Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

combofix log !?


  • Please log in to reply
21 replies to this topic

#1 getwithit

getwithit

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 06 December 2013 - 12:04 AM

hello  this is the first time i used combofix, as HJS  did not seem to work properly can anyone tell me how to read this log, or simply let me know what is wrong?

 

ok guess i should add my original problem that led me to use combo fix, i have been getting BSOD daily and all of them point towards drivers, i checked all of the hardware drivers and all were up to date and pretty old. i checked some of the software updates everything i can think of off the top of my head seemed up to date. 

 

bumo

Attached Files


Edited by getwithit, 06 December 2013 - 01:48 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:21 AM

Posted 10 December 2013 - 09:48 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
==============

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

p.s. next time you get a BSOD please note the error message and post it for my review.

#3 getwithit

getwithit
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 14 December 2013 - 02:10 PM

Thank you for looking at this  after running combofix alone i have had 1  blackscreen  here is the report for rougekiller, gonna do these one at a time if the problem persists

 

RogueKiller V8.7.11 _x64_ [Nov 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jeremy [Admin rights]
Mode : Remove -- Date : 12/14/2013 12:01:52
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified. 
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500DM002-1BD142 ATA Device +++++
--- User ---
[MBR] 25de89aaeb6d61406af09d9b8d4ea750
[BSP] e100d098684a9220c139d8bced5d6473 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_12142013_120152.txt >>
RKreport[0]_S_12142013_120115.txt


#4 getwithit

getwithit
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 14 December 2013 - 09:03 PM

got bsod again will post that in another reply , ok here is the adwcleaner and junkremoval logs

 

# AdwCleaner v3.015 - Report created 14/12/2013 at 18:47:38
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jeremy - JEREMY-PC
# Running from : C:\Users\Jeremy\Documents\Downloads\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2180 octets] - [14/12/2013 18:46:16]
AdwCleaner[S0].txt - [2012 octets] - [14/12/2013 18:47:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2072 octets] ##########
 
unkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jeremy on Sat 12/14/2013 at 18:54:53.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 12/14/2013 at 19:00:42.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 

 



#5 getwithit

getwithit
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 14 December 2013 - 09:29 PM

ok anytime i get a BSOD  it only flashes for about 1 second and i haven't been able to see what the errors have been. Win7 seems to have issue being able to open the .dmp file for veiwing and pasting



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:21 AM

Posted 15 December 2013 - 10:28 AM

Let see what we can find.

Please download the free home edition of WhoCrashed to your Desktop from here whocra10.png and install it by double-clicking "whocrashedSetup.exe".
At the end, it will open automatically. Click the "Analyze" button.

Please scroll down the Information window to copy and paste the results in your next reply.

whocra11.png



#7 getwithit

getwithit
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 16 December 2013 - 12:28 AM

 computer name: JEREMY-PC

windows version: Windows 7 Service Pack 1, 6.1, build: 7601
windows dir: C:\Windows
Hardware: ASUSTeK Computer INC., M4A88T-M
CPU: AuthenticAMD AMD Athlon™ II X4 635 Processor AMD586, level: 16
4 logical processors, active mask: 15
RAM: 4292923392 total
VM: 2147352576, free: 1932382208





Crash Dump Analysis

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Mon 12/16/2013 5:24:31 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\121513-16411-01.dmp
This was probably caused by the following module: dxgmms1.sys (dxgmms1+0x31E89)
Bugcheck code: 0x1000007E (0xFFFFFFFFC0000005, 0xFFFFF8800579FE89, 0xFFFFF880061E4868, 0xFFFFF880061E40C0)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED_M
file path: C:\Windows\system32\drivers\dxgmms1.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: DirectX Graphics MMS
Bug check description: This indicates that a system thread generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.



On Mon 12/16/2013 5:24:31 AM GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: dxgmms1.sys (dxgmms1!VidMmInterface+0x205C9)
Bugcheck code: 0x7E (0xFFFFFFFFC0000005, 0xFFFFF8800579FE89, 0xFFFFF880061E4868, 0xFFFFF880061E40C0)
Error: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
file path: C:\Windows\system32\drivers\dxgmms1.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: DirectX Graphics MMS
Bug check description: This bug check indicates that a system thread generated an exception that the error handler did not catch.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.



On Mon 12/16/2013 4:46:32 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\121513-18002-01.dmp
This was probably caused by the following module: Unknown (0xFFFFF880044297F2)
Bugcheck code: 0xD1 (0xFFFFF80000A85A8A, 0x2, 0x8, 0xFFFFF80000A85A8A)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error.
Google query: DRIVER_IRQL_NOT_LESS_OR_EQUAL



On Sat 12/14/2013 10:53:43 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\121413-38079-01.dmp
This was probably caused by the following module: acpi.sys (ACPI+0x1104E)
Bugcheck code: 0x1E (0xFFFFFFFFC0000005, 0xFFFFF80002A95E1C, 0x1, 0x8024AC)
Error: KMODE_EXCEPTION_NOT_HANDLED
file path: C:\Windows\system32\drivers\acpi.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: ACPI Driver for NT
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.



On Sat 12/14/2013 10:22:52 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\121413-21777-01.dmp
This was probably caused by the following module: portcls.sys (portcls+0xEE23)
Bugcheck code: 0x50 (0xFFFFF8000AB012DE, 0x8, 0xFFFFF8000AB012DE, 0x2)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\Windows\system32\drivers\portcls.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: Port Class (Class Driver for Port/Miniport Devices)
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in a standard Microsoft module. Your system configuration may be incorrect. Possibly this problem is caused by another driver on your system that cannot be identified at this time.



On Fri 12/13/2013 12:05:46 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\121213-25053-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x4ADB3C)
Bugcheck code: 0x124 (0x0, 0xFFFFFA8004FB5038, 0x0, 0x0)
Error: WHEA_UNCORRECTABLE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that a fatal hardware error has occurred. This bug check uses the error data that is provided by the Windows Hardware Error Architecture (WHEA).
This is likely to be caused by a hardware problem problem. This problem might be caused by a thermal issue.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Fri 12/6/2013 2:40:38 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\120513-24694-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x75BC0)
Bugcheck code: 0x50 (0xFFFFF6FC9004B6A8, 0x0, 0xFFFFF80002ABC55B, 0x5)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Fri 12/6/2013 1:54:59 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\120513-32869-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x4ADB3C)
Bugcheck code: 0x124 (0x0, 0xFFFFFA8004F585F8, 0x0, 0x0)
Error: WHEA_UNCORRECTABLE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that a fatal hardware error has occurred. This bug check uses the error data that is provided by the Windows Hardware Error Architecture (WHEA).
This is likely to be caused by a hardware problem problem. This problem might be caused by a thermal issue.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Wed 12/4/2013 2:18:56 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\120313-25630-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x75BC0)
Bugcheck code: 0xC4 (0x91, 0x2, 0xFFFFFA800739A640, 0x0)
Error: DRIVER_VERIFIER_DETECTED_VIOLATION
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This is the general bug check code for fatal errors found by Driver Verifier.
The driver switched stacks using a method that is not supported by the operating system. The only supported way to extend a kernel mode stack is by using KeExpandKernelStackAndCallout. This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Tue 12/3/2013 3:03:49 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\120213-24242-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x75BC0)
Bugcheck code: 0xC2 (0x99, 0xFFFFFA8003FF5760, 0x0, 0x0)
Error: BAD_POOL_CALLER
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that the current thread is making a bad pool request.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.

had to hurry befor another crash



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:21 AM

Posted 16 December 2013 - 10:14 AM


We have to find that Unknown driver causing this BSOD.

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.
    tdss1.png
  • Click Change parameters
    settings20121003115955.png
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
    tdss3.png
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    tdss4.jpg
  • When it finishes, you will either see a report that no threats were found like below:
    tdss5.jpg
    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    tdss7.jpg
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
    • Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    tdss6.jpg
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Paste the log to your next reply, DO NOT ATTACH IT.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it.
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please paste the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

#9 getwithit

getwithit
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 16 December 2013 - 06:54 PM

ok it came up with no malicious codes and a few for the printer,  i also repaired/installed  drivers for my graphics and sound.   

16:45:19.0491 4612  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:45:21.0493 4612  ============================================================
16:45:21.0494 4612  Current date / time: 2013/12/16 16:45:21.0493
16:45:21.0494 4612  SystemInfo:
16:45:21.0494 4612  
16:45:21.0494 4612  OS Version: 6.1.7601 ServicePack: 1.0
16:45:21.0494 4612  Product type: Workstation
16:45:21.0494 4612  ComputerName: JEREMY-PC
16:45:21.0495 4612  UserName: Jeremy
16:45:21.0495 4612  Windows directory: C:\Windows
16:45:21.0495 4612  System windows directory: C:\Windows
16:45:21.0495 4612  Running under WOW64
16:45:21.0495 4612  Processor architecture: Intel x64
16:45:21.0495 4612  Number of processors: 4
16:45:21.0495 4612  Page size: 0x1000
16:45:21.0495 4612  Boot type: Normal boot
16:45:21.0495 4612  ============================================================
16:45:24.0203 4612  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:45:24.0207 4612  ============================================================
16:45:24.0207 4612  \Device\Harddisk0\DR0:
16:45:24.0207 4612  MBR partitions:
16:45:24.0207 4612  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:45:24.0207 4612  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:45:24.0207 4612  ============================================================
16:45:24.0985 4612  C: <-> \Device\Harddisk0\DR0\Partition2
16:45:24.0986 4612  ============================================================
16:45:24.0986 4612  Initialize success
16:45:24.0986 4612  ============================================================
16:46:25.0810 4888  ============================================================
16:46:25.0810 4888  Scan started
16:46:25.0810 4888  Mode: Manual; 
16:46:25.0810 4888  ============================================================
16:46:26.0753 4888  ================ Scan system memory ========================
16:46:26.0753 4888  System memory - ok
16:46:26.0754 4888  ================ Scan services =============================
16:46:26.0897 4888  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:46:26.0922 4888  1394ohci - ok
16:46:26.0951 4888  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:46:26.0958 4888  ACPI - ok
16:46:26.0978 4888  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:46:27.0033 4888  AcpiPmi - ok
16:46:27.0119 4888  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:46:27.0157 4888  AdobeARMservice - ok
16:46:27.0181 4888  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:46:27.0196 4888  adp94xx - ok
16:46:27.0214 4888  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:46:27.0242 4888  adpahci - ok
16:46:27.0267 4888  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:46:27.0279 4888  adpu320 - ok
16:46:27.0296 4888  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:46:27.0297 4888  AeLookupSvc - ok
16:46:27.0345 4888  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
16:46:27.0355 4888  AFD - ok
16:46:27.0383 4888  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:46:27.0406 4888  agp440 - ok
16:46:27.0433 4888  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:46:27.0452 4888  ALG - ok
16:46:27.0482 4888  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:46:27.0493 4888  aliide - ok
16:46:27.0519 4888  [ 514089CB4A7DF38DC4DD936ADE4114D3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:46:27.0521 4888  AMD External Events Utility - ok
16:46:27.0578 4888  AMD FUEL Service - ok
16:46:27.0609 4888  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:46:27.0629 4888  amdide - ok
16:46:27.0660 4888  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
16:46:27.0680 4888  amdiox64 - ok
16:46:27.0737 4888  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:46:27.0758 4888  AmdK8 - ok
16:46:27.0938 4888  [ 9A4B92150A5E259A7159D914CC3A60D7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:46:28.0174 4888  amdkmdag - ok
16:46:28.0191 4888  [ 9DEB889D152F9C9DBA98BE8986084535 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:46:28.0199 4888  amdkmdap - ok
16:46:28.0221 4888  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:46:28.0222 4888  AmdPPM - ok
16:46:28.0251 4888  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:46:28.0313 4888  amdsata - ok
16:46:28.0335 4888  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:46:28.0347 4888  amdsbs - ok
16:46:28.0360 4888  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:46:28.0371 4888  amdxata - ok
16:46:28.0397 4888  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:46:28.0411 4888  AppID - ok
16:46:28.0427 4888  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:46:28.0437 4888  AppIDSvc - ok
16:46:28.0462 4888  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
16:46:28.0464 4888  Appinfo - ok
16:46:28.0530 4888  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
16:46:28.0555 4888  arc - ok
16:46:28.0577 4888  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:46:28.0590 4888  arcsas - ok
16:46:28.0668 4888  [ 68726474C69B738EAC3A62E06B33ADDC ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
16:46:28.0688 4888  AsIO - ok
16:46:28.0720 4888  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:46:28.0723 4888  AsyncMac - ok
16:46:28.0754 4888  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:46:28.0755 4888  atapi - ok
16:46:28.0798 4888  [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:46:28.0823 4888  AtiHDAudioService - ok
16:46:28.0861 4888  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
16:46:28.0880 4888  AtiPcie - ok
16:46:28.0920 4888  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:46:28.0929 4888  AudioEndpointBuilder - ok
16:46:28.0941 4888  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:46:28.0946 4888  AudioSrv - ok
16:46:28.0979 4888  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:46:28.0991 4888  AxInstSV - ok
16:46:29.0021 4888  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:46:29.0037 4888  b06bdrv - ok
16:46:29.0056 4888  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:46:29.0067 4888  b57nd60a - ok
16:46:29.0096 4888  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:46:29.0103 4888  BDESVC - ok
16:46:29.0113 4888  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:46:29.0120 4888  Beep - ok
16:46:29.0160 4888  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:46:29.0167 4888  BFE - ok
16:46:29.0376 4888  [ 613883A3BAC6920149C83ED751589433 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20131203.001\BHDrvx64.sys
16:46:29.0411 4888  BHDrvx64 - ok
16:46:29.0449 4888  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
16:46:29.0455 4888  BITS - ok
16:46:29.0473 4888  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:46:29.0482 4888  blbdrive - ok
16:46:29.0513 4888  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:46:29.0553 4888  bowser - ok
16:46:29.0571 4888  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:46:29.0582 4888  BrFiltLo - ok
16:46:29.0590 4888  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:46:29.0600 4888  BrFiltUp - ok
16:46:29.0656 4888  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:46:29.0675 4888  BridgeMP - ok
16:46:29.0714 4888  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:46:29.0717 4888  Browser - ok
16:46:29.0731 4888  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:46:29.0746 4888  Brserid - ok
16:46:29.0759 4888  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:46:29.0768 4888  BrSerWdm - ok
16:46:29.0772 4888  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:46:29.0779 4888  BrUsbMdm - ok
16:46:29.0790 4888  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:46:29.0796 4888  BrUsbSer - ok
16:46:29.0806 4888  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:46:29.0814 4888  BTHMODEM - ok
16:46:29.0841 4888  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:46:29.0849 4888  bthserv - ok
16:46:29.0880 4888  catchme - ok
16:46:29.0935 4888  [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
16:46:29.0958 4888  ccSet_NIS - ok
16:46:29.0982 4888  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:46:30.0003 4888  cdfs - ok
16:46:30.0030 4888  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:46:30.0031 4888  cdrom - ok
16:46:30.0053 4888  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:46:30.0055 4888  CertPropSvc - ok
16:46:30.0068 4888  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
16:46:30.0080 4888  circlass - ok
16:46:30.0099 4888  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:46:30.0104 4888  CLFS - ok
16:46:30.0160 4888  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:46:30.0218 4888  clr_optimization_v2.0.50727_32 - ok
16:46:30.0255 4888  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:46:30.0264 4888  clr_optimization_v2.0.50727_64 - ok
16:46:30.0333 4888  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:46:30.0336 4888  clr_optimization_v4.0.30319_32 - ok
16:46:30.0361 4888  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:46:30.0364 4888  clr_optimization_v4.0.30319_64 - ok
16:46:30.0399 4888  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:46:30.0418 4888  CmBatt - ok
16:46:30.0451 4888  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:46:30.0472 4888  cmdide - ok
16:46:30.0504 4888  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:46:30.0521 4888  CNG - ok
16:46:30.0535 4888  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:46:30.0547 4888  Compbatt - ok
16:46:30.0561 4888  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:46:30.0571 4888  CompositeBus - ok
16:46:30.0582 4888  COMSysApp - ok
16:46:30.0595 4888  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:46:30.0606 4888  crcdisk - ok
16:46:30.0637 4888  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:46:30.0640 4888  CryptSvc - ok
16:46:30.0668 4888  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:46:30.0675 4888  DcomLaunch - ok
16:46:30.0705 4888  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:46:30.0721 4888  defragsvc - ok
16:46:30.0729 4888  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:46:30.0741 4888  DfsC - ok
16:46:30.0758 4888  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:46:30.0763 4888  Dhcp - ok
16:46:30.0774 4888  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:46:30.0775 4888  discache - ok
16:46:30.0801 4888  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
16:46:30.0813 4888  Disk - ok
16:46:30.0844 4888  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:46:30.0847 4888  Dnscache - ok
16:46:30.0861 4888  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:46:30.0874 4888  dot3svc - ok
16:46:30.0888 4888  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:46:30.0891 4888  DPS - ok
16:46:30.0928 4888  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:46:30.0930 4888  drmkaud - ok
16:46:30.0977 4888  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:46:31.0008 4888  DXGKrnl - ok
16:46:31.0018 4888  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:46:31.0021 4888  EapHost - ok
16:46:31.0091 4888  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:46:31.0157 4888  ebdrv - ok
16:46:31.0230 4888  [ 1B7AA375F711F66D5FF2B855F9EC987F ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:46:31.0258 4888  eeCtrl - ok
16:46:31.0280 4888  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
16:46:31.0281 4888  EFS - ok
16:46:31.0349 4888  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:46:31.0401 4888  ehRecvr - ok
16:46:31.0435 4888  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:46:31.0445 4888  ehSched - ok
16:46:31.0475 4888  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:46:31.0493 4888  elxstor - ok
16:46:31.0519 4888  [ 7230C8B80DDE1F0524C353240B78CC0E ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:46:31.0527 4888  EraserUtilRebootDrv - ok
16:46:31.0540 4888  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:46:31.0547 4888  ErrDev - ok
16:46:31.0581 4888  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:46:31.0586 4888  EventSystem - ok
16:46:31.0596 4888  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:46:31.0604 4888  exfat - ok
16:46:31.0613 4888  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:46:31.0621 4888  fastfat - ok
16:46:31.0649 4888  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:46:31.0656 4888  Fax - ok
16:46:31.0666 4888  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
16:46:31.0674 4888  fdc - ok
16:46:31.0696 4888  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:46:31.0697 4888  fdPHost - ok
16:46:31.0707 4888  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:46:31.0708 4888  FDResPub - ok
16:46:31.0720 4888  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:46:31.0728 4888  FileInfo - ok
16:46:31.0739 4888  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:46:31.0747 4888  Filetrace - ok
16:46:31.0755 4888  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:46:31.0762 4888  flpydisk - ok
16:46:31.0781 4888  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:46:31.0806 4888  FltMgr - ok
16:46:31.0856 4888  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
16:46:31.0875 4888  FontCache - ok
16:46:31.0909 4888  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:46:31.0909 4888  FontCache3.0.0.0 - ok
16:46:31.0918 4888  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:46:31.0934 4888  FsDepends - ok
16:46:31.0961 4888  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:46:31.0981 4888  Fs_Rec - ok
16:46:32.0029 4888  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:46:32.0032 4888  fvevol - ok
16:46:32.0064 4888  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:46:32.0076 4888  gagp30kx - ok
16:46:32.0107 4888  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:46:32.0117 4888  gpsvc - ok
16:46:32.0184 4888  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:46:32.0188 4888  gupdate - ok
16:46:32.0196 4888  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:46:32.0199 4888  gupdatem - ok
16:46:32.0214 4888  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:46:32.0228 4888  hcw85cir - ok
16:46:32.0254 4888  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:46:32.0259 4888  HdAudAddService - ok
16:46:32.0273 4888  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:46:32.0275 4888  HDAudBus - ok
16:46:32.0288 4888  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:46:32.0299 4888  HidBatt - ok
16:46:32.0310 4888  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:46:32.0322 4888  HidBth - ok
16:46:32.0337 4888  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:46:32.0348 4888  HidIr - ok
16:46:32.0359 4888  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
16:46:32.0361 4888  hidserv - ok
16:46:32.0410 4888  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:46:32.0429 4888  HidUsb - ok
16:46:32.0455 4888  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:46:32.0458 4888  hkmsvc - ok
16:46:32.0472 4888  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:46:32.0485 4888  HomeGroupListener - ok
16:46:32.0515 4888  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:46:32.0518 4888  HomeGroupProvider - ok
16:46:32.0645 4888  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:46:32.0651 4888  hpqcxs08 - ok
16:46:32.0665 4888  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:46:32.0668 4888  hpqddsvc - ok
16:46:32.0698 4888  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:46:32.0753 4888  HpSAMD - ok
16:46:32.0833 4888  [ 4F6C514B6149E380B8C1EDEAC3D7AEC5 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:46:32.0848 4888  HPSLPSVC - ok
16:46:32.0872 4888  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:46:32.0880 4888  HTTP - ok
16:46:32.0889 4888  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:46:32.0889 4888  hwpolicy - ok
16:46:32.0930 4888  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:46:32.0940 4888  i8042prt - ok
16:46:32.0986 4888  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:46:33.0033 4888  iaStorV - ok
16:46:33.0072 4888  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:46:33.0100 4888  IDriverT - ok
16:46:33.0141 4888  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:46:33.0162 4888  idsvc - ok
16:46:33.0227 4888  [ D7CB14B41DA52DF2EC143768E02F0E97 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20131213.001\IDSvia64.sys
16:46:33.0249 4888  IDSVia64 - ok
16:46:33.0263 4888  IEEtwCollectorService - ok
16:46:33.0292 4888  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:46:33.0304 4888  iirsp - ok
16:46:33.0344 4888  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:46:33.0355 4888  IKEEXT - ok
16:46:33.0385 4888  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:46:33.0396 4888  intelide - ok
16:46:33.0416 4888  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:46:33.0427 4888  intelppm - ok
16:46:33.0454 4888  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:46:33.0467 4888  IPBusEnum - ok
16:46:33.0486 4888  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:46:33.0499 4888  IpFilterDriver - ok
16:46:33.0530 4888  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:46:33.0538 4888  iphlpsvc - ok
16:46:33.0544 4888  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:46:33.0590 4888  IPMIDRV - ok
16:46:33.0613 4888  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:46:33.0625 4888  IPNAT - ok
16:46:33.0648 4888  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:46:33.0659 4888  IRENUM - ok
16:46:33.0666 4888  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:46:33.0677 4888  isapnp - ok
16:46:33.0690 4888  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:46:33.0720 4888  iScsiPrt - ok
16:46:33.0741 4888  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:46:33.0752 4888  kbdclass - ok
16:46:33.0769 4888  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:46:33.0809 4888  kbdhid - ok
16:46:33.0827 4888  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
16:46:33.0828 4888  KeyIso - ok
16:46:33.0858 4888  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:46:33.0870 4888  KSecDD - ok
16:46:33.0900 4888  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:46:33.0924 4888  KSecPkg - ok
16:46:33.0938 4888  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:46:33.0949 4888  ksthunk - ok
16:46:33.0976 4888  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:46:33.0993 4888  KtmRm - ok
16:46:34.0029 4888  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:46:34.0037 4888  LanmanServer - ok
16:46:34.0068 4888  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:46:34.0075 4888  LanmanWorkstation - ok
16:46:34.0107 4888  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:46:34.0128 4888  lltdio - ok
16:46:34.0146 4888  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:46:34.0160 4888  lltdsvc - ok
16:46:34.0176 4888  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:46:34.0179 4888  lmhosts - ok
16:46:34.0195 4888  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:46:34.0209 4888  LSI_FC - ok
16:46:34.0230 4888  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:46:34.0243 4888  LSI_SAS - ok
16:46:34.0271 4888  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:46:34.0283 4888  LSI_SAS2 - ok
16:46:34.0319 4888  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:46:34.0343 4888  LSI_SCSI - ok
16:46:34.0365 4888  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:46:34.0378 4888  luafv - ok
16:46:34.0399 4888  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:46:34.0411 4888  Mcx2Svc - ok
16:46:34.0437 4888  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:46:34.0448 4888  megasas - ok
16:46:34.0470 4888  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:46:34.0500 4888  MegaSR - ok
16:46:34.0511 4888  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:46:34.0514 4888  MMCSS - ok
16:46:34.0528 4888  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:46:34.0540 4888  Modem - ok
16:46:34.0571 4888  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:46:34.0572 4888  monitor - ok
16:46:34.0592 4888  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:46:34.0603 4888  mouclass - ok
16:46:34.0619 4888  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:46:34.0638 4888  mouhid - ok
16:46:34.0651 4888  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:46:34.0654 4888  mountmgr - ok
16:46:34.0666 4888  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:46:34.0680 4888  mpio - ok
16:46:34.0688 4888  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:46:34.0696 4888  mpsdrv - ok
16:46:34.0718 4888  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:46:34.0727 4888  MpsSvc - ok
16:46:34.0752 4888  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:46:34.0760 4888  MRxDAV - ok
16:46:34.0795 4888  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:46:34.0844 4888  mrxsmb - ok
16:46:34.0868 4888  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:46:34.0921 4888  mrxsmb10 - ok
16:46:34.0942 4888  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:46:34.0980 4888  mrxsmb20 - ok
16:46:35.0001 4888  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:46:35.0013 4888  msahci - ok
16:46:35.0038 4888  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:46:35.0051 4888  msdsm - ok
16:46:35.0070 4888  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:46:35.0082 4888  MSDTC - ok
16:46:35.0112 4888  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:46:35.0123 4888  Msfs - ok
16:46:35.0132 4888  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:46:35.0143 4888  mshidkmdf - ok
16:46:35.0150 4888  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:46:35.0161 4888  msisadrv - ok
16:46:35.0196 4888  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:46:35.0218 4888  MSiSCSI - ok
16:46:35.0225 4888  msiserver - ok
16:46:35.0252 4888  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:46:35.0254 4888  MSKSSRV - ok
16:46:35.0275 4888  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:46:35.0277 4888  MSPCLOCK - ok
16:46:35.0285 4888  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:46:35.0286 4888  MSPQM - ok
16:46:35.0300 4888  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:46:35.0315 4888  MsRPC - ok
16:46:35.0330 4888  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:46:35.0331 4888  mssmbios - ok
16:46:35.0347 4888  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:46:35.0349 4888  MSTEE - ok
16:46:35.0353 4888  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:46:35.0360 4888  MTConfig - ok
16:46:35.0394 4888  [ 2219A3D695405E7BA2186BA6B9EDE14A ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
16:46:35.0401 4888  MTsensor - ok
16:46:35.0412 4888  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:46:35.0423 4888  Mup - ok
16:46:35.0449 4888  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:46:35.0454 4888  napagent - ok
16:46:35.0472 4888  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:46:35.0482 4888  NativeWifiP - ok
16:46:35.0547 4888  [ 702E07EC32F96ACDB873E9A5465D4401 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131215.005\ENG64.SYS
16:46:35.0572 4888  NAVENG - ok
16:46:35.0643 4888  [ 302EA314A1AF0D7CEF0A3D0195F79561 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131215.005\EX64.SYS
16:46:35.0672 4888  NAVEX15 - ok
16:46:35.0727 4888  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:46:35.0745 4888  NDIS - ok
16:46:35.0766 4888  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:46:35.0787 4888  NdisCap - ok
16:46:35.0810 4888  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:46:35.0828 4888  NdisTapi - ok
16:46:35.0849 4888  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:46:35.0886 4888  Ndisuio - ok
16:46:35.0901 4888  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:46:35.0924 4888  NdisWan - ok
16:46:35.0938 4888  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:46:35.0947 4888  NDProxy - ok
16:46:36.0025 4888  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:46:36.0029 4888  Net Driver HPZ12 - ok
16:46:36.0042 4888  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:46:36.0063 4888  NetBIOS - ok
16:46:36.0079 4888  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:46:36.0083 4888  NetBT - ok
16:46:36.0092 4888  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
16:46:36.0094 4888  Netlogon - ok
16:46:36.0125 4888  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:46:36.0131 4888  Netman - ok
16:46:36.0146 4888  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:46:36.0152 4888  netprofm - ok
16:46:36.0174 4888  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:46:36.0184 4888  NetTcpPortSharing - ok
16:46:36.0205 4888  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:46:36.0213 4888  nfrd960 - ok
16:46:36.0278 4888  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
16:46:36.0281 4888  NIS - ok
16:46:36.0320 4888  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:46:36.0329 4888  NlaSvc - ok
16:46:36.0344 4888  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:46:36.0364 4888  Npfs - ok
16:46:36.0386 4888  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:46:36.0388 4888  nsi - ok
16:46:36.0400 4888  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:46:36.0401 4888  nsiproxy - ok
16:46:36.0448 4888  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:46:36.0483 4888  Ntfs - ok
16:46:36.0494 4888  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:46:36.0504 4888  Null - ok
16:46:36.0522 4888  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:46:36.0536 4888  nvraid - ok
16:46:36.0563 4888  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:46:36.0576 4888  nvstor - ok
16:46:36.0588 4888  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:46:36.0602 4888  nv_agp - ok
16:46:36.0615 4888  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:46:36.0623 4888  ohci1394 - ok
16:46:36.0651 4888  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:46:36.0654 4888  p2pimsvc - ok
16:46:36.0682 4888  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:46:36.0693 4888  p2psvc - ok
16:46:36.0709 4888  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:46:36.0718 4888  Parport - ok
16:46:36.0744 4888  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:46:36.0752 4888  partmgr - ok
16:46:36.0767 4888  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:46:36.0770 4888  PcaSvc - ok
16:46:36.0780 4888  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:46:36.0781 4888  pci - ok
16:46:36.0805 4888  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:46:36.0812 4888  pciide - ok
16:46:36.0824 4888  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:46:36.0834 4888  pcmcia - ok
16:46:36.0847 4888  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:46:36.0854 4888  pcw - ok
16:46:36.0869 4888  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:46:36.0882 4888  PEAUTH - ok
16:46:36.0931 4888  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:46:36.0933 4888  PerfHost - ok
16:46:36.0978 4888  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:46:37.0016 4888  pla - ok
16:46:37.0051 4888  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:46:37.0060 4888  PlugPlay - ok
16:46:37.0113 4888  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:46:37.0117 4888  Pml Driver HPZ12 - ok
16:46:37.0128 4888  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:46:37.0146 4888  PNRPAutoReg - ok
16:46:37.0159 4888  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:46:37.0163 4888  PNRPsvc - ok
16:46:37.0186 4888  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:46:37.0193 4888  PolicyAgent - ok
16:46:37.0220 4888  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:46:37.0223 4888  Power - ok
16:46:37.0248 4888  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:46:37.0263 4888  PptpMiniport - ok
16:46:37.0286 4888  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
16:46:37.0297 4888  Processor - ok
16:46:37.0327 4888  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:46:37.0331 4888  ProfSvc - ok
16:46:37.0341 4888  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
16:46:37.0342 4888  ProtectedStorage - ok
16:46:37.0367 4888  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:46:37.0369 4888  Psched - ok
16:46:37.0408 4888  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:46:37.0454 4888  ql2300 - ok
16:46:37.0481 4888  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:46:37.0495 4888  ql40xx - ok
16:46:37.0516 4888  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:46:37.0529 4888  QWAVE - ok
16:46:37.0539 4888  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:46:37.0550 4888  QWAVEdrv - ok
16:46:37.0561 4888  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:46:37.0572 4888  RasAcd - ok
16:46:37.0603 4888  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:37.0615 4888  RasAgileVpn - ok
16:46:37.0636 4888  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:46:37.0648 4888  RasAuto - ok
16:46:37.0664 4888  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:37.0678 4888  Rasl2tp - ok
16:46:37.0698 4888  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:46:37.0715 4888  RasMan - ok
16:46:37.0732 4888  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:37.0745 4888  RasPppoe - ok
16:46:37.0765 4888  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:46:37.0777 4888  RasSstp - ok
16:46:37.0798 4888  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:46:37.0874 4888  rdbss - ok
16:46:37.0904 4888  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:46:37.0915 4888  rdpbus - ok
16:46:37.0933 4888  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:37.0934 4888  RDPCDD - ok
16:46:37.0957 4888  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:46:37.0958 4888  RDPENCDD - ok
16:46:37.0972 4888  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:46:37.0973 4888  RDPREFMP - ok
16:46:38.0016 4888  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:46:38.0026 4888  RdpVideoMiniport - ok
16:46:38.0049 4888  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:46:38.0065 4888  RDPWD - ok
16:46:38.0083 4888  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:46:38.0085 4888  rdyboost - ok
16:46:38.0107 4888  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:46:38.0115 4888  RemoteAccess - ok
16:46:38.0142 4888  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:46:38.0152 4888  RemoteRegistry - ok
16:46:38.0164 4888  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:46:38.0167 4888  RpcEptMapper - ok
16:46:38.0177 4888  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:46:38.0184 4888  RpcLocator - ok
16:46:38.0201 4888  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:46:38.0205 4888  RpcSs - ok
16:46:38.0225 4888  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:46:38.0234 4888  rspndr - ok
16:46:38.0271 4888  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:46:38.0281 4888  RTL8167 - ok
16:46:38.0290 4888  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
16:46:38.0291 4888  SamSs - ok
16:46:38.0303 4888  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:46:38.0312 4888  sbp2port - ok
16:46:38.0325 4888  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:46:38.0334 4888  SCardSvr - ok
16:46:38.0344 4888  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:46:38.0368 4888  scfilter - ok
16:46:38.0394 4888  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:46:38.0412 4888  Schedule - ok
16:46:38.0423 4888  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:46:38.0423 4888  SCPolicySvc - ok
16:46:38.0437 4888  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:46:38.0440 4888  SDRSVC - ok
16:46:38.0456 4888  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:46:38.0464 4888  secdrv - ok
16:46:38.0470 4888  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:46:38.0478 4888  seclogon - ok
16:46:38.0491 4888  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
16:46:38.0494 4888  SENS - ok
16:46:38.0524 4888  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:46:38.0546 4888  SensrSvc - ok
16:46:38.0562 4888  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:46:38.0574 4888  Serenum - ok
16:46:38.0585 4888  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:46:38.0597 4888  Serial - ok
16:46:38.0610 4888  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:46:38.0620 4888  sermouse - ok
16:46:38.0640 4888  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:46:38.0643 4888  SessionEnv - ok
16:46:38.0654 4888  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:46:38.0665 4888  sffdisk - ok
16:46:38.0679 4888  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:46:38.0689 4888  sffp_mmc - ok
16:46:38.0697 4888  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:46:38.0731 4888  sffp_sd - ok
16:46:38.0736 4888  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:46:38.0747 4888  sfloppy - ok
16:46:38.0778 4888  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:46:38.0792 4888  SharedAccess - ok
16:46:38.0810 4888  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:46:38.0816 4888  ShellHWDetection - ok
16:46:38.0830 4888  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:46:38.0842 4888  SiSRaid2 - ok
16:46:38.0852 4888  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:46:38.0861 4888  SiSRaid4 - ok
16:46:38.0877 4888  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:46:38.0885 4888  Smb - ok
16:46:38.0911 4888  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:46:38.0918 4888  SNMPTRAP - ok
16:46:38.0927 4888  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:46:38.0933 4888  spldr - ok
16:46:38.0962 4888  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:46:38.0968 4888  Spooler - ok
16:46:39.0042 4888  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:46:39.0089 4888  sppsvc - ok
16:46:39.0101 4888  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:46:39.0110 4888  sppuinotify - ok
16:46:39.0173 4888  [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
16:46:39.0195 4888  SRTSP - ok
16:46:39.0213 4888  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
16:46:39.0224 4888  SRTSPX - ok
16:46:39.0259 4888  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:46:39.0300 4888  srv - ok
16:46:39.0321 4888  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:46:39.0370 4888  srv2 - ok
16:46:39.0400 4888  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:46:39.0413 4888  srvnet - ok
16:46:39.0464 4888  [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
16:46:39.0485 4888  sscdbus - ok
16:46:39.0513 4888  [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
16:46:39.0525 4888  sscdmdfl - ok
16:46:39.0556 4888  [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
16:46:39.0569 4888  sscdmdm - ok
16:46:39.0610 4888  [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
16:46:39.0633 4888  sscdserd - ok
16:46:39.0667 4888  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:46:39.0672 4888  SSDPSRV - ok
16:46:39.0696 4888  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:46:39.0711 4888  SstpSvc - ok
16:46:39.0729 4888  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:46:39.0741 4888  stexstor - ok
16:46:39.0767 4888  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\drivers\serscan.sys
16:46:39.0774 4888  StillCam - ok
16:46:39.0801 4888  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:46:39.0807 4888  stisvc - ok
16:46:39.0820 4888  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:46:39.0826 4888  swenum - ok
16:46:39.0839 4888  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:46:39.0845 4888  swprv - ok
16:46:39.0882 4888  [ 52DC0048D667757A8A2E4C87182890AC ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
16:46:39.0894 4888  SymDS - ok
16:46:39.0919 4888  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
16:46:39.0945 4888  SymEFA - ok
16:46:39.0965 4888  [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:46:39.0973 4888  SymEvent - ok
16:46:40.0005 4888  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
16:46:40.0014 4888  SymIRON - ok
16:46:40.0026 4888  [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
16:46:40.0036 4888  SymNetS - ok
16:46:40.0075 4888  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:46:40.0101 4888  SysMain - ok
16:46:40.0125 4888  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:46:40.0133 4888  TabletInputService - ok
16:46:40.0162 4888  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:46:40.0173 4888  TapiSrv - ok
16:46:40.0194 4888  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:46:40.0195 4888  TBS - ok
16:46:40.0256 4888  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:46:40.0296 4888  Tcpip - ok
16:46:40.0344 4888  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:46:40.0356 4888  TCPIP6 - ok
16:46:40.0386 4888  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:46:40.0412 4888  tcpipreg - ok
16:46:40.0438 4888  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:46:40.0445 4888  TDPIPE - ok
16:46:40.0471 4888  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:46:40.0489 4888  TDTCP - ok
16:46:40.0504 4888  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:46:40.0516 4888  tdx - ok
16:46:40.0525 4888  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:46:40.0535 4888  TermDD - ok
16:46:40.0742 4888  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:46:40.0752 4888  TermService - ok
16:46:40.0774 4888  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:46:40.0777 4888  Themes - ok
16:46:40.0789 4888  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:46:40.0790 4888  THREADORDER - ok
16:46:40.0813 4888  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:46:40.0815 4888  TrkWks - ok
16:46:40.0859 4888  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:46:40.0862 4888  TrustedInstaller - ok
16:46:40.0897 4888  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:40.0918 4888  tssecsrv - ok
16:46:40.0945 4888  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:46:40.0947 4888  TsUsbFlt - ok
16:46:40.0971 4888  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:46:40.0982 4888  TsUsbGD - ok
16:46:41.0010 4888  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:46:41.0023 4888  tunnel - ok
16:46:41.0029 4888  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:46:41.0041 4888  uagp35 - ok
16:46:41.0053 4888  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:46:41.0079 4888  udfs - ok
16:46:41.0103 4888  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:46:41.0112 4888  UI0Detect - ok
16:46:41.0121 4888  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:46:41.0130 4888  uliagpkx - ok
16:46:41.0150 4888  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:46:41.0158 4888  umbus - ok
16:46:41.0181 4888  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:46:41.0187 4888  UmPass - ok
16:46:41.0213 4888  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:46:41.0217 4888  upnphost - ok
16:46:41.0245 4888  [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
16:46:41.0253 4888  usbccgp - ok
16:46:41.0277 4888  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:46:41.0285 4888  usbcir - ok
16:46:41.0294 4888  [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:46:41.0301 4888  usbehci - ok
16:46:41.0324 4888  [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:46:41.0335 4888  usbhub - ok
16:46:41.0349 4888  [ 9406D801042FAF859CF81B2C886413DC ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:46:41.0356 4888  usbohci - ok
16:46:41.0366 4888  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:46:41.0373 4888  usbprint - ok
16:46:41.0401 4888  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:46:41.0422 4888  USBSTOR - ok
16:46:41.0441 4888  [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:46:41.0448 4888  usbuhci - ok
16:46:41.0471 4888  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:46:41.0474 4888  UxSms - ok
16:46:41.0486 4888  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
16:46:41.0487 4888  VaultSvc - ok
16:46:41.0507 4888  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:46:41.0514 4888  vdrvroot - ok
16:46:41.0552 4888  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:46:41.0584 4888  vds - ok
16:46:41.0618 4888  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:41.0640 4888  vga - ok
16:46:41.0658 4888  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:46:41.0669 4888  VgaSave - ok
16:46:41.0692 4888  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:46:41.0706 4888  vhdmp - ok
16:46:41.0809 4888  [ 84FFC3CCA60A1B52A021BC894D529735 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
16:46:41.0830 4888  VIAHdAudAddService - ok
16:46:41.0853 4888  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:46:41.0862 4888  viaide - ok
16:46:41.0887 4888  [ F4310278E6CE1C507B5555B662369E26 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
16:46:41.0888 4888  VIAKaraokeService - ok
16:46:41.0903 4888  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:46:41.0912 4888  volmgr - ok
16:46:41.0927 4888  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:46:41.0931 4888  volmgrx - ok
16:46:41.0942 4888  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:46:41.0945 4888  volsnap - ok
16:46:41.0958 4888  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:46:41.0969 4888  vsmraid - ok
16:46:42.0017 4888  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:46:42.0053 4888  VSS - ok
16:46:42.0061 4888  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:46:42.0072 4888  vwifibus - ok
16:46:42.0102 4888  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:46:42.0108 4888  W32Time - ok
16:46:42.0123 4888  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:46:42.0134 4888  WacomPen - ok
16:46:42.0152 4888  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:46:42.0165 4888  WANARP - ok
16:46:42.0176 4888  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:46:42.0177 4888  Wanarpv6 - ok
16:46:42.0232 4888  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:46:42.0290 4888  WatAdminSvc - ok
16:46:42.0331 4888  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:46:42.0374 4888  wbengine - ok
16:46:42.0398 4888  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:46:42.0407 4888  WbioSrvc - ok
16:46:42.0425 4888  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:46:42.0436 4888  wcncsvc - ok
16:46:42.0452 4888  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:46:42.0460 4888  WcsPlugInService - ok
16:46:42.0477 4888  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
16:46:42.0485 4888  Wd - ok
16:46:42.0514 4888  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:46:42.0528 4888  Wdf01000 - ok
16:46:42.0550 4888  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:46:42.0553 4888  WdiServiceHost - ok
16:46:42.0556 4888  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:46:42.0558 4888  WdiSystemHost - ok
16:46:42.0590 4888  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
16:46:42.0601 4888  WebClient - ok
16:46:42.0626 4888  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:46:42.0635 4888  Wecsvc - ok
16:46:42.0651 4888  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:46:42.0653 4888  wercplsupport - ok
16:46:42.0674 4888  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:46:42.0683 4888  WerSvc - ok
16:46:42.0703 4888  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:42.0711 4888  WfpLwf - ok
16:46:42.0720 4888  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:46:42.0728 4888  WIMMount - ok
16:46:42.0742 4888  WinDefend - ok
16:46:42.0754 4888  WinHttpAutoProxySvc - ok
16:46:42.0796 4888  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:46:42.0799 4888  Winmgmt - ok
16:46:42.0869 4888  WinRing0_1_2_0 - ok
16:46:42.0926 4888  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:46:42.0975 4888  WinRM - ok
16:46:43.0013 4888  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:46:43.0042 4888  WinUsb - ok
16:46:43.0076 4888  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:46:43.0099 4888  Wlansvc - ok
16:46:43.0121 4888  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:46:43.0122 4888  WmiAcpi - ok
16:46:43.0149 4888  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:46:43.0157 4888  wmiApSrv - ok
16:46:43.0177 4888  WMPNetworkSvc - ok
16:46:43.0190 4888  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:46:43.0197 4888  WPCSvc - ok
16:46:43.0210 4888  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:46:43.0213 4888  WPDBusEnum - ok
16:46:43.0223 4888  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:46:43.0225 4888  ws2ifsl - ok
16:46:43.0236 4888  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
16:46:43.0238 4888  wscsvc - ok
16:46:43.0241 4888  WSearch - ok
16:46:43.0314 4888  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:46:43.0354 4888  wuauserv - ok
16:46:43.0385 4888  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:46:43.0398 4888  WudfPf - ok
16:46:43.0424 4888  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:46:43.0437 4888  WUDFRd - ok
16:46:43.0451 4888  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:46:43.0464 4888  wudfsvc - ok
16:46:43.0494 4888  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:46:43.0508 4888  WwanSvc - ok
16:46:43.0519 4888  ================ Scan global ===============================
16:46:43.0539 4888  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:46:43.0569 4888  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
16:46:43.0580 4888  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
16:46:43.0604 4888  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:46:43.0632 4888  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:46:43.0636 4888  [Global] - ok
16:46:43.0637 4888  ================ Scan MBR ==================================
16:46:43.0648 4888  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:46:43.0818 4888  \Device\Harddisk0\DR0 - ok
16:46:43.0819 4888  ================ Scan VBR ==================================
16:46:43.0823 4888  [ 10EABBDE8CF7643AF7DA1A0D7B3DE106 ] \Device\Harddisk0\DR0\Partition1
16:46:43.0825 4888  \Device\Harddisk0\DR0\Partition1 - ok
16:46:43.0851 4888  [ 79C54BEFA0893EE1400D3C0FA21ACBC1 ] \Device\Harddisk0\DR0\Partition2
16:46:43.0853 4888  \Device\Harddisk0\DR0\Partition2 - ok
16:46:43.0853 4888  ============================================================
16:46:43.0853 4888  Scan finished
16:46:43.0853 4888  ============================================================
16:46:43.0865 1740  Detected object count: 0
16:46:43.0865 1740  Actual detected object count: 0
16:47:08.0965 3496  ============================================================
16:47:08.0965 3496  Scan started
16:47:08.0965 3496  Mode: Manual; SigCheck; TDLFS; 
16:47:08.0965 3496  ============================================================
16:47:09.0233 3496  ================ Scan system memory ========================
16:47:09.0233 3496  System memory - ok
16:47:09.0233 3496  ================ Scan services =============================
16:47:09.0335 3496  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:47:09.0411 3496  1394ohci - ok
16:47:09.0429 3496  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:47:09.0443 3496  ACPI - ok
16:47:09.0451 3496  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:47:09.0485 3496  AcpiPmi - ok
16:47:09.0542 3496  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:47:09.0573 3496  AdobeARMservice - ok
16:47:09.0621 3496  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:47:09.0640 3496  adp94xx - ok
16:47:09.0654 3496  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:47:09.0668 3496  adpahci - ok
16:47:09.0682 3496  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:47:09.0693 3496  adpu320 - ok
16:47:09.0710 3496  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:47:09.0781 3496  AeLookupSvc - ok
16:47:09.0805 3496  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
16:47:09.0834 3496  AFD - ok
16:47:09.0855 3496  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:47:09.0865 3496  agp440 - ok
16:47:09.0872 3496  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:47:09.0931 3496  ALG - ok
16:47:09.0955 3496  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:47:09.0970 3496  aliide - ok
16:47:10.0000 3496  [ 514089CB4A7DF38DC4DD936ADE4114D3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:47:10.0048 3496  AMD External Events Utility - ok
16:47:10.0118 3496  AMD FUEL Service - ok
16:47:10.0148 3496  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:47:10.0175 3496  amdide - ok
16:47:10.0200 3496  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
16:47:10.0223 3496  amdiox64 - ok
16:47:10.0251 3496  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:47:10.0288 3496  AmdK8 - ok
16:47:10.0468 3496  [ 9A4B92150A5E259A7159D914CC3A60D7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:47:10.0576 3496  amdkmdag - ok
16:47:10.0606 3496  [ 9DEB889D152F9C9DBA98BE8986084535 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:47:10.0631 3496  amdkmdap - ok
16:47:10.0645 3496  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:47:10.0671 3496  AmdPPM - ok
16:47:10.0700 3496  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:47:10.0711 3496  amdsata - ok
16:47:10.0725 3496  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:47:10.0736 3496  amdsbs - ok
16:47:10.0743 3496  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:47:10.0752 3496  amdxata - ok
16:47:10.0762 3496  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:47:10.0879 3496  AppID - ok
16:47:10.0901 3496  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:47:10.0969 3496  AppIDSvc - ok
16:47:10.0994 3496  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
16:47:11.0032 3496  Appinfo - ok
16:47:11.0053 3496  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
16:47:11.0069 3496  arc - ok
16:47:11.0092 3496  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:47:11.0102 3496  arcsas - ok
16:47:11.0167 3496  [ 68726474C69B738EAC3A62E06B33ADDC ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
16:47:11.0194 3496  AsIO - ok
16:47:11.0211 3496  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:47:11.0264 3496  AsyncMac - ok
16:47:11.0286 3496  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:47:11.0295 3496  atapi - ok
16:47:11.0321 3496  [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:47:11.0331 3496  AtiHDAudioService - ok
16:47:11.0359 3496  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
16:47:11.0367 3496  AtiPcie - ok
16:47:11.0393 3496  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:47:11.0439 3496  AudioEndpointBuilder - ok
16:47:11.0448 3496  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:47:11.0480 3496  AudioSrv - ok
16:47:11.0494 3496  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:47:11.0557 3496  AxInstSV - ok
16:47:11.0586 3496  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:47:11.0628 3496  b06bdrv - ok
16:47:11.0655 3496  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:47:11.0678 3496  b57nd60a - ok
16:47:11.0703 3496  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:47:11.0728 3496  BDESVC - ok
16:47:11.0745 3496  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:47:11.0812 3496  Beep - ok
16:47:11.0834 3496  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:47:11.0876 3496  BFE - ok
16:47:12.0025 3496  [ 613883A3BAC6920149C83ED751589433 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20131203.001\BHDrvx64.sys
16:47:12.0068 3496  BHDrvx64 - ok
16:47:12.0155 3496  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
16:47:12.0229 3496  BITS - ok
16:47:12.0246 3496  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:47:12.0271 3496  blbdrive - ok
16:47:12.0295 3496  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:47:12.0308 3496  bowser - ok
16:47:12.0328 3496  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:47:12.0355 3496  BrFiltLo - ok
16:47:12.0372 3496  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:47:12.0400 3496  BrFiltUp - ok
16:47:12.0412 3496  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:47:12.0448 3496  BridgeMP - ok
16:47:12.0471 3496  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:47:12.0518 3496  Browser - ok
16:47:12.0530 3496  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:47:12.0577 3496  Brserid - ok
16:47:12.0591 3496  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:47:12.0624 3496  BrSerWdm - ok
16:47:12.0645 3496  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:47:12.0687 3496  BrUsbMdm - ok
16:47:12.0695 3496  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:47:12.0718 3496  BrUsbSer - ok
16:47:12.0724 3496  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:47:12.0750 3496  BTHMODEM - ok
16:47:12.0782 3496  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:47:12.0836 3496  bthserv - ok
16:47:12.0847 3496  catchme - ok
16:47:12.0890 3496  [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
16:47:12.0900 3496  ccSet_NIS - ok
16:47:12.0913 3496  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:47:12.0941 3496  cdfs - ok
16:47:12.0961 3496  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:47:12.0972 3496  cdrom - ok
16:47:12.0985 3496  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:47:13.0026 3496  CertPropSvc - ok
16:47:13.0042 3496  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
16:47:13.0054 3496  circlass - ok
16:47:13.0071 3496  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:47:13.0085 3496  CLFS - ok
16:47:13.0142 3496  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:47:13.0169 3496  clr_optimization_v2.0.50727_32 - ok
16:47:13.0205 3496  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:47:13.0233 3496  clr_optimization_v2.0.50727_64 - ok
16:47:13.0272 3496  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:47:13.0284 3496  clr_optimization_v4.0.30319_32 - ok
16:47:13.0300 3496  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:47:13.0312 3496  clr_optimization_v4.0.30319_64 - ok
16:47:13.0339 3496  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:47:13.0377 3496  CmBatt - ok
16:47:13.0408 3496  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:47:13.0438 3496  cmdide - ok
16:47:13.0469 3496  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:47:13.0494 3496  CNG - ok
16:47:13.0499 3496  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:47:13.0509 3496  Compbatt - ok
16:47:13.0517 3496  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:47:13.0542 3496  CompositeBus - ok
16:47:13.0546 3496  COMSysApp - ok
16:47:13.0552 3496  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:47:13.0561 3496  crcdisk - ok
16:47:13.0595 3496  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:47:13.0629 3496  CryptSvc - ok
16:47:13.0658 3496  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:47:13.0717 3496  DcomLaunch - ok
16:47:13.0744 3496  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:47:13.0775 3496  defragsvc - ok
16:47:13.0785 3496  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:47:13.0826 3496  DfsC - ok
16:47:13.0848 3496  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:47:13.0886 3496  Dhcp - ok
16:47:13.0905 3496  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:47:13.0972 3496  discache - ok
16:47:13.0991 3496  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
16:47:14.0001 3496  Disk - ok
16:47:14.0025 3496  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:47:14.0055 3496  Dnscache - ok
16:47:14.0076 3496  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:47:14.0119 3496  dot3svc - ok
16:47:14.0136 3496  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:47:14.0176 3496  DPS - ok
16:47:14.0201 3496  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:47:14.0222 3496  drmkaud - ok
16:47:14.0267 3496  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:47:14.0302 3496  DXGKrnl - ok
16:47:14.0316 3496  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:47:14.0354 3496  EapHost - ok
16:47:14.0435 3496  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:47:14.0477 3496  ebdrv - ok
16:47:14.0526 3496  [ 1B7AA375F711F66D5FF2B855F9EC987F ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:47:14.0560 3496  eeCtrl - ok
16:47:14.0586 3496  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
16:47:14.0622 3496  EFS - ok
16:47:14.0667 3496  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:47:14.0730 3496  ehRecvr - ok
16:47:14.0741 3496  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:47:14.0754 3496  ehSched - ok
16:47:14.0781 3496  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:47:14.0800 3496  elxstor - ok
16:47:14.0826 3496  [ 7230C8B80DDE1F0524C353240B78CC0E ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:47:14.0844 3496  EraserUtilRebootDrv ( UnsignedFile.Multi.Generic ) - warning
16:47:14.0844 3496  EraserUtilRebootDrv - detected UnsignedFile.Multi.Generic (1)
16:47:14.0863 3496  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:47:14.0876 3496  ErrDev - ok
16:47:14.0905 3496  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:47:14.0956 3496  EventSystem - ok
16:47:14.0977 3496  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:47:15.0011 3496  exfat - ok
16:47:15.0027 3496  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:47:15.0069 3496  fastfat - ok
16:47:15.0088 3496  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:47:15.0144 3496  Fax - ok
16:47:15.0164 3496  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
16:47:15.0191 3496  fdc - ok
16:47:15.0210 3496  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:47:15.0251 3496  fdPHost - ok
16:47:15.0263 3496  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:47:15.0290 3496  FDResPub - ok
16:47:15.0301 3496  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:47:15.0311 3496  FileInfo - ok
16:47:15.0321 3496  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:47:15.0363 3496  Filetrace - ok
16:47:15.0386 3496  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:47:15.0396 3496  flpydisk - ok
16:47:15.0412 3496  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:47:15.0424 3496  FltMgr - ok
16:47:15.0472 3496  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
16:47:15.0518 3496  FontCache - ok
16:47:15.0557 3496  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:47:15.0569 3496  FontCache3.0.0.0 - ok
16:47:15.0582 3496  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:47:15.0598 3496  FsDepends - ok
16:47:15.0634 3496  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:47:15.0664 3496  Fs_Rec - ok
16:47:15.0693 3496  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:47:15.0711 3496  fvevol - ok
16:47:15.0736 3496  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:47:15.0746 3496  gagp30kx - ok
16:47:15.0770 3496  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:47:15.0803 3496  gpsvc - ok
16:47:15.0857 3496  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:47:15.0884 3496  gupdate - ok
16:47:15.0892 3496  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:47:15.0910 3496  gupdatem - ok
16:47:15.0920 3496  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:47:15.0961 3496  hcw85cir - ok
16:47:15.0984 3496  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:47:16.0012 3496  HdAudAddService - ok
16:47:16.0028 3496  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:47:16.0052 3496  HDAudBus - ok
16:47:16.0069 3496  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:47:16.0079 3496  HidBatt - ok
16:47:16.0091 3496  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:47:16.0134 3496  HidBth - ok
16:47:16.0151 3496  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:47:16.0170 3496  HidIr - ok
16:47:16.0190 3496  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
16:47:16.0252 3496  hidserv - ok
16:47:16.0265 3496  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:47:16.0275 3496  HidUsb - ok
16:47:16.0294 3496  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:47:16.0333 3496  hkmsvc - ok
16:47:16.0353 3496  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:47:16.0391 3496  HomeGroupListener - ok
16:47:16.0422 3496  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:47:16.0442 3496  HomeGroupProvider - ok
16:47:16.0524 3496  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:47:16.0544 3496  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:47:16.0544 3496  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:47:16.0561 3496  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:47:16.0574 3496  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:47:16.0574 3496  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:47:16.0602 3496  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:47:16.0612 3496  HpSAMD - ok
16:47:16.0637 3496  [ 4F6C514B6149E380B8C1EDEAC3D7AEC5 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:47:16.0664 3496  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:47:16.0665 3496  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:47:16.0692 3496  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:47:16.0746 3496  HTTP - ok
16:47:16.0761 3496  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:47:16.0770 3496  hwpolicy - ok
16:47:16.0777 3496  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:47:16.0788 3496  i8042prt - ok
16:47:16.0821 3496  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:47:16.0835 3496  iaStorV - ok
16:47:16.0870 3496  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:47:16.0881 3496  IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:47:16.0881 3496  IDriverT - detected UnsignedFile.Multi.Generic (1)
16:47:16.0935 3496  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:47:16.0968 3496  idsvc - ok
16:47:17.0025 3496  [ D7CB14B41DA52DF2EC143768E02F0E97 ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20131213.001\IDSvia64.sys
16:47:17.0057 3496  IDSVia64 - ok
16:47:17.0062 3496  IEEtwCollectorService - ok
16:47:17.0081 3496  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:47:17.0096 3496  iirsp - ok
16:47:17.0135 3496  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
16:47:17.0182 3496  IKEEXT - ok
16:47:17.0216 3496  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:47:17.0227 3496  intelide - ok
16:47:17.0238 3496  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:47:17.0267 3496  intelppm - ok
16:47:17.0293 3496  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:47:17.0338 3496  IPBusEnum - ok
16:47:17.0350 3496  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:47:17.0387 3496  IpFilterDriver - ok
16:47:17.0418 3496  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:47:17.0434 3496  iphlpsvc - ok
16:47:17.0438 3496  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:47:17.0471 3496  IPMIDRV - ok
16:47:17.0485 3496  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:47:17.0528 3496  IPNAT - ok
16:47:17.0537 3496  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:47:17.0551 3496  IRENUM - ok
16:47:17.0564 3496  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:47:17.0573 3496  isapnp - ok
16:47:17.0587 3496  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:47:17.0599 3496  iScsiPrt - ok
16:47:17.0614 3496  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:47:17.0623 3496  kbdclass - ok
16:47:17.0650 3496  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:47:17.0671 3496  kbdhid - ok
16:47:17.0683 3496  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
16:47:17.0692 3496  KeyIso - ok
16:47:17.0722 3496  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:47:17.0732 3496  KSecDD - ok
16:47:17.0747 3496  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:47:17.0758 3496  KSecPkg - ok
16:47:17.0769 3496  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:47:17.0805 3496  ksthunk - ok
16:47:17.0831 3496  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:47:17.0874 3496  KtmRm - ok
16:47:17.0899 3496  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:47:17.0939 3496  LanmanServer - ok
16:47:17.0964 3496  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:47:18.0002 3496  LanmanWorkstation - ok
16:47:18.0029 3496  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:47:18.0072 3496  lltdio - ok
16:47:18.0092 3496  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:47:18.0123 3496  lltdsvc - ok
16:47:18.0140 3496  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:47:18.0168 3496  lmhosts - ok
16:47:18.0184 3496  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:47:18.0194 3496  LSI_FC - ok
16:47:18.0202 3496  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:47:18.0213 3496  LSI_SAS - ok
16:47:18.0226 3496  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:47:18.0236 3496  LSI_SAS2 - ok
16:47:18.0250 3496  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:47:18.0260 3496  LSI_SCSI - ok
16:47:18.0271 3496  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:47:18.0308 3496  luafv - ok
16:47:18.0329 3496  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:47:18.0340 3496  Mcx2Svc - ok
16:47:18.0359 3496  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:47:18.0368 3496  megasas - ok
16:47:18.0383 3496  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:47:18.0395 3496  MegaSR - ok
16:47:18.0417 3496  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:47:18.0457 3496  MMCSS - ok
16:47:18.0476 3496  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:47:18.0518 3496  Modem - ok
16:47:18.0543 3496  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:47:18.0568 3496  monitor - ok
16:47:18.0581 3496  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:47:18.0590 3496  mouclass - ok
16:47:18.0600 3496  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:47:18.0624 3496  mouhid - ok
16:47:18.0640 3496  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:47:18.0650 3496  mountmgr - ok
16:47:18.0663 3496  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:47:18.0674 3496  mpio - ok
16:47:18.0685 3496  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:47:18.0714 3496  mpsdrv - ok
16:47:18.0740 3496  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:47:18.0788 3496  MpsSvc - ok
16:47:18.0816 3496  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:47:18.0836 3496  MRxDAV - ok
16:47:18.0867 3496  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:47:18.0901 3496  mrxsmb - ok
16:47:18.0923 3496  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:47:18.0941 3496  mrxsmb10 - ok
16:47:18.0956 3496  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:47:18.0984 3496  mrxsmb20 - ok
16:47:19.0007 3496  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:47:19.0022 3496  msahci - ok
16:47:19.0043 3496  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:47:19.0060 3496  msdsm - ok
16:47:19.0075 3496  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:47:19.0108 3496  MSDTC - ok
16:47:19.0126 3496  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:47:19.0170 3496  Msfs - ok
16:47:19.0180 3496  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:47:19.0219 3496  mshidkmdf - ok
16:47:19.0231 3496  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:47:19.0240 3496  msisadrv - ok
16:47:19.0266 3496  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:47:19.0295 3496  MSiSCSI - ok
16:47:19.0299 3496  msiserver - ok
16:47:19.0316 3496  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:47:19.0351 3496  MSKSSRV - ok
16:47:19.0364 3496  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:47:19.0391 3496  MSPCLOCK - ok
16:47:19.0396 3496  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:47:19.0437 3496  MSPQM - ok
16:47:19.0455 3496  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:47:19.0469 3496  MsRPC - ok
16:47:19.0485 3496  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:47:19.0495 3496  mssmbios - ok
16:47:19.0499 3496  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:47:19.0527 3496  MSTEE - ok
16:47:19.0531 3496  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:47:19.0541 3496  MTConfig - ok
16:47:19.0566 3496  [ 2219A3D695405E7BA2186BA6B9EDE14A ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
16:47:19.0574 3496  MTsensor - ok
16:47:19.0584 3496  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:47:19.0594 3496  Mup - ok
16:47:19.0613 3496  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:47:19.0655 3496  napagent - ok
16:47:19.0677 3496  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:47:19.0705 3496  NativeWifiP - ok
16:47:19.0785 3496  [ 702E07EC32F96ACDB873E9A5465D4401 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131215.005\ENG64.SYS
16:47:19.0808 3496  NAVENG - ok
16:47:19.0851 3496  [ 302EA314A1AF0D7CEF0A3D0195F79561 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131215.005\EX64.SYS
16:47:19.0888 3496  NAVEX15 - ok
16:47:19.0927 3496  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:47:19.0967 3496  NDIS - ok
16:47:19.0987 3496  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:47:20.0036 3496  NdisCap - ok
16:47:20.0056 3496  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:47:20.0083 3496  NdisTapi - ok
16:47:20.0095 3496  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:47:20.0123 3496  Ndisuio - ok
16:47:20.0138 3496  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:47:20.0205 3496  NdisWan - ok
16:47:20.0226 3496  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:47:20.0252 3496  NDProxy - ok
16:47:20.0279 3496  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:47:20.0286 3496  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:47:20.0287 3496  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:47:20.0304 3496  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:47:20.0354 3496  NetBIOS - ok
16:47:20.0374 3496  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:47:20.0403 3496  NetBT - ok
16:47:20.0413 3496  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
16:47:20.0423 3496  Netlogon - ok
16:47:20.0446 3496  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:47:20.0492 3496  Netman - ok
16:47:20.0516 3496  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:47:20.0562 3496  netprofm - ok
16:47:20.0586 3496  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:47:20.0595 3496  NetTcpPortSharing - ok
16:47:20.0617 3496  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:47:20.0627 3496  nfrd960 - ok
16:47:20.0691 3496  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
16:47:20.0723 3496  NIS - ok
16:47:20.0756 3496  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:47:20.0784 3496  NlaSvc - ok
16:47:20.0798 3496  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:47:20.0831 3496  Npfs - ok
16:47:20.0848 3496  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:47:20.0892 3496  nsi - ok
16:47:20.0912 3496  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:47:20.0955 3496  nsiproxy - ok
16:47:20.0998 3496  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:47:21.0027 3496  Ntfs - ok
16:47:21.0040 3496  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:47:21.0067 3496  Null - ok
16:47:21.0076 3496  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:47:21.0087 3496  nvraid - ok
16:47:21.0108 3496  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:47:21.0119 3496  nvstor - ok
16:47:21.0134 3496  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:47:21.0144 3496  nv_agp - ok
16:47:21.0152 3496  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:47:21.0163 3496  ohci1394 - ok
16:47:21.0188 3496  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:47:21.0214 3496  p2pimsvc - ok
16:47:21.0228 3496  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:47:21.0242 3496  p2psvc - ok
16:47:21.0255 3496  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:47:21.0266 3496  Parport - ok
16:47:21.0298 3496  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:47:21.0308 3496  partmgr - ok
16:47:21.0327 3496  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:47:21.0352 3496  PcaSvc - ok
16:47:21.0367 3496  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:47:21.0379 3496  pci - ok
16:47:21.0401 3496  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:47:21.0411 3496  pciide - ok
16:47:21.0428 3496  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:47:21.0440 3496  pcmcia - ok
16:47:21.0460 3496  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:47:21.0470 3496  pcw - ok
16:47:21.0547 3496  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:47:21.0610 3496  PEAUTH - ok
16:47:21.0760 3496  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:47:21.0795 3496  PerfHost - ok
16:47:21.0840 3496  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:47:21.0880 3496  pla - ok
16:47:21.0921 3496  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:47:21.0975 3496  PlugPlay - ok
16:47:21.0992 3496  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:47:22.0018 3496  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:47:22.0018 3496  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:47:22.0032 3496  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:47:22.0061 3496  PNRPAutoReg - ok
16:47:22.0080 3496  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:47:22.0100 3496  PNRPsvc - ok
16:47:22.0122 3496  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:47:22.0164 3496  PolicyAgent - ok
16:47:22.0190 3496  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:47:22.0220 3496  Power - ok
16:47:22.0243 3496  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:47:22.0310 3496  PptpMiniport - ok
16:47:22.0331 3496  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
16:47:22.0341 3496  Processor - ok
16:47:22.0371 3496  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:47:22.0407 3496  ProfSvc - ok
16:47:22.0419 3496  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
16:47:22.0429 3496  ProtectedStorage - ok
16:47:22.0445 3496  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:47:22.0485 3496  Psched - ok
16:47:22.0522 3496  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:47:22.0549 3496  ql2300 - ok
16:47:22.0576 3496  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:47:22.0587 3496  ql40xx - ok
16:47:22.0611 3496  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:47:22.0627 3496  QWAVE - ok
16:47:22.0634 3496  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:47:22.0657 3496  QWAVEdrv - ok
16:47:22.0673 3496  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:47:22.0700 3496  RasAcd - ok
16:47:22.0714 3496  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:47:22.0753 3496  RasAgileVpn - ok
16:47:22.0773 3496  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:47:22.0814 3496  RasAuto - ok
16:47:22.0834 3496  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:47:22.0875 3496  Rasl2tp - ok
16:47:22.0892 3496  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:47:22.0923 3496  RasMan - ok
16:47:22.0935 3496  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:47:22.0971 3496  RasPppoe - ok
16:47:22.0984 3496  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:47:23.0020 3496  RasSstp - ok
16:47:23.0042 3496  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:47:23.0072 3496  rdbss - ok
16:47:23.0083 3496  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:47:23.0095 3496  rdpbus - ok
16:47:23.0103 3496  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:47:23.0145 3496  RDPCDD - ok
16:47:23.0160 3496  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:47:23.0203 3496  RDPENCDD - ok
16:47:23.0217 3496  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:47:23.0244 3496  RDPREFMP - ok
16:47:23.0269 3496  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:47:23.0327 3496  RdpVideoMiniport - ok
16:47:23.0361 3496  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:47:23.0387 3496  RDPWD - ok
16:47:23.0403 3496  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:47:23.0415 3496  rdyboost - ok
16:47:23.0435 3496  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:47:23.0477 3496  RemoteAccess - ok
16:47:23.0504 3496  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:47:23.0533 3496  RemoteRegistry - ok
16:47:23.0543 3496  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:47:23.0572 3496  RpcEptMapper - ok
16:47:23.0580 3496  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:47:23.0591 3496  RpcLocator - ok
16:47:23.0604 3496  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:47:23.0636 3496  RpcSs - ok
16:47:23.0653 3496  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:47:23.0682 3496  rspndr - ok
16:47:23.0707 3496  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:47:23.0722 3496  RTL8167 - ok
16:47:23.0734 3496  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
16:47:23.0744 3496  SamSs - ok
16:47:23.0756 3496  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:47:23.0766 3496  sbp2port - ok
16:47:23.0778 3496  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:47:23.0807 3496  SCardSvr - ok
16:47:23.0814 3496  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:47:23.0849 3496  scfilter - ok
16:47:23.0872 3496  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:47:23.0923 3496  Schedule - ok
16:47:23.0948 3496  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:47:23.0975 3496  SCPolicySvc - ok
16:47:23.0990 3496  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:47:24.0013 3496  SDRSVC - ok
16:47:24.0034 3496  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:47:24.0070 3496  secdrv - ok
16:47:24.0089 3496  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:47:24.0116 3496  seclogon - ok
16:47:24.0144 3496  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
16:47:24.0211 3496  SENS - ok
16:47:24.0226 3496  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:47:24.0271 3496  SensrSvc - ok
16:47:24.0282 3496  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:47:24.0304 3496  Serenum - ok
16:47:24.0329 3496  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:47:24.0352 3496  Serial - ok
16:47:24.0371 3496  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:47:24.0381 3496  sermouse - ok
16:47:24.0417 3496  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:47:24.0480 3496  SessionEnv - ok
16:47:24.0498 3496  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:47:24.0510 3496  sffdisk - ok
16:47:24.0523 3496  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:47:24.0547 3496  sffp_mmc - ok
16:47:24.0566 3496  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:47:24.0593 3496  sffp_sd - ok
16:47:24.0607 3496  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:47:24.0632 3496  sfloppy - ok
16:47:24.0666 3496  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:47:24.0730 3496  SharedAccess - ok
16:47:24.0753 3496  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:47:24.0798 3496  ShellHWDetection - ok
16:47:24.0816 3496  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:47:24.0825 3496  SiSRaid2 - ok
16:47:24.0838 3496  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:47:24.0848 3496  SiSRaid4 - ok
16:47:24.0863 3496  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:47:24.0904 3496  Smb - ok
16:47:24.0930 3496  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:47:24.0941 3496  SNMPTRAP - ok
16:47:24.0954 3496  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:47:24.0964 3496  spldr - ok
16:47:25.0003 3496  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:47:25.0050 3496  Spooler - ok
16:47:25.0143 3496  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:47:25.0214 3496  sppsvc - ok
16:47:25.0229 3496  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:47:25.0257 3496  sppuinotify - ok
16:47:25.0317 3496  [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
16:47:25.0360 3496  SRTSP - ok
16:47:25.0373 3496  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
16:47:25.0383 3496  SRTSPX - ok
16:47:25.0411 3496  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:47:25.0440 3496  srv - ok
16:47:25.0464 3496  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:47:25.0487 3496  srv2 - ok
16:47:25.0501 3496  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:47:25.0512 3496  srvnet - ok
16:47:25.0540 3496  [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
16:47:25.0549 3496  sscdbus - ok
16:47:25.0557 3496  [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
16:47:25.0565 3496  sscdmdfl - ok
16:47:25.0575 3496  [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
16:47:25.0585 3496  sscdmdm - ok
16:47:25.0594 3496  [ 05FFA552F578E27AB2D41B6828DB477F ] sscdserd        C:\Windows\system32\DRIVERS\sscdserd.sys
16:47:25.0604 3496  sscdserd - ok
16:47:25.0628 3496  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:47:25.0657 3496  SSDPSRV - ok
16:47:25.0674 3496  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:47:25.0702 3496  SstpSvc - ok
16:47:25.0715 3496  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:47:25.0725 3496  stexstor - ok
16:47:25.0737 3496  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\drivers\serscan.sys
16:47:25.0786 3496  StillCam - ok
16:47:25.0821 3496  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:47:25.0852 3496  stisvc - ok
16:47:25.0864 3496  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:47:25.0873 3496  swenum - ok
16:47:25.0892 3496  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:47:25.0937 3496  swprv - ok
16:47:25.0967 3496  [ 52DC0048D667757A8A2E4C87182890AC ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
16:47:25.0981 3496  SymDS - ok
16:47:26.0005 3496  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
16:47:26.0026 3496  SymEFA - ok
16:47:26.0050 3496  [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:47:26.0061 3496  SymEvent - ok
16:47:26.0075 3496  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
16:47:26.0085 3496  SymIRON - ok
16:47:26.0104 3496  [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
16:47:26.0117 3496  SymNetS - ok
16:47:26.0160 3496  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:47:26.0204 3496  SysMain - ok
16:47:26.0244 3496  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:47:26.0260 3496  TabletInputService - ok
16:47:26.0290 3496  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:47:26.0328 3496  TapiSrv - ok
16:47:26.0346 3496  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:47:26.0375 3496  TBS - ok
16:47:26.0425 3496  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:47:26.0457 3496  Tcpip - ok
16:47:26.0492 3496  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:47:26.0523 3496  TCPIP6 - ok
16:47:26.0555 3496  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:47:26.0564 3496  tcpipreg - ok
16:47:26.0582 3496  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:47:26.0613 3496  TDPIPE - ok
16:47:26.0640 3496  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:47:26.0678 3496  TDTCP - ok
16:47:26.0698 3496  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:47:26.0753 3496  tdx - ok
16:47:26.0761 3496  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:47:26.0771 3496  TermDD - ok
16:47:26.0797 3496  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:47:26.0829 3496  TermService - ok
16:47:26.0852 3496  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:47:26.0866 3496  Themes - ok
16:47:26.0874 3496  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:47:26.0902 3496  THREADORDER - ok
16:47:26.0923 3496  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:47:26.0964 3496  TrkWks - ok
16:47:27.0011 3496  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:47:27.0064 3496  TrustedInstaller - ok
16:47:27.0090 3496  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:47:27.0136 3496  tssecsrv - ok
16:47:27.0164 3496  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:47:27.0205 3496  TsUsbFlt - ok
16:47:27.0231 3496  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:47:27.0246 3496  TsUsbGD - ok
16:47:27.0271 3496  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:47:27.0310 3496  tunnel - ok
16:47:27.0324 3496  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:47:27.0333 3496  uagp35 - ok
16:47:27.0347 3496  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:47:27.0384 3496  udfs - ok
16:47:27.0414 3496  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:47:27.0425 3496  UI0Detect - ok
16:47:27.0432 3496  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:47:27.0442 3496  uliagpkx - ok
16:47:27.0452 3496  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:47:27.0474 3496  umbus - ok
16:47:27.0491 3496  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:47:27.0516 3496  UmPass - ok
16:47:27.0548 3496  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:47:27.0589 3496  upnphost - ok
16:47:27.0614 3496  [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
16:47:27.0627 3496  usbccgp - ok
16:47:27.0654 3496  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:47:27.0685 3496  usbcir - ok
16:47:27.0712 3496  [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:47:27.0741 3496  usbehci - ok
16:47:27.0769 3496  [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:47:27.0789 3496  usbhub - ok
16:47:27.0806 3496  [ 9406D801042FAF859CF81B2C886413DC ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:47:27.0821 3496  usbohci - ok
16:47:27.0843 3496  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:47:27.0871 3496  usbprint - ok
16:47:27.0895 3496  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:47:27.0935 3496  USBSTOR - ok
16:47:27.0961 3496  [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:47:27.0976 3496  usbuhci - ok
16:47:27.0999 3496  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:47:28.0061 3496  UxSms - ok
16:47:28.0081 3496  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
16:47:28.0096 3496  VaultSvc - ok
16:47:28.0119 3496  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:47:28.0134 3496  vdrvroot - ok
16:47:28.0162 3496  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:47:28.0227 3496  vds - ok
16:47:28.0246 3496  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:47:28.0258 3496  vga - ok
16:47:28.0269 3496  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:47:28.0306 3496  VgaSave - ok
16:47:28.0327 3496  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:47:28.0339 3496  vhdmp - ok
16:47:28.0412 3496  [ 84FFC3CCA60A1B52A021BC894D529735 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
16:47:28.0452 3496  VIAHdAudAddService - ok
16:47:28.0472 3496  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:47:28.0482 3496  viaide - ok
16:47:28.0489 3496  [ F4310278E6CE1C507B5555B662369E26 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
16:47:28.0498 3496  VIAKaraokeService - ok
16:47:28.0506 3496  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:47:28.0516 3496  volmgr - ok
16:47:28.0529 3496  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:47:28.0543 3496  volmgrx - ok
16:47:28.0553 3496  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:47:28.0565 3496  volsnap - ok
16:47:28.0577 3496  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:47:28.0588 3496  vsmraid - ok
16:47:28.0634 3496  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:47:28.0698 3496  VSS - ok
16:47:28.0722 3496  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:47:28.0745 3496  vwifibus - ok
16:47:28.0771 3496  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:47:28.0802 3496  W32Time - ok
16:47:28.0826 3496  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:47:28.0845 3496  WacomPen - ok
16:47:28.0850 3496  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:47:28.0883 3496  WANARP - ok
16:47:28.0887 3496  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:47:28.0914 3496  Wanarpv6 - ok
16:47:28.0968 3496  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:47:29.0008 3496  WatAdminSvc - ok
16:47:29.0063 3496  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:47:29.0123 3496  wbengine - ok
16:47:29.0151 3496  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:47:29.0171 3496  WbioSrvc - ok
16:47:29.0186 3496  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:47:29.0219 3496  wcncsvc - ok
16:47:29.0238 3496  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:47:29.0255 3496  WcsPlugInService - ok
16:47:29.0272 3496  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
16:47:29.0281 3496  Wd - ok
16:47:29.0308 3496  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:47:29.0328 3496  Wdf01000 - ok
16:47:29.0353 3496  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:47:29.0432 3496  WdiServiceHost - ok
16:47:29.0437 3496  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:47:29.0456 3496  WdiSystemHost - ok
16:47:29.0492 3496  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
16:47:29.0525 3496  WebClient - ok
16:47:29.0554 3496  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:47:29.0597 3496  Wecsvc - ok
16:47:29.0620 3496  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:47:29.0649 3496  wercplsupport - ok
16:47:29.0677 3496  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:47:29.0705 3496  WerSvc - ok
16:47:29.0722 3496  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:47:29.0750 3496  WfpLwf - ok
16:47:29.0764 3496  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:47:29.0773 3496  WIMMount - ok
16:47:29.0794 3496  WinDefend - ok
16:47:29.0799 3496  WinHttpAutoProxySvc - ok
16:47:29.0840 3496  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:47:29.0869 3496  Winmgmt - ok
16:47:29.0896 3496  WinRing0_1_2_0 - ok
16:47:29.0941 3496  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:47:29.0985 3496  WinRM - ok
16:47:30.0015 3496  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:47:30.0027 3496  WinUsb - ok
16:47:30.0052 3496  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:47:30.0087 3496  Wlansvc - ok
16:47:30.0107 3496  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:47:30.0144 3496  WmiAcpi - ok
16:47:30.0186 3496  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:47:30.0222 3496  wmiApSrv - ok
16:47:30.0246 3496  WMPNetworkSvc - ok
16:47:30.0267 3496  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:47:30.0291 3496  WPCSvc - ok
16:47:30.0321 3496  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:47:30.0340 3496  WPDBusEnum - ok
16:47:30.0367 3496  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:47:30.0423 3496  ws2ifsl - ok
16:47:30.0446 3496  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
16:47:30.0471 3496  wscsvc - ok
16:47:30.0474 3496  WSearch - ok
16:47:30.0544 3496  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:47:30.0587 3496  wuauserv - ok
16:47:30.0612 3496  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:47:30.0663 3496  WudfPf - ok
16:47:30.0676 3496  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:47:30.0708 3496  WUDFRd - ok
16:47:30.0737 3496  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:47:30.0767 3496  wudfsvc - ok
16:47:30.0796 3496  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:47:30.0828 3496  WwanSvc - ok
16:47:30.0834 3496  ================ Scan global ===============================
16:47:30.0849 3496  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:47:30.0881 3496  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
16:47:30.0897 3496  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
16:47:30.0922 3496  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:47:30.0951 3496  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:47:30.0955 3496  [Global] - ok
16:47:30.0955 3496  ================ Scan MBR ==================================
16:47:30.0967 3496  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:47:31.0286 3496  \Device\Harddisk0\DR0 - ok
16:47:31.0287 3496  ================ Scan VBR ==================================
16:47:31.0293 3496  [ 10EABBDE8CF7643AF7DA1A0D7B3DE106 ] \Device\Harddisk0\DR0\Partition1
16:47:31.0296 3496  \Device\Harddisk0\DR0\Partition1 - ok
16:47:31.0328 3496  [ 79C54BEFA0893EE1400D3C0FA21ACBC1 ] \Device\Harddisk0\DR0\Partition2
16:47:31.0332 3496  \Device\Harddisk0\DR0\Partition2 - ok
16:47:31.0333 3496  ============================================================
16:47:31.0333 3496  Scan finished
16:47:31.0333 3496  ============================================================
16:47:31.0350 2308  Detected object count: 7
16:47:31.0350 2308  Actual detected object count: 7

Edited by getwithit, 16 December 2013 - 06:54 PM.


#10 getwithit

getwithit
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 16 December 2013 - 07:02 PM

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-12-16 16:56:20
-----------------------------
16:56:20.065    OS Version: Windows x64 6.1.7601 Service Pack 1
16:56:20.065    Number of processors: 4 586 0x503
16:56:20.065    ComputerName: JEREMY-PC  UserName: Jeremy
16:56:23.148    Initialize success
16:56:40.948    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
16:56:40.952    Disk 0 Vendor: ST500DM002-1BD142 KC45 Size: 476940MB BusType: 3
16:56:41.088    Disk 0 MBR read successfully
16:56:41.092    Disk 0 MBR scan
16:56:41.097    Disk 0 Windows 7 default MBR code
16:56:41.103    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
16:56:41.116    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       476838 MB offset 206848
16:56:41.149    Disk 0 scanning C:\Windows\system32\drivers
16:56:48.566    Service scanning
16:57:01.120    Modules scanning
16:57:01.133    Disk 0 trace - called modules:
16:57:01.151    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
16:57:01.157    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800499d060]
16:57:01.165    3 CLASSPNP.SYS[fffff88001a8243f] -> nt!IofCallDriver -> [0xfffffa80048c49b0]
16:57:01.172    5 ACPI.sys[fffff88000ee67a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa800498f060]
16:57:01.184    Scan finished successfully
16:58:04.367    Disk 0 MBR has been saved successfully to "C:\Users\Jeremy\Desktop\MBR.dat"
16:58:04.371    The log file has been saved successfully to "C:\Users\Jeremy\Desktop\aswMBR.txt"
 
 

Attached Files

  • Attached File  MBR.zip   559bytes   0 downloads


#11 getwithit

getwithit
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 16 December 2013 - 07:15 PM

.


Edited by getwithit, 16 December 2013 - 09:09 PM.


#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:21 AM

Posted 17 December 2013 - 09:34 AM

Nothing suspicious in the last logs.

Run this tool, update any Drivers that needs it.

Secunia Personal Software Inspector (PSI)
http://secunia.com/vulnerability_scanning/personal/
Secunia PSI is a security scanner which identifies programs/drivers that are damaged and need updates.

#13 getwithit

getwithit
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 17 December 2013 - 07:04 PM

Thank you for all your help, you have been great.  when i ran  that i couldn't even use it cause internet explorer was messed up which didn't allow  one of windows updates to work. after fixing that it ran and only one driver needed updated,  sorry tried to copy befor it was done but it ended  msmlx is close to what it said   sevice pack 3.  well gonna play a game for a bit to see if i can get it to crash again,  if no crash  thank you again!



#14 nasdaq

nasdaq

  • Malware Response Team
  • 39,576 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:21 AM

Posted 18 December 2013 - 08:16 AM

Keep me posted.

When all is well:

Time for some housekeeping
  • The following will implement some cleanup procedures as well as reset System Restore points:
  • Click Start > Run and copy/paste the following bold text into the Run box and click OK:
  • ComboFix /Uninstall
===


Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===

#15 getwithit

getwithit
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:21 AM

Posted 18 December 2013 - 08:16 PM

Well i'm back got 2 more blue screen logs.

 

On Thu 12/19/2013 12:39:34 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\121813-19281-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x75BC0)
Bugcheck code: 0x1A (0x41284, 0xA70001, 0x0, 0xFFFFF70001080000)
Error: MEMORY_MANAGEMENT
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Thu 12/19/2013 12:39:34 AM GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: ntkrnlmp.exe (nt!KeBugCheckEx+0x0)
Bugcheck code: 0x1A (0x41284, 0xA70001, 0x0, 0xFFFFF70001080000)
Error: MEMORY_MANAGEMENT
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
 

Btw  i have all of the things on your checklist  in previous post.  still points to a phantom driver it would appear.  i have ran a memcheck and that was clear. also would only having 4gb mem be too low and cause  blue screens?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users