Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think my computer in infected. Please help.


  • Please log in to reply
7 replies to this topic

#1 compuser1

compuser1

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 27 May 2013 - 03:57 PM

Hello,

 

My computer started running slow and doing weird things over this weekend.

I have Windows-7 and Norton internet security (NIS) at antivirus/antispyware.

I noticed that there was high CPU usage

When I turn on the computer and click on the NIS main window - it will turn on for a quick second and before I could do anything, the window will disappear. It will not re-appear despite multiple clicking on the icon.

I can run the quick scan by right clicking but not a full scan.

I uninstalled and again re-installed NIS (and used norton removal tool) with same results.

 

I used Norton Power Eraser - and it told me there was "be38.tmp" file that looked suspicious - However, when I ordered it to remove the file, it could not remove it after several minutes. I finally shut down the power eraser, did a manual search for "be38.tmp", found it on Win32 folder and manually deleted it.

 

I ran a full system scan using Windows defender (that ran for good 7 hours) and it told me there was one file -"win64/alureon.d" that needed to be removed. I successfully removed this as per windows defender.

 

However, I still can not turn on norton internet security main window - (although on the control panel, it tells me NIS is "on"), I still can not run a full system scan with NIS, and I think my computer is still slow and CPU usage is high.

 

Additionally, I noticed that HP Advisor has stopped working (I have HP laptop) for last 24 hours or so.

 

Any help?

Thanks in advance.


Edited by Budapest, 27 May 2013 - 06:12 PM.
Moved from AntiVirus, Firewall and Privacy Products and Protection Methods ~Budapest


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:25 AM

Posted 27 May 2013 - 10:32 PM

Hello, let's do this next...


Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
  • Install your game.
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.




Now I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 compuser1

compuser1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 28 May 2013 - 09:48 PM

Hi, Thanks for the reply. Here is what I did.

 

1. Temp files cleaning using TFC - DONE

 

2. TDSSkiller Scan - DONE

 

Here is the log report for TDSSkiller:

 

7:37:23.0945 3404  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:37:24.0856 3404  ============================================================
17:37:24.0856 3404  Current date / time: 2013/05/28 17:37:24.0856
17:37:24.0856 3404  SystemInfo:
17:37:24.0857 3404  
17:37:24.0857 3404  OS Version: 6.1.7601 ServicePack: 1.0
17:37:24.0857 3404  Product type: Workstation
17:37:24.0857 3404  ComputerName:
17:37:24.0860 3404  UserName: chirag
17:37:24.0860 3404  Windows directory: C:\Windows
17:37:24.0860 3404  System windows directory: C:\Windows
17:37:24.0860 3404  Running under WOW64
17:37:24.0860 3404  Processor architecture: Intel x64
17:37:24.0860 3404  Number of processors: 2
17:37:24.0860 3404  Page size: 0x1000
17:37:24.0860 3404  Boot type: Normal boot
17:37:24.0860 3404  ============================================================
17:37:27.0543 3404  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x193C38, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x6, Type 'K0', Flags 0x00000040
17:37:27.0551 3404  ============================================================
17:37:27.0551 3404  \Device\Harddisk0\DR0:
17:37:27.0552 3404  MBR partitions:
17:37:27.0552 3404  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:37:27.0552 3404  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23B04000
17:37:27.0552 3404  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23B68000, BlocksNum 0x18C6000
17:37:27.0552 3404  ============================================================
17:37:27.0588 3404  C: <-> \Device\Harddisk0\DR0\Partition2
17:37:27.0640 3404  D: <-> \Device\Harddisk0\DR0\Partition3
17:37:27.0640 3404  ============================================================
17:37:27.0641 3404  Initialize success
17:37:27.0641 3404  ============================================================
17:37:57.0503 1960  ============================================================
17:37:57.0504 1960  Scan started
17:37:57.0504 1960  Mode: Manual; TDLFS;
17:37:57.0504 1960  ============================================================
17:37:59.0285 1960  ================ Scan system memory ========================
17:37:59.0285 1960  System memory - ok
17:37:59.0286 1960  ================ Scan services =============================
17:37:59.0499 1960  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:37:59.0504 1960  1394ohci - ok
17:37:59.0540 1960  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:37:59.0544 1960  ACPI - ok
17:37:59.0581 1960  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:37:59.0582 1960  AcpiPmi - ok
17:37:59.0761 1960  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:37:59.0763 1960  AdobeARMservice - ok
17:37:59.0833 1960  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:37:59.0840 1960  adp94xx - ok
17:37:59.0887 1960  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:37:59.0892 1960  adpahci - ok
17:37:59.0931 1960  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:37:59.0934 1960  adpu320 - ok
17:37:59.0971 1960  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:37:59.0972 1960  AeLookupSvc - ok
17:38:00.0047 1960  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
17:38:00.0054 1960  AFD - ok
17:38:00.0110 1960  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:38:00.0112 1960  agp440 - ok
17:38:00.0135 1960  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
17:38:00.0137 1960  ALG - ok
17:38:00.0172 1960  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:38:00.0173 1960  aliide - ok
17:38:00.0183 1960  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
17:38:00.0184 1960  amdide - ok
17:38:00.0256 1960  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:38:00.0259 1960  AmdK8 - ok
17:38:00.0269 1960  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:38:00.0272 1960  AmdPPM - ok
17:38:00.0309 1960  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:38:00.0311 1960  amdsata - ok
17:38:00.0343 1960  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:38:00.0346 1960  amdsbs - ok
17:38:00.0365 1960  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:38:00.0365 1960  amdxata - ok
17:38:00.0420 1960  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
17:38:00.0423 1960  AppID - ok
17:38:00.0461 1960  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:38:00.0463 1960  AppIDSvc - ok
17:38:00.0523 1960  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
17:38:00.0524 1960  Appinfo - ok
17:38:00.0605 1960  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:38:00.0607 1960  Apple Mobile Device - ok
17:38:00.0665 1960  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:38:00.0667 1960  arc - ok
17:38:00.0695 1960  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:38:00.0721 1960  arcsas - ok
17:38:00.0772 1960  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:38:00.0774 1960  AsyncMac - ok
17:38:00.0817 1960  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
17:38:00.0818 1960  atapi - ok
17:38:00.0930 1960  [ 96ABF88241F90FF647E55C934C55C2F1 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
17:38:00.0992 1960  athr - ok
17:38:01.0062 1960  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:38:01.0079 1960  AudioEndpointBuilder - ok
17:38:01.0102 1960  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:38:01.0107 1960  AudioSrv - ok
17:38:01.0169 1960  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:38:01.0172 1960  AxInstSV - ok
17:38:01.0241 1960  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:38:01.0260 1960  b06bdrv - ok
17:38:01.0341 1960  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:38:01.0348 1960  b57nd60a - ok
17:38:01.0432 1960  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:38:01.0435 1960  BDESVC - ok
17:38:01.0483 1960  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:38:01.0485 1960  Beep - ok
17:38:01.0554 1960  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
17:38:01.0572 1960  BFE - ok
17:38:01.0951 1960  [ 7B56A40EAAACF1867FF178501D3EA185 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130515.001\BHDrvx64.sys
17:38:01.0968 1960  BHDrvx64 - ok
17:38:02.0019 1960  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
17:38:02.0042 1960  BITS - ok
17:38:02.0084 1960  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:38:02.0085 1960  blbdrive - ok
17:38:02.0219 1960  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:38:02.0227 1960  Bonjour Service - ok
17:38:02.0292 1960  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:38:02.0295 1960  bowser - ok
17:38:02.0353 1960  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:38:02.0355 1960  BrFiltLo - ok
17:38:02.0368 1960  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:38:02.0370 1960  BrFiltUp - ok
17:38:02.0412 1960  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
17:38:02.0414 1960  Browser - ok
17:38:02.0452 1960  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:38:02.0458 1960  Brserid - ok
17:38:02.0473 1960  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:38:02.0475 1960  BrSerWdm - ok
17:38:02.0486 1960  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:38:02.0487 1960  BrUsbMdm - ok
17:38:02.0502 1960  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:38:02.0503 1960  BrUsbSer - ok
17:38:02.0565 1960  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:38:02.0567 1960  BTHMODEM - ok
17:38:02.0604 1960  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
17:38:02.0607 1960  bthserv - ok
17:38:02.0678 1960  [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL        C:\Windows\system32\DRIVERS\CAXHWAZL.sys
17:38:02.0685 1960  CAXHWAZL - ok
17:38:02.0841 1960  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1403010.016\ccSetx64.sys
17:38:02.0842 1960  ccSet_NIS - ok
17:38:02.0909 1960  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:38:02.0916 1960  cdfs - ok
17:38:02.0993 1960  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:38:02.0995 1960  cdrom - ok
17:38:03.0046 1960  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
17:38:03.0049 1960  CertPropSvc - ok
17:38:03.0095 1960  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:38:03.0097 1960  circlass - ok
17:38:03.0164 1960  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
17:38:03.0170 1960  CLFS - ok
17:38:03.0251 1960  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:03.0256 1960  clr_optimization_v2.0.50727_32 - ok
17:38:03.0299 1960  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:38:03.0301 1960  clr_optimization_v2.0.50727_64 - ok
17:38:03.0454 1960  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:38:03.0575 1960  clr_optimization_v4.0.30319_32 - ok
17:38:03.0683 1960  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:38:03.0685 1960  clr_optimization_v4.0.30319_64 - ok
17:38:03.0774 1960  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:38:03.0776 1960  CmBatt - ok
17:38:03.0813 1960  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:38:03.0814 1960  cmdide - ok
17:38:03.0886 1960  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
17:38:03.0904 1960  CNG - ok
17:38:03.0995 1960  [ A44DFDB81DC62B11760881175E5B2266 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
17:38:04.0003 1960  CnxtHdAudService - ok
17:38:04.0123 1960  [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
17:38:04.0126 1960  Com4QLBEx - ok
17:38:04.0182 1960  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:38:04.0183 1960  Compbatt - ok
17:38:04.0232 1960  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:38:04.0234 1960  CompositeBus - ok
17:38:04.0263 1960  COMSysApp - ok
17:38:04.0331 1960  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:38:04.0333 1960  crcdisk - ok
17:38:04.0382 1960  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:38:04.0385 1960  CryptSvc - ok
17:38:04.0433 1960  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:38:04.0440 1960  DcomLaunch - ok
17:38:04.0518 1960  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
17:38:04.0523 1960  defragsvc - ok
17:38:04.0574 1960  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:38:04.0576 1960  DfsC - ok
17:38:04.0644 1960  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:38:04.0650 1960  Dhcp - ok
17:38:04.0688 1960  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
17:38:04.0689 1960  discache - ok
17:38:04.0785 1960  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:38:04.0787 1960  Disk - ok
17:38:04.0817 1960  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:38:04.0819 1960  Dnscache - ok
17:38:04.0864 1960  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:38:04.0869 1960  dot3svc - ok
17:38:04.0909 1960  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
17:38:04.0912 1960  DPS - ok
17:38:04.0946 1960  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:38:04.0947 1960  drmkaud - ok
17:38:05.0002 1960  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:38:05.0010 1960  DXGKrnl - ok
17:38:05.0071 1960  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
17:38:05.0073 1960  EapHost - ok
17:38:05.0170 1960  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:38:05.0270 1960  ebdrv - ok
17:38:05.0335 1960  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:38:05.0339 1960  eeCtrl - ok
17:38:05.0374 1960  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
17:38:05.0375 1960  EFS - ok
17:38:05.0477 1960  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:38:05.0495 1960  ehRecvr - ok
17:38:05.0535 1960  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
17:38:05.0538 1960  ehSched - ok
17:38:05.0601 1960  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:38:05.0608 1960  elxstor - ok
17:38:05.0690 1960  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:38:05.0692 1960  EraserUtilRebootDrv - ok
17:38:05.0742 1960  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:38:05.0743 1960  ErrDev - ok
17:38:05.0808 1960  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
17:38:05.0814 1960  EventSystem - ok
17:38:05.0874 1960  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
17:38:05.0878 1960  exfat - ok
17:38:05.0901 1960  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:38:05.0905 1960  fastfat - ok
17:38:05.0963 1960  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
17:38:05.0982 1960  Fax - ok
17:38:06.0016 1960  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:38:06.0017 1960  fdc - ok
17:38:06.0037 1960  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
17:38:06.0038 1960  fdPHost - ok
17:38:06.0054 1960  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:38:06.0056 1960  FDResPub - ok
17:38:06.0073 1960  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:38:06.0075 1960  FileInfo - ok
17:38:06.0088 1960  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:38:06.0090 1960  Filetrace - ok
17:38:06.0110 1960  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:38:06.0112 1960  flpydisk - ok
17:38:06.0158 1960  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:38:06.0164 1960  FltMgr - ok
17:38:06.0231 1960  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
17:38:06.0268 1960  FontCache - ok
17:38:06.0330 1960  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:38:06.0333 1960  FontCache3.0.0.0 - ok
17:38:06.0346 1960  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:38:06.0348 1960  FsDepends - ok
17:38:06.0377 1960  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:38:06.0378 1960  Fs_Rec - ok
17:38:06.0447 1960  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:38:06.0451 1960  fvevol - ok
17:38:06.0498 1960  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:38:06.0500 1960  gagp30kx - ok
17:38:06.0596 1960  [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
17:38:06.0601 1960  GameConsoleService - ok
17:38:06.0673 1960  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:38:06.0674 1960  GEARAspiWDM - ok
17:38:06.0748 1960  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
17:38:06.0766 1960  gpsvc - ok
17:38:06.0820 1960  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:38:06.0824 1960  gusvc - ok
17:38:06.0845 1960  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:38:06.0846 1960  hcw85cir - ok
17:38:06.0912 1960  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:38:06.0918 1960  HdAudAddService - ok
17:38:06.0943 1960  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:38:06.0948 1960  HDAudBus - ok
17:38:06.0966 1960  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:38:06.0968 1960  HidBatt - ok
17:38:06.0997 1960  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:38:06.0999 1960  HidBth - ok
17:38:07.0010 1960  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:38:07.0012 1960  HidIr - ok
17:38:07.0051 1960  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
17:38:07.0053 1960  hidserv - ok
17:38:07.0101 1960  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:38:07.0103 1960  HidUsb - ok
17:38:07.0145 1960  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:38:07.0149 1960  hkmsvc - ok
17:38:07.0190 1960  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:38:07.0197 1960  HomeGroupListener - ok
17:38:07.0242 1960  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:38:07.0247 1960  HomeGroupProvider - ok
17:38:07.0362 1960  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:38:07.0364 1960  HP Support Assistant Service - ok
17:38:07.0435 1960  [ B7382BEC806B7B00FC84B3E2061FF48E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:38:07.0437 1960  HPDrvMntSvc.exe - ok
17:38:07.0485 1960  [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
17:38:07.0486 1960  HpqKbFiltr - ok
17:38:07.0562 1960  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:38:07.0596 1960  hpqwmiex - ok
17:38:07.0674 1960  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:38:07.0676 1960  HpSAMD - ok
17:38:07.0851 1960  [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
17:38:07.0860 1960  HsfXAudioService - ok
17:38:07.0929 1960  [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV         C:\Windows\system32\DRIVERS\CAX_DPV.sys
17:38:07.0961 1960  HSF_DPV - ok
17:38:08.0018 1960  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:38:08.0035 1960  HTTP - ok
17:38:08.0070 1960  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:38:08.0070 1960  hwpolicy - ok
17:38:08.0139 1960  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:38:08.0142 1960  i8042prt - ok
17:38:08.0185 1960  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:38:08.0191 1960  iaStorV - ok
17:38:08.0255 1960  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:38:08.0276 1960  idsvc - ok
17:38:08.0539 1960  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130527.001\IDSvia64.sys
17:38:08.0545 1960  IDSVia64 - ok
17:38:08.0827 1960  [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:38:09.0081 1960  igfx - ok
17:38:09.0140 1960  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:38:09.0141 1960  iirsp - ok
17:38:09.0192 1960  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:38:09.0212 1960  IKEEXT - ok
17:38:09.0269 1960  [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
17:38:09.0272 1960  IntcHdmiAddService - ok
17:38:09.0284 1960  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
17:38:09.0285 1960  intelide - ok
17:38:09.0339 1960  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:38:09.0341 1960  intelppm - ok
17:38:09.0377 1960  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:38:09.0381 1960  IPBusEnum - ok
17:38:09.0428 1960  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:38:09.0431 1960  IpFilterDriver - ok
17:38:09.0483 1960  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:38:09.0503 1960  iphlpsvc - ok
17:38:09.0553 1960  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:38:09.0557 1960  IPMIDRV - ok
17:38:09.0591 1960  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:38:09.0595 1960  IPNAT - ok
17:38:09.0751 1960  [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:38:09.0775 1960  iPod Service - ok
17:38:09.0825 1960  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:38:09.0826 1960  IRENUM - ok
17:38:09.0841 1960  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:38:09.0841 1960  isapnp - ok
17:38:09.0882 1960  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:38:09.0887 1960  iScsiPrt - ok
17:38:09.0923 1960  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:38:09.0924 1960  kbdclass - ok
17:38:09.0989 1960  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:38:09.0991 1960  kbdhid - ok
17:38:10.0010 1960  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
17:38:10.0011 1960  KeyIso - ok
17:38:10.0055 1960  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:38:10.0056 1960  KSecDD - ok
17:38:10.0072 1960  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:38:10.0074 1960  KSecPkg - ok
17:38:10.0093 1960  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:38:10.0094 1960  ksthunk - ok
17:38:10.0127 1960  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:38:10.0133 1960  KtmRm - ok
17:38:10.0219 1960  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:38:10.0225 1960  LanmanServer - ok
17:38:10.0265 1960  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:38:10.0268 1960  LanmanWorkstation - ok
17:38:10.0330 1960  libusb0 - ok
17:38:10.0414 1960  [ 3503F257B3203F824B1567238EBE17E2 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:38:10.0416 1960  LightScribeService - ok
17:38:10.0462 1960  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:38:10.0464 1960  lltdio - ok
17:38:10.0502 1960  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:38:10.0509 1960  lltdsvc - ok
17:38:10.0555 1960  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:38:10.0557 1960  lmhosts - ok
17:38:10.0609 1960  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:38:10.0611 1960  LSI_FC - ok
17:38:10.0646 1960  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:38:10.0648 1960  LSI_SAS - ok
17:38:10.0694 1960  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:38:10.0716 1960  LSI_SAS2 - ok
17:38:10.0758 1960  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:38:10.0761 1960  LSI_SCSI - ok
17:38:10.0772 1960  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:38:10.0776 1960  luafv - ok
17:38:10.0843 1960  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:38:10.0847 1960  Mcx2Svc - ok
17:38:10.0899 1960  [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:38:10.0901 1960  mdmxsdk - ok
17:38:10.0942 1960  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:38:10.0943 1960  megasas - ok
17:38:10.0992 1960  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:38:10.0998 1960  MegaSR - ok
17:38:11.0132 1960  Microsoft SharePoint Workspace Audit Service - ok
17:38:11.0168 1960  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
17:38:11.0170 1960  MMCSS - ok
17:38:11.0198 1960  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
17:38:11.0200 1960  Modem - ok
17:38:11.0237 1960  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:38:11.0238 1960  monitor - ok
17:38:11.0283 1960  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
17:38:11.0284 1960  mouclass - ok
17:38:11.0334 1960  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:38:11.0336 1960  mouhid - ok
17:38:11.0387 1960  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:38:11.0389 1960  mountmgr - ok
17:38:11.0471 1960  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:38:11.0473 1960  MozillaMaintenance - ok
17:38:11.0496 1960  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:38:11.0498 1960  mpio - ok
17:38:11.0521 1960  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:38:11.0523 1960  mpsdrv - ok
17:38:11.0571 1960  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:38:11.0591 1960  MpsSvc - ok
17:38:11.0643 1960  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:38:11.0646 1960  MRxDAV - ok
17:38:11.0710 1960  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:38:11.0714 1960  mrxsmb - ok
17:38:11.0756 1960  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:38:11.0761 1960  mrxsmb10 - ok
17:38:11.0806 1960  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:38:11.0808 1960  mrxsmb20 - ok
17:38:11.0848 1960  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:38:11.0849 1960  msahci - ok
17:38:11.0892 1960  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:38:11.0895 1960  msdsm - ok
17:38:11.0915 1960  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
17:38:11.0919 1960  MSDTC - ok
17:38:11.0951 1960  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:38:11.0952 1960  Msfs - ok
17:38:11.0965 1960  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:38:11.0966 1960  mshidkmdf - ok
17:38:12.0001 1960  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:38:12.0001 1960  msisadrv - ok
17:38:12.0050 1960  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:38:12.0054 1960  MSiSCSI - ok
17:38:12.0065 1960  msiserver - ok
17:38:12.0111 1960  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:38:12.0112 1960  MSKSSRV - ok
17:38:12.0152 1960  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:38:12.0154 1960  MSPCLOCK - ok
17:38:12.0162 1960  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:38:12.0164 1960  MSPQM - ok
17:38:12.0206 1960  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:38:12.0211 1960  MsRPC - ok
17:38:12.0229 1960  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:38:12.0230 1960  mssmbios - ok
17:38:12.0251 1960  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:38:12.0253 1960  MSTEE - ok
17:38:12.0268 1960  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:38:12.0269 1960  MTConfig - ok
17:38:12.0287 1960  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:38:12.0288 1960  Mup - ok
17:38:12.0328 1960  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
17:38:12.0346 1960  napagent - ok
17:38:12.0396 1960  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:38:12.0401 1960  NativeWifiP - ok
17:38:12.0509 1960  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130527.020\ENG64.SYS
17:38:12.0511 1960  NAVENG - ok
17:38:12.0606 1960  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130527.020\EX64.SYS
17:38:12.0629 1960  NAVEX15 - ok
17:38:12.0722 1960  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:38:12.0752 1960  NDIS - ok
17:38:12.0793 1960  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:38:12.0795 1960  NdisCap - ok
17:38:12.0836 1960  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:38:12.0838 1960  NdisTapi - ok
17:38:12.0903 1960  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:38:12.0904 1960  Ndisuio - ok
17:38:12.0941 1960  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:38:12.0944 1960  NdisWan - ok
17:38:12.0980 1960  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:38:12.0982 1960  NDProxy - ok
17:38:13.0045 1960  [ A80874B8649E8E12EDCF6C40F0115A5D ] NEOFLTR_7110_21187 C:\Windows\system32\Drivers\NEOFLTR_7110_21187.SYS
17:38:13.0046 1960  NEOFLTR_7110_21187 - ok
17:38:13.0089 1960  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:38:13.0091 1960  NetBIOS - ok
17:38:13.0131 1960  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:38:13.0136 1960  NetBT - ok
17:38:13.0178 1960  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
17:38:13.0180 1960  Netlogon - ok
17:38:13.0232 1960  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
17:38:13.0240 1960  Netman - ok
17:38:13.0268 1960  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
17:38:13.0275 1960  netprofm - ok
17:38:13.0308 1960  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:38:13.0311 1960  NetTcpPortSharing - ok
17:38:13.0498 1960  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
17:38:13.0644 1960  netw5v64 - ok
17:38:13.0693 1960  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:38:13.0694 1960  nfrd960 - ok
17:38:13.0928 1960  [ 241BD3019FB31E812A51B31B06906335 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
17:38:13.0930 1960  NIS - ok
17:38:13.0992 1960  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:38:13.0999 1960  NlaSvc - ok
17:38:14.0015 1960  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:38:14.0016 1960  Npfs - ok
17:38:14.0052 1960  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
17:38:14.0054 1960  nsi - ok
17:38:14.0073 1960  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:38:14.0073 1960  nsiproxy - ok
17:38:14.0147 1960  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:38:14.0195 1960  Ntfs - ok
17:38:14.0211 1960  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
17:38:14.0212 1960  Null - ok
17:38:14.0271 1960  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:38:14.0273 1960  nvraid - ok
17:38:14.0288 1960  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:38:14.0291 1960  nvstor - ok
17:38:14.0318 1960  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:38:14.0321 1960  nv_agp - ok
17:38:14.0350 1960  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:38:14.0353 1960  ohci1394 - ok
17:38:14.0455 1960  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:38:14.0459 1960  ose - ok
17:38:14.0671 1960  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:38:14.0832 1960  osppsvc - ok
17:38:14.0867 1960  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:38:14.0873 1960  p2pimsvc - ok
17:38:14.0899 1960  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:38:14.0916 1960  p2psvc - ok
17:38:14.0956 1960  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:38:14.0959 1960  Parport - ok
17:38:14.0997 1960  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:38:14.0999 1960  partmgr - ok
17:38:15.0020 1960  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:38:15.0023 1960  PcaSvc - ok
17:38:15.0046 1960  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
17:38:15.0049 1960  pci - ok
17:38:15.0094 1960  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
17:38:15.0095 1960  pciide - ok
17:38:15.0120 1960  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:38:15.0124 1960  pcmcia - ok
17:38:15.0147 1960  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:38:15.0149 1960  pcw - ok
17:38:15.0179 1960  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:38:15.0196 1960  PEAUTH - ok
17:38:15.0228 1960  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:38:15.0230 1960  PerfHost - ok
17:38:15.0312 1960  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
17:38:15.0348 1960  pla - ok
17:38:15.0412 1960  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:38:15.0418 1960  PlugPlay - ok
17:38:15.0430 1960  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:38:15.0432 1960  PNRPAutoReg - ok
17:38:15.0456 1960  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:38:15.0460 1960  PNRPsvc - ok
17:38:15.0486 1960  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:38:15.0493 1960  PolicyAgent - ok
17:38:15.0532 1960  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
17:38:15.0535 1960  Power - ok
17:38:15.0597 1960  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:38:15.0599 1960  PptpMiniport - ok
17:38:15.0633 1960  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:38:15.0635 1960  Processor - ok
17:38:15.0677 1960  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:38:15.0681 1960  ProfSvc - ok
17:38:15.0735 1960  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:38:15.0737 1960  ProtectedStorage - ok
17:38:15.0792 1960  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:38:15.0795 1960  Psched - ok
17:38:15.0861 1960  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:38:15.0910 1960  ql2300 - ok
17:38:15.0948 1960  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:38:15.0950 1960  ql40xx - ok
17:38:15.0980 1960  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
17:38:15.0985 1960  QWAVE - ok
17:38:16.0015 1960  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:38:16.0017 1960  QWAVEdrv - ok
17:38:16.0041 1960  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:38:16.0042 1960  RasAcd - ok
17:38:16.0089 1960  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:38:16.0090 1960  RasAgileVpn - ok
17:38:16.0105 1960  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
17:38:16.0109 1960  RasAuto - ok
17:38:16.0146 1960  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:38:16.0149 1960  Rasl2tp - ok
17:38:16.0195 1960  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
17:38:16.0202 1960  RasMan - ok
17:38:16.0220 1960  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:38:16.0222 1960  RasPppoe - ok
17:38:16.0274 1960  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:38:16.0276 1960  RasSstp - ok
17:38:16.0318 1960  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:38:16.0323 1960  rdbss - ok
17:38:16.0348 1960  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:38:16.0350 1960  rdpbus - ok
17:38:16.0371 1960  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:38:16.0372 1960  RDPCDD - ok
17:38:16.0425 1960  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:38:16.0426 1960  RDPENCDD - ok
17:38:16.0441 1960  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:38:16.0442 1960  RDPREFMP - ok
17:38:16.0487 1960  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:38:16.0491 1960  RDPWD - ok
17:38:16.0530 1960  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:38:16.0534 1960  rdyboost - ok
17:38:16.0564 1960  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:38:16.0567 1960  RemoteAccess - ok
17:38:16.0600 1960  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:38:16.0604 1960  RemoteRegistry - ok
17:38:16.0706 1960  [ 498EB62A160674E793FA40FD65390625 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:38:16.0710 1960  RichVideo - ok
17:38:16.0730 1960  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:38:16.0733 1960  RpcEptMapper - ok
17:38:16.0768 1960  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
17:38:16.0770 1960  RpcLocator - ok
17:38:16.0819 1960  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
17:38:16.0824 1960  RpcSs - ok
17:38:16.0888 1960  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:38:16.0890 1960  rspndr - ok
17:38:16.0944 1960  [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
17:38:16.0948 1960  RSUSBSTOR - ok
17:38:17.0002 1960  [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:38:17.0006 1960  RTL8167 - ok
17:38:17.0025 1960  RtsUIR - ok
17:38:17.0069 1960  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
17:38:17.0071 1960  SamSs - ok
17:38:17.0118 1960  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:38:17.0120 1960  sbp2port - ok
17:38:17.0150 1960  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:38:17.0155 1960  SCardSvr - ok
17:38:17.0193 1960  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:38:17.0195 1960  scfilter - ok
17:38:17.0250 1960  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
17:38:17.0286 1960  Schedule - ok
17:38:17.0343 1960  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:38:17.0344 1960  SCPolicySvc - ok
17:38:17.0403 1960  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
17:38:17.0407 1960  sdbus - ok
17:38:17.0454 1960  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:38:17.0461 1960  SDRSVC - ok
17:38:17.0509 1960  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:38:17.0511 1960  secdrv - ok
17:38:17.0543 1960  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
17:38:17.0546 1960  seclogon - ok
17:38:17.0588 1960  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
17:38:17.0590 1960  SENS - ok
17:38:17.0611 1960  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:38:17.0614 1960  SensrSvc - ok
17:38:17.0636 1960  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:38:17.0638 1960  Serenum - ok
17:38:17.0662 1960  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:38:17.0664 1960  Serial - ok
17:38:17.0735 1960  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:38:17.0737 1960  sermouse - ok
17:38:17.0793 1960  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:38:17.0797 1960  SessionEnv - ok
17:38:17.0835 1960  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:38:17.0837 1960  sffdisk - ok
17:38:17.0858 1960  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:38:17.0859 1960  sffp_mmc - ok
17:38:17.0872 1960  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:38:17.0874 1960  sffp_sd - ok
17:38:17.0894 1960  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:38:17.0897 1960  sfloppy - ok
17:38:17.0924 1960  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:38:17.0930 1960  SharedAccess - ok
17:38:17.0983 1960  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:38:17.0991 1960  ShellHWDetection - ok
17:38:18.0025 1960  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:38:18.0026 1960  SiSRaid2 - ok
17:38:18.0047 1960  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:38:18.0049 1960  SiSRaid4 - ok
17:38:18.0099 1960  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:38:18.0102 1960  Smb - ok
17:38:18.0160 1960  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:38:18.0162 1960  SNMPTRAP - ok
17:38:18.0182 1960  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:38:18.0183 1960  spldr - ok
17:38:18.0238 1960  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
17:38:18.0246 1960  Spooler - ok
17:38:18.0364 1960  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
17:38:18.0390 1960  sppsvc - ok
17:38:18.0408 1960  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:38:18.0411 1960  sppuinotify - ok
17:38:18.0535 1960  [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1403010.016\SRTSP64.SYS
17:38:18.0541 1960  SRTSP - ok
17:38:18.0560 1960  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1403010.016\SRTSPX64.SYS
17:38:18.0561 1960  SRTSPX - ok
17:38:18.0619 1960  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:38:18.0635 1960  srv - ok
17:38:18.0680 1960  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:38:18.0688 1960  srv2 - ok
17:38:18.0774 1960  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:38:18.0781 1960  SrvHsfHDA - ok
17:38:18.0840 1960  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:38:18.0887 1960  SrvHsfV92 - ok
17:38:18.0918 1960  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:38:18.0929 1960  SrvHsfWinac - ok
17:38:18.0949 1960  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:38:18.0952 1960  srvnet - ok
17:38:19.0013 1960  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:38:19.0017 1960  SSDPSRV - ok
17:38:19.0035 1960  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:38:19.0038 1960  SstpSvc - ok
17:38:19.0066 1960  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:38:19.0067 1960  stexstor - ok
17:38:19.0124 1960  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
17:38:19.0142 1960  stisvc - ok
17:38:19.0182 1960  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:38:19.0183 1960  swenum - ok
17:38:19.0202 1960  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
17:38:19.0221 1960  swprv - ok
17:38:19.0311 1960  [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS           C:\Windows\system32\drivers\NISx64\1403010.016\SYMDS64.SYS
17:38:19.0328 1960  SymDS - ok
17:38:19.0413 1960  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1403010.016\SYMEFA64.SYS
17:38:19.0448 1960  SymEFA - ok
17:38:19.0503 1960  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:38:19.0506 1960  SymEvent - ok
17:38:19.0553 1960  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1403010.016\Ironx64.SYS
17:38:19.0556 1960  SymIRON - ok
17:38:19.0573 1960  [ 1605EBD8CB86AFC4430116065995279A ] SymNetS         C:\Windows\System32\Drivers\NISx64\1403010.016\SYMNETS.SYS
17:38:19.0577 1960  SymNetS - ok
17:38:19.0637 1960  [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:38:19.0640 1960  SynTP - ok
17:38:19.0762 1960  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
17:38:19.0810 1960  SysMain - ok
17:38:19.0853 1960  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:38:19.0857 1960  TabletInputService - ok
17:38:19.0899 1960  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:38:19.0906 1960  TapiSrv - ok
17:38:19.0928 1960  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
17:38:19.0931 1960  TBS - ok
17:38:20.0030 1960  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:38:20.0087 1960  Tcpip - ok
17:38:20.0162 1960  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:38:20.0176 1960  TCPIP6 - ok
17:38:20.0224 1960  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:38:20.0226 1960  tcpipreg - ok
17:38:20.0278 1960  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:38:20.0280 1960  TDPIPE - ok
17:38:20.0313 1960  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:38:20.0315 1960  TDTCP - ok
17:38:20.0383 1960  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:38:20.0386 1960  tdx - ok
17:38:20.0421 1960  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:38:20.0423 1960  TermDD - ok
17:38:20.0471 1960  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
17:38:20.0491 1960  TermService - ok
17:38:20.0525 1960  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
17:38:20.0527 1960  Themes - ok
17:38:20.0562 1960  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
17:38:20.0564 1960  THREADORDER - ok
17:38:20.0581 1960  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
17:38:20.0584 1960  TrkWks - ok
17:38:20.0636 1960  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:38:20.0640 1960  TrustedInstaller - ok
17:38:20.0680 1960  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:38:20.0683 1960  tssecsrv - ok
17:38:20.0789 1960  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:38:20.0791 1960  TsUsbFlt - ok
17:38:20.0843 1960  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:38:20.0846 1960  tunnel - ok
17:38:20.0872 1960  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:38:20.0874 1960  uagp35 - ok
17:38:20.0914 1960  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:38:20.0920 1960  udfs - ok
17:38:20.0953 1960  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:38:20.0956 1960  UI0Detect - ok
17:38:20.0974 1960  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:38:20.0977 1960  uliagpkx - ok
17:38:21.0027 1960  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
17:38:21.0028 1960  umbus - ok
17:38:21.0053 1960  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:38:21.0055 1960  UmPass - ok
17:38:21.0077 1960  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
17:38:21.0084 1960  upnphost - ok
17:38:21.0152 1960  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
17:38:21.0154 1960  USBAAPL64 - ok
17:38:21.0203 1960  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:38:21.0205 1960  usbccgp - ok
17:38:21.0211 1960  USBCCID - ok
17:38:21.0253 1960  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:38:21.0255 1960  usbcir - ok
17:38:21.0290 1960  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:38:21.0292 1960  usbehci - ok
17:38:21.0315 1960  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:38:21.0321 1960  usbhub - ok
17:38:21.0357 1960  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:38:21.0359 1960  usbohci - ok
17:38:21.0397 1960  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:38:21.0399 1960  usbprint - ok
17:38:21.0434 1960  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:38:21.0436 1960  usbscan - ok
17:38:21.0475 1960  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:38:21.0478 1960  USBSTOR - ok
17:38:21.0500 1960  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:38:21.0501 1960  usbuhci - ok
17:38:21.0548 1960  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:38:21.0553 1960  usbvideo - ok
17:38:21.0577 1960  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
17:38:21.0580 1960  UxSms - ok
17:38:21.0594 1960  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:38:21.0597 1960  VaultSvc - ok
17:38:21.0634 1960  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:38:21.0635 1960  vdrvroot - ok
17:38:21.0683 1960  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
17:38:21.0749 1960  vds - ok
17:38:21.0790 1960  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:38:21.0793 1960  vga - ok
17:38:21.0817 1960  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:38:21.0819 1960  VgaSave - ok
17:38:21.0863 1960  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:38:21.0868 1960  vhdmp - ok
17:38:21.0907 1960  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:38:21.0908 1960  viaide - ok
17:38:21.0934 1960  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:38:21.0937 1960  volmgr - ok
17:38:21.0974 1960  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:38:21.0980 1960  volmgrx - ok
17:38:22.0005 1960  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:38:22.0011 1960  volsnap - ok
17:38:22.0070 1960  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:38:22.0074 1960  vsmraid - ok
17:38:22.0155 1960  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
17:38:22.0200 1960  VSS - ok
17:38:22.0221 1960  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:38:22.0223 1960  vwifibus - ok
17:38:22.0275 1960  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:38:22.0277 1960  vwififlt - ok
17:38:22.0307 1960  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
17:38:22.0314 1960  W32Time - ok
17:38:22.0343 1960  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:38:22.0345 1960  WacomPen - ok
17:38:22.0403 1960  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:38:22.0405 1960  WANARP - ok
17:38:22.0430 1960  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:38:22.0432 1960  Wanarpv6 - ok
17:38:22.0510 1960  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:38:22.0544 1960  WatAdminSvc - ok
17:38:22.0628 1960  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
17:38:22.0676 1960  wbengine - ok
17:38:22.0750 1960  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:38:22.0755 1960  WbioSrvc - ok
17:38:22.0802 1960  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:38:22.0813 1960  wcncsvc - ok
17:38:22.0835 1960  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:38:22.0838 1960  WcsPlugInService - ok
17:38:22.0875 1960  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:38:22.0876 1960  Wd - ok
17:38:22.0936 1960  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:38:22.0958 1960  Wdf01000 - ok
17:38:22.0980 1960  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:38:22.0983 1960  WdiServiceHost - ok
17:38:22.0988 1960  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:38:22.0993 1960  WdiSystemHost - ok
17:38:23.0042 1960  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
17:38:23.0048 1960  WebClient - ok
17:38:23.0065 1960  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:38:23.0071 1960  Wecsvc - ok
17:38:23.0093 1960  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:38:23.0095 1960  wercplsupport - ok
17:38:23.0136 1960  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:38:23.0139 1960  WerSvc - ok
17:38:23.0197 1960  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:38:23.0199 1960  WfpLwf - ok
17:38:23.0218 1960  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:38:23.0219 1960  WIMMount - ok
17:38:23.0251 1960  [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf        C:\Windows\system32\DRIVERS\CAX_CNXT.sys
17:38:23.0270 1960  winachsf - ok
17:38:23.0283 1960  WinDefend - ok
17:38:23.0307 1960  WinHttpAutoProxySvc - ok
17:38:23.0374 1960  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:38:23.0377 1960  Winmgmt - ok
17:38:23.0467 1960  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
17:38:23.0525 1960  WinRM - ok
17:38:23.0591 1960  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:38:23.0594 1960  WinUsb - ok
17:38:23.0639 1960  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:38:23.0662 1960  Wlansvc - ok
17:38:23.0741 1960  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:38:23.0742 1960  WmiAcpi - ok
17:38:23.0802 1960  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:38:23.0806 1960  wmiApSrv - ok
17:38:23.0870 1960  WMPNetworkSvc - ok
17:38:23.0887 1960  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:38:23.0890 1960  WPCSvc - ok
17:38:23.0932 1960  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:38:23.0935 1960  WPDBusEnum - ok
17:38:23.0964 1960  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:38:23.0966 1960  ws2ifsl - ok
17:38:23.0983 1960  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:38:23.0987 1960  wscsvc - ok
17:38:24.0000 1960  WSearch - ok
17:38:24.0113 1960  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:38:24.0167 1960  wuauserv - ok
17:38:24.0204 1960  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:38:24.0206 1960  WudfPf - ok
17:38:24.0254 1960  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:38:24.0259 1960  WUDFRd - ok
17:38:24.0305 1960  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:38:24.0309 1960  wudfsvc - ok
17:38:24.0448 1960  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:38:24.0454 1960  WwanSvc - ok
17:38:24.0506 1960  [ E8F3FA126A06F8E7088F63757112A186 ] XAudio          C:\Windows\system32\DRIVERS\XAudio64.sys
17:38:24.0508 1960  XAudio - ok
17:38:24.0637 1960  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
17:38:24.0645 1960  yukonw7 - ok
17:38:24.0682 1960  ================ Scan global ===============================
17:38:24.0749 1960  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:38:24.0823 1960  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:38:24.0845 1960  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:38:24.0864 1960  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:38:24.0904 1960  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:38:24.0910 1960  [Global] - ok
17:38:24.0910 1960  ================ Scan MBR ==================================
17:38:24.0925 1960  [ 790D362A4D78D926A387C9ECDDEA1152 ] \Device\Harddisk0\DR0
17:38:24.0926 1960  Suspicious mbr (Forged): \Device\Harddisk0\DR0
17:38:24.0985 1960  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
17:38:24.0985 1960  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
17:38:25.0058 1960  ================ Scan VBR ==================================
17:38:25.0063 1960  [ EB0C493BCC208C0739585470CE38A264 ] \Device\Harddisk0\DR0\Partition1
17:38:25.0067 1960  \Device\Harddisk0\DR0\Partition1 - ok
17:38:25.0105 1960  [ BBF2C032D8FEB89FCAC7E3845AA3E827 ] \Device\Harddisk0\DR0\Partition2
17:38:25.0106 1960  \Device\Harddisk0\DR0\Partition2 - ok
17:38:25.0138 1960  [ 90FA6609A486281BB8DF3AC4100D92A9 ] \Device\Harddisk0\DR0\Partition3
17:38:25.0140 1960  \Device\Harddisk0\DR0\Partition3 - ok
17:38:25.0142 1960  ============================================================
17:38:25.0142 1960  Scan finished
17:38:25.0142 1960  ============================================================
17:38:25.0166 4492  Detected object count: 1
17:38:25.0166 4492  Actual detected object count: 1
17:38:47.0965 4492  \Device\Harddisk0\DR0\# - copied to quarantine
17:38:47.0968 4492  \Device\Harddisk0\DR0 - copied to quarantine
17:38:48.0038 4492  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
17:38:48.0039 4492  \Device\Harddisk0\DR0 - ok
17:38:48.0963 4492  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
17:39:08.0660 3256  Deinitialize success

 

3. Ran ADWCleaner - DONE:

 

Here is the log report for ADWcleaner:

 

# AdwCleaner v2.301 - Logfile created 05/28/2013 at 17:44:50
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User :
# Boot Mode : Normal
# Running from : C:\Users\chirag\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\chirag\AppData\Roaming\Mozilla\Firefox\Profiles\io9or8n4.default-1365889592377\prefs.js

[OK] File is clean.

 

 

4. Ran ESET Online Scan: DONE

- The ESET Scan showed no threats and no log was generated.

 

 

Please let me know your feedback and if anything else needs to be done. Thanks so much for your help.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:25 AM

Posted 29 May 2013 - 09:55 AM

You Did Reboot after the scans?
 
This is an ugly rootkit so les be sure there is no more.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
  • Install your game.
Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 compuser1

compuser1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 31 May 2013 - 05:05 PM

Ok, this is what I Did. After your last post, I re-ran all the instructions from the first post (making sure I restart my computer after each action) and then followed the instructions from the second post. All the logs are posted here in a stepwise fashion. Again, logs from DDSSkiller and ADWCleaner scans are those from the second time run - logs from the first run are in the post above. Let me know what you think.

 

Step:1: Temp folder emptied by TFC - DONE

 

Step:2: TDSSkiller Logs:

 

19:25:42.0401 4884  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:25:42.0809 4884  ============================================================
19:25:42.0809 4884  Current date / time: 2013/05/29 19:25:42.0809
19:25:42.0809 4884  SystemInfo:
19:25:42.0809 4884  
19:25:42.0809 4884  OS Version: 6.1.7601 ServicePack: 1.0
19:25:42.0809 4884  Product type: Workstation
19:25:42.0809 4884  ComputerName:
19:25:42.0810 4884  UserName: chirag
19:25:42.0810 4884  Windows directory: C:\Windows
19:25:42.0810 4884  System windows directory: C:\Windows
19:25:42.0810 4884  Running under WOW64
19:25:42.0810 4884  Processor architecture: Intel x64
19:25:42.0810 4884  Number of processors: 2
19:25:42.0810 4884  Page size: 0x1000
19:25:42.0810 4884  Boot type: Normal boot
19:25:42.0810 4884  ============================================================
19:25:44.0893 4884  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x193C38, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x6, Type 'K0', Flags 0x00000040
19:25:44.0898 4884  ============================================================
19:25:44.0898 4884  \Device\Harddisk0\DR0:
19:25:44.0899 4884  MBR partitions:
19:25:44.0899 4884  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:25:44.0899 4884  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x23B04000
19:25:44.0899 4884  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23B68000, BlocksNum 0x18C6000
19:25:44.0899 4884  ============================================================
19:25:44.0948 4884  C: <-> \Device\Harddisk0\DR0\Partition2
19:25:45.0001 4884  D: <-> \Device\Harddisk0\DR0\Partition3
19:25:45.0001 4884  ============================================================
19:25:45.0001 4884  Initialize success
19:25:45.0001 4884  ============================================================
19:25:56.0414 4964  ============================================================
19:25:56.0415 4964  Scan started
19:25:56.0415 4964  Mode: Manual; TDLFS;
19:25:56.0415 4964  ============================================================
19:25:57.0788 4964  ================ Scan system memory ========================
19:25:57.0788 4964  System memory - ok
19:25:57.0788 4964  ================ Scan services =============================
19:25:58.0058 4964  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:25:58.0116 4964  1394ohci - ok
19:25:58.0177 4964  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:25:58.0184 4964  ACPI - ok
19:25:58.0285 4964  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:25:58.0287 4964  AcpiPmi - ok
19:25:58.0487 4964  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:25:58.0489 4964  AdobeARMservice - ok
19:25:58.0604 4964  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:25:58.0712 4964  adp94xx - ok
19:25:58.0859 4964  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:25:58.0933 4964  adpahci - ok
19:25:59.0024 4964  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:25:59.0047 4964  adpu320 - ok
19:25:59.0153 4964  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:25:59.0155 4964  AeLookupSvc - ok
19:25:59.0230 4964  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:25:59.0252 4964  AFD - ok
19:25:59.0303 4964  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:25:59.0320 4964  agp440 - ok
19:25:59.0339 4964  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:25:59.0375 4964  ALG - ok
19:25:59.0409 4964  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:25:59.0412 4964  aliide - ok
19:25:59.0431 4964  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:25:59.0434 4964  amdide - ok
19:25:59.0493 4964  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:25:59.0497 4964  AmdK8 - ok
19:25:59.0505 4964  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:25:59.0509 4964  AmdPPM - ok
19:25:59.0580 4964  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:25:59.0583 4964  amdsata - ok
19:25:59.0636 4964  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:25:59.0640 4964  amdsbs - ok
19:25:59.0658 4964  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:25:59.0659 4964  amdxata - ok
19:25:59.0713 4964  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:25:59.0716 4964  AppID - ok
19:25:59.0754 4964  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:25:59.0756 4964  AppIDSvc - ok
19:25:59.0816 4964  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
19:25:59.0817 4964  Appinfo - ok
19:25:59.0909 4964  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:25:59.0912 4964  Apple Mobile Device - ok
19:25:59.0969 4964  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:25:59.0971 4964  arc - ok
19:26:00.0000 4964  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:26:00.0002 4964  arcsas - ok
19:26:00.0054 4964  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:26:00.0056 4964  AsyncMac - ok
19:26:00.0099 4964  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:26:00.0099 4964  atapi - ok
19:26:00.0212 4964  [ 96ABF88241F90FF647E55C934C55C2F1 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
19:26:00.0292 4964  athr - ok
19:26:00.0356 4964  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:26:00.0376 4964  AudioEndpointBuilder - ok
19:26:00.0397 4964  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:26:00.0404 4964  AudioSrv - ok
19:26:00.0462 4964  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:26:00.0466 4964  AxInstSV - ok
19:26:00.0533 4964  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:26:00.0552 4964  b06bdrv - ok
19:26:00.0623 4964  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:26:00.0629 4964  b57nd60a - ok
19:26:00.0670 4964  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:26:00.0673 4964  BDESVC - ok
19:26:00.0721 4964  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:26:00.0722 4964  Beep - ok
19:26:00.0793 4964  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:26:00.0812 4964  BFE - ok
19:26:01.0143 4964  [ 7B56A40EAAACF1867FF178501D3EA185 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20130515.001\BHDrvx64.sys
19:26:01.0157 4964  BHDrvx64 - ok
19:26:01.0258 4964  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:26:01.0282 4964  BITS - ok
19:26:01.0355 4964  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:26:01.0356 4964  blbdrive - ok
19:26:01.0523 4964  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:26:01.0532 4964  Bonjour Service - ok
19:26:01.0630 4964  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:26:01.0633 4964  bowser - ok
19:26:01.0735 4964  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:26:01.0737 4964  BrFiltLo - ok
19:26:01.0783 4964  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:26:01.0785 4964  BrFiltUp - ok
19:26:01.0883 4964  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:26:01.0885 4964  Browser - ok
19:26:01.0990 4964  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:26:01.0996 4964  Brserid - ok
19:26:02.0032 4964  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:26:02.0035 4964  BrSerWdm - ok
19:26:02.0090 4964  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:26:02.0092 4964  BrUsbMdm - ok
19:26:02.0162 4964  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:26:02.0164 4964  BrUsbSer - ok
19:26:02.0226 4964  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:26:02.0229 4964  BTHMODEM - ok
19:26:02.0288 4964  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:26:02.0291 4964  bthserv - ok
19:26:02.0373 4964  [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL        C:\Windows\system32\DRIVERS\CAXHWAZL.sys
19:26:02.0379 4964  CAXHWAZL - ok
19:26:02.0769 4964  [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1403010.016\ccSetx64.sys
19:26:02.0771 4964  ccSet_NIS - ok
19:26:02.0903 4964  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:26:02.0906 4964  cdfs - ok
19:26:03.0021 4964  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:26:03.0024 4964  cdrom - ok
19:26:03.0106 4964  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:26:03.0108 4964  CertPropSvc - ok
19:26:03.0133 4964  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:26:03.0136 4964  circlass - ok
19:26:03.0182 4964  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:26:03.0188 4964  CLFS - ok
19:26:03.0268 4964  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:26:03.0272 4964  clr_optimization_v2.0.50727_32 - ok
19:26:03.0327 4964  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:26:03.0330 4964  clr_optimization_v2.0.50727_64 - ok
19:26:03.0448 4964  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:26:03.0570 4964  clr_optimization_v4.0.30319_32 - ok
19:26:03.0666 4964  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:26:03.0669 4964  clr_optimization_v4.0.30319_64 - ok
19:26:03.0735 4964  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:26:03.0737 4964  CmBatt - ok
19:26:03.0774 4964  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:26:03.0775 4964  cmdide - ok
19:26:03.0825 4964  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:26:03.0843 4964  CNG - ok
19:26:03.0934 4964  [ A44DFDB81DC62B11760881175E5B2266 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
19:26:03.0941 4964  CnxtHdAudService - ok
19:26:04.0050 4964  [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
19:26:04.0053 4964  Com4QLBEx - ok
19:26:04.0109 4964  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:26:04.0110 4964  Compbatt - ok
19:26:04.0160 4964  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:26:04.0162 4964  CompositeBus - ok
19:26:04.0190 4964  COMSysApp - ok
19:26:04.0237 4964  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:26:04.0239 4964  crcdisk - ok
19:26:04.0299 4964  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:26:04.0303 4964  CryptSvc - ok
19:26:04.0362 4964  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:26:04.0381 4964  DcomLaunch - ok
19:26:04.0446 4964  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:26:04.0453 4964  defragsvc - ok
19:26:04.0501 4964  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:26:04.0504 4964  DfsC - ok
19:26:04.0572 4964  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:26:04.0578 4964  Dhcp - ok
19:26:04.0615 4964  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:26:04.0616 4964  discache - ok
19:26:04.0657 4964  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:26:04.0659 4964  Disk - ok
19:26:04.0689 4964  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:26:04.0693 4964  Dnscache - ok
19:26:04.0737 4964  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:26:04.0743 4964  dot3svc - ok
19:26:04.0782 4964  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:26:04.0785 4964  DPS - ok
19:26:04.0818 4964  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:26:04.0820 4964  drmkaud - ok
19:26:04.0877 4964  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:26:04.0887 4964  DXGKrnl - ok
19:26:04.0944 4964  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:26:04.0946 4964  EapHost - ok
19:26:05.0051 4964  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:26:05.0166 4964  ebdrv - ok
19:26:05.0375 4964  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
19:26:05.0380 4964  eeCtrl - ok
19:26:05.0445 4964  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:26:05.0447 4964  EFS - ok
19:26:05.0684 4964  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:26:05.0706 4964  ehRecvr - ok
19:26:05.0740 4964  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:26:05.0744 4964  ehSched - ok
19:26:05.0885 4964  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:26:05.0894 4964  elxstor - ok
19:26:05.0984 4964  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:26:05.0986 4964  EraserUtilRebootDrv - ok
19:26:06.0024 4964  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:26:06.0026 4964  ErrDev - ok
19:26:06.0147 4964  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:26:06.0154 4964  EventSystem - ok
19:26:06.0279 4964  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:26:06.0284 4964  exfat - ok
19:26:06.0362 4964  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:26:06.0367 4964  fastfat - ok
19:26:06.0470 4964  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:26:06.0492 4964  Fax - ok
19:26:06.0520 4964  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:26:06.0522 4964  fdc - ok
19:26:06.0553 4964  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:26:06.0555 4964  fdPHost - ok
19:26:06.0570 4964  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:26:06.0573 4964  FDResPub - ok
19:26:06.0611 4964  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:26:06.0613 4964  FileInfo - ok
19:26:06.0627 4964  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:26:06.0629 4964  Filetrace - ok
19:26:06.0659 4964  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:26:06.0662 4964  flpydisk - ok
19:26:06.0719 4964  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:26:06.0724 4964  FltMgr - ok
19:26:06.0780 4964  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
19:26:06.0816 4964  FontCache - ok
19:26:06.0880 4964  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:26:06.0882 4964  FontCache3.0.0.0 - ok
19:26:06.0895 4964  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:26:06.0897 4964  FsDepends - ok
19:26:06.0927 4964  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:26:06.0928 4964  Fs_Rec - ok
19:26:06.0997 4964  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:26:07.0001 4964  fvevol - ok
19:26:07.0025 4964  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:26:07.0027 4964  gagp30kx - ok
19:26:07.0124 4964  [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:26:07.0130 4964  GameConsoleService - ok
19:26:07.0200 4964  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:26:07.0201 4964  GEARAspiWDM - ok
19:26:07.0254 4964  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:26:07.0276 4964  gpsvc - ok
19:26:07.0336 4964  [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:26:07.0343 4964  gusvc - ok
19:26:07.0372 4964  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:26:07.0374 4964  hcw85cir - ok
19:26:07.0440 4964  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:26:07.0448 4964  HdAudAddService - ok
19:26:07.0470 4964  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:26:07.0473 4964  HDAudBus - ok
19:26:07.0493 4964  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:26:07.0495 4964  HidBatt - ok
19:26:07.0524 4964  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:26:07.0527 4964  HidBth - ok
19:26:07.0548 4964  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:26:07.0550 4964  HidIr - ok
19:26:07.0578 4964  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:26:07.0581 4964  hidserv - ok
19:26:07.0628 4964  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:26:07.0631 4964  HidUsb - ok
19:26:07.0672 4964  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:26:07.0676 4964  hkmsvc - ok
19:26:07.0717 4964  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:26:07.0723 4964  HomeGroupListener - ok
19:26:07.0769 4964  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:26:07.0774 4964  HomeGroupProvider - ok
19:26:07.0889 4964  [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:26:07.0891 4964  HP Support Assistant Service - ok
19:26:07.0963 4964  [ B7382BEC806B7B00FC84B3E2061FF48E ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:26:07.0965 4964  HPDrvMntSvc.exe - ok
19:26:08.0012 4964  [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
19:26:08.0013 4964  HpqKbFiltr - ok
19:26:08.0091 4964  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:26:08.0125 4964  hpqwmiex - ok
19:26:08.0179 4964  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:26:08.0181 4964  HpSAMD - ok
19:26:08.0301 4964  [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
19:26:08.0322 4964  HsfXAudioService - ok
19:26:08.0403 4964  [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV         C:\Windows\system32\DRIVERS\CAX_DPV.sys
19:26:08.0443 4964  HSF_DPV - ok
19:26:08.0600 4964  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:26:08.0619 4964  HTTP - ok
19:26:08.0652 4964  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:26:08.0653 4964  hwpolicy - ok
19:26:08.0755 4964  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:26:08.0757 4964  i8042prt - ok
19:26:09.0014 4964  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:26:09.0022 4964  iaStorV - ok
19:26:09.0184 4964  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:26:09.0219 4964  idsvc - ok
19:26:09.0500 4964  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20130528.001\IDSvia64.sys
19:26:09.0505 4964  IDSVia64 - ok
19:26:09.0788 4964  [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
19:26:10.0035 4964  igfx - ok
19:26:10.0079 4964  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:26:10.0079 4964  iirsp - ok
19:26:10.0155 4964  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:26:10.0178 4964  IKEEXT - ok
19:26:10.0241 4964  [ 88A20FA54C73DED4E8DAC764E9130AE9 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
19:26:10.0245 4964  IntcHdmiAddService - ok
19:26:10.0356 4964  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:26:10.0357 4964  intelide - ok
19:26:10.0600 4964  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:26:10.0601 4964  intelppm - ok
19:26:10.0649 4964  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:26:10.0653 4964  IPBusEnum - ok
19:26:10.0688 4964  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:26:10.0692 4964  IpFilterDriver - ok
19:26:10.0766 4964  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:26:10.0776 4964  iphlpsvc - ok
19:26:10.0814 4964  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:26:10.0817 4964  IPMIDRV - ok
19:26:10.0852 4964  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:26:10.0856 4964  IPNAT - ok
19:26:10.0967 4964  [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:26:11.0001 4964  iPod Service - ok
19:26:11.0041 4964  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:26:11.0043 4964  IRENUM - ok
19:26:11.0057 4964  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:26:11.0058 4964  isapnp - ok
19:26:11.0099 4964  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:26:11.0106 4964  iScsiPrt - ok
19:26:11.0128 4964  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
19:26:11.0129 4964  kbdclass - ok
19:26:11.0183 4964  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:26:11.0186 4964  kbdhid - ok
19:26:11.0204 4964  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:26:11.0206 4964  KeyIso - ok
19:26:11.0249 4964  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:26:11.0251 4964  KSecDD - ok
19:26:11.0288 4964  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:26:11.0292 4964  KSecPkg - ok
19:26:11.0343 4964  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:26:11.0345 4964  ksthunk - ok
19:26:11.0400 4964  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:26:11.0419 4964  KtmRm - ok
19:26:11.0546 4964  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:26:11.0552 4964  LanmanServer - ok
19:26:11.0704 4964  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:26:11.0708 4964  LanmanWorkstation - ok
19:26:12.0025 4964  libusb0 - ok
19:26:12.0198 4964  [ 3503F257B3203F824B1567238EBE17E2 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:26:12.0199 4964  LightScribeService - ok
19:26:12.0290 4964  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:26:12.0292 4964  lltdio - ok
19:26:12.0342 4964  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:26:12.0349 4964  lltdsvc - ok
19:26:12.0394 4964  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:26:12.0396 4964  lmhosts - ok
19:26:12.0448 4964  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:26:12.0450 4964  LSI_FC - ok
19:26:12.0485 4964  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:26:12.0487 4964  LSI_SAS - ok
19:26:12.0521 4964  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:26:12.0523 4964  LSI_SAS2 - ok
19:26:12.0552 4964  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:26:12.0555 4964  LSI_SCSI - ok
19:26:12.0611 4964  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:26:12.0614 4964  luafv - ok
19:26:12.0681 4964  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:26:12.0686 4964  Mcx2Svc - ok
19:26:12.0738 4964  [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:26:12.0739 4964  mdmxsdk - ok
19:26:12.0770 4964  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:26:12.0771 4964  megasas - ok
19:26:12.0831 4964  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:26:12.0836 4964  MegaSR - ok
19:26:12.0960 4964  Microsoft SharePoint Workspace Audit Service - ok
19:26:13.0007 4964  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:26:13.0010 4964  MMCSS - ok
19:26:13.0037 4964  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:26:13.0039 4964  Modem - ok
19:26:13.0076 4964  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:26:13.0078 4964  monitor - ok
19:26:13.0122 4964  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
19:26:13.0123 4964  mouclass - ok
19:26:13.0173 4964  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:26:13.0175 4964  mouhid - ok
19:26:13.0215 4964  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:26:13.0217 4964  mountmgr - ok
19:26:13.0299 4964  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:26:13.0302 4964  MozillaMaintenance - ok
19:26:13.0332 4964  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:26:13.0336 4964  mpio - ok
19:26:13.0349 4964  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:26:13.0352 4964  mpsdrv - ok
19:26:13.0412 4964  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:26:13.0435 4964  MpsSvc - ok
19:26:13.0471 4964  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:26:13.0475 4964  MRxDAV - ok
19:26:13.0517 4964  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:26:13.0521 4964  mrxsmb - ok
19:26:13.0562 4964  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:26:13.0568 4964  mrxsmb10 - ok
19:26:13.0589 4964  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:26:13.0593 4964  mrxsmb20 - ok
19:26:13.0631 4964  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:26:13.0632 4964  msahci - ok
19:26:13.0676 4964  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:26:13.0679 4964  msdsm - ok
19:26:13.0699 4964  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:26:13.0704 4964  MSDTC - ok
19:26:13.0734 4964  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:26:13.0736 4964  Msfs - ok
19:26:13.0748 4964  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:26:13.0750 4964  mshidkmdf - ok
19:26:13.0795 4964  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:26:13.0796 4964  msisadrv - ok
19:26:13.0845 4964  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:26:13.0850 4964  MSiSCSI - ok
19:26:13.0858 4964  msiserver - ok
19:26:13.0905 4964  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:26:13.0907 4964  MSKSSRV - ok
19:26:13.0947 4964  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:13.0949 4964  MSPCLOCK - ok
19:26:13.0957 4964  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:26:13.0960 4964  MSPQM - ok
19:26:14.0002 4964  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:26:14.0009 4964  MsRPC - ok
19:26:14.0035 4964  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:26:14.0036 4964  mssmbios - ok
19:26:14.0057 4964  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:26:14.0059 4964  MSTEE - ok
19:26:14.0074 4964  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:26:14.0076 4964  MTConfig - ok
19:26:14.0115 4964  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:26:14.0117 4964  Mup - ok
19:26:14.0169 4964  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:26:14.0188 4964  napagent - ok
19:26:14.0247 4964  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:26:14.0253 4964  NativeWifiP - ok
19:26:14.0455 4964  [ 56540E526B46E379A476FB5BC381B290 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130529.017\ENG64.SYS
19:26:14.0457 4964  NAVENG - ok
19:26:14.0909 4964  [ 8A19D3991F9F14B885CDE8BC640F6B68 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20130529.017\EX64.SYS
19:26:14.0930 4964  NAVEX15 - ok
19:26:15.0001 4964  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:26:15.0035 4964  NDIS - ok
19:26:15.0099 4964  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:15.0101 4964  NdisCap - ok
19:26:15.0142 4964  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:15.0144 4964  NdisTapi - ok
19:26:15.0209 4964  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:15.0211 4964  Ndisuio - ok
19:26:15.0247 4964  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:15.0251 4964  NdisWan - ok
19:26:15.0286 4964  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:26:15.0289 4964  NDProxy - ok
19:26:15.0351 4964  [ A80874B8649E8E12EDCF6C40F0115A5D ] NEOFLTR_7110_21187 C:\Windows\system32\Drivers\NEOFLTR_7110_21187.SYS
19:26:15.0353 4964  NEOFLTR_7110_21187 - ok
19:26:15.0395 4964  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:26:15.0397 4964  NetBIOS - ok
19:26:15.0438 4964  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:26:15.0443 4964  NetBT - ok
19:26:15.0462 4964  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:26:15.0464 4964  Netlogon - ok
19:26:15.0528 4964  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:26:15.0536 4964  Netman - ok
19:26:15.0564 4964  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:26:15.0583 4964  netprofm - ok
19:26:15.0613 4964  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:26:15.0617 4964  NetTcpPortSharing - ok
19:26:15.0793 4964  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
19:26:15.0942 4964  netw5v64 - ok
19:26:15.0976 4964  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:26:15.0977 4964  nfrd960 - ok
19:26:16.0178 4964  [ 241BD3019FB31E812A51B31B06906335 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
19:26:16.0180 4964  NIS - ok
19:26:16.0242 4964  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:26:16.0249 4964  NlaSvc - ok
19:26:16.0276 4964  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:26:16.0278 4964  Npfs - ok
19:26:16.0313 4964  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:26:16.0316 4964  nsi - ok
19:26:16.0334 4964  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:26:16.0336 4964  nsiproxy - ok
19:26:16.0419 4964  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:26:16.0465 4964  Ntfs - ok
19:26:16.0483 4964  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:26:16.0485 4964  Null - ok
19:26:16.0522 4964  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:26:16.0525 4964  nvraid - ok
19:26:16.0550 4964  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:26:16.0553 4964  nvstor - ok
19:26:16.0591 4964  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:26:16.0594 4964  nv_agp - ok
19:26:16.0623 4964  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:26:16.0626 4964  ohci1394 - ok
19:26:16.0739 4964  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:26:16.0744 4964  ose - ok
19:26:17.0045 4964  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:26:17.0172 4964  osppsvc - ok
19:26:17.0352 4964  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:26:17.0359 4964  p2pimsvc - ok
19:26:17.0406 4964  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:26:17.0424 4964  p2psvc - ok
19:26:17.0473 4964  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:26:17.0477 4964  Parport - ok
19:26:17.0514 4964  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:26:17.0516 4964  partmgr - ok
19:26:17.0537 4964  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:26:17.0542 4964  PcaSvc - ok
19:26:17.0563 4964  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:26:17.0567 4964  pci - ok
19:26:17.0611 4964  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:26:17.0612 4964  pciide - ok
19:26:17.0637 4964  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:26:17.0643 4964  pcmcia - ok
19:26:17.0676 4964  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:26:17.0677 4964  pcw - ok
19:26:17.0709 4964  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:26:17.0728 4964  PEAUTH - ok
19:26:17.0756 4964  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:26:17.0759 4964  PerfHost - ok
19:26:17.0844 4964  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:26:17.0890 4964  pla - ok
19:26:18.0052 4964  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:26:18.0060 4964  PlugPlay - ok
19:26:18.0080 4964  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:26:18.0083 4964  PNRPAutoReg - ok
19:26:18.0108 4964  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:26:18.0113 4964  PNRPsvc - ok
19:26:18.0138 4964  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:26:18.0157 4964  PolicyAgent - ok
19:26:18.0194 4964  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:26:18.0199 4964  Power - ok
19:26:18.0259 4964  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:26:18.0262 4964  PptpMiniport - ok
19:26:18.0294 4964  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:26:18.0297 4964  Processor - ok
19:26:18.0361 4964  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:26:18.0366 4964  ProfSvc - ok
19:26:18.0386 4964  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:26:18.0388 4964  ProtectedStorage - ok
19:26:18.0443 4964  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:26:18.0446 4964  Psched - ok
19:26:18.0516 4964  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:26:18.0562 4964  ql2300 - ok
19:26:18.0587 4964  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:26:18.0590 4964  ql40xx - ok
19:26:18.0620 4964  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:26:18.0627 4964  QWAVE - ok
19:26:18.0655 4964  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:26:18.0657 4964  QWAVEdrv - ok
19:26:18.0680 4964  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:26:18.0682 4964  RasAcd - ok
19:26:18.0739 4964  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:26:18.0741 4964  RasAgileVpn - ok
19:26:18.0756 4964  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:26:18.0761 4964  RasAuto - ok
19:26:18.0797 4964  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:26:18.0801 4964  Rasl2tp - ok
19:26:18.0846 4964  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:26:18.0867 4964  RasMan - ok
19:26:18.0881 4964  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:26:18.0884 4964  RasPppoe - ok
19:26:18.0925 4964  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:26:18.0935 4964  RasSstp - ok
19:26:18.0971 4964  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:26:18.0978 4964  rdbss - ok
19:26:19.0010 4964  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:26:19.0012 4964  rdpbus - ok
19:26:19.0033 4964  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:26:19.0034 4964  RDPCDD - ok
19:26:19.0087 4964  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:26:19.0088 4964  RDPENCDD - ok
19:26:19.0103 4964  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:26:19.0104 4964  RDPREFMP - ok
19:26:19.0138 4964  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:26:19.0142 4964  RDPWD - ok
19:26:19.0215 4964  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:26:19.0219 4964  rdyboost - ok
19:26:19.0259 4964  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:26:19.0264 4964  RemoteAccess - ok
19:26:19.0295 4964  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:26:19.0301 4964  RemoteRegistry - ok
19:26:19.0400 4964  [ 498EB62A160674E793FA40FD65390625 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:26:19.0404 4964  RichVideo - ok
19:26:19.0447 4964  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:26:19.0450 4964  RpcEptMapper - ok
19:26:19.0574 4964  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:26:19.0577 4964  RpcLocator - ok
19:26:19.0750 4964  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:26:19.0757 4964  RpcSs - ok
19:26:19.0917 4964  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:26:19.0920 4964  rspndr - ok
19:26:19.0975 4964  [ 2DB8116D52B19216812C4E6D5D837810 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
19:26:19.0980 4964  RSUSBSTOR - ok
19:26:20.0032 4964  [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:26:20.0037 4964  RTL8167 - ok
19:26:20.0054 4964  RtsUIR - ok
19:26:20.0088 4964  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:26:20.0090 4964  SamSs - ok
19:26:20.0136 4964  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:26:20.0139 4964  sbp2port - ok
19:26:20.0169 4964  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:26:20.0176 4964  SCardSvr - ok
19:26:20.0223 4964  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:26:20.0225 4964  scfilter - ok
19:26:20.0294 4964  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:26:20.0330 4964  Schedule - ok
19:26:20.0361 4964  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:26:20.0363 4964  SCPolicySvc - ok
19:26:20.0421 4964  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
19:26:20.0425 4964  sdbus - ok
19:26:20.0461 4964  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:26:20.0468 4964  SDRSVC - ok
19:26:20.0516 4964  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:26:20.0518 4964  secdrv - ok
19:26:20.0550 4964  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:26:20.0554 4964  seclogon - ok
19:26:20.0595 4964  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:26:20.0598 4964  SENS - ok
19:26:20.0641 4964  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:26:20.0645 4964  SensrSvc - ok
19:26:20.0677 4964  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:26:20.0679 4964  Serenum - ok
19:26:20.0702 4964  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:26:20.0705 4964  Serial - ok
19:26:20.0731 4964  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:26:20.0734 4964  sermouse - ok
19:26:20.0779 4964  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:26:20.0784 4964  SessionEnv - ok
19:26:20.0831 4964  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:26:20.0834 4964  sffdisk - ok
19:26:20.0854 4964  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:26:20.0856 4964  sffp_mmc - ok
19:26:20.0880 4964  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:26:20.0882 4964  sffp_sd - ok
19:26:20.0913 4964  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:26:20.0915 4964  sfloppy - ok
19:26:20.0943 4964  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:26:20.0951 4964  SharedAccess - ok
19:26:21.0001 4964  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:26:21.0009 4964  ShellHWDetection - ok
19:26:21.0043 4964  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:26:21.0044 4964  SiSRaid2 - ok
19:26:21.0065 4964  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:26:21.0068 4964  SiSRaid4 - ok
19:26:21.0117 4964  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:26:21.0121 4964  Smb - ok
19:26:21.0178 4964  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:26:21.0182 4964  SNMPTRAP - ok
19:26:21.0200 4964  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:26:21.0202 4964  spldr - ok
19:26:21.0257 4964  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:26:21.0277 4964  Spooler - ok
19:26:21.0403 4964  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:26:21.0440 4964  sppsvc - ok
19:26:21.0459 4964  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:26:21.0462 4964  sppuinotify - ok
19:26:21.0555 4964  [ 378A0748DE5ADF90BF9DB897DA8564E6 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1403010.016\SRTSP64.SYS
19:26:21.0563 4964  SRTSP - ok
19:26:21.0579 4964  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1403010.016\SRTSPX64.SYS
19:26:21.0580 4964  SRTSPX - ok
19:26:21.0637 4964  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:26:21.0654 4964  srv - ok
19:26:21.0676 4964  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:26:21.0684 4964  srv2 - ok
19:26:21.0748 4964  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:26:21.0754 4964  SrvHsfHDA - ok
19:26:21.0814 4964  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:26:21.0860 4964  SrvHsfV92 - ok
19:26:21.0894 4964  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:26:21.0914 4964  SrvHsfWinac - ok
19:26:21.0945 4964  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:26:21.0949 4964  srvnet - ok
19:26:22.0299 4964  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:26:22.0304 4964  SSDPSRV - ok
19:26:22.0320 4964  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:26:22.0324 4964  SstpSvc - ok
19:26:22.0362 4964  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:26:22.0363 4964  stexstor - ok
19:26:22.0422 4964  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:26:22.0444 4964  stisvc - ok
19:26:22.0478 4964  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:26:22.0480 4964  swenum - ok
19:26:22.0511 4964  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:26:22.0531 4964  swprv - ok
19:26:22.0618 4964  [ E174C8BC572E93AEEE1036DEDAC5F225 ] SymDS           C:\Windows\system32\drivers\NISx64\1403010.016\SYMDS64.SYS
19:26:22.0636 4964  SymDS - ok
19:26:22.0700 4964  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1403010.016\SYMEFA64.SYS
19:26:22.0734 4964  SymEFA - ok
19:26:22.0811 4964  [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
19:26:22.0814 4964  SymEvent - ok
19:26:22.0861 4964  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1403010.016\Ironx64.SYS
19:26:22.0864 4964  SymIRON - ok
19:26:22.0880 4964  [ 1605EBD8CB86AFC4430116065995279A ] SymNetS         C:\Windows\System32\Drivers\NISx64\1403010.016\SYMNETS.SYS
19:26:22.0884 4964  SymNetS - ok
19:26:22.0945 4964  [ BCF305959B53B200CEB2AD25AD22F8A7 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:26:22.0948 4964  SynTP - ok
19:26:23.0035 4964  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:26:23.0082 4964  SysMain - ok
19:26:23.0116 4964  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:26:23.0121 4964  TabletInputService - ok
19:26:23.0164 4964  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:26:23.0172 4964  TapiSrv - ok
19:26:23.0203 4964  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:26:23.0206 4964  TBS - ok
19:26:23.0293 4964  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:26:23.0350 4964  Tcpip - ok
19:26:23.0441 4964  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:26:23.0460 4964  TCPIP6 - ok
19:26:23.0498 4964  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:26:23.0500 4964  tcpipreg - ok
19:26:23.0541 4964  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:26:23.0543 4964  TDPIPE - ok
19:26:23.0576 4964  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:26:23.0580 4964  TDTCP - ok
19:26:23.0635 4964  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:26:23.0638 4964  tdx - ok
19:26:23.0673 4964  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:26:23.0675 4964  TermDD - ok
19:26:23.0725 4964  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:26:23.0750 4964  TermService - ok
19:26:23.0788 4964  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:26:23.0791 4964  Themes - ok
19:26:23.0825 4964  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:26:23.0828 4964  THREADORDER - ok
19:26:23.0845 4964  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:26:23.0849 4964  TrkWks - ok
19:26:23.0910 4964  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:26:23.0915 4964  TrustedInstaller - ok
19:26:23.0954 4964  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:26:23.0957 4964  tssecsrv - ok
19:26:24.0030 4964  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:26:24.0033 4964  TsUsbFlt - ok
19:26:24.0096 4964  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:26:24.0099 4964  tunnel - ok
19:26:24.0124 4964  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:26:24.0127 4964  uagp35 - ok
19:26:24.0178 4964  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:26:24.0185 4964  udfs - ok
19:26:24.0238 4964  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:26:24.0242 4964  UI0Detect - ok
19:26:24.0348 4964  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:26:24.0351 4964  uliagpkx - ok
19:26:24.0701 4964  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
19:26:24.0704 4964  umbus - ok
19:26:24.0727 4964  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:26:24.0729 4964  UmPass - ok
19:26:24.0775 4964  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:26:24.0793 4964  upnphost - ok
19:26:24.0848 4964  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:26:24.0851 4964  USBAAPL64 - ok
19:26:24.0888 4964  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:26:24.0891 4964  usbccgp - ok
19:26:24.0898 4964  USBCCID - ok
19:26:24.0939 4964  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:26:24.0942 4964  usbcir - ok
19:26:24.0987 4964  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:26:24.0989 4964  usbehci - ok
19:26:25.0035 4964  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:26:25.0042 4964  usbhub - ok
19:26:25.0065 4964  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:26:25.0067 4964  usbohci - ok
19:26:25.0116 4964  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:26:25.0119 4964  usbprint - ok
19:26:25.0152 4964  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:26:25.0155 4964  usbscan - ok
19:26:25.0194 4964  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:26:25.0197 4964  USBSTOR - ok
19:26:25.0219 4964  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:26:25.0221 4964  usbuhci - ok
19:26:25.0267 4964  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:26:25.0272 4964  usbvideo - ok
19:26:25.0296 4964  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:26:25.0299 4964  UxSms - ok
19:26:25.0313 4964  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:26:25.0315 4964  VaultSvc - ok
19:26:25.0364 4964  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:26:25.0365 4964  vdrvroot - ok
19:26:25.0415 4964  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:26:25.0426 4964  vds - ok
19:26:25.0665 4964  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:26:25.0667 4964  vga - ok
19:26:25.0890 4964  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:26:25.0891 4964  VgaSave - ok
19:26:26.0011 4964  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:26:26.0068 4964  vhdmp - ok
19:26:26.0204 4964  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:26:26.0205 4964  viaide - ok
19:26:26.0287 4964  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:26:26.0354 4964  volmgr - ok
19:26:26.0427 4964  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:26:26.0435 4964  volmgrx - ok
19:26:26.0523 4964  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:26:26.0527 4964  volsnap - ok
19:26:26.0573 4964  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:26:26.0576 4964  vsmraid - ok
19:26:27.0022 4964  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:26:27.0078 4964  VSS - ok
19:26:27.0174 4964  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:26:27.0176 4964  vwifibus - ok
19:26:27.0283 4964  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:26:27.0286 4964  vwififlt - ok
19:26:27.0349 4964  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:26:27.0367 4964  W32Time - ok
19:26:27.0429 4964  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:26:27.0432 4964  WacomPen - ok
19:26:27.0600 4964  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:26:27.0603 4964  WANARP - ok
19:26:27.0756 4964  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:26:27.0757 4964  Wanarpv6 - ok
19:26:27.0988 4964  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:26:28.0032 4964  WatAdminSvc - ok
19:26:28.0162 4964  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:26:28.0209 4964  wbengine - ok
19:26:28.0248 4964  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:26:28.0255 4964  WbioSrvc - ok
19:26:28.0319 4964  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:26:28.0327 4964  wcncsvc - ok
19:26:28.0355 4964  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:26:28.0358 4964  WcsPlugInService - ok
19:26:28.0405 4964  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:26:28.0406 4964  Wd - ok
19:26:28.0479 4964  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:26:28.0501 4964  Wdf01000 - ok
19:26:28.0533 4964  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:26:28.0536 4964  WdiServiceHost - ok
19:26:28.0545 4964  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:26:28.0549 4964  WdiSystemHost - ok
19:26:28.0606 4964  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:26:28.0614 4964  WebClient - ok
19:26:28.0641 4964  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:26:28.0646 4964  Wecsvc - ok
19:26:28.0700 4964  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:26:28.0702 4964  wercplsupport - ok
19:26:28.0789 4964  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:26:28.0818 4964  WerSvc - ok
19:26:28.0927 4964  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:26:28.0928 4964  WfpLwf - ok
19:26:28.0981 4964  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:26:28.0983 4964  WIMMount - ok
19:26:29.0060 4964  [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf        C:\Windows\system32\DRIVERS\CAX_CNXT.sys
19:26:29.0083 4964  winachsf - ok
19:26:29.0135 4964  WinDefend - ok
19:26:29.0160 4964  WinHttpAutoProxySvc - ok
19:26:29.0238 4964  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:26:29.0242 4964  Winmgmt - ok
19:26:29.0379 4964  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:26:29.0438 4964  WinRM - ok
19:26:29.0510 4964  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:26:29.0513 4964  WinUsb - ok
19:26:29.0594 4964  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:26:29.0628 4964  Wlansvc - ok
19:26:29.0905 4964  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:26:29.0906 4964  WmiAcpi - ok
19:26:29.0955 4964  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:26:29.0960 4964  wmiApSrv - ok
19:26:30.0289 4964  WMPNetworkSvc - ok
19:26:30.0417 4964  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:26:30.0421 4964  WPCSvc - ok
19:26:30.0529 4964  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:26:30.0533 4964  WPDBusEnum - ok
19:26:30.0617 4964  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:26:30.0619 4964  ws2ifsl - ok
19:26:30.0848 4964  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:26:30.0868 4964  wscsvc - ok
19:26:30.0875 4964  WSearch - ok
19:26:31.0014 4964  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:26:31.0106 4964  wuauserv - ok
19:26:31.0301 4964  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:26:31.0469 4964  WudfPf - ok
19:26:31.0675 4964  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:26:31.0775 4964  WUDFRd - ok
19:26:32.0069 4964  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:26:32.0075 4964  wudfsvc - ok
19:26:32.0191 4964  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:26:32.0225 4964  WwanSvc - ok
19:26:32.0637 4964  [ E8F3FA126A06F8E7088F63757112A186 ] XAudio          C:\Windows\system32\DRIVERS\XAudio64.sys
19:26:32.0770 4964  XAudio - ok
19:26:32.0914 4964  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
19:26:32.0993 4964  yukonw7 - ok
19:26:33.0088 4964  ================ Scan global ===============================
19:26:33.0180 4964  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:26:33.0300 4964  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:26:33.0344 4964  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:26:33.0385 4964  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:26:33.0459 4964  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:26:33.0465 4964  [Global] - ok
19:26:33.0466 4964  ================ Scan MBR ==================================
19:26:33.0623 4964  [ CCE72C25D7BCDA3E47576C8C2056F207 ] \Device\Harddisk0\DR0
19:26:34.0191 4964  \Device\Harddisk0\DR0 - ok
19:26:34.0192 4964  ================ Scan VBR ==================================
19:26:34.0197 4964  [ EB0C493BCC208C0739585470CE38A264 ] \Device\Harddisk0\DR0\Partition1
19:26:34.0199 4964  \Device\Harddisk0\DR0\Partition1 - ok
19:26:34.0226 4964  [ BBF2C032D8FEB89FCAC7E3845AA3E827 ] \Device\Harddisk0\DR0\Partition2
19:26:34.0228 4964  \Device\Harddisk0\DR0\Partition2 - ok
19:26:34.0481 4964  [ 90FA6609A486281BB8DF3AC4100D92A9 ] \Device\Harddisk0\DR0\Partition3
19:26:34.0484 4964  \Device\Harddisk0\DR0\Partition3 - ok
19:26:34.0484 4964  ============================================================
19:26:34.0484 4964  Scan finished
19:26:34.0484 4964  ============================================================
19:26:34.0513 4956  Detected object count: 0
19:26:34.0513 4956  Actual detected object count: 0
19:26:46.0289 4876  Deinitialize success

 

Step:3: ADWCleaner logs: # AdwCleaner v2.301 - Logfile created 05/29/2013 at 19:29:51
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User :
# Boot Mode : Normal
# Running from : C:\Users\chirag\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\chirag\AppData\Roaming\Mozilla\Firefox\Profiles\io9or8n4.default-1365889592377\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1036 octets] - [28/05/2013 17:44:50]
AdwCleaner[S2].txt - [744 octets] - [29/05/2013 19:29:51]

########## EOF - C:\AdwCleaner[S2].txt - [803 octets] ##########
 

 

 

Step:4: ASWMBR logs:

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-05-31 17:11:14
-----------------------------
17:11:14.330    OS Version: Windows x64 6.1.7601 Service Pack 1
17:11:14.330    Number of processors: 2 586 0x170A
17:11:14.332    ComputerName:  UserName:
17:11:19.632    Initialize success
17:22:08.822    AVAST engine defs: 13053101
17:22:34.789    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:22:34.793    Disk 0 Vendor: WDC_WD3200BEVT-60ZCT1 13.01A13 Size: 305245MB BusType: 11
17:22:34.921    Disk 0 MBR read successfully
17:22:34.925    Disk 0 MBR scan
17:22:34.934    Disk 0 unknown MBR code
17:22:34.945    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
17:22:34.967    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       292360 MB offset 409600
17:22:35.000    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        12684 MB offset 599162880
17:22:35.044    Disk 0 scanning C:\Windows\system32\drivers
17:22:50.267    Service scanning
17:23:24.135    Modules scanning
17:23:24.150    Disk 0 trace - called modules:
17:23:24.207    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:23:24.218    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800315e060]
17:23:24.228    3 CLASSPNP.SYS[fffff8800109843f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002e8f1f0]
17:23:25.760    AVAST engine scan C:\Windows
17:23:27.984    AVAST engine scan C:\Windows\system32
17:27:51.164    AVAST engine scan C:\Windows\system32\drivers
17:28:13.356    AVAST engine scan C:\Users\chirag
17:36:14.431    AVAST engine scan C:\ProgramData
17:39:22.408    Scan finished successfully
17:42:44.129    Disk 0 MBR has been saved successfully to "C:\Users\chirag\Desktop\MBR.dat"
17:42:44.136    The log file has been saved successfully to "C:\Users\chirag\Desktop\aswMBR.txt"

 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:25 AM

Posted 02 June 2013 - 08:28 PM

Hello, sorry had a family issue and was a way.

In Control Panel / Uninstall remove these. Older versions are exploitable.

Java 7 Update 17 (Version: 7.0.170)
Java™ 6 Update 15 (64-bit) (Version: 6.0.150)
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 39 (Version: 6.0.390)


Reboot
Install Java Version 7 Update 21
 
 
How is it running now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 compuser1

compuser1
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 22 June 2013 - 04:42 PM

Hey, Thanks so much buddy. I am doing the last steps you said right now. So far my computer seems to be working ok. I will contact you if I face more problems. Thanks again for your help.



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:25 AM

Posted 22 June 2013 - 08:37 PM

You're welcome! This topic will stay open if needed.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users