:26.0005 2744 ProfSvc - ok
17:44:26.0016 2744 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:44:26.0017 2744 ProtectedStorage - ok
17:44:26.0032 2744 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:44:26.0033 2744 Psched - ok
17:44:26.0069 2744 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:44:26.0101 2744 ql2300 - ok
17:44:26.0108 2744 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:44:26.0110 2744 ql40xx - ok
17:44:26.0122 2744 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:44:26.0125 2744 QWAVE - ok
17:44:26.0137 2744 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:44:26.0139 2744 QWAVEdrv - ok
17:44:26.0149 2744 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:44:26.0150 2744 RasAcd - ok
17:44:26.0168 2744 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:44:26.0169 2744 RasAgileVpn - ok
17:44:26.0185 2744 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:44:26.0187 2744 RasAuto - ok
17:44:26.0193 2744 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:44:26.0195 2744 Rasl2tp - ok
17:44:26.0214 2744 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:44:26.0219 2744 RasMan - ok
17:44:26.0225 2744 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:44:26.0226 2744 RasPppoe - ok
17:44:26.0232 2744 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:44:26.0233 2744 RasSstp - ok
17:44:26.0241 2744 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:44:26.0243 2744 rdbss - ok
17:44:26.0256 2744 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:44:26.0258 2744 rdpbus - ok
17:44:26.0269 2744 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:44:26.0270 2744 RDPCDD - ok
17:44:26.0286 2744 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:44:26.0287 2744 RDPENCDD - ok
17:44:26.0294 2744 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:44:26.0295 2744 RDPREFMP - ok
17:44:26.0326 2744 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:44:26.0330 2744 RDPWD - ok
17:44:26.0337 2744 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:44:26.0340 2744 rdyboost - ok
17:44:26.0376 2744 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:44:26.0378 2744 RemoteAccess - ok
17:44:26.0395 2744 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:44:26.0398 2744 RemoteRegistry - ok
17:44:26.0416 2744 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:44:26.0418 2744 RFCOMM - ok
17:44:26.0427 2744 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:44:26.0429 2744 RpcEptMapper - ok
17:44:26.0434 2744 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:44:26.0436 2744 RpcLocator - ok
17:44:26.0446 2744 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
17:44:26.0450 2744 RpcSs - ok
17:44:26.0457 2744 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:44:26.0458 2744 rspndr - ok
17:44:26.0463 2744 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
17:44:26.0464 2744 SamSs - ok
17:44:26.0511 2744 [ F444EBA4C58AD1D6D1DA9850C2B5D829 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
17:44:26.0512 2744 SbieDrv - ok
17:44:26.0524 2744 [ 9E92ABAE6F6A63C4307FE7CC4AC95831 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
17:44:26.0525 2744 SbieSvc - ok
17:44:26.0531 2744 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:44:26.0534 2744 sbp2port - ok
17:44:26.0541 2744 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:44:26.0545 2744 SCardSvr - ok
17:44:26.0558 2744 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:44:26.0560 2744 scfilter - ok
17:44:26.0608 2744 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
17:44:26.0616 2744 Schedule - ok
17:44:26.0642 2744 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:44:26.0643 2744 SCPolicySvc - ok
17:44:26.0649 2744 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:44:26.0653 2744 SDRSVC - ok
17:44:26.0664 2744 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:44:26.0664 2744 secdrv - ok
17:44:26.0676 2744 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:44:26.0678 2744 seclogon - ok
17:44:26.0691 2744 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:44:26.0693 2744 SENS - ok
17:44:26.0703 2744 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:44:26.0706 2744 SensrSvc - ok
17:44:26.0717 2744 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:44:26.0718 2744 Serenum - ok
17:44:26.0724 2744 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:44:26.0726 2744 Serial - ok
17:44:26.0737 2744 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:44:26.0739 2744 sermouse - ok
17:44:26.0752 2744 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:44:26.0755 2744 SessionEnv - ok
17:44:26.0760 2744 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:44:26.0762 2744 sffdisk - ok
17:44:26.0767 2744 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:44:26.0768 2744 sffp_mmc - ok
17:44:26.0773 2744 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:44:26.0775 2744 sffp_sd - ok
17:44:26.0788 2744 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:44:26.0790 2744 sfloppy - ok
17:44:26.0808 2744 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:44:26.0811 2744 SharedAccess - ok
17:44:26.0828 2744 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:44:26.0832 2744 ShellHWDetection - ok
17:44:26.0847 2744 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:44:26.0848 2744 SiSRaid2 - ok
17:44:26.0854 2744 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:44:26.0856 2744 SiSRaid4 - ok
17:44:26.0889 2744 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:44:26.0890 2744 SkypeUpdate - ok
17:44:26.0911 2744 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:44:26.0913 2744 Smb - ok
17:44:26.0934 2744 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:44:26.0936 2744 SNMPTRAP - ok
17:44:26.0942 2744 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:44:26.0943 2744 spldr - ok
17:44:26.0967 2744 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
17:44:26.0972 2744 Spooler - ok
17:44:27.0044 2744 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:44:27.0071 2744 sppsvc - ok
17:44:27.0087 2744 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:44:27.0090 2744 sppuinotify - ok
17:44:27.0119 2744 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:44:27.0122 2744 srv - ok
17:44:27.0150 2744 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:44:27.0153 2744 srv2 - ok
17:44:27.0165 2744 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:44:27.0167 2744 srvnet - ok
17:44:27.0184 2744 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:44:27.0186 2744 SSDPSRV - ok
17:44:27.0193 2744 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:44:27.0195 2744 SstpSvc - ok
17:44:27.0200 2744 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:44:27.0201 2744 stexstor - ok
17:44:27.0218 2744 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:44:27.0224 2744 stisvc - ok
17:44:27.0235 2744 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:44:27.0235 2744 swenum - ok
17:44:27.0250 2744 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:44:27.0257 2744 swprv - ok
17:44:27.0301 2744 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:44:27.0312 2744 SysMain - ok
17:44:27.0321 2744 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:44:27.0323 2744 TabletInputService - ok
17:44:27.0357 2744 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:44:27.0360 2744 TapiSrv - ok
17:44:27.0366 2744 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:44:27.0368 2744 TBS - ok
17:44:27.0424 2744 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:44:27.0467 2744 Tcpip - ok
17:44:27.0515 2744 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:44:27.0528 2744 TCPIP6 - ok
17:44:27.0542 2744 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:44:27.0543 2744 tcpipreg - ok
17:44:27.0560 2744 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:44:27.0562 2744 TDPIPE - ok
17:44:27.0584 2744 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:44:27.0586 2744 TDTCP - ok
17:44:27.0591 2744 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:44:27.0593 2744 tdx - ok
17:44:27.0807 2744 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
17:44:27.0828 2744 TeamViewer7 - ok
17:44:27.0836 2744 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:44:27.0841 2744 TermDD - ok
17:44:27.0867 2744 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:44:27.0875 2744 TermService - ok
17:44:27.0881 2744 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:44:27.0883 2744 Themes - ok
17:44:27.0893 2744 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:44:27.0894 2744 THREADORDER - ok
17:44:27.0900 2744 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:44:27.0902 2744 TrkWks - ok
17:44:27.0941 2744 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:44:27.0944 2744 TrustedInstaller - ok
17:44:27.0961 2744 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:44:27.0962 2744 tssecsrv - ok
17:44:27.0979 2744 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:44:27.0981 2744 tunnel - ok
17:44:27.0994 2744 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:44:27.0996 2744 uagp35 - ok
17:44:28.0011 2744 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:44:28.0016 2744 udfs - ok
17:44:28.0031 2744 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:44:28.0034 2744 UI0Detect - ok
17:44:28.0040 2744 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:44:28.0042 2744 uliagpkx - ok
17:44:28.0047 2744 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:44:28.0048 2744 umbus - ok
17:44:28.0061 2744 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:44:28.0062 2744 UmPass - ok
17:44:28.0103 2744 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:44:28.0106 2744 UMVPFSrv - ok
17:44:28.0120 2744 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:44:28.0125 2744 upnphost - ok
17:44:28.0151 2744 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:44:28.0152 2744 usbaudio - ok
17:44:28.0172 2744 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:44:28.0173 2744 usbccgp - ok
17:44:28.0190 2744 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:44:28.0191 2744 usbcir - ok
17:44:28.0211 2744 [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:44:28.0212 2744 usbehci - ok
17:44:28.0228 2744 [ 372A91BC3C6603080A793880B0873785 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:44:28.0230 2744 usbhub - ok
17:44:28.0252 2744 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:44:28.0252 2744 usbohci - ok
17:44:28.0266 2744 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:44:28.0268 2744 usbprint - ok
17:44:28.0306 2744 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:44:28.0308 2744 usbscan - ok
17:44:28.0314 2744 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:44:28.0317 2744 USBSTOR - ok
17:44:28.0332 2744 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:44:28.0335 2744 usbuhci - ok
17:44:28.0374 2744 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:44:28.0375 2744 usbvideo - ok
17:44:28.0390 2744 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:44:28.0392 2744 UxSms - ok
17:44:28.0405 2744 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
17:44:28.0406 2744 VaultSvc - ok
17:44:28.0421 2744 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:44:28.0423 2744 vdrvroot - ok
17:44:28.0451 2744 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:44:28.0458 2744 vds - ok
17:44:28.0476 2744 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:44:28.0477 2744 vga - ok
17:44:28.0482 2744 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:44:28.0483 2744 VgaSave - ok
17:44:28.0499 2744 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:44:28.0502 2744 vhdmp - ok
17:44:28.0520 2744 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:44:28.0528 2744 viaide - ok
17:44:28.0539 2744 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:44:28.0546 2744 volmgr - ok
17:44:28.0557 2744 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:44:28.0562 2744 volmgrx - ok
17:44:28.0592 2744 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:44:28.0596 2744 volsnap - ok
17:44:28.0606 2744 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:44:28.0609 2744 vsmraid - ok
17:44:28.0650 2744 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:44:28.0684 2744 VSS - ok
17:44:28.0702 2744 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:44:28.0703 2744 vwifibus - ok
17:44:28.0713 2744 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:44:28.0714 2744 vwififlt - ok
17:44:28.0751 2744 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:44:28.0757 2744 W32Time - ok
17:44:28.0771 2744 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:44:28.0773 2744 WacomPen - ok
17:44:28.0786 2744 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:44:28.0787 2744 WANARP - ok
17:44:28.0795 2744 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:44:28.0796 2744 Wanarpv6 - ok
17:44:28.0886 2744 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:44:28.0913 2744 WatAdminSvc - ok
17:44:28.0955 2744 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:44:28.0990 2744 wbengine - ok
17:44:29.0002 2744 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:44:29.0006 2744 WbioSrvc - ok
17:44:29.0030 2744 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:44:29.0035 2744 wcncsvc - ok
17:44:29.0052 2744 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:44:29.0055 2744 WcsPlugInService - ok
17:44:29.0068 2744 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:44:29.0069 2744 Wd - ok
17:44:29.0081 2744 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:44:29.0089 2744 Wdf01000 - ok
17:44:29.0109 2744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:44:29.0111 2744 WdiServiceHost - ok
17:44:29.0117 2744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:44:29.0119 2744 WdiSystemHost - ok
17:44:29.0145 2744 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
17:44:29.0149 2744 WebClient - ok
17:44:29.0160 2744 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:44:29.0164 2744 Wecsvc - ok
17:44:29.0170 2744 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:44:29.0173 2744 wercplsupport - ok
17:44:29.0187 2744 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:44:29.0190 2744 WerSvc - ok
17:44:29.0199 2744 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:44:29.0199 2744 WfpLwf - ok
17:44:29.0215 2744 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:44:29.0217 2744 WIMMount - ok
17:44:29.0225 2744 WinHttpAutoProxySvc - ok
17:44:29.0267 2744 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:44:29.0270 2744 Winmgmt - ok
17:44:29.0314 2744 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:44:29.0349 2744 WinRM - ok
17:44:29.0393 2744 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:44:29.0400 2744 Wlansvc - ok
17:44:29.0494 2744 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:44:29.0510 2744 wlidsvc - ok
17:44:29.0545 2744 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:44:29.0546 2744 WmiAcpi - ok
17:44:29.0564 2744 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:44:29.0567 2744 wmiApSrv - ok
17:44:29.0592 2744 WMPNetworkSvc - ok
17:44:29.0597 2744 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:44:29.0600 2744 WPCSvc - ok
17:44:29.0610 2744 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:44:29.0613 2744 WPDBusEnum - ok
17:44:29.0625 2744 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:44:29.0626 2744 ws2ifsl - ok
17:44:29.0653 2744 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
17:44:29.0664 2744 wscsvc - ok
17:44:29.0669 2744 WSearch - ok
17:44:29.0787 2744 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:44:29.0807 2744 wuauserv - ok
17:44:29.0823 2744 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:44:29.0825 2744 WudfPf - ok
17:44:29.0848 2744 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:44:29.0849 2744 WUDFRd - ok
17:44:29.0870 2744 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:44:29.0873 2744 wudfsvc - ok
17:44:29.0897 2744 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:44:29.0902 2744 WwanSvc - ok
17:44:29.0968 2744 [ 74983ADDCA2D9618512C088D856D6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
17:44:29.0970 2744 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
17:44:29.0986 2744 ================ Scan global ===============================
17:44:30.0012 2744 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:44:30.0044 2744 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
17:44:30.0055 2744 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
17:44:30.0071 2744 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:44:30.0083 2744 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:44:30.0086 2744 [Global] - ok
17:44:30.0087 2744 ================ Scan MBR ==================================
17:44:30.0096 2744 [ DC7A1003446BE08FE7824D3300129B8D ] \Device\Harddisk0\DR0
17:44:30.0308 2744 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:44:30.0308 2744 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:44:30.0313 2744 [ BBB0A0725AD66F38B1A32135F3CB55D6 ] \Device\Harddisk2\DR2
17:44:30.0463 2744 \Device\Harddisk2\DR2 - ok
17:44:30.0464 2744 ================ Scan VBR ==================================
17:44:30.0478 2744 [ B0F0F6EFCEEE81682B6EDC1C1080186D ] \Device\Harddisk0\DR0\Partition1
17:44:30.0488 2744 \Device\Harddisk0\DR0\Partition1 - ok
17:44:30.0500 2744 [ 6014FD11EF208D9FFC0A8D708E1AA739 ] \Device\Harddisk0\DR0\Partition2
17:44:30.0512 2744 \Device\Harddisk0\DR0\Partition2 - ok
17:44:30.0543 2744 [ E7BBD09BC00C059FE405B0EE41D9DC40 ] \Device\Harddisk0\DR0\Partition3
17:44:30.0574 2744 \Device\Harddisk0\DR0\Partition3 - ok
17:44:30.0581 2744 [ EA917A48676CB86A5DF9429BF003D718 ] \Device\Harddisk2\DR2\Partition1
17:44:30.0584 2744 \Device\Harddisk2\DR2\Partition1 - ok
17:44:30.0589 2744 ============================================================
17:44:30.0589 2744 Scan finished
17:44:30.0589 2744 ============================================================
17:44:30.0605 3836 Detected object count: 1
17:44:30.0605 3836 Actual detected object count: 1

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:07 PM

Posted 20 October 2012 - 09:38 PM

Run TDSSkiller again and

TDSS File System-DELETE


Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users