Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

suspected win32k , zeroaccess type of rootkit infection


  • Please log in to reply
14 replies to this topic

#1 Jerhyn

Jerhyn

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 29 June 2013 - 01:21 PM

Hi, I have been updating my drivers and doing routine virus checks. When I run  msconfig I check for new and unexplaned startup items, Recently I have a startup item with no name or command listed just location           [                        ][                      ]HLK\SOFTWARE\Microsoft\windows\currentVer...

 

When I uncheck the box for it I get

 

An Access Denied error was returned while attempting to change a service . Tou may need to log using an Administrator account to make the specified changes.

 

This is enough to make me suspicious. I ran your Win32kdiag and got

 

Running from: C:\Documents and Settings\jerry\Desktop\Win32kDiag.exe
Log file at : C:\Documents and Settings\jerry\Desktop\Win32kDiag.txt
WARNING: Could not get backup privileges!
Searching 'C:\WINDOWS'...
Cannot access: C:\WINDOWS\Temp\IswTmp\Logs\ISWSHEX.swl
[1] 2013-06-28 15:56:02 284 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\IswTmp\Logs\ISWSHEX.swl ()
[1] 2013-06-28 16:27:46 92 C:\WINDOWS\Temp\IswTmp\Logs\ISWSHEX.swl ()
 

Which is not nearly as bad as some scans I read elsewhere, but this item does appear to be " hiding " from scans.

 

I have run my zone alarm virus scan, malwarebytes, adwcleaner , dds, kaspersky {in safemode it wont run in normal startup} , McAfee, and norton antivirus. all come up clean.

 

I did have one interesting reaction, I ran across an application called Fixzeroaccess.exe 1.72mb 1,805,735 bytes on disk. I belive I downloaded it from symantic while searching for rootkit revealer software.

Instantly my internet connection dropped. After some looking I found that my nic drivers had been deleted, so I reinstalled drivers from system disk and network is back up.

 

McAfee rootkit remover and trendmicro stinger did not trigger any reaction. read as no infection found.

 

My system info is as follows

OS Name    Microsoft Windows XP Home Edition
Version    5.1.2600 Service Pack 3 Build 2600
OS Manufacturer    Microsoft Corporation
System Name    BLACK
System Manufacturer    Gigabyte Technology Co., Ltd.
System Model    GA-890FXA-UD5
System Type    X86-based PC
Processor    x86 Family 16 Model 10 Stepping 0 AuthenticAMD ~3315 Mhz
BIOS Version/Date    Award Software International, Inc. FA, 1/6/2011
SMBIOS Version    2.4
Windows Directory    C:\WINDOWS
System Directory    C:\WINDOWS\system32
Boot Device    \Device\HarddiskVolume1
Locale    United States
Hardware Abstraction Layer    Version = "5.1.2600.5512 (xpsp.080413-2111)"
User Name    BLACK\jerry
Time Zone    Pacific Daylight Time
Total Physical Memory    8,192.00 MB
Available Physical Memory    2.25 GB
Total Virtual Memory    2.00 GB
Available Virtual Memory    1.96 GB
Page File Space    5.09 GB
Page File    C:\pagefile.sys
 

I wont run any other diagnostic software untill I hear back from you.

Jer

 

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:00 PM

Posted 29 June 2013 - 09:57 PM

Hello can you submit that file for a second look??

Please visit the online Jotti Virus Scanner virus.gif<--link

  • Browse to the following filepath:

    ---------put the filepath here -------
  • Click on the Clipboard021.jpg button.
    The scanner will check the file with various AV companies.
  • Copy and paste the results box into a reply to this thread.

 

 

You can also use VirusTotal


Edited by boopme, 29 June 2013 - 09:59 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Jerhyn

Jerhyn
  • Topic Starter

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 30 June 2013 - 02:05 PM

 
2013-06-30 Found nothing
fortinet.gif
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-28 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-29 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-30 Found nothing
 
2013-06-29 Found nothing
 
2013-06-30 Found nothing
 
2013-06-28 Found nothing

the post box didnt like the images above so i deleted them.

 

Also this was a log created created after i ran the first win32diag and the second scanner, log.txt

 Volume in drive C has no label.
 Volume Serial Number is FCA5-FE6D

 Directory of C:\WINDOWS\system32

08/21/2008  05:00 AM           181,248 scecli.dll

 Directory of C:\WINDOWS\system32

08/21/2008  05:00 AM           407,040 netlogon.dll

 Directory of C:\WINDOWS\system32

08/21/2008  05:00 AM            56,320 eventlog.dll
               3 File(s)        644,608 bytes

 Directory of C:\WINDOWS\system32\dllcache

08/21/2008  05:00 AM           181,248 scecli.dll

 Directory of C:\WINDOWS\system32\dllcache

08/21/2008  05:00 AM           407,040 netlogon.dll

 Directory of C:\WINDOWS\system32\dllcache

08/21/2008  05:00 AM            56,320 eventlog.dll
               3 File(s)        644,608 bytes

     Total Files Listed:
               6 File(s)      1,289,216 bytes
               0 Dir(s)  673,489,911,808 bytes free
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:00 PM

Posted 30 June 2013 - 08:56 PM

OK, lets run 2 rootkit checks to be sure.

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Jerhyn

Jerhyn
  • Topic Starter

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 01 July 2013 - 01:49 PM

ok, here are the logs.

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-06-30 19:05:39
-----------------------------
19:05:39.890    OS Version: Windows 5.1.2600 Service Pack 3
19:05:39.890    Number of processors: 6 586 0xA00
19:05:39.890    ComputerName: BLACK  UserName: jerry
19:05:46.953    Initialize success
19:10:10.828    AVAST engine defs: 13062800
19:10:16.078    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
19:10:16.078    Disk 0 Vendor: ST31000524AS JC45 Size: 953869MB BusType: 3
19:10:16.218    Disk 0 MBR read successfully
19:10:16.218    Disk 0 MBR scan
19:10:16.218    Disk 0 Windows XP default MBR code
19:10:16.234    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       953859 MB offset 63
19:10:16.234    Disk 0 scanning sectors +1953504000
19:10:16.296    Disk 0 scanning C:\WINDOWS\system32\drivers
19:10:24.062    Service scanning
19:10:37.359    Modules scanning
19:10:45.187    Disk 0 trace - called modules:
19:10:45.187    ntkrnlpa.exe CLASSPNP.SYS disk.sys vidsflt.sys hal.dll ACPI.sys atapi.sys pciide.sys PCIIDEX.SYS
19:10:45.187    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad78ab8]
19:10:45.203    3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> [0x8ad79bd0]
19:10:45.203    5 vidsflt.sys[b7f5a130] -> nt!IofCallDriver -> \Device\00000076[0x8addd9e8]
19:10:45.203    7 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8ae06940]
19:10:48.796    AVAST engine scan C:\WINDOWS
19:10:59.250    AVAST engine scan C:\WINDOWS\system32
19:14:44.343    AVAST engine scan C:\WINDOWS\system32\drivers
19:15:13.359    AVAST engine scan C:\Documents and Settings\jerry
20:04:22.406    AVAST engine scan C:\Documents and Settings\All Users
20:18:57.468    Scan finished successfully
20:24:39.203    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\jerry\Desktop\MBR.dat"
20:24:39.203    The log file has been saved successfully to "C:\Documents and Settings\jerry\Desktop\JERRYDONNA.txt"

 

11:16:01.0562 5328 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

11:16:02.0343 5328 ============================================================

11:16:02.0343 5328 Current date / time: 2013/07/01 11:16:02.0343

11:16:02.0343 5328 SystemInfo:

11:16:02.0343 5328

11:16:02.0343 5328 OS Version: 5.1.2600 ServicePack: 3.0

11:16:02.0343 5328 Product type: Workstation

11:16:02.0343 5328 ComputerName: BLACK

11:16:02.0343 5328 UserName: jerry

11:16:02.0343 5328 Windows directory: C:\WINDOWS

11:16:02.0343 5328 System windows directory: C:\WINDOWS

11:16:02.0343 5328 Processor architecture: Intel x86

11:16:02.0343 5328 Number of processors: 6

11:16:02.0343 5328 Page size: 0x1000

11:16:02.0343 5328 Boot type: Normal boot

11:16:02.0343 5328 ============================================================

11:16:04.0265 5328 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

11:16:04.0265 5328 ============================================================

11:16:04.0265 5328 \Device\Harddisk0\DR0:

11:16:04.0296 5328 MBR partitions:

11:16:04.0296 5328 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74701AC1

11:16:04.0296 5328 ============================================================

11:16:04.0375 5328 C: <-> \Device\Harddisk0\DR0\Partition1

11:16:04.0375 5328 ============================================================

11:16:04.0375 5328 Initialize success

11:16:04.0375 5328 ============================================================

11:16:10.0015 4040 ============================================================

11:16:10.0015 4040 Scan started

11:16:10.0015 4040 Mode: Manual;

11:16:10.0015 4040 ============================================================

11:16:11.0562 4040 ================ Scan system memory ========================

11:16:11.0562 4040 System memory - ok

11:16:11.0562 4040 ================ Scan services =============================

11:16:11.0625 4040 0314974drv - ok

11:16:11.0625 4040 Abiosdsk - ok

11:16:11.0625 4040 abp480n5 - ok

11:16:11.0671 4040 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

11:16:11.0687 4040 ACPI - ok

11:16:11.0718 4040 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

11:16:11.0718 4040 ACPIEC - ok

11:16:11.0781 4040 [ DFF3638D9E2748ABF1E5F68D6051AE0B ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

11:16:11.0796 4040 AcrSch2Svc - ok

11:16:11.0875 4040 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

11:16:11.0875 4040 AdobeFlashPlayerUpdateSvc - ok

11:16:11.0875 4040 adpu160m - ok

11:16:11.0921 4040 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

11:16:11.0937 4040 aec - ok

11:16:11.0968 4040 [ DF139E5866C19E0B3217EF210198D875 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys

11:16:11.0968 4040 afcdp - ok

11:16:12.0046 4040 [ 051B0369593D350A0610FC2E3F1F8AFD ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

11:16:12.0046 4040 afcdpsrv - ok

11:16:12.0125 4040 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

11:16:12.0125 4040 AFD - ok

11:16:12.0125 4040 Aha154x - ok

11:16:12.0140 4040 aic78u2 - ok

11:16:12.0140 4040 aic78xx - ok

11:16:12.0156 4040 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

11:16:12.0156 4040 Alerter - ok

11:16:12.0187 4040 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

11:16:12.0187 4040 ALG - ok

11:16:12.0187 4040 AliIde - ok

11:16:12.0250 4040 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys

11:16:12.0296 4040 Ambfilt - ok

11:16:12.0328 4040 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys

11:16:12.0343 4040 AmdPPM - ok

11:16:12.0343 4040 amsint - ok

11:16:12.0390 4040 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

11:16:12.0390 4040 Apple Mobile Device - ok

11:16:12.0406 4040 AppMgmt - ok

11:16:12.0406 4040 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

11:16:12.0421 4040 Arp1394 - ok

11:16:12.0421 4040 asc - ok

11:16:12.0421 4040 asc3350p - ok

11:16:12.0421 4040 asc3550 - ok

11:16:12.0875 4040 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

11:16:12.0968 4040 aspnet_state - ok

11:16:13.0015 4040 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

11:16:13.0015 4040 AsyncMac - ok

11:16:13.0046 4040 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

11:16:13.0046 4040 atapi - ok

11:16:13.0046 4040 Atdisk - ok

11:16:13.0078 4040 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

11:16:13.0125 4040 Atmarpc - ok

11:16:13.0187 4040 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

11:16:13.0187 4040 AudioSrv - ok

11:16:13.0234 4040 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

11:16:13.0234 4040 audstub - ok

11:16:13.0343 4040 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

11:16:13.0343 4040 Beep - ok

11:16:13.0390 4040 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

11:16:13.0656 4040 BITS - ok

11:16:13.0734 4040 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

11:16:13.0734 4040 Bonjour Service - ok

11:16:13.0781 4040 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

11:16:13.0781 4040 Browser - ok

11:16:13.0812 4040 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

11:16:13.0812 4040 cbidf2k - ok

11:16:13.0843 4040 [ 2B2F9B4A08190334A9C36446B208BAE9 ] ccSet_NST C:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys

11:16:13.0843 4040 ccSet_NST - ok

11:16:13.0843 4040 cd20xrnt - ok

11:16:13.0859 4040 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

11:16:13.0875 4040 Cdaudio - ok

11:16:13.0906 4040 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

11:16:13.0921 4040 Cdfs - ok

11:16:13.0921 4040 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

11:16:13.0937 4040 Cdrom - ok

11:16:13.0937 4040 Changer - ok

11:16:13.0937 4040 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

11:16:13.0937 4040 CiSvc - ok

11:16:13.0953 4040 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

11:16:13.0953 4040 ClipSrv - ok

11:16:13.0984 4040 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:16:13.0984 4040 clr_optimization_v2.0.50727_32 - ok

11:16:14.0000 4040 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:16:14.0031 4040 clr_optimization_v4.0.30319_32 - ok

11:16:14.0046 4040 CmdIde - ok

11:16:14.0046 4040 COMSysApp - ok

11:16:14.0046 4040 Cpqarray - ok

11:16:14.0093 4040 [ E08AC114B931DACAFBDD9D5E0B93815C ] crlscsi C:\WINDOWS\system32\drivers\crlscsi.sys

11:16:14.0093 4040 crlscsi - ok

11:16:14.0125 4040 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

11:16:14.0125 4040 CryptSvc - ok

11:16:14.0125 4040 dac2w2k - ok

11:16:14.0125 4040 dac960nt - ok

11:16:14.0187 4040 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

11:16:14.0187 4040 DcomLaunch - ok

11:16:14.0218 4040 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

11:16:14.0218 4040 Dhcp - ok

11:16:14.0234 4040 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

11:16:14.0234 4040 Disk - ok

11:16:14.0343 4040 [ 7C85CC5570BF718D2B9AD9F53B1B5B55 ] DiskDoctorService C:\Program Files\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe

11:16:14.0359 4040 DiskDoctorService - ok

11:16:14.0359 4040 dmadmin - ok

11:16:14.0375 4040 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

11:16:14.0390 4040 dmboot - ok

11:16:14.0406 4040 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

11:16:14.0421 4040 dmio - ok

11:16:14.0421 4040 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

11:16:14.0437 4040 dmload - ok

11:16:14.0437 4040 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

11:16:14.0453 4040 dmserver - ok

11:16:14.0484 4040 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

11:16:14.0500 4040 DMusic - ok

11:16:14.0515 4040 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

11:16:14.0515 4040 Dnscache - ok

11:16:14.0546 4040 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

11:16:14.0546 4040 Dot3svc - ok

11:16:14.0546 4040 dpti2o - ok

11:16:14.0562 4040 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

11:16:14.0578 4040 drmkaud - ok

11:16:14.0578 4040 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

11:16:14.0593 4040 EapHost - ok

11:16:14.0609 4040 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

11:16:14.0609 4040 ERSvc - ok

11:16:14.0625 4040 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

11:16:14.0625 4040 Eventlog - ok

11:16:14.0656 4040 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

11:16:14.0656 4040 EventSystem - ok

11:16:14.0687 4040 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

11:16:14.0687 4040 Fastfat - ok

11:16:14.0734 4040 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

11:16:14.0734 4040 FastUserSwitchingCompatibility - ok

11:16:14.0734 4040 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

11:16:14.0750 4040 Fdc - ok

11:16:14.0781 4040 [ E3BF65ED403CA85FDA72CC51D9815C4A ] fileHiders C:\WINDOWS\system32\DRIVERS\fileHiders.sys

11:16:14.0796 4040 fileHiders - ok

11:16:14.0812 4040 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

11:16:14.0828 4040 Fips - ok

11:16:14.0828 4040 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

11:16:14.0828 4040 Flpydisk - ok

11:16:14.0890 4040 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys

11:16:14.0890 4040 FltMgr - ok

11:16:14.0906 4040 [ 0494CF9AA76F5A90366722AF1DD0E510 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys

11:16:14.0921 4040 fltsrv - ok

11:16:15.0000 4040 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

11:16:15.0000 4040 FontCache3.0.0.0 - ok

11:16:15.0062 4040 Free Download Manager Controller - ok

11:16:15.0078 4040 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

11:16:15.0078 4040 Fs_Rec - ok

11:16:15.0093 4040 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

11:16:15.0093 4040 Ftdisk - ok

11:16:15.0093 4040 gdrv - ok

11:16:15.0140 4040 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

11:16:15.0140 4040 GEARAspiWDM - ok

11:16:15.0156 4040 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

11:16:15.0156 4040 Gpc - ok

11:16:15.0187 4040 [ 689A8EEF2A2D62B28A0A578A6196531C ] GVTDrv C:\WINDOWS\system32\Drivers\GVTDrv.sys

11:16:15.0187 4040 GVTDrv - ok

11:16:15.0218 4040 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

11:16:15.0234 4040 HDAudBus - ok

11:16:15.0250 4040 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

11:16:15.0265 4040 helpsvc - ok

11:16:15.0281 4040 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

11:16:15.0281 4040 HidServ - ok

11:16:15.0296 4040 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys

11:16:15.0312 4040 hidusb - ok

11:16:15.0343 4040 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

11:16:15.0359 4040 hkmsvc - ok

11:16:15.0359 4040 hpn - ok

11:16:15.0390 4040 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

11:16:15.0406 4040 HTTP - ok

11:16:15.0421 4040 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

11:16:15.0437 4040 HTTPFilter - ok

11:16:15.0437 4040 i2omgmt - ok

11:16:15.0437 4040 i2omp - ok

11:16:15.0437 4040 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

11:16:15.0453 4040 i8042prt - ok

11:16:15.0515 4040 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

11:16:15.0515 4040 IDriverT - ok

11:16:15.0562 4040 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

11:16:15.0578 4040 idsvc - ok

11:16:15.0578 4040 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

11:16:15.0578 4040 Imapi - ok

11:16:15.0593 4040 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

11:16:15.0593 4040 ImapiService - ok

11:16:15.0593 4040 ini910u - ok

11:16:15.0703 4040 [ A7564CC4E170F1E5B84BAE6BB8C5F16E ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

11:16:15.0718 4040 IntcAzAudAddService - ok

11:16:15.0734 4040 IntelIde - ok

11:16:15.0765 4040 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

11:16:15.0781 4040 Ip6Fw - ok

11:16:15.0796 4040 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

11:16:15.0796 4040 IpFilterDriver - ok

11:16:15.0812 4040 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

11:16:15.0828 4040 IpInIp - ok

11:16:15.0843 4040 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

11:16:15.0859 4040 IpNat - ok

11:16:15.0890 4040 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

11:16:15.0906 4040 iPod Service - ok

11:16:15.0906 4040 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

11:16:15.0906 4040 IPSec - ok

11:16:15.0921 4040 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

11:16:15.0937 4040 IRENUM - ok

11:16:15.0984 4040 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

11:16:15.0984 4040 isapnp - ok

11:16:16.0078 4040 [ 724A6A9AB5E1807665C5DB71C30BFC5F ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys

11:16:16.0078 4040 ISWKL - ok

11:16:16.0109 4040 [ 57FE873B8246DEF1372503CBC57A7499 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

11:16:16.0109 4040 IswSvc - ok

11:16:16.0125 4040 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

11:16:16.0125 4040 JavaQuickStarterService - ok

11:16:16.0125 4040 [ 3D6B76B5875A3BC12FB6051C2D5ADE59 ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys

11:16:16.0140 4040 JRAID - ok

11:16:16.0171 4040 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

11:16:16.0187 4040 Kbdclass - ok

11:16:16.0187 4040 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

11:16:16.0187 4040 kbdhid - ok

11:16:16.0203 4040 [ D42359C8A1404EFCB9432DC4CDCCBEA1 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys

11:16:16.0218 4040 KLIF - ok

11:16:16.0234 4040 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

11:16:16.0234 4040 kmixer - ok

11:16:16.0265 4040 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys

11:16:16.0265 4040 KMWDFILTER - ok

11:16:16.0312 4040 [ 02D3F7ADA256D3DD08F3CB910D124CC3 ] KMW_KBD C:\WINDOWS\system32\DRIVERS\KMW_KBD.sys

11:16:16.0312 4040 KMW_KBD - ok

11:16:16.0359 4040 [ 2AA6FEE645780AE93EAE6A12984B60D3 ] KMW_SYS C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys

11:16:16.0359 4040 KMW_SYS - ok

11:16:16.0375 4040 [ A1BC2790E9DB2367087EEE82FAA7086E ] KMW_USB C:\WINDOWS\system32\DRIVERS\KMW_USB.sys

11:16:16.0375 4040 KMW_USB - ok

11:16:16.0390 4040 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

11:16:16.0406 4040 KSecDD - ok

11:16:16.0421 4040 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll

11:16:16.0421 4040 LanmanServer - ok

11:16:16.0468 4040 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

11:16:16.0562 4040 lanmanworkstation - ok

11:16:16.0562 4040 lbrtfdc - ok

11:16:16.0609 4040 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

11:16:16.0609 4040 LmHosts - ok

11:16:16.0687 4040 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

11:16:16.0687 4040 McComponentHostService - ok

11:16:16.0703 4040 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

11:16:16.0703 4040 Messenger - ok

11:16:16.0796 4040 MFE_RR - ok

11:16:16.0828 4040 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

11:16:16.0843 4040 mnmdd - ok

11:16:16.0890 4040 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

11:16:16.0890 4040 mnmsrvc - ok

11:16:16.0890 4040 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

11:16:16.0906 4040 Modem - ok

11:16:16.0937 4040 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys

11:16:16.0968 4040 Monfilt - ok

11:16:16.0984 4040 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

11:16:16.0984 4040 Mouclass - ok

11:16:17.0000 4040 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

11:16:17.0015 4040 mouhid - ok

11:16:17.0015 4040 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

11:16:17.0015 4040 MountMgr - ok

11:16:17.0093 4040 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

11:16:17.0093 4040 MozillaMaintenance - ok

11:16:17.0093 4040 mraid35x - ok

11:16:17.0109 4040 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

11:16:17.0125 4040 MRxDAV - ok

11:16:17.0140 4040 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

11:16:17.0156 4040 MRxSmb - ok

11:16:17.0156 4040 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

11:16:17.0156 4040 MSDTC - ok

11:16:17.0187 4040 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

11:16:17.0187 4040 Msfs - ok

11:16:17.0203 4040 MSIServer - ok

11:16:17.0203 4040 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

11:16:17.0218 4040 MSKSSRV - ok

11:16:17.0250 4040 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

11:16:17.0265 4040 MSPCLOCK - ok

11:16:17.0265 4040 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

11:16:17.0281 4040 MSPQM - ok

11:16:17.0296 4040 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

11:16:17.0312 4040 mssmbios - ok

11:16:17.0312 4040 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

11:16:17.0328 4040 Mup - ok

11:16:17.0343 4040 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

11:16:17.0343 4040 napagent - ok

11:16:17.0375 4040 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

11:16:17.0375 4040 NDIS - ok

11:16:17.0390 4040 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

11:16:17.0390 4040 NdisTapi - ok

11:16:17.0421 4040 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

11:16:17.0421 4040 Ndisuio - ok

11:16:17.0421 4040 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

11:16:17.0437 4040 NdisWan - ok

11:16:17.0500 4040 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

11:16:17.0515 4040 NDProxy - ok

11:16:17.0515 4040 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

11:16:17.0515 4040 NetBIOS - ok

11:16:17.0531 4040 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

11:16:17.0531 4040 NetBT - ok

11:16:17.0531 4040 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

11:16:17.0531 4040 NetDDE - ok

11:16:17.0531 4040 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

11:16:17.0531 4040 NetDDEdsdm - ok

11:16:17.0562 4040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

11:16:17.0562 4040 Netlogon - ok

11:16:17.0578 4040 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

11:16:17.0578 4040 Netman - ok

11:16:17.0609 4040 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

11:16:17.0625 4040 NetTcpPortSharing - ok

11:16:17.0656 4040 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

11:16:17.0656 4040 NIC1394 - ok

11:16:17.0734 4040 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

11:16:17.0734 4040 Nla - ok

11:16:17.0734 4040 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

11:16:17.0750 4040 Npfs - ok

11:16:17.0796 4040 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe

11:16:17.0796 4040 NSL - ok

11:16:17.0812 4040 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

11:16:17.0812 4040 Ntfs - ok

11:16:17.0828 4040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

11:16:17.0828 4040 NtLmSsp - ok

11:16:17.0859 4040 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

11:16:17.0859 4040 NtmsSvc - ok

11:16:17.0921 4040 nTuneService - ok

11:16:17.0937 4040 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

11:16:17.0953 4040 Null - ok

11:16:17.0953 4040 [ 68C890DDB21028CB1EA5551B47B29E1B ] nusb3hub C:\WINDOWS\system32\DRIVERS\nusb3hub.sys

11:16:17.0953 4040 nusb3hub - ok

11:16:18.0000 4040 [ 2CF970C1A9E05D3B91039C2DD4471C0E ] nusb3xhc C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys

11:16:18.0000 4040 nusb3xhc - ok

11:16:18.0203 4040 [ 785500CE8693C06EAAF29FAA64DB17C5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

11:16:18.0250 4040 nv - ok

11:16:18.0265 4040 [ 50ACB7253D1104E5917E15A0670D63D5 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys

11:16:18.0265 4040 NVHDA - ok

11:16:18.0265 4040 [ 96C5900331BD17344F338D006888BAE5 ] nvoclock C:\WINDOWS\system32\DRIVERS\nvoclock.sys

11:16:18.0265 4040 nvoclock - ok

11:16:18.0296 4040 [ 3A990B8FA88E1B9F2D99C1B9B8D76F4B ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

11:16:18.0296 4040 NVSvc - ok

11:16:18.0328 4040 [ 14314A33845ABD19CADA062A037CC2F6 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

11:16:18.0328 4040 nvUpdatusService - ok

11:16:18.0375 4040 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

11:16:18.0375 4040 NwlnkFlt - ok

11:16:18.0390 4040 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

11:16:18.0390 4040 NwlnkFwd - ok

11:16:18.0390 4040 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

11:16:18.0406 4040 ohci1394 - ok

11:16:18.0453 4040 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:16:18.0453 4040 ose - ok

11:16:18.0468 4040 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

11:16:18.0468 4040 Parport - ok

11:16:18.0484 4040 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

11:16:18.0484 4040 PartMgr - ok

11:16:18.0531 4040 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

11:16:18.0531 4040 ParVdm - ok

11:16:18.0531 4040 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

11:16:18.0546 4040 PCI - ok

11:16:18.0546 4040 PCIDump - ok

11:16:18.0546 4040 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

11:16:18.0562 4040 PCIIde - ok

11:16:18.0578 4040 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

11:16:18.0593 4040 Pcmcia - ok

11:16:18.0593 4040 PDCOMP - ok

11:16:18.0593 4040 PDFRAME - ok

11:16:18.0593 4040 PDRELI - ok

11:16:18.0593 4040 PDRFRAME - ok

11:16:18.0609 4040 perc2 - ok

11:16:18.0609 4040 perc2hib - ok

11:16:18.0625 4040 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

11:16:18.0640 4040 PlugPlay - ok

11:16:18.0640 4040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

11:16:18.0640 4040 PolicyAgent - ok

11:16:18.0640 4040 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

11:16:18.0656 4040 PptpMiniport - ok

11:16:18.0703 4040 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

11:16:18.0703 4040 Processor - ok

11:16:18.0718 4040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

11:16:18.0718 4040 ProtectedStorage - ok

11:16:18.0718 4040 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

11:16:18.0734 4040 PSched - ok

11:16:18.0734 4040 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

11:16:18.0734 4040 Ptilink - ok

11:16:18.0734 4040 ql1080 - ok

11:16:18.0750 4040 Ql10wnt - ok

11:16:18.0750 4040 ql12160 - ok

11:16:18.0750 4040 ql1240 - ok

11:16:18.0750 4040 ql1280 - ok

11:16:18.0750 4040 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

11:16:18.0765 4040 RasAcd - ok

11:16:18.0781 4040 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

11:16:18.0781 4040 RasAuto - ok

11:16:18.0796 4040 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

11:16:18.0796 4040 Rasl2tp - ok

11:16:18.0812 4040 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

11:16:18.0812 4040 RasMan - ok

11:16:18.0828 4040 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

11:16:18.0828 4040 RasPppoe - ok

11:16:18.0828 4040 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

11:16:18.0843 4040 Raspti - ok

11:16:18.0859 4040 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

11:16:18.0859 4040 Rdbss - ok

11:16:18.0875 4040 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

11:16:18.0875 4040 RDPCDD - ok

11:16:18.0921 4040 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

11:16:18.0937 4040 RDPWD - ok

11:16:18.0968 4040 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

11:16:18.0984 4040 RDSessMgr - ok

11:16:18.0984 4040 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

11:16:19.0000 4040 redbook - ok

11:16:19.0000 4040 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

11:16:19.0000 4040 RemoteAccess - ok

11:16:19.0000 4040 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys

11:16:19.0015 4040 ROOTMODEM - ok

11:16:19.0015 4040 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

11:16:19.0015 4040 RpcLocator - ok

11:16:19.0031 4040 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

11:16:19.0031 4040 RpcSs - ok

11:16:19.0031 4040 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

11:16:19.0031 4040 RSVP - ok

11:16:19.0093 4040 [ 64A36BB3D4D95420F063302E4999D4EE ] rtkio C:\Program Files\Realtek\Smart Dual Lan\rtkio.sys

11:16:19.0109 4040 rtkio - ok

11:16:19.0187 4040 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

11:16:19.0187 4040 RTLE8023xp - ok

11:16:19.0203 4040 [ 5FFD2AAF467B80FAB34929AFB7702060 ] RtNdPt5x C:\WINDOWS\system32\DRIVERS\RtNdPt5x.sys

11:16:19.0203 4040 RtNdPt5x - ok

11:16:19.0203 4040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

11:16:19.0203 4040 SamSs - ok

11:16:19.0312 4040 [ 230FD3749904CA045EA5EC0AA14006E9 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\WNt500x86\Sandra.sys

11:16:19.0328 4040 SANDRA - ok

11:16:19.0328 4040 [ CBA10EE7144C6F7E1DAC17BDF3E7C27B ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\RpcAgentSrv.exe

11:16:19.0328 4040 SandraAgentSrv - ok

11:16:19.0328 4040 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

11:16:19.0328 4040 SCardSvr - ok

11:16:19.0359 4040 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

11:16:19.0359 4040 Schedule - ok

11:16:19.0375 4040 [ 99EDC7DF9CBAD5BD276390D54A6A1F00 ] SDLService C:\Program Files\Realtek\Smart Dual Lan\SDLService.exe

11:16:19.0375 4040 SDLService - ok

11:16:19.0390 4040 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

11:16:19.0390 4040 Secdrv - ok

11:16:19.0406 4040 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

11:16:19.0406 4040 seclogon - ok

11:16:19.0437 4040 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

11:16:19.0437 4040 SENS - ok

11:16:19.0437 4040 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

11:16:19.0437 4040 serenum - ok

11:16:19.0453 4040 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

11:16:19.0453 4040 Serial - ok

11:16:19.0500 4040 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

11:16:19.0515 4040 Sfloppy - ok

11:16:19.0546 4040 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

11:16:19.0546 4040 SharedAccess - ok

11:16:19.0562 4040 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

11:16:19.0562 4040 ShellHWDetection - ok

11:16:19.0562 4040 Simbad - ok

11:16:19.0609 4040 [ B8A2D4B57799555546F5A72FB82F838B ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys

11:16:19.0609 4040 snapman - ok

11:16:19.0625 4040 Sparrow - ok

11:16:19.0718 4040 [ A8493E43F9D4B22BBED2D424D03ED273 ] SpeedDiskService C:\Program Files\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe

11:16:19.0718 4040 SpeedDiskService - ok

11:16:19.0765 4040 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

11:16:19.0781 4040 splitter - ok

11:16:19.0828 4040 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

11:16:19.0828 4040 Spooler - ok

11:16:19.0828 4040 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

11:16:19.0843 4040 sr - ok

11:16:19.0843 4040 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

11:16:19.0859 4040 srservice - ok

11:16:19.0921 4040 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

11:16:19.0937 4040 Srv - ok

11:16:19.0953 4040 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

11:16:19.0953 4040 SSDPSRV - ok

11:16:19.0984 4040 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

11:16:19.0984 4040 stisvc - ok

11:16:20.0000 4040 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

11:16:20.0015 4040 swenum - ok

11:16:20.0031 4040 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

11:16:20.0046 4040 swmidi - ok

11:16:20.0046 4040 SwPrv - ok

11:16:20.0046 4040 symc810 - ok

11:16:20.0046 4040 symc8xx - ok

11:16:20.0078 4040 [ 4C155FA65CBF81513E4B9D088737E9CF ] SymDSMon C:\WINDOWS\system32\drivers\SymDSMon.sys

11:16:20.0078 4040 SymDSMon - ok

11:16:20.0078 4040 [ E9983667331D463F1E5B34F9170A9AE0 ] SYMSpeedDisk C:\WINDOWS\system32\drivers\SymSpeedDisk.sys

11:16:20.0093 4040 SYMSpeedDisk - ok

11:16:20.0093 4040 sym_hi - ok

11:16:20.0093 4040 sym_u3 - ok

11:16:20.0250 4040 [ 70042E6C2B695E2978B2E13654EF276E ] syncagentsrv C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe

11:16:20.0281 4040 syncagentsrv - ok

11:16:20.0328 4040 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

11:16:20.0328 4040 sysaudio - ok

11:16:20.0359 4040 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

11:16:20.0359 4040 SysmonLog - ok

11:16:20.0375 4040 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

11:16:20.0375 4040 TapiSrv - ok

11:16:20.0390 4040 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

11:16:20.0406 4040 Tcpip - ok

11:16:20.0437 4040 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

11:16:20.0453 4040 TDPIPE - ok

11:16:20.0500 4040 [ FF985011AC9FFE29866003F41361AA8D ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys

11:16:20.0531 4040 tdrpman - ok

11:16:20.0546 4040 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

11:16:20.0546 4040 TDTCP - ok

11:16:20.0546 4040 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

11:16:20.0562 4040 TermDD - ok

11:16:20.0609 4040 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

11:16:20.0609 4040 TermService - ok

11:16:20.0625 4040 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

11:16:20.0625 4040 Themes - ok

11:16:20.0656 4040 [ D8101E21C746F8234B3DB6AACC3A55BB ] tib C:\WINDOWS\system32\DRIVERS\tib.sys

11:16:20.0671 4040 tib - ok

11:16:20.0671 4040 [ F6A890A7FE12CCF0D34D3C15AB1D2B46 ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys

11:16:20.0671 4040 tib_mounter - ok

11:16:20.0687 4040 TosIde - ok

11:16:20.0734 4040 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

11:16:20.0750 4040 TrkWks - ok

11:16:20.0765 4040 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

11:16:20.0781 4040 Udfs - ok

11:16:20.0796 4040 ultra - ok

11:16:20.0812 4040 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

11:16:20.0828 4040 Update - ok

11:16:20.0906 4040 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

11:16:20.0906 4040 upnphost - ok

11:16:20.0937 4040 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

11:16:20.0937 4040 UPS - ok

11:16:20.0984 4040 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys

11:16:20.0984 4040 USBAAPL - ok

11:16:21.0031 4040 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

11:16:21.0046 4040 usbccgp - ok

11:16:21.0062 4040 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

11:16:21.0062 4040 usbehci - ok

11:16:21.0109 4040 [ E5B14557793164DB879EE56F5B59C3E2 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys

11:16:21.0125 4040 usbfilter - ok

11:16:21.0125 4040 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

11:16:21.0125 4040 usbhub - ok

11:16:21.0140 4040 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

11:16:21.0140 4040 usbohci - ok

11:16:21.0203 4040 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

11:16:21.0203 4040 usbprint - ok

11:16:21.0234 4040 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

11:16:21.0234 4040 USBSTOR - ok

11:16:21.0234 4040 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

11:16:21.0250 4040 VgaSave - ok

11:16:21.0250 4040 ViaIde - ok

11:16:21.0265 4040 [ 32CE9263994A4C714FBA8AA5408741CD ] vididr C:\WINDOWS\system32\DRIVERS\vididr.sys

11:16:21.0281 4040 vididr - ok

11:16:21.0281 4040 [ 1DD53BB11BDAB317E065FFE429831751 ] vidsflt C:\WINDOWS\system32\DRIVERS\vidsflt.sys

11:16:21.0296 4040 vidsflt - ok

11:16:21.0312 4040 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

11:16:21.0312 4040 VolSnap - ok

11:16:21.0328 4040 [ 5C826F02FF76F07B332C764BB9644F27 ] Vsdatant C:\WINDOWS\system32\vsdatant.sys

11:16:21.0343 4040 Vsdatant - ok

11:16:21.0343 4040 vsmon - ok

11:16:21.0359 4040 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

11:16:21.0375 4040 VSS - ok

11:16:21.0390 4040 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

11:16:21.0406 4040 W32Time - ok

11:16:21.0406 4040 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

11:16:21.0406 4040 Wanarp - ok

11:16:21.0421 4040 WDICA - ok

11:16:21.0468 4040 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

11:16:21.0484 4040 wdmaud - ok

11:16:21.0500 4040 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

11:16:21.0500 4040 WebClient - ok

11:16:21.0578 4040 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

11:16:21.0578 4040 winmgmt - ok

11:16:21.0656 4040 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll

11:16:21.0656 4040 WinRM - ok

11:16:21.0718 4040 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

11:16:21.0718 4040 WmdmPmSN - ok

11:16:21.0765 4040 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

11:16:21.0765 4040 WmiAcpi - ok

11:16:21.0781 4040 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

11:16:21.0781 4040 WmiApSrv - ok

11:16:21.0812 4040 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

11:16:21.0828 4040 WMPNetworkSvc - ok

11:16:21.0875 4040 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

11:16:21.0890 4040 WPFFontCache_v0400 - ok

11:16:21.0921 4040 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

11:16:21.0921 4040 wscsvc - ok

11:16:21.0921 4040 WSearch - ok

11:16:21.0968 4040 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

11:16:21.0968 4040 wuauserv - ok

11:16:22.0000 4040 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

11:16:22.0015 4040 WudfPf - ok

11:16:22.0015 4040 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

11:16:22.0031 4040 WudfRd - ok

11:16:22.0046 4040 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

11:16:22.0062 4040 WudfSvc - ok

11:16:22.0109 4040 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

11:16:22.0109 4040 WZCSVC - ok

11:16:22.0140 4040 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

11:16:22.0140 4040 xmlprov - ok

11:16:22.0156 4040 ================ Scan global ===============================

11:16:22.0171 4040 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

11:16:22.0187 4040 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

11:16:22.0187 4040 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

11:16:22.0203 4040 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

11:16:22.0203 4040 [Global] - ok

11:16:22.0203 4040 ================ Scan MBR ==================================

11:16:22.0218 4040 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

11:16:23.0250 4040 \Device\Harddisk0\DR0 - ok

11:16:23.0250 4040 ================ Scan VBR ==================================

11:16:23.0250 4040 [ 018603B3E1F7808A14C5877A214BD90C ] \Device\Harddisk0\DR0\Partition1

11:16:23.0250 4040 \Device\Harddisk0\DR0\Partition1 - ok

11:16:23.0250 4040 ============================================================

11:16:23.0250 4040 Scan finished

11:16:23.0250 4040 ============================================================

11:16:23.0265 1988 Detected object count: 0

11:16:23.0265 1988 Actual detected object count: 0

11:17:39.0671 5180 ============================================================

11:17:39.0671 5180 Scan started

11:17:39.0671 5180 Mode: Manual; TDLFS;

11:17:39.0671 5180 ============================================================

11:17:40.0031 5180 ================ Scan system memory ========================

11:17:40.0031 5180 System memory - ok

11:17:40.0031 5180 ================ Scan services =============================

11:17:40.0109 5180 0314974drv - ok

11:17:40.0109 5180 Abiosdsk - ok

11:17:40.0109 5180 abp480n5 - ok

11:17:40.0156 5180 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

11:17:40.0156 5180 ACPI - ok

11:17:40.0187 5180 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

11:17:40.0187 5180 ACPIEC - ok

11:17:40.0250 5180 [ DFF3638D9E2748ABF1E5F68D6051AE0B ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

11:17:40.0250 5180 AcrSch2Svc - ok

11:17:40.0343 5180 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

11:17:40.0343 5180 AdobeFlashPlayerUpdateSvc - ok

11:17:40.0343 5180 adpu160m - ok

11:17:40.0406 5180 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

11:17:40.0406 5180 aec - ok

11:17:40.0453 5180 [ DF139E5866C19E0B3217EF210198D875 ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys

11:17:40.0453 5180 afcdp - ok

11:17:40.0546 5180 [ 051B0369593D350A0610FC2E3F1F8AFD ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

11:17:40.0562 5180 afcdpsrv - ok

11:17:40.0609 5180 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

11:17:40.0609 5180 AFD - ok

11:17:40.0609 5180 Aha154x - ok

11:17:40.0609 5180 aic78u2 - ok

11:17:40.0609 5180 aic78xx - ok

11:17:40.0640 5180 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

11:17:40.0640 5180 Alerter - ok

11:17:40.0656 5180 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

11:17:40.0656 5180 ALG - ok

11:17:40.0671 5180 AliIde - ok

11:17:40.0734 5180 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys

11:17:40.0750 5180 Ambfilt - ok

11:17:40.0781 5180 [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM C:\WINDOWS\system32\DRIVERS\AmdPPM.sys

11:17:40.0781 5180 AmdPPM - ok

11:17:40.0796 5180 amsint - ok

11:17:40.0843 5180 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

11:17:40.0843 5180 Apple Mobile Device - ok

11:17:40.0843 5180 AppMgmt - ok

11:17:40.0859 5180 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

11:17:40.0859 5180 Arp1394 - ok

11:17:40.0859 5180 asc - ok

11:17:40.0859 5180 asc3350p - ok

11:17:40.0859 5180 asc3550 - ok

11:17:40.0968 5180 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

11:17:40.0968 5180 aspnet_state - ok

11:17:40.0968 5180 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

11:17:40.0968 5180 AsyncMac - ok

11:17:40.0984 5180 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

11:17:40.0984 5180 atapi - ok

11:17:40.0984 5180 Atdisk - ok

11:17:40.0984 5180 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

11:17:40.0984 5180 Atmarpc - ok

11:17:41.0000 5180 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

11:17:41.0000 5180 AudioSrv - ok

11:17:41.0031 5180 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

11:17:41.0046 5180 audstub - ok

11:17:41.0093 5180 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

11:17:41.0093 5180 Beep - ok

11:17:41.0140 5180 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

11:17:41.0140 5180 BITS - ok

11:17:41.0156 5180 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

11:17:41.0156 5180 Bonjour Service - ok

11:17:41.0203 5180 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

11:17:41.0203 5180 Browser - ok

11:17:41.0234 5180 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

11:17:41.0234 5180 cbidf2k - ok

11:17:41.0250 5180 [ 2B2F9B4A08190334A9C36446B208BAE9 ] ccSet_NST C:\WINDOWS\system32\drivers\NST\0200000.010\ccSetx86.sys

11:17:41.0250 5180 ccSet_NST - ok

11:17:41.0250 5180 cd20xrnt - ok

11:17:41.0281 5180 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

11:17:41.0281 5180 Cdaudio - ok

11:17:41.0281 5180 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

11:17:41.0281 5180 Cdfs - ok

11:17:41.0296 5180 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

11:17:41.0296 5180 Cdrom - ok

11:17:41.0296 5180 Changer - ok

11:17:41.0343 5180 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

11:17:41.0343 5180 CiSvc - ok

11:17:41.0375 5180 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

11:17:41.0375 5180 ClipSrv - ok

11:17:41.0437 5180 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:17:41.0437 5180 clr_optimization_v2.0.50727_32 - ok

11:17:41.0437 5180 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:17:41.0437 5180 clr_optimization_v4.0.30319_32 - ok

11:17:41.0437 5180 CmdIde - ok

11:17:41.0453 5180 COMSysApp - ok

11:17:41.0453 5180 Cpqarray - ok

11:17:41.0500 5180 [ E08AC114B931DACAFBDD9D5E0B93815C ] crlscsi C:\WINDOWS\system32\drivers\crlscsi.sys

11:17:41.0500 5180 crlscsi - ok

11:17:41.0515 5180 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

11:17:41.0515 5180 CryptSvc - ok

11:17:41.0515 5180 dac2w2k - ok

11:17:41.0515 5180 dac960nt - ok

11:17:41.0578 5180 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

11:17:41.0578 5180 DcomLaunch - ok

11:17:41.0593 5180 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

11:17:41.0593 5180 Dhcp - ok

11:17:41.0609 5180 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

11:17:41.0609 5180 Disk - ok

11:17:41.0703 5180 [ 7C85CC5570BF718D2B9AD9F53B1B5B55 ] DiskDoctorService C:\Program Files\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe

11:17:41.0703 5180 DiskDoctorService - ok

11:17:41.0718 5180 dmadmin - ok

11:17:41.0734 5180 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

11:17:41.0734 5180 dmboot - ok

11:17:41.0750 5180 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

11:17:41.0750 5180 dmio - ok

11:17:41.0750 5180 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

11:17:41.0750 5180 dmload - ok

11:17:41.0750 5180 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

11:17:41.0750 5180 dmserver - ok

11:17:41.0796 5180 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

11:17:41.0796 5180 DMusic - ok

11:17:41.0812 5180 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

11:17:41.0812 5180 Dnscache - ok

11:17:41.0828 5180 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

11:17:41.0828 5180 Dot3svc - ok

11:17:41.0828 5180 dpti2o - ok

11:17:41.0859 5180 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

11:17:41.0859 5180 drmkaud - ok

11:17:41.0875 5180 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

11:17:41.0875 5180 EapHost - ok

11:17:41.0890 5180 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

11:17:41.0890 5180 ERSvc - ok

11:17:41.0921 5180 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

11:17:41.0921 5180 Eventlog - ok

11:17:41.0968 5180 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

11:17:41.0968 5180 EventSystem - ok

11:17:41.0984 5180 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

11:17:41.0984 5180 Fastfat - ok

11:17:42.0015 5180 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

11:17:42.0031 5180 FastUserSwitchingCompatibility - ok

11:17:42.0031 5180 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

11:17:42.0031 5180 Fdc - ok

11:17:42.0062 5180 [ E3BF65ED403CA85FDA72CC51D9815C4A ] fileHiders C:\WINDOWS\system32\DRIVERS\fileHiders.sys

11:17:42.0078 5180 fileHiders - ok

11:17:42.0093 5180 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

11:17:42.0093 5180 Fips - ok

11:17:42.0093 5180 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

11:17:42.0093 5180 Flpydisk - ok

11:17:42.0140 5180 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys

11:17:42.0140 5180 FltMgr - ok

11:17:42.0156 5180 [ 0494CF9AA76F5A90366722AF1DD0E510 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys

11:17:42.0156 5180 fltsrv - ok

11:17:42.0187 5180 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

11:17:42.0187 5180 FontCache3.0.0.0 - ok

11:17:42.0234 5180 Free Download Manager Controller - ok

11:17:42.0265 5180 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

11:17:42.0265 5180 Fs_Rec - ok

11:17:42.0265 5180 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

11:17:42.0265 5180 Ftdisk - ok

11:17:42.0265 5180 gdrv - ok

11:17:42.0312 5180 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

11:17:42.0312 5180 GEARAspiWDM - ok

11:17:42.0312 5180 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

11:17:42.0312 5180 Gpc - ok

11:17:42.0359 5180 [ 689A8EEF2A2D62B28A0A578A6196531C ] GVTDrv C:\WINDOWS\system32\Drivers\GVTDrv.sys

11:17:42.0359 5180 GVTDrv - ok

11:17:42.0375 5180 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

11:17:42.0375 5180 HDAudBus - ok

11:17:42.0406 5180 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

11:17:42.0406 5180 helpsvc - ok

11:17:42.0437 5180 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

11:17:42.0437 5180 HidServ - ok

11:17:42.0453 5180 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys

11:17:42.0453 5180 hidusb - ok

11:17:42.0468 5180 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

11:17:42.0484 5180 hkmsvc - ok

11:17:42.0484 5180 hpn - ok

11:17:42.0515 5180 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

11:17:42.0515 5180 HTTP - ok

11:17:42.0531 5180 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

11:17:42.0531 5180 HTTPFilter - ok

11:17:42.0546 5180 i2omgmt - ok

11:17:42.0546 5180 i2omp - ok

11:17:42.0546 5180 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

11:17:42.0546 5180 i8042prt - ok

11:17:42.0609 5180 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

11:17:42.0609 5180 IDriverT - ok

11:17:42.0656 5180 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

11:17:42.0656 5180 idsvc - ok

11:17:42.0671 5180 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

11:17:42.0671 5180 Imapi - ok

11:17:42.0671 5180 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

11:17:42.0671 5180 ImapiService - ok

11:17:42.0687 5180 ini910u - ok

11:17:42.0812 5180 [ A7564CC4E170F1E5B84BAE6BB8C5F16E ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

11:17:42.0828 5180 IntcAzAudAddService - ok

11:17:42.0828 5180 IntelIde - ok

11:17:42.0890 5180 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

11:17:42.0890 5180 Ip6Fw - ok

11:17:42.0937 5180 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

11:17:42.0937 5180 IpFilterDriver - ok

11:17:42.0937 5180 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

11:17:42.0937 5180 IpInIp - ok

11:17:42.0937 5180 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

11:17:42.0937 5180 IpNat - ok

11:17:42.0984 5180 [ E46B17060D3962A384AE484094614788 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

11:17:42.0984 5180 iPod Service - ok

11:17:43.0000 5180 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

11:17:43.0000 5180 IPSec - ok

11:17:43.0015 5180 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

11:17:43.0015 5180 IRENUM - ok

11:17:43.0046 5180 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

11:17:43.0046 5180 isapnp - ok

11:17:43.0125 5180 [ 724A6A9AB5E1807665C5DB71C30BFC5F ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys

11:17:43.0125 5180 ISWKL - ok

11:17:43.0171 5180 [ 57FE873B8246DEF1372503CBC57A7499 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

11:17:43.0171 5180 IswSvc - ok

11:17:43.0250 5180 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

11:17:43.0250 5180 JavaQuickStarterService - ok

11:17:43.0265 5180 [ 3D6B76B5875A3BC12FB6051C2D5ADE59 ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys

11:17:43.0265 5180 JRAID - ok

11:17:43.0265 5180 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

11:17:43.0265 5180 Kbdclass - ok

11:17:43.0265 5180 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

11:17:43.0265 5180 kbdhid - ok

11:17:43.0296 5180 [ D42359C8A1404EFCB9432DC4CDCCBEA1 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys

11:17:43.0296 5180 KLIF - ok

11:17:43.0312 5180 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

11:17:43.0312 5180 kmixer - ok

11:17:43.0343 5180 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys

11:17:43.0343 5180 KMWDFILTER - ok

11:17:43.0390 5180 [ 02D3F7ADA256D3DD08F3CB910D124CC3 ] KMW_KBD C:\WINDOWS\system32\DRIVERS\KMW_KBD.sys

11:17:43.0390 5180 KMW_KBD - ok

11:17:43.0406 5180 [ 2AA6FEE645780AE93EAE6A12984B60D3 ] KMW_SYS C:\WINDOWS\system32\DRIVERS\KMW_SYS.sys

11:17:43.0406 5180 KMW_SYS - ok

11:17:43.0406 5180 [ A1BC2790E9DB2367087EEE82FAA7086E ] KMW_USB C:\WINDOWS\system32\DRIVERS\KMW_USB.sys

11:17:43.0406 5180 KMW_USB - ok

11:17:43.0421 5180 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

11:17:43.0421 5180 KSecDD - ok

11:17:43.0437 5180 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll

11:17:43.0437 5180 LanmanServer - ok

11:17:43.0468 5180 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

11:17:43.0468 5180 lanmanworkstation - ok

11:17:43.0468 5180 lbrtfdc - ok

11:17:43.0484 5180 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

11:17:43.0484 5180 LmHosts - ok

11:17:43.0562 5180 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

11:17:43.0562 5180 McComponentHostService - ok

11:17:43.0593 5180 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

11:17:43.0593 5180 Messenger - ok

11:17:43.0671 5180 MFE_RR - ok

11:17:43.0703 5180 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

11:17:43.0703 5180 mnmdd - ok

11:17:43.0718 5180 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

11:17:43.0718 5180 mnmsrvc - ok

11:17:43.0734 5180 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

11:17:43.0734 5180 Modem - ok

11:17:43.0765 5180 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys

11:17:43.0765 5180 Monfilt - ok

11:17:43.0781 5180 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

11:17:43.0781 5180 Mouclass - ok

11:17:43.0812 5180 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

11:17:43.0812 5180 mouhid - ok

11:17:43.0812 5180 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

11:17:43.0812 5180 MountMgr - ok

11:17:43.0875 5180 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

11:17:43.0875 5180 MozillaMaintenance - ok

11:17:43.0890 5180 mraid35x - ok

11:17:43.0906 5180 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

11:17:43.0906 5180 MRxDAV - ok

11:17:43.0906 5180 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

11:17:43.0906 5180 MRxSmb - ok

11:17:43.0937 5180 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

11:17:43.0937 5180 MSDTC - ok

11:17:43.0953 5180 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

11:17:43.0953 5180 Msfs - ok

11:17:43.0968 5180 MSIServer - ok

11:17:43.0984 5180 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

11:17:43.0984 5180 MSKSSRV - ok

11:17:44.0015 5180 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

11:17:44.0015 5180 MSPCLOCK - ok

11:17:44.0031 5180 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

11:17:44.0031 5180 MSPQM - ok

11:17:44.0062 5180 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

11:17:44.0062 5180 mssmbios - ok

11:17:44.0078 5180 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

11:17:44.0078 5180 Mup - ok

11:17:44.0109 5180 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

11:17:44.0109 5180 napagent - ok

11:17:44.0140 5180 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

11:17:44.0140 5180 NDIS - ok

11:17:44.0156 5180 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

11:17:44.0156 5180 NdisTapi - ok

11:17:44.0187 5180 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

11:17:44.0187 5180 Ndisuio - ok

11:17:44.0187 5180 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

11:17:44.0203 5180 NdisWan - ok

11:17:44.0218 5180 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

11:17:44.0218 5180 NDProxy - ok

11:17:44.0218 5180 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

11:17:44.0218 5180 NetBIOS - ok

11:17:44.0234 5180 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

11:17:44.0234 5180 NetBT - ok

11:17:44.0234 5180 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

11:17:44.0234 5180 NetDDE - ok

11:17:44.0250 5180 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

11:17:44.0250 5180 NetDDEdsdm - ok

11:17:44.0265 5180 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

11:17:44.0265 5180 Netlogon - ok

11:17:44.0281 5180 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

11:17:44.0281 5180 Netman - ok

11:17:44.0312 5180 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

11:17:44.0312 5180 NetTcpPortSharing - ok

11:17:44.0343 5180 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

11:17:44.0343 5180 NIC1394 - ok

11:17:44.0390 5180 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

11:17:44.0390 5180 Nla - ok

11:17:44.0390 5180 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

11:17:44.0390 5180 Npfs - ok

11:17:44.0453 5180 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe

11:17:44.0453 5180 NSL - ok

11:17:44.0468 5180 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

11:17:44.0468 5180 Ntfs - ok

11:17:44.0468 5180 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

11:17:44.0468 5180 NtLmSsp - ok

11:17:44.0500 5180 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

11:17:44.0500 5180 NtmsSvc - ok

11:17:44.0546 5180 nTuneService - ok

11:17:44.0562 5180 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

11:17:44.0562 5180 Null - ok

11:17:44.0562 5180 [ 68C890DDB21028CB1EA5551B47B29E1B ] nusb3hub C:\WINDOWS\system32\DRIVERS\nusb3hub.sys

11:17:44.0562 5180 nusb3hub - ok

11:17:44.0609 5180 [ 2CF970C1A9E05D3B91039C2DD4471C0E ] nusb3xhc C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys

11:17:44.0609 5180 nusb3xhc - ok

11:17:44.0812 5180 [ 785500CE8693C06EAAF29FAA64DB17C5 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

11:17:44.0859 5180 nv - ok

11:17:44.0875 5180 [ 50ACB7253D1104E5917E15A0670D63D5 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys

11:17:44.0875 5180 NVHDA - ok

11:17:44.0890 5180 [ 96C5900331BD17344F338D006888BAE5 ] nvoclock C:\WINDOWS\system32\DRIVERS\nvoclock.sys

11:17:44.0890 5180 nvoclock - ok

11:17:44.0921 5180 [ 3A990B8FA88E1B9F2D99C1B9B8D76F4B ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

11:17:44.0921 5180 NVSvc - ok

11:17:44.0968 5180 [ 14314A33845ABD19CADA062A037CC2F6 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

11:17:44.0984 5180 nvUpdatusService - ok

11:17:45.0015 5180 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

11:17:45.0015 5180 NwlnkFlt - ok

11:17:45.0031 5180 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

11:17:45.0031 5180 NwlnkFwd - ok

11:17:45.0031 5180 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

11:17:45.0031 5180 ohci1394 - ok

11:17:45.0078 5180 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:17:45.0078 5180 ose - ok

11:17:45.0078 5180 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

11:17:45.0078 5180 Parport - ok

11:17:45.0078 5180 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

11:17:45.0078 5180 PartMgr - ok

11:17:45.0125 5180 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

11:17:45.0125 5180 ParVdm - ok

11:17:45.0125 5180 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

11:17:45.0125 5180 PCI - ok

11:17:45.0125 5180 PCIDump - ok

11:17:45.0125 5180 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

11:17:45.0125 5180 PCIIde - ok

11:17:45.0156 5180 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

11:17:45.0156 5180 Pcmcia - ok

11:17:45.0156 5180 PDCOMP - ok

11:17:45.0156 5180 PDFRAME - ok

11:17:45.0156 5180 PDRELI - ok

11:17:45.0171 5180 PDRFRAME - ok

11:17:45.0171 5180 perc2 - ok

11:17:45.0171 5180 perc2hib - ok

11:17:45.0203 5180 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

11:17:45.0203 5180 PlugPlay - ok

11:17:45.0203 5180 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

11:17:45.0203 5180 PolicyAgent - ok

11:17:45.0218 5180 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

11:17:45.0218 5180 PptpMiniport - ok

11:17:45.0265 5180 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

11:17:45.0265 5180 Processor - ok

11:17:45.0265 5180 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

11:17:45.0265 5180 ProtectedStorage - ok

11:17:45.0265 5180 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

11:17:45.0265 5180 PSched - ok

11:17:45.0265 5180 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

11:17:45.0265 5180 Ptilink - ok

11:17:45.0281 5180 ql1080 - ok

11:17:45.0281 5180 Ql10wnt - ok

11:17:45.0281 5180 ql12160 - ok

11:17:45.0281 5180 ql1240 - ok

11:17:45.0281 5180 ql1280 - ok

11:17:45.0296 5180 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

11:17:45.0296 5180 RasAcd - ok

11:17:45.0312 5180 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

11:17:45.0312 5180 RasAuto - ok

11:17:45.0312 5180 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

11:17:45.0312 5180 Rasl2tp - ok

11:17:45.0343 5180 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

11:17:45.0343 5180 RasMan - ok

11:17:45.0343 5180 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

11:17:45.0343 5180 RasPppoe - ok

11:17:45.0343 5180 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

11:17:45.0343 5180 Raspti - ok

11:17:45.0359 5180 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

11:17:45.0359 5180 Rdbss - ok

11:17:45.0375 5180 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

11:17:45.0375 5180 RDPCDD - ok

11:17:45.0406 5180 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

11:17:45.0406 5180 RDPWD - ok

11:17:45.0437 5180 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

11:17:45.0437 5180 RDSessMgr - ok

11:17:45.0453 5180 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

11:17:45.0453 5180 redbook - ok

11:17:45.0468 5180 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

11:17:45.0468 5180 RemoteAccess - ok

11:17:45.0468 5180 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys

11:17:45.0468 5180 ROOTMODEM - ok

11:17:45.0484 5180 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

11:17:45.0484 5180 RpcLocator - ok

11:17:45.0515 5180 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

11:17:45.0515 5180 RpcSs - ok

11:17:45.0515 5180 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

11:17:45.0515 5180 RSVP - ok

11:17:45.0578 5180 [ 64A36BB3D4D95420F063302E4999D4EE ] rtkio C:\Program Files\Realtek\Smart Dual Lan\rtkio.sys

11:17:45.0578 5180 rtkio - ok

11:17:45.0609 5180 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

11:17:45.0625 5180 RTLE8023xp - ok

11:17:45.0625 5180 [ 5FFD2AAF467B80FAB34929AFB7702060 ] RtNdPt5x C:\WINDOWS\system32\DRIVERS\RtNdPt5x.sys

11:17:45.0625 5180 RtNdPt5x - ok

11:17:45.0640 5180 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

11:17:45.0640 5180 SamSs - ok

11:17:45.0734 5180 [ 230FD3749904CA045EA5EC0AA14006E9 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\WNt500x86\Sandra.sys

11:17:45.0734 5180 SANDRA - ok

11:17:45.0734 5180 [ CBA10EE7144C6F7E1DAC17BDF3E7C27B ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP1x\RpcAgentSrv.exe

11:17:45.0734 5180 SandraAgentSrv - ok

11:17:45.0734 5180 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

11:17:45.0734 5180 SCardSvr - ok

11:17:45.0781 5180 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

11:17:45.0781 5180 Schedule - ok

11:17:45.0781 5180 [ 99EDC7DF9CBAD5BD276390D54A6A1F00 ] SDLService C:\Program Files\Realtek\Smart Dual Lan\SDLService.exe

11:17:45.0781 5180 SDLService - ok

11:17:45.0812 5180 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

11:17:45.0812 5180 Secdrv - ok

11:17:45.0828 5180 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

11:17:45.0828 5180 seclogon - ok

11:17:45.0843 5180 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

11:17:45.0843 5180 SENS - ok

11:17:45.0843 5180 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

11:17:45.0859 5180 serenum - ok

11:17:45.0859 5180 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

11:17:45.0859 5180 Serial - ok

11:17:45.0875 5180 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

11:17:45.0875 5180 Sfloppy - ok

11:17:45.0906 5180 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

11:17:45.0906 5180 SharedAccess - ok

11:17:45.0906 5180 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

11:17:45.0906 5180 ShellHWDetection - ok

11:17:45.0921 5180 Simbad - ok

11:17:45.0953 5180 [ B8A2D4B57799555546F5A72FB82F838B ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys

11:17:45.0968 5180 snapman - ok

11:17:45.0968 5180 Sparrow - ok

11:17:46.0046 5180 [ A8493E43F9D4B22BBED2D424D03ED273 ] SpeedDiskService C:\Program Files\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe

11:17:46.0046 5180 SpeedDiskService - ok

11:17:46.0093 5180 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

11:17:46.0093 5180 splitter - ok

11:17:46.0125 5180 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

11:17:46.0125 5180 Spooler - ok

11:17:46.0140 5180 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

11:17:46.0140 5180 sr - ok

11:17:46.0140 5180 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

11:17:46.0140 5180 srservice - ok

11:17:46.0187 5180 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

11:17:46.0187 5180 Srv - ok

11:17:46.0203 5180 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

11:17:46.0203 5180 SSDPSRV - ok

11:17:46.0218 5180 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

11:17:46.0218 5180 stisvc - ok

11:17:46.0250 5180 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

11:17:46.0250 5180 swenum - ok

11:17:46.0250 5180 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

11:17:46.0265 5180 swmidi - ok

11:17:46.0265 5180 SwPrv - ok

11:17:46.0265 5180 symc810 - ok

11:17:46.0265 5180 symc8xx - ok

11:17:46.0312 5180 [ 4C155FA65CBF81513E4B9D088737E9CF ] SymDSMon C:\WINDOWS\system32\drivers\SymDSMon.sys

11:17:46.0312 5180 SymDSMon - ok

11:17:46.0312 5180 [ E9983667331D463F1E5B34F9170A9AE0 ] SYMSpeedDisk C:\WINDOWS\system32\drivers\SymSpeedDisk.sys

11:17:46.0312 5180 SYMSpeedDisk - ok

11:17:46.0312 5180 sym_hi - ok

11:17:46.0328 5180 sym_u3 - ok

11:17:46.0484 5180 [ 70042E6C2B695E2978B2E13654EF276E ] syncagentsrv C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe

11:17:46.0500 5180 syncagentsrv - ok

11:17:46.0531 5180 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

11:17:46.0531 5180 sysaudio - ok

11:17:46.0562 5180 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

11:17:46.0562 5180 SysmonLog - ok

11:17:46.0609 5180 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

11:17:46.0609 5180 TapiSrv - ok

11:17:46.0625 5180 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

11:17:46.0625 5180 Tcpip - ok

11:17:46.0671 5180 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

11:17:46.0671 5180 TDPIPE - ok

11:17:46.0718 5180 [ FF985011AC9FFE29866003F41361AA8D ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys

11:17:46.0718 5180 tdrpman - ok

11:17:46.0734 5180 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

11:17:46.0734 5180 TDTCP - ok

11:17:46.0750 5180 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

11:17:46.0750 5180 TermDD - ok

11:17:46.0765 5180 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

11:17:46.0765 5180 TermService - ok

11:17:46.0781 5180 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

11:17:46.0781 5180 Themes - ok

11:17:46.0828 5180 [ D8101E21C746F8234B3DB6AACC3A55BB ] tib C:\WINDOWS\system32\DRIVERS\tib.sys

11:17:46.0843 5180 tib - ok

11:17:46.0843 5180 [ F6A890A7FE12CCF0D34D3C15AB1D2B46 ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys

11:17:46.0843 5180 tib_mounter - ok

11:17:46.0843 5180 TosIde - ok

11:17:46.0859 5180 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

11:17:46.0875 5180 TrkWks - ok

11:17:46.0875 5180 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

11:17:46.0875 5180 Udfs - ok

11:17:46.0890 5180 ultra - ok

11:17:46.0890 5180 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

11:17:46.0890 5180 Update - ok

11:17:46.0921 5180 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

11:17:46.0921 5180 upnphost - ok

11:17:46.0921 5180 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

11:17:46.0921 5180 UPS - ok

11:17:46.0984 5180 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys

11:17:46.0984 5180 USBAAPL - ok

11:17:47.0000 5180 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

11:17:47.0000 5180 usbccgp - ok

11:17:47.0015 5180 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

11:17:47.0015 5180 usbehci - ok

11:17:47.0046 5180 [ E5B14557793164DB879EE56F5B59C3E2 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys

11:17:47.0046 5180 usbfilter - ok

11:17:47.0062 5180 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

11:17:47.0062 5180 usbhub - ok

11:17:47.0062 5180 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

11:17:47.0062 5180 usbohci - ok

11:17:47.0109 5180 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

11:17:47.0109 5180 usbprint - ok

11:17:47.0125 5180 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

11:17:47.0125 5180 USBSTOR - ok

11:17:47.0140 5180 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

11:17:47.0140 5180 VgaSave - ok

11:17:47.0140 5180 ViaIde - ok

11:17:47.0140 5180 [ 32CE9263994A4C714FBA8AA5408741CD ] vididr C:\WINDOWS\system32\DRIVERS\vididr.sys

11:17:47.0140 5180 vididr - ok

11:17:47.0156 5180 [ 1DD53BB11BDAB317E065FFE429831751 ] vidsflt C:\WINDOWS\system32\DRIVERS\vidsflt.sys

11:17:47.0156 5180 vidsflt - ok

11:17:47.0156 5180 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

11:17:47.0171 5180 VolSnap - ok

11:17:47.0171 5180 [ 5C826F02FF76F07B332C764BB9644F27 ] Vsdatant C:\WINDOWS\system32\vsdatant.sys

11:17:47.0187 5180 Vsdatant - ok

11:17:47.0218 5180 vsmon - ok

11:17:47.0234 5180 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

11:17:47.0234 5180 VSS - ok

11:17:47.0265 5180 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

11:17:47.0281 5180 W32Time - ok

11:17:47.0281 5180 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

11:17:47.0281 5180 Wanarp - ok

11:17:47.0281 5180 WDICA - ok

11:17:47.0296 5180 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

11:17:47.0296 5180 wdmaud - ok

11:17:47.0312 5180 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

11:17:47.0312 5180 WebClient - ok

11:17:47.0375 5180 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

11:17:47.0375 5180 winmgmt - ok

11:17:47.0421 5180 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll

11:17:47.0437 5180 WinRM - ok

11:17:47.0468 5180 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

11:17:47.0468 5180 WmdmPmSN - ok

11:17:47.0484 5180 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

11:17:47.0484 5180 WmiAcpi - ok

11:17:47.0500 5180 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

11:17:47.0500 5180 WmiApSrv - ok

11:17:47.0562 5180 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

11:17:47.0562 5180 WMPNetworkSvc - ok

11:17:47.0625 5180 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

11:17:47.0625 5180 WPFFontCache_v0400 - ok

11:17:47.0656 5180 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

11:17:47.0656 5180 wscsvc - ok

11:17:47.0656 5180 WSearch - ok

11:17:47.0687 5180 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

11:17:47.0703 5180 wuauserv - ok

11:17:47.0718 5180 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

11:17:47.0718 5180 WudfPf - ok

11:17:47.0718 5180 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

11:17:47.0718 5180 WudfRd - ok

11:17:47.0765 5180 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

11:17:47.0765 5180 WudfSvc - ok

11:17:47.0796 5180 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

11:17:47.0796 5180 WZCSVC - ok

11:17:47.0812 5180 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

11:17:47.0828 5180 xmlprov - ok

11:17:47.0828 5180 ================ Scan global ===============================

11:17:47.0843 5180 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

11:17:47.0859 5180 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

11:17:47.0859 5180 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll

11:17:47.0875 5180 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

11:17:47.0875 5180 [Global] - ok

11:17:47.0875 5180 ================ Scan MBR ==================================

11:17:47.0890 5180 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

11:17:48.0062 5180 \Device\Harddisk0\DR0 - ok

11:17:48.0062 5180 ================ Scan VBR ==================================

11:17:48.0062 5180 [ 018603B3E1F7808A14C5877A214BD90C ] \Device\Harddisk0\DR0\Partition1

11:17:48.0062 5180 \Device\Harddisk0\DR0\Partition1 - ok

11:17:48.0062 5180 ============================================================

11:17:48.0062 5180 Scan finished

11:17:48.0062 5180 ============================================================

11:17:48.0078 5172 Detected object count: 0

11:17:48.0078 5172 Actual detected object count: 0

 

So I dont see any giant warning lables. here is a jpeg of running msconfig, does this look familar ? the entry with no name ?

How do i post a screenshot here ? pic.jpeg is not allowed.

 

 

 



#6 Jerhyn

Jerhyn
  • Topic Starter

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 01 July 2013 - 02:16 PM

I think I got it

 

nope, pic dont load.


Edited by Jerhyn, 01 July 2013 - 07:21 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:00 PM

Posted 01 July 2013 - 09:20 PM

Take a screen shot

Inserting An Image Within A Post


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Jerhyn

Jerhyn
  • Topic Starter

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 02 July 2013 - 02:55 PM

try this

http://s251.photobucket.com/user/jerhyn_bucket/media/adminboot.jpg



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:00 PM

Posted 02 July 2013 - 03:01 PM

http://s251.photobucket.com/user/jerhyn_bucket/media/adminboot.jpg

Fail :(
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Jerhyn

Jerhyn
  • Topic Starter

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 02 July 2013 - 03:05 PM

2nd try

adminboot.jpg

 

that is whats on paste

trying it trimmed down

https://ssl-proxy-updated.herokuapp.com/56ae845e3115bd350fc216f47122cb235e4935a1/687474703a2f2f693235312e70686f746f6275636b65742e636f6d2f616c62756d732f67673330372f6a657268796e5f6275636b65742f61646d696e626f6f742e6a7067/



#11 Jerhyn

Jerhyn
  • Topic Starter

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 02 July 2013 - 03:19 PM

When I look at auto runs here is a section

Startupsvc.jpg

 

Im wondering if gdrv.sys should be installed.

 

And 0314974.sys, changer.sys, i2omgmy.sys, lbrtfdc.sys, and mfe_rr.sys are unnessessary ?



#12 Jerhyn

Jerhyn
  • Topic Starter

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 02 July 2013 - 03:22 PM

http://i251.photobucket.com/albums/gg307/jerhyn_bucket/Startupsvc.jpg



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:00 PM

Posted 02 July 2013 - 08:10 PM

You do not want to kill .sys (system) files.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Jerhyn

Jerhyn
  • Topic Starter

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 02 July 2013 - 10:27 PM

I didnt kill them, If im understanding the report, they are currently missing. I wanted to know if I should look to install them, or uncheck them, or leave as is ?

Also what AV program is best at catching bugs, and which scans like mbam should be run maybe weekly ?

And thank you very much for taking the time to help me understand better about the man behind the curtan.



#15 Jerhyn

Jerhyn
  • Topic Starter

  • Members
  • 561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Las Vegas Nv
  • Local time:05:00 PM

Posted 03 July 2013 - 11:26 AM

After searching a few autorun forums those drivers show up as missing for most people, and the driver files dont show up elsewhere on my hard drive. The advise seems to be, leave them alone, they are ignored on bootup.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users