Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

Solved: Bsod!!!!


(!)

Mark1956's Avatar
Malware Removal Specialist with 14,035 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
10-May-2013, 04:51 AM #31
That scans indicates that a Rootkit infection was removed in the first scan, but I still need to see the first scan results. You will find the log saved to your C: drive, please put it in your next post.
bdarger's Avatar
bdarger bdarger is offline
Member with 39 posts.
THREAD STARTER
 
Join Date: May 2013
12-May-2013, 08:56 PM #32
First scan is below

13:11:11.0998 4624 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:11:12.0451 4624 ============================================================
13:11:12.0451 4624 Current date / time: 2013/05/09 13:11:12.0451
13:11:12.0451 4624 SystemInfo:
13:11:12.0451 4624
13:11:12.0451 4624 OS Version: 6.1.7601 ServicePack: 1.0
13:11:12.0451 4624 Product type: Workstation
13:11:12.0451 4624 ComputerName: BRANDON-HP
13:11:12.0451 4624 UserName: brandon
13:11:12.0451 4624 Windows directory: C:\Windows
13:11:12.0451 4624 System windows directory: C:\Windows
13:11:12.0451 4624 Running under WOW64
13:11:12.0451 4624 Processor architecture: Intel x64
13:11:12.0451 4624 Number of processors: 4
13:11:12.0451 4624 Page size: 0x1000
13:11:12.0451 4624 Boot type: Safe boot with network
13:11:12.0451 4624 ============================================================
13:11:13.0184 4624 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:11:13.0184 4624 ============================================================
13:11:13.0184 4624 \Device\Harddisk0\DR0:
13:11:13.0184 4624 MBR partitions:
13:11:13.0184 4624 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:11:13.0184 4624 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x486BB000
13:11:13.0184 4624 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x4871F000, BlocksNum 0x2105000
13:11:13.0184 4624 ============================================================
13:11:13.0200 4624 C: <-> \Device\Harddisk0\DR0\Partition2
13:11:13.0262 4624 D: <-> \Device\Harddisk0\DR0\Partition3
13:11:13.0262 4624 ============================================================
13:11:13.0262 4624 Initialize success
13:11:13.0262 4624 ============================================================
13:11:37.0863 0344 ============================================================
13:11:37.0863 0344 Scan started
13:11:37.0863 0344 Mode: Manual; SigCheck; TDLFS;
13:11:37.0863 0344 ============================================================
13:11:40.0859 0344 ================ Scan system memory ========================
13:11:40.0859 0344 System memory - ok
13:11:40.0859 0344 ================ Scan services =============================
13:11:41.0015 0344 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:11:41.0186 0344 1394ohci - ok
13:11:41.0264 0344 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
13:11:41.0264 0344 Accelerometer - ok
13:11:41.0311 0344 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:11:41.0327 0344 ACPI - ok
13:11:41.0389 0344 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:11:41.0467 0344 AcpiPmi - ok
13:11:41.0561 0344 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:11:41.0576 0344 AdobeARMservice - ok
13:11:41.0639 0344 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:11:41.0654 0344 AdobeFlashPlayerUpdateSvc - ok
13:11:41.0701 0344 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:11:41.0732 0344 adp94xx - ok
13:11:41.0763 0344 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:11:41.0779 0344 adpahci - ok
13:11:41.0795 0344 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:11:41.0810 0344 adpu320 - ok
13:11:41.0841 0344 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:11:41.0951 0344 AeLookupSvc - ok
13:11:42.0029 0344 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
13:11:42.0107 0344 AESTFilters - ok
13:11:42.0153 0344 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:11:42.0231 0344 AFD - ok
13:11:42.0263 0344 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:11:42.0278 0344 agp440 - ok
13:11:42.0309 0344 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:11:42.0387 0344 ALG - ok
13:11:42.0419 0344 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:11:42.0434 0344 aliide - ok
13:11:42.0434 0344 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:11:42.0450 0344 amdide - ok
13:11:42.0481 0344 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:11:42.0543 0344 AmdK8 - ok
13:11:42.0559 0344 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:11:42.0590 0344 AmdPPM - ok
13:11:42.0637 0344 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:11:42.0637 0344 amdsata - ok
13:11:42.0684 0344 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:11:42.0699 0344 amdsbs - ok
13:11:42.0715 0344 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:11:42.0731 0344 amdxata - ok
13:11:42.0840 0344 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:11:43.0058 0344 AppID - ok
13:11:43.0074 0344 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:11:43.0167 0344 AppIDSvc - ok
13:11:43.0230 0344 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:11:43.0308 0344 Appinfo - ok
13:11:43.0401 0344 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:11:43.0417 0344 Apple Mobile Device - ok
13:11:43.0464 0344 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:11:43.0479 0344 arc - ok
13:11:43.0479 0344 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:11:43.0495 0344 arcsas - ok
13:11:43.0526 0344 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:11:43.0604 0344 AsyncMac - ok
13:11:43.0667 0344 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:11:43.0682 0344 atapi - ok
13:11:43.0729 0344 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:11:43.0838 0344 AudioEndpointBuilder - ok
13:11:43.0869 0344 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:11:43.0916 0344 AudioSrv - ok
13:11:43.0994 0344 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:11:44.0103 0344 AxInstSV - ok
13:11:44.0135 0344 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:11:44.0197 0344 b06bdrv - ok
13:11:44.0244 0344 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:11:44.0291 0344 b57nd60a - ok
13:11:44.0337 0344 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:11:44.0415 0344 BDESVC - ok
13:11:44.0415 0344 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:11:44.0509 0344 Beep - ok
13:11:44.0587 0344 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:11:44.0681 0344 BFE - ok
13:11:44.0852 0344 [ 6C64FA457C200874FAA87D74152E0D84 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
13:11:44.0915 0344 BHDrvx64 - ok
13:11:44.0946 0344 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
13:11:45.0086 0344 BITS - ok
13:11:45.0133 0344 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:11:45.0180 0344 blbdrive - ok
13:11:45.0320 0344 [ E7062088161C56BF42E7DBA53664E584 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
13:11:45.0476 0344 Bluetooth Device Manager - ok
13:11:45.0539 0344 [ 21B1CB06C0254BBC08B8C30D8F282E69 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
13:11:45.0585 0344 Bluetooth Media Service - ok
13:11:45.0617 0344 [ 0BC0DC720F22A9D6D721FD5B7D15E84F ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
13:11:45.0632 0344 Bluetooth OBEX Service - ok
13:11:45.0710 0344 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:11:45.0726 0344 Bonjour Service - ok
13:11:45.0835 0344 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:11:45.0944 0344 bowser - ok
13:11:45.0960 0344 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:11:46.0038 0344 BrFiltLo - ok
13:11:46.0038 0344 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:11:46.0053 0344 BrFiltUp - ok
13:11:46.0085 0344 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:11:46.0147 0344 Browser - ok
13:11:46.0163 0344 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:11:46.0225 0344 Brserid - ok
13:11:46.0241 0344 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:11:46.0272 0344 BrSerWdm - ok
13:11:46.0287 0344 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:11:46.0303 0344 BrUsbMdm - ok
13:11:46.0303 0344 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:11:46.0319 0344 BrUsbSer - ok
13:11:46.0381 0344 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:11:46.0506 0344 BthEnum - ok
13:11:46.0521 0344 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:11:46.0568 0344 BTHMODEM - ok
13:11:46.0631 0344 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:11:46.0662 0344 BthPan - ok
13:11:46.0709 0344 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:11:46.0787 0344 BTHPORT - ok
13:11:46.0833 0344 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:11:46.0896 0344 bthserv - ok
13:11:46.0943 0344 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:11:46.0974 0344 BTHUSB - ok
13:11:47.0021 0344 [ 6D3FF2B480F7AB8DA103CBC7FBEACD48 ] BTMCOM C:\Windows\system32\Drivers\btmcom.sys
13:11:47.0083 0344 BTMCOM - ok
13:11:47.0145 0344 [ 8AEF214DD4816AF9AFB5D425F7302DAE ] BTMNET C:\Windows\system32\DRIVERS\btmnet.sys
13:11:47.0192 0344 BTMNET - ok
13:11:47.0239 0344 [ 8515AA7DC5ECEBDFCC480D2001398BD7 ] BTMUSB C:\Windows\system32\Drivers\btmusb.sys
13:11:47.0317 0344 BTMUSB - ok
13:11:47.0379 0344 [ 37B50B3A19CD1F3BB751FCD9C33ACDAF ] cag C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys
13:11:47.0395 0344 cag - ok
13:11:47.0411 0344 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:11:47.0489 0344 cdfs - ok
13:11:47.0535 0344 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:11:47.0567 0344 cdrom - ok
13:11:47.0613 0344 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:11:47.0691 0344 CertPropSvc - ok
13:11:47.0754 0344 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:11:47.0801 0344 circlass - ok
13:11:47.0847 0344 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:11:47.0863 0344 CLFS - ok
13:11:47.0925 0344 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:11:47.0957 0344 clr_optimization_v2.0.50727_32 - ok
13:11:48.0003 0344 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:11:48.0019 0344 clr_optimization_v2.0.50727_64 - ok
13:11:48.0081 0344 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:11:48.0128 0344 clr_optimization_v4.0.30319_32 - ok
13:11:48.0191 0344 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:11:48.0206 0344 clr_optimization_v4.0.30319_64 - ok
13:11:48.0253 0344 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
13:11:48.0253 0344 clwvd - ok
13:11:48.0300 0344 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:11:48.0331 0344 CmBatt - ok
13:11:48.0378 0344 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:11:48.0393 0344 cmdide - ok
13:11:48.0425 0344 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:11:48.0471 0344 CNG - ok
13:11:48.0518 0344 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:11:48.0534 0344 Compbatt - ok
13:11:48.0581 0344 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:11:48.0612 0344 CompositeBus - ok
13:11:48.0627 0344 COMSysApp - ok
13:11:48.0659 0344 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:11:48.0674 0344 crcdisk - ok
13:11:48.0721 0344 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:11:48.0783 0344 CryptSvc - ok
13:11:48.0830 0344 [ 5C5EECDD72C392F05328356FFCDF19AB ] ctxva51 C:\Windows\system32\DRIVERS\ctxva51.sys
13:11:48.0846 0344 ctxva51 - ok
13:11:48.0908 0344 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:11:48.0986 0344 DcomLaunch - ok
13:11:49.0002 0344 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:11:49.0080 0344 defragsvc - ok
13:11:49.0127 0344 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:11:49.0205 0344 DfsC - ok
13:11:49.0251 0344 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:11:49.0314 0344 Dhcp - ok
13:11:49.0329 0344 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:11:49.0376 0344 discache - ok
13:11:49.0454 0344 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:11:49.0454 0344 Disk - ok
13:11:49.0517 0344 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
13:11:49.0517 0344 DNE - ok
13:11:49.0548 0344 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:11:49.0610 0344 Dnscache - ok
13:11:49.0641 0344 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:11:49.0719 0344 dot3svc - ok
13:11:49.0751 0344 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:11:49.0813 0344 DPS - ok
13:11:49.0860 0344 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:11:49.0907 0344 drmkaud - ok
13:11:49.0969 0344 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:11:50.0016 0344 DXGKrnl - ok
13:11:50.0063 0344 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:11:50.0125 0344 EapHost - ok
13:11:50.0203 0344 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:11:50.0328 0344 ebdrv - ok
13:11:50.0390 0344 [ 0C3F9EFF8DDD9F9EB56D754B4620155F ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:11:50.0406 0344 eeCtrl - ok
13:11:50.0437 0344 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:11:50.0484 0344 EFS - ok
13:11:50.0577 0344 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:11:50.0655 0344 ehRecvr - ok
13:11:50.0687 0344 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:11:50.0749 0344 ehSched - ok
13:11:50.0796 0344 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:11:50.0827 0344 elxstor - ok
13:11:50.0858 0344 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
13:11:50.0889 0344 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
13:11:50.0889 0344 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
13:11:50.0967 0344 [ 757305C7AD34222F4A46D86FE0BEE241 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
13:11:50.0999 0344 EpsonCustomerParticipation - ok
13:11:51.0045 0344 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:11:51.0077 0344 ErrDev - ok
13:11:51.0123 0344 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:11:51.0217 0344 EventSystem - ok
13:11:51.0248 0344 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:11:51.0326 0344 exfat - ok
13:11:51.0342 0344 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:11:51.0404 0344 fastfat - ok
13:11:51.0482 0344 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:11:51.0560 0344 Fax - ok
13:11:51.0576 0344 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:11:51.0607 0344 fdc - ok
13:11:51.0669 0344 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:11:51.0716 0344 fdPHost - ok
13:11:51.0732 0344 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:11:51.0794 0344 FDResPub - ok
13:11:51.0825 0344 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:11:51.0841 0344 FileInfo - ok
13:11:51.0857 0344 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:11:51.0919 0344 Filetrace - ok
13:11:51.0966 0344 [ 3D9B36631032FDE0FFEA0DC0260E4E35 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:11:51.0981 0344 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
13:11:51.0981 0344 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
13:11:52.0013 0344 [ 52C0312AB35EB7187015FB6A99136BB5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
13:11:52.0044 0344 FLEXnet Licensing Service 64 ( UnsignedFile.Multi.Generic ) - warning
13:11:52.0044 0344 FLEXnet Licensing Service 64 - detected UnsignedFile.Multi.Generic (1)
13:11:52.0059 0344 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:11:52.0075 0344 flpydisk - ok
13:11:52.0122 0344 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:11:52.0137 0344 FltMgr - ok
13:11:52.0184 0344 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:11:52.0278 0344 FontCache - ok
13:11:52.0325 0344 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:11:52.0340 0344 FontCache3.0.0.0 - ok
13:11:52.0418 0344 [ CDC54DB949D1E2BBF86B0C7AB86B912E ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
13:11:52.0434 0344 FPLService - ok
13:11:52.0465 0344 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:11:52.0481 0344 FsDepends - ok
13:11:52.0496 0344 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:11:52.0512 0344 Fs_Rec - ok
13:11:52.0574 0344 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:11:52.0590 0344 fvevol - ok
13:11:52.0621 0344 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:11:52.0637 0344 gagp30kx - ok
13:11:52.0730 0344 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
13:11:52.0746 0344 GameConsoleService - ok
13:11:52.0777 0344 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:11:52.0793 0344 GEARAspiWDM - ok
13:11:52.0808 0344 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:11:52.0902 0344 gpsvc - ok
13:11:52.0917 0344 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:11:52.0980 0344 hcw85cir - ok
13:11:53.0027 0344 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:11:53.0042 0344 HdAudAddService - ok
13:11:53.0073 0344 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:11:53.0120 0344 HDAudBus - ok
13:11:53.0151 0344 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:11:53.0183 0344 HidBatt - ok
13:11:53.0214 0344 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:11:53.0229 0344 HidBth - ok
13:11:53.0245 0344 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:11:53.0292 0344 HidIr - ok
13:11:53.0323 0344 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:11:53.0385 0344 hidserv - ok
13:11:53.0463 0344 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:11:53.0463 0344 HidUsb - ok
13:11:53.0495 0344 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:11:53.0573 0344 hkmsvc - ok
13:11:53.0651 0344 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:11:53.0666 0344 HomeGroupListener - ok
13:11:53.0713 0344 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:11:53.0744 0344 HomeGroupProvider - ok
13:11:53.0838 0344 [ 7A24AD37416B91E4B5E5B46BD25C075F ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:11:53.0838 0344 HP Health Check Service - ok
13:11:53.0900 0344 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
13:11:53.0916 0344 HP Wireless Assistant Service - ok
13:11:53.0947 0344 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
13:11:53.0963 0344 HPClientSvc - ok
13:11:54.0025 0344 [ 2A047E7E0F1018E3134A4065636F2025 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
13:11:54.0025 0344 HPDrvMntSvc.exe - ok
13:11:54.0056 0344 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
13:11:54.0087 0344 hpdskflt - ok
13:11:54.0103 0344 [ 59CB6A1CA093EDC2881598A45518857D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
13:11:54.0150 0344 hpqwmiex - ok
13:11:54.0197 0344 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:11:54.0212 0344 HpSAMD - ok
13:11:54.0243 0344 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
13:11:54.0259 0344 hpsrv - ok
13:11:54.0321 0344 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
13:11:54.0337 0344 HPWMISVC - ok
13:11:54.0399 0344 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:11:54.0477 0344 HTTP - ok
13:11:54.0524 0344 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:11:54.0540 0344 hwpolicy - ok
13:11:54.0602 0344 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:11:54.0618 0344 i8042prt - ok
13:11:54.0665 0344 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:11:54.0680 0344 iaStor - ok
13:11:54.0774 0344 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:11:54.0789 0344 IAStorDataMgrSvc - ok
13:11:54.0821 0344 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:11:54.0852 0344 iaStorV - ok
13:11:54.0914 0344 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:11:54.0945 0344 idsvc - ok
13:11:55.0023 0344 [ 18C40C3F368323B203ACE403CB430DB1 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120406.002\IDSvia64.sys
13:11:55.0055 0344 IDSVia64 - ok
13:11:55.0367 0344 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:11:55.0757 0344 igfx - ok
13:11:55.0788 0344 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:11:55.0803 0344 iirsp - ok
13:11:55.0835 0344 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:11:55.0913 0344 IKEEXT - ok
13:11:55.0959 0344 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:11:56.0022 0344 IntcDAud - ok
13:11:56.0053 0344 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:11:56.0069 0344 intelide - ok
13:11:56.0115 0344 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:11:56.0147 0344 intelppm - ok
13:11:56.0225 0344 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
13:11:56.0225 0344 IntuitUpdateServiceV4 - ok
13:11:56.0256 0344 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:11:56.0318 0344 IPBusEnum - ok
13:11:56.0349 0344 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:11:56.0396 0344 IpFilterDriver - ok
13:11:56.0443 0344 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:11:56.0490 0344 iphlpsvc - ok
13:11:56.0505 0344 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:11:56.0537 0344 IPMIDRV - ok
13:11:56.0568 0344 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:11:56.0615 0344 IPNAT - ok
13:11:56.0677 0344 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:11:56.0724 0344 iPod Service - ok
13:11:56.0755 0344 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:11:56.0880 0344 IRENUM - ok
13:11:56.0911 0344 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:11:56.0911 0344 isapnp - ok
13:11:56.0958 0344 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:11:56.0973 0344 iScsiPrt - ok
13:11:57.0020 0344 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:11:57.0020 0344 kbdclass - ok
13:11:57.0067 0344 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:11:57.0083 0344 kbdhid - ok
13:11:57.0098 0344 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:11:57.0098 0344 KeyIso - ok
13:11:57.0129 0344 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:11:57.0129 0344 KSecDD - ok
13:11:57.0161 0344 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:11:57.0176 0344 KSecPkg - ok
13:11:57.0223 0344 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:11:57.0270 0344 ksthunk - ok
13:11:57.0317 0344 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:11:57.0379 0344 KtmRm - ok
13:11:57.0426 0344 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:11:57.0473 0344 LanmanServer - ok
13:11:57.0535 0344 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:11:57.0629 0344 LanmanWorkstation - ok
13:11:57.0675 0344 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:11:57.0691 0344 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
13:11:57.0691 0344 LightScribeService - detected UnsignedFile.Multi.Generic (1)
13:11:57.0722 0344 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:11:57.0785 0344 lltdio - ok
13:11:57.0816 0344 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:11:57.0894 0344 lltdsvc - ok
13:11:57.0894 0344 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:11:57.0956 0344 lmhosts - ok
13:11:58.0019 0344 [ C463A25F01C6237295917417C5E9E344 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:11:58.0034 0344 LMS - ok
13:11:58.0065 0344 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:11:58.0081 0344 LSI_FC - ok
13:11:58.0097 0344 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:11:58.0112 0344 LSI_SAS - ok
13:11:58.0112 0344 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:11:58.0128 0344 LSI_SAS2 - ok
13:11:58.0143 0344 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:11:58.0159 0344 LSI_SCSI - ok
13:11:58.0190 0344 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:11:58.0268 0344 luafv - ok
13:11:58.0284 0344 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:11:58.0331 0344 Mcx2Svc - ok
13:11:58.0377 0344 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:11:58.0393 0344 megasas - ok
13:11:58.0409 0344 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:11:58.0424 0344 MegaSR - ok
13:11:58.0487 0344 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:11:58.0502 0344 MEIx64 - ok
13:11:58.0533 0344 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:11:58.0627 0344 MMCSS - ok
13:11:58.0658 0344 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:11:58.0736 0344 Modem - ok
13:11:58.0799 0344 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:11:58.0845 0344 monitor - ok
13:11:58.0908 0344 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:11:58.0908 0344 mouclass - ok
13:11:58.0939 0344 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:11:58.0955 0344 mouhid - ok
13:11:58.0986 0344 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:11:59.0017 0344 mountmgr - ok
13:11:59.0173 0344 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:11:59.0189 0344 MozillaMaintenance - ok
13:11:59.0235 0344 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:11:59.0251 0344 mpio - ok
13:11:59.0282 0344 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:11:59.0329 0344 mpsdrv - ok
13:11:59.0376 0344 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:11:59.0469 0344 MpsSvc - ok
13:11:59.0501 0344 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:11:59.0547 0344 MRxDAV - ok
13:11:59.0594 0344 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:11:59.0657 0344 mrxsmb - ok
13:11:59.0672 0344 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:11:59.0703 0344 mrxsmb10 - ok
13:11:59.0735 0344 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:11:59.0750 0344 mrxsmb20 - ok
13:11:59.0766 0344 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:11:59.0781 0344 msahci - ok
13:11:59.0828 0344 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:11:59.0844 0344 msdsm - ok
13:11:59.0859 0344 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:11:59.0891 0344 MSDTC - ok
13:11:59.0922 0344 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:11:59.0969 0344 Msfs - ok
13:11:59.0984 0344 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:12:00.0031 0344 mshidkmdf - ok
13:12:00.0047 0344 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:12:00.0062 0344 msisadrv - ok
13:12:00.0109 0344 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:12:00.0156 0344 MSiSCSI - ok
13:12:00.0171 0344 msiserver - ok
13:12:00.0218 0344 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:12:00.0281 0344 MSKSSRV - ok
13:12:00.0281 0344 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:12:00.0343 0344 MSPCLOCK - ok
13:12:00.0359 0344 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:12:00.0421 0344 MSPQM - ok
13:12:00.0468 0344 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:12:00.0499 0344 MsRPC - ok
13:12:00.0530 0344 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:12:00.0530 0344 mssmbios - ok
13:12:00.0546 0344 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:12:00.0624 0344 MSTEE - ok
13:12:00.0624 0344 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:12:00.0671 0344 MTConfig - ok
13:12:00.0702 0344 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:12:00.0717 0344 Mup - ok
13:12:00.0749 0344 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:12:00.0827 0344 napagent - ok
13:12:00.0873 0344 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:12:00.0920 0344 NativeWifiP - ok
13:12:00.0998 0344 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120406.034\ENG64.SYS
13:12:01.0014 0344 NAVENG - ok
13:12:01.0076 0344 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120406.034\EX64.SYS
13:12:01.0154 0344 NAVEX15 - ok
13:12:01.0217 0344 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:12:01.0263 0344 NDIS - ok
13:12:01.0295 0344 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:12:01.0373 0344 NdisCap - ok
13:12:01.0388 0344 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:12:01.0419 0344 NdisTapi - ok
13:12:01.0466 0344 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:12:01.0497 0344 Ndisuio - ok
13:12:01.0529 0344 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:12:01.0591 0344 NdisWan - ok
13:12:01.0622 0344 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:12:01.0685 0344 NDProxy - ok
13:12:01.0747 0344 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:12:01.0809 0344 NetBIOS - ok
13:12:01.0856 0344 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:12:01.0919 0344 NetBT - ok
13:12:01.0934 0344 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:12:01.0950 0344 Netlogon - ok
13:12:01.0997 0344 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:12:02.0059 0344 Netman - ok
13:12:02.0090 0344 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:12:02.0168 0344 netprofm - ok
13:12:02.0231 0344 [ 24CF1304D899124336F67F88F3C15E21 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
13:12:02.0262 0344 netr28x - ok
13:12:02.0277 0344 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:12:02.0293 0344 NetTcpPortSharing - ok
13:12:02.0449 0344 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
13:12:02.0589 0344 netw5v64 - ok
13:12:02.0605 0344 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:12:02.0621 0344 nfrd960 - ok
13:12:02.0667 0344 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
13:12:02.0699 0344 NIS - ok
13:12:02.0761 0344 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:12:02.0808 0344 NlaSvc - ok
13:12:02.0839 0344 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:12:02.0886 0344 Npfs - ok
13:12:02.0933 0344 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:12:03.0011 0344 nsi - ok
13:12:03.0042 0344 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:12:03.0089 0344 nsiproxy - ok
13:12:03.0167 0344 [ 08849429CE646B4D10892D239F9D6A7A ] nsverctl C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
13:12:03.0182 0344 nsverctl - ok
13:12:03.0276 0344 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:12:03.0338 0344 Ntfs - ok
13:12:03.0354 0344 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:12:03.0432 0344 Null - ok
13:12:03.0463 0344 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
13:12:03.0494 0344 nusb3hub - ok
13:12:03.0510 0344 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:12:03.0557 0344 nusb3xhc - ok
13:12:03.0588 0344 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:12:03.0588 0344 nvraid - ok
13:12:03.0619 0344 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:12:03.0635 0344 nvstor - ok
13:12:03.0650 0344 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:12:03.0666 0344 nv_agp - ok
13:12:03.0791 0344 [ E0506331F0454C347B28B2AE4BD14636 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
13:12:03.0853 0344 OfficeSvc - ok
13:12:03.0884 0344 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:12:03.0900 0344 ohci1394 - ok
13:12:03.0978 0344 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:12:03.0993 0344 ose - ok
13:12:04.0149 0344 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:12:04.0305 0344 osppsvc - ok
13:12:04.0352 0344 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:12:04.0415 0344 p2pimsvc - ok
13:12:04.0446 0344 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:12:04.0461 0344 p2psvc - ok
13:12:04.0493 0344 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:12:04.0493 0344 Parport - ok
13:12:04.0524 0344 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:12:04.0539 0344 partmgr - ok
13:12:04.0773 0344 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:12:04.0929 0344 PcaSvc - ok
13:12:04.0976 0344 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:12:04.0992 0344 pci - ok
13:12:05.0007 0344 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:12:05.0023 0344 pciide - ok
13:12:05.0039 0344 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:12:05.0054 0344 pcmcia - ok
13:12:05.0070 0344 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:12:05.0085 0344 pcw - ok
13:12:05.0101 0344 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:12:05.0148 0344 PEAUTH - ok
13:12:05.0257 0344 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:12:05.0288 0344 PerfHost - ok
13:12:05.0351 0344 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:12:05.0429 0344 pla - ok
13:12:05.0475 0344 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:12:05.0522 0344 PlugPlay - ok
13:12:05.0553 0344 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:12:05.0569 0344 PNRPAutoReg - ok
13:12:05.0585 0344 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:12:05.0600 0344 PNRPsvc - ok
13:12:05.0631 0344 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:12:05.0694 0344 PolicyAgent - ok
13:12:05.0725 0344 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:12:05.0787 0344 Power - ok
13:12:05.0834 0344 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:12:05.0881 0344 PptpMiniport - ok
13:12:05.0928 0344 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:12:05.0959 0344 Processor - ok
13:12:06.0006 0344 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:12:06.0068 0344 ProfSvc - ok
13:12:06.0084 0344 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:12:06.0084 0344 ProtectedStorage - ok
13:12:06.0146 0344 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:12:06.0209 0344 Psched - ok
13:12:06.0255 0344 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:12:06.0302 0344 ql2300 - ok
13:12:06.0318 0344 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:12:06.0333 0344 ql40xx - ok
13:12:06.0365 0344 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:12:06.0396 0344 QWAVE - ok
13:12:06.0427 0344 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:12:06.0474 0344 QWAVEdrv - ok
13:12:06.0521 0344 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:12:06.0567 0344 RasAcd - ok
13:12:06.0645 0344 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:12:06.0677 0344 RasAgileVpn - ok
13:12:06.0708 0344 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:12:06.0755 0344 RasAuto - ok
13:12:06.0801 0344 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:12:06.0879 0344 Rasl2tp - ok
13:12:06.0911 0344 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:12:06.0957 0344 RasMan - ok
13:12:06.0973 0344 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:12:07.0051 0344 RasPppoe - ok
13:12:07.0082 0344 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:12:07.0145 0344 RasSstp - ok
13:12:07.0191 0344 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:12:07.0269 0344 rdbss - ok
13:12:07.0285 0344 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:12:07.0332 0344 rdpbus - ok
13:12:07.0347 0344 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:12:07.0425 0344 RDPCDD - ok
13:12:07.0441 0344 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:12:07.0503 0344 RDPENCDD - ok
13:12:07.0535 0344 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:12:07.0581 0344 RDPREFMP - ok
13:12:07.0597 0344 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:12:07.0659 0344 RDPWD - ok
13:12:07.0706 0344 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:12:07.0706 0344 rdyboost - ok
13:12:07.0737 0344 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:12:07.0784 0344 RemoteAccess - ok
13:12:07.0831 0344 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:12:07.0878 0344 RemoteRegistry - ok
13:12:07.0940 0344 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:12:07.0987 0344 RFCOMM - ok
13:12:08.0065 0344 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
13:12:08.0081 0344 RoxioNow Service - ok
13:12:08.0112 0344 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:12:08.0174 0344 RpcEptMapper - ok
13:12:08.0205 0344 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:12:08.0221 0344 RpcLocator - ok
13:12:08.0268 0344 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:12:08.0315 0344 RpcSs - ok
13:12:08.0361 0344 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
13:12:08.0377 0344 RSPCIESTOR - ok
13:12:08.0408 0344 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:12:08.0455 0344 rspndr - ok
13:12:08.0486 0344 [ 5D6A444BD37B52FF846387C87DCDF98A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:12:08.0502 0344 RTL8167 - ok
13:12:08.0517 0344 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:12:08.0533 0344 SamSs - ok
13:12:08.0767 0344 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:12:08.0783 0344 sbp2port - ok
13:12:08.0814 0344 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:12:08.0876 0344 SCardSvr - ok
13:12:08.0923 0344 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:12:08.0985 0344 scfilter - ok
13:12:09.0032 0344 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:12:09.0126 0344 Schedule - ok
13:12:09.0157 0344 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:12:09.0188 0344 SCPolicySvc - ok
13:12:09.0235 0344 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
13:12:09.0282 0344 sdbus - ok
13:12:09.0329 0344 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:12:09.0375 0344 SDRSVC - ok
13:12:09.0407 0344 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:12:09.0485 0344 secdrv - ok
13:12:09.0516 0344 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:12:09.0563 0344 seclogon - ok
13:12:09.0594 0344 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:12:09.0641 0344 SENS - ok
13:12:09.0687 0344 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:12:09.0750 0344 SensrSvc - ok
13:12:09.0765 0344 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:12:09.0797 0344 Serenum - ok
13:12:09.0828 0344 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:12:09.0843 0344 Serial - ok
13:12:09.0890 0344 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:12:09.0921 0344 sermouse - ok
13:12:09.0968 0344 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:12:10.0031 0344 SessionEnv - ok
13:12:10.0046 0344 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:12:10.0093 0344 sffdisk - ok
13:12:10.0109 0344 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:12:10.0155 0344 sffp_mmc - ok
13:12:10.0171 0344 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:12:10.0202 0344 sffp_sd - ok
13:12:10.0233 0344 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:12:10.0265 0344 sfloppy - ok
13:12:10.0311 0344 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:12:10.0374 0344 SharedAccess - ok
13:12:10.0421 0344 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:12:10.0499 0344 ShellHWDetection - ok
13:12:10.0545 0344 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:12:10.0577 0344 SiSRaid2 - ok
13:12:10.0982 0344 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:12:10.0998 0344 SiSRaid4 - ok
13:12:11.0076 0344 [ 3467821FD04A66C9786DF0C8C0219A73 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:12:11.0076 0344 SkypeUpdate - ok
13:12:11.0123 0344 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:12:11.0185 0344 Smb - ok
13:12:11.0232 0344 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:12:11.0263 0344 SNMPTRAP - ok
13:12:11.0279 0344 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:12:11.0294 0344 spldr - ok
13:12:11.0403 0344 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:12:11.0435 0344 Spooler - ok
13:12:11.0528 0344 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:12:11.0669 0344 sppsvc - ok
13:12:11.0700 0344 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:12:11.0762 0344 sppuinotify - ok
13:12:11.0840 0344 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
13:12:11.0871 0344 SRTSP - ok
13:12:11.0887 0344 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
13:12:11.0903 0344 SRTSPX - ok
13:12:11.0934 0344 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:12:11.0996 0344 srv - ok
13:12:12.0012 0344 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:12:12.0043 0344 srv2 - ok
13:12:12.0074 0344 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:12:12.0090 0344 SrvHsfHDA - ok
13:12:12.0121 0344 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:12:12.0183 0344 SrvHsfV92 - ok
13:12:12.0230 0344 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:12:12.0261 0344 SrvHsfWinac - ok
13:12:12.0277 0344 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:12:12.0308 0344 srvnet - ok
13:12:12.0355 0344 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:12:12.0417 0344 SSDPSRV - ok
13:12:12.0433 0344 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:12:12.0464 0344 SstpSvc - ok
13:12:12.0542 0344 [ 7C49A5E1943AFDA4672D80726AF3BAE4 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
13:12:12.0589 0344 STacSV - ok
13:12:12.0620 0344 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:12:12.0636 0344 stexstor - ok
13:12:12.0698 0344 [ 0AAD250A31A7EE96E0945AB9E1F3BAA7 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
13:12:12.0729 0344 STHDA - ok
13:12:12.0792 0344 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:12:12.0839 0344 stisvc - ok
13:12:12.0870 0344 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
13:12:12.0885 0344 swenum - ok
13:12:12.0901 0344 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:12:12.0963 0344 swprv - ok
13:12:13.0010 0344 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
13:12:13.0026 0344 SymDS - ok
13:12:13.0057 0344 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
13:12:13.0088 0344 SymEFA - ok
13:12:13.0119 0344 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
13:12:13.0135 0344 SymEvent - ok
13:12:13.0151 0344 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
13:12:13.0151 0344 SymIRON - ok
13:12:13.0166 0344 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
13:12:13.0182 0344 SymNetS - ok
13:12:13.0260 0344 [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:12:13.0275 0344 SynTP - ok
13:12:13.0353 0344 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:12:13.0431 0344 SysMain - ok
13:12:13.0478 0344 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:12:13.0494 0344 TabletInputService - ok
13:12:13.0525 0344 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:12:13.0587 0344 TapiSrv - ok
13:12:13.0619 0344 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:12:13.0650 0344 TBS - ok
13:12:13.0743 0344 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:12:13.0806 0344 Tcpip - ok
13:12:13.0884 0344 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:12:13.0915 0344 TCPIP6 - ok
13:12:13.0946 0344 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:12:13.0977 0344 tcpipreg - ok
13:12:14.0040 0344 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:12:14.0087 0344 TDPIPE - ok
13:12:14.0102 0344 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:12:14.0149 0344 TDTCP - ok
13:12:14.0196 0344 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:12:14.0227 0344 tdx - ok
13:12:14.0258 0344 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:12:14.0274 0344 TermDD - ok
13:12:14.0305 0344 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:12:14.0352 0344 TermService - ok
13:12:14.0383 0344 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:12:14.0414 0344 Themes - ok
13:12:14.0445 0344 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:12:14.0477 0344 THREADORDER - ok
13:12:14.0508 0344 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:12:14.0555 0344 TrkWks - ok
13:12:14.0633 0344 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:12:14.0679 0344 TrustedInstaller - ok
13:12:14.0711 0344 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:12:14.0773 0344 tssecsrv - ok
13:12:14.0820 0344 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:12:14.0867 0344 TsUsbFlt - ok
13:12:14.0929 0344 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:12:14.0976 0344 tunnel - ok
13:12:15.0007 0344 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:12:15.0023 0344 uagp35 - ok
13:12:15.0038 0344 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:12:15.0085 0344 udfs - ok
13:12:15.0101 0344 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:12:15.0116 0344 UI0Detect - ok
13:12:15.0147 0344 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:12:15.0163 0344 uliagpkx - ok
13:12:15.0210 0344 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:12:15.0241 0344 umbus - ok
13:12:15.0257 0344 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:12:15.0288 0344 UmPass - ok
13:12:15.0397 0344 [ 3A1ECEF8D49FC1A786A6CCD5A86A8878 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:12:15.0491 0344 UNS - ok
13:12:15.0522 0344 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:12:15.0584 0344 upnphost - ok
13:12:15.0631 0344 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:12:15.0678 0344 USBAAPL64 - ok
13:12:15.0725 0344 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:12:15.0756 0344 usbccgp - ok
13:12:15.0787 0344 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:12:15.0803 0344 usbcir - ok
13:12:15.0834 0344 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:12:15.0865 0344 usbehci - ok
13:12:15.0896 0344 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:12:15.0912 0344 usbhub - ok
13:12:15.0927 0344 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:12:15.0943 0344 usbohci - ok
13:12:15.0959 0344 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:12:15.0990 0344 usbprint - ok
13:12:16.0037 0344 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:12:16.0068 0344 USBSTOR - ok
13:12:16.0083 0344 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:12:16.0115 0344 usbuhci - ok
13:12:16.0161 0344 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:12:16.0177 0344 usbvideo - ok
13:12:16.0193 0344 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:12:16.0255 0344 UxSms - ok
13:12:16.0271 0344 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:12:16.0286 0344 VaultSvc - ok
13:12:16.0317 0344 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:12:16.0333 0344 vdrvroot - ok
13:12:16.0364 0344 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:12:16.0411 0344 vds - ok
13:12:16.0442 0344 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:12:16.0458 0344 vga - ok
13:12:16.0489 0344 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:12:16.0567 0344 VgaSave - ok
13:12:16.0614 0344 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:12:16.0629 0344 vhdmp - ok
13:12:16.0645 0344 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:12:16.0661 0344 viaide - ok
13:12:16.0676 0344 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:12:16.0692 0344 volmgr - ok
13:12:16.0739 0344 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:12:16.0754 0344 volmgrx - ok
13:12:16.0801 0344 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:12:16.0817 0344 volsnap - ok
13:12:16.0879 0344 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:12:16.0879 0344 vsmraid - ok
13:12:16.0941 0344 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:12:17.0019 0344 VSS - ok
13:12:17.0066 0344 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:12:17.0097 0344 vwifibus - ok
13:12:17.0144 0344 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:12:17.0175 0344 vwififlt - ok
13:12:17.0238 0344 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:12:17.0285 0344 W32Time - ok
13:12:17.0316 0344 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:12:17.0347 0344 WacomPen - ok
13:12:17.0409 0344 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:12:17.0472 0344 WANARP - ok
13:12:17.0487 0344 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:12:17.0519 0344 Wanarpv6 - ok
13:12:17.0612 0344 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:12:17.0675 0344 WatAdminSvc - ok
13:12:17.0721 0344 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:12:17.0815 0344 wbengine - ok
13:12:17.0831 0344 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:12:17.0862 0344 WbioSrvc - ok
13:12:17.0893 0344 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:12:17.0940 0344 wcncsvc - ok
13:12:17.0971 0344 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:12:17.0987 0344 WcsPlugInService - ok
13:12:18.0002 0344 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:12:18.0002 0344 Wd - ok
13:12:18.0033 0344 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:12:18.0080 0344 Wdf01000 - ok
13:12:18.0080 0344 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:12:18.0189 0344 WdiServiceHost - ok
13:12:18.0205 0344 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:12:18.0221 0344 WdiSystemHost - ok
13:12:18.0252 0344 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:12:18.0299 0344 WebClient - ok
13:12:18.0330 0344 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:12:18.0392 0344 Wecsvc - ok
13:12:18.0423 0344 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:12:18.0486 0344 wercplsupport - ok
13:12:18.0517 0344 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:12:18.0564 0344 WerSvc - ok
13:12:18.0813 0344 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:12:18.0845 0344 WfpLwf - ok
13:12:18.0876 0344 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:12:18.0876 0344 WIMMount - ok
13:12:18.0891 0344 WinDefend - ok
13:12:18.0907 0344 WinHttpAutoProxySvc - ok
13:12:18.0969 0344 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:12:19.0032 0344 Winmgmt - ok
13:12:19.0110 0344 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:12:19.0219 0344 WinRM - ok
13:12:19.0281 0344 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
13:12:19.0297 0344 WinUsb - ok
13:12:19.0328 0344 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:12:19.0406 0344 Wlansvc - ok
13:12:19.0437 0344 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:12:19.0469 0344 WmiAcpi - ok
13:12:19.0515 0344 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:12:19.0547 0344 wmiApSrv - ok
13:12:19.0593 0344 WMPNetworkSvc - ok
13:12:19.0625 0344 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:12:19.0640 0344 WPCSvc - ok
13:12:19.0671 0344 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:12:19.0796 0344 WPDBusEnum - ok
13:12:19.0827 0344 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:12:19.0890 0344 ws2ifsl - ok
13:12:19.0905 0344 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:12:19.0952 0344 wscsvc - ok
13:12:19.0999 0344 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
13:12:20.0030 0344 WSDPrintDevice - ok
13:12:20.0061 0344 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
13:12:20.0077 0344 WSDScan - ok
13:12:20.0077 0344 WSearch - ok
13:12:20.0171 0344 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:12:20.0280 0344 wuauserv - ok
13:12:20.0311 0344 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:12:20.0358 0344 WudfPf - ok
13:12:20.0389 0344 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:12:20.0436 0344 WUDFRd - ok
13:12:20.0483 0344 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:12:20.0514 0344 wudfsvc - ok
13:12:20.0561 0344 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:12:20.0607 0344 WwanSvc - ok
13:12:20.0670 0344 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
13:12:20.0717 0344 yukonw7 - ok
13:12:20.0779 0344 ================ Scan global ===============================
13:12:20.0826 0344 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:12:20.0857 0344 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
13:12:20.0857 0344 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
13:12:20.0888 0344 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:12:20.0904 0344 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:12:20.0904 0344 [Global] - ok
13:12:20.0904 0344 ================ Scan MBR ==================================
13:12:20.0919 0344 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:12:20.0919 0344 Suspicious mbr (Forged): \Device\Harddisk0\DR0
13:12:20.0982 0344 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
13:12:20.0997 0344 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
13:12:21.0559 0344 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:12:21.0559 0344 \Device\Harddisk0\DR0 - detected TDSS File System (1)
13:12:21.0559 0344 ================ Scan VBR ==================================
13:12:21.0559 0344 [ 22DD9776BBBCE3ACA8CE6E6ABE32B66F ] \Device\Harddisk0\DR0\Partition1
13:12:21.0559 0344 \Device\Harddisk0\DR0\Partition1 - ok
13:12:21.0590 0344 [ 2DD336662FEAF8DFCB7D6393A56BD338 ] \Device\Harddisk0\DR0\Partition2
13:12:21.0590 0344 \Device\Harddisk0\DR0\Partition2 - ok
13:12:21.0637 0344 [ 9A38CA6698648C1C930FDE0569DC7C92 ] \Device\Harddisk0\DR0\Partition3
13:12:21.0637 0344 \Device\Harddisk0\DR0\Partition3 - ok
13:12:21.0637 0344 ============================================================
13:12:21.0637 0344 Scan finished
13:12:21.0637 0344 ============================================================
13:12:21.0653 3736 Detected object count: 6
13:12:21.0653 3736 Actual detected object count: 6
13:13:02.0197 3736 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:02.0197 3736 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:02.0197 3736 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:02.0197 3736 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:02.0197 3736 FLEXnet Licensing Service 64 ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:02.0197 3736 FLEXnet Licensing Service 64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:02.0197 3736 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:02.0197 3736 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:13:03.0273 3736 \Device\Harddisk0\DR0\# - copied to quarantine
13:13:03.0273 3736 \Device\Harddisk0\DR0 - copied to quarantine
13:13:03.0367 3736 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
13:13:03.0367 3736 \Device\Harddisk0\DR0\TDLFS\cmd32.dll - copied to quarantine
13:13:03.0367 3736 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
13:13:03.0414 3736 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
13:13:03.0429 3736 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
13:13:03.0429 3736 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
13:13:03.0429 3736 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
13:13:03.0429 3736 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
13:13:03.0429 3736 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
13:13:03.0445 3736 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
13:13:03.0445 3736 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
13:13:03.0445 3736 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
13:13:03.0445 3736 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
13:13:03.0445 3736 \Device\Harddisk0\DR0\TDLFS\ua - copied to quarantine
13:13:03.0476 3736 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
13:13:03.0492 3736 \Device\Harddisk0\DR0 - ok
13:13:03.0913 3736 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
13:13:03.0913 3736 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:13:03.0913 3736 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:13:07.0205 4216 Deinitialize success
Mark1956's Avatar
Malware Removal Specialist with 14,035 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
13-May-2013, 03:39 AM #33
Ok, please now run TDSSKiller again and this time select Delete for this entry:

\Device\Harddisk0\DR0 ( TDSS File System )

When done please post the log and do another scan with RogueKiller and post that log also.
bdarger's Avatar
bdarger bdarger is offline
Member with 39 posts.
THREAD STARTER
 
Join Date: May 2013
25-May-2013, 11:51 AM #34
Sorry I have not replied in a while. I was out of town.
TDSSKiller log is below.

10:45:49.0193 3356 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:45:49.0599 3356 ============================================================
10:45:49.0599 3356 Current date / time: 2013/05/25 10:45:49.0599
10:45:49.0599 3356 SystemInfo:
10:45:49.0599 3356
10:45:49.0599 3356 OS Version: 6.1.7601 ServicePack: 1.0
10:45:49.0599 3356 Product type: Workstation
10:45:49.0599 3356 ComputerName: BRANDON-HP
10:45:49.0599 3356 UserName: brandon
10:45:49.0599 3356 Windows directory: C:\Windows
10:45:49.0599 3356 System windows directory: C:\Windows
10:45:49.0599 3356 Running under WOW64
10:45:49.0599 3356 Processor architecture: Intel x64
10:45:49.0599 3356 Number of processors: 4
10:45:49.0599 3356 Page size: 0x1000
10:45:49.0599 3356 Boot type: Normal boot
10:45:49.0599 3356 ============================================================
10:45:50.0239 3356 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:45:50.0254 3356 ============================================================
10:45:50.0254 3356 \Device\Harddisk0\DR0:
10:45:50.0254 3356 MBR partitions:
10:45:50.0254 3356 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
10:45:50.0254 3356 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x486BB000
10:45:50.0254 3356 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x4871F000, BlocksNum 0x2105000
10:45:50.0254 3356 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
10:45:50.0254 3356 ============================================================
10:45:50.0285 3356 C: <-> \Device\Harddisk0\DR0\Partition2
10:45:50.0348 3356 D: <-> \Device\Harddisk0\DR0\Partition3
10:45:50.0348 3356 ============================================================
10:45:50.0348 3356 Initialize success
10:45:50.0348 3356 ============================================================
10:45:52.0345 9020 ============================================================
10:45:52.0345 9020 Scan started
10:45:52.0345 9020 Mode: Manual;
10:45:52.0345 9020 ============================================================
10:45:53.0405 9020 ================ Scan system memory ========================
10:45:53.0405 9020 System memory - ok
10:45:53.0405 9020 ================ Scan services =============================
10:45:53.0593 9020 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:45:53.0608 9020 1394ohci - ok
10:45:53.0639 9020 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
10:45:53.0639 9020 Accelerometer - ok
10:45:53.0671 9020 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:45:53.0686 9020 ACPI - ok
10:45:53.0702 9020 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:45:53.0702 9020 AcpiPmi - ok
10:45:53.0858 9020 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:45:53.0873 9020 AdobeARMservice - ok
10:45:54.0185 9020 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:45:54.0185 9020 AdobeFlashPlayerUpdateSvc - ok
10:45:54.0263 9020 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:45:54.0279 9020 adp94xx - ok
10:45:54.0310 9020 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:45:54.0310 9020 adpahci - ok
10:45:54.0326 9020 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:45:54.0326 9020 adpu320 - ok
10:45:54.0388 9020 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:45:54.0388 9020 AeLookupSvc - ok
10:45:54.0466 9020 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
10:45:54.0482 9020 AESTFilters - ok
10:45:54.0529 9020 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:45:54.0544 9020 AFD - ok
10:45:54.0591 9020 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:45:54.0591 9020 agp440 - ok
10:45:54.0607 9020 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:45:54.0622 9020 ALG - ok
10:45:54.0653 9020 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:45:54.0653 9020 aliide - ok
10:45:54.0685 9020 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:45:54.0685 9020 amdide - ok
10:45:54.0700 9020 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:45:54.0716 9020 AmdK8 - ok
10:45:54.0716 9020 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:45:54.0716 9020 AmdPPM - ok
10:45:54.0763 9020 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:45:54.0763 9020 amdsata - ok
10:45:54.0778 9020 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:45:54.0794 9020 amdsbs - ok
10:45:54.0809 9020 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:45:54.0825 9020 amdxata - ok
10:45:54.0856 9020 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:45:54.0856 9020 AppID - ok
10:45:54.0887 9020 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:45:54.0903 9020 AppIDSvc - ok
10:45:54.0934 9020 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:45:54.0934 9020 Appinfo - ok
10:45:55.0028 9020 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:45:55.0028 9020 Apple Mobile Device - ok
10:45:55.0075 9020 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:45:55.0075 9020 arc - ok
10:45:55.0090 9020 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:45:55.0090 9020 arcsas - ok
10:45:55.0121 9020 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:45:55.0121 9020 AsyncMac - ok
10:45:55.0153 9020 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:45:55.0153 9020 atapi - ok
10:45:55.0215 9020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:45:55.0246 9020 AudioEndpointBuilder - ok
10:45:55.0277 9020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:45:55.0293 9020 AudioSrv - ok
10:45:55.0340 9020 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:45:55.0355 9020 AxInstSV - ok
10:45:55.0387 9020 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:45:55.0418 9020 b06bdrv - ok
10:45:55.0449 9020 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:45:55.0449 9020 b57nd60a - ok
10:45:55.0496 9020 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:45:55.0496 9020 BDESVC - ok
10:45:55.0511 9020 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:45:55.0511 9020 Beep - ok
10:45:55.0589 9020 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:45:55.0621 9020 BFE - ok
10:45:55.0792 9020 [ 6C64FA457C200874FAA87D74152E0D84 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
10:45:55.0839 9020 BHDrvx64 - ok
10:45:55.0886 9020 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:45:55.0917 9020 BITS - ok
10:45:55.0948 9020 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:45:55.0948 9020 blbdrive - ok
10:45:56.0089 9020 [ E7062088161C56BF42E7DBA53664E584 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
10:45:56.0213 9020 Bluetooth Device Manager - ok
10:45:56.0260 9020 [ 21B1CB06C0254BBC08B8C30D8F282E69 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
10:45:56.0307 9020 Bluetooth Media Service - ok
10:45:56.0338 9020 [ 0BC0DC720F22A9D6D721FD5B7D15E84F ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
10:45:56.0369 9020 Bluetooth OBEX Service - ok
10:45:56.0432 9020 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:45:56.0463 9020 Bonjour Service - ok
10:45:56.0494 9020 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:45:56.0494 9020 bowser - ok
10:45:56.0541 9020 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:45:56.0541 9020 BrFiltLo - ok
10:45:56.0541 9020 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:45:56.0541 9020 BrFiltUp - ok
10:45:56.0588 9020 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:45:56.0588 9020 Browser - ok
10:45:56.0619 9020 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:45:56.0635 9020 Brserid - ok
10:45:56.0650 9020 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:45:56.0650 9020 BrSerWdm - ok
10:45:56.0666 9020 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:45:56.0666 9020 BrUsbMdm - ok
10:45:56.0666 9020 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:45:56.0666 9020 BrUsbSer - ok
10:45:56.0713 9020 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:45:56.0713 9020 BthEnum - ok
10:45:56.0728 9020 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:45:56.0728 9020 BTHMODEM - ok
10:45:56.0775 9020 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:45:56.0775 9020 BthPan - ok
10:45:56.0822 9020 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:45:56.0837 9020 BTHPORT - ok
10:45:56.0900 9020 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:45:56.0900 9020 bthserv - ok
10:45:56.0915 9020 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:45:56.0915 9020 BTHUSB - ok
10:45:56.0962 9020 [ 6D3FF2B480F7AB8DA103CBC7FBEACD48 ] BTMCOM C:\Windows\system32\Drivers\btmcom.sys
10:45:56.0962 9020 BTMCOM - ok
10:45:56.0993 9020 [ 8AEF214DD4816AF9AFB5D425F7302DAE ] BTMNET C:\Windows\system32\DRIVERS\btmnet.sys
10:45:56.0993 9020 BTMNET - ok
10:45:57.0056 9020 [ 8515AA7DC5ECEBDFCC480D2001398BD7 ] BTMUSB C:\Windows\system32\Drivers\btmusb.sys
10:45:57.0071 9020 BTMUSB - ok
10:45:57.0134 9020 [ 37B50B3A19CD1F3BB751FCD9C33ACDAF ] cag C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys
10:45:57.0134 9020 cag - ok
10:45:57.0181 9020 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:45:57.0181 9020 cdfs - ok
10:45:57.0212 9020 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:45:57.0212 9020 cdrom - ok
10:45:57.0259 9020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:45:57.0259 9020 CertPropSvc - ok
10:45:57.0290 9020 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:45:57.0290 9020 circlass - ok
10:45:57.0321 9020 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:45:57.0337 9020 CLFS - ok
10:45:57.0399 9020 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:45:57.0415 9020 clr_optimization_v2.0.50727_32 - ok
10:45:57.0446 9020 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:45:57.0461 9020 clr_optimization_v2.0.50727_64 - ok
10:45:57.0524 9020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:45:57.0539 9020 clr_optimization_v4.0.30319_32 - ok
10:45:57.0571 9020 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:45:57.0571 9020 clr_optimization_v4.0.30319_64 - ok
10:45:57.0602 9020 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
10:45:57.0617 9020 clwvd - ok
10:45:57.0649 9020 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:45:57.0649 9020 CmBatt - ok
10:45:57.0664 9020 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:45:57.0664 9020 cmdide - ok
10:45:57.0727 9020 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:45:57.0742 9020 CNG - ok
10:45:57.0773 9020 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:45:57.0773 9020 Compbatt - ok
10:45:57.0820 9020 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:45:57.0820 9020 CompositeBus - ok
10:45:57.0836 9020 COMSysApp - ok
10:45:57.0851 9020 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:45:57.0851 9020 crcdisk - ok
10:45:57.0898 9020 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:45:57.0914 9020 CryptSvc - ok
10:45:57.0992 9020 [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
10:45:57.0992 9020 ctxusbm - ok
10:45:58.0039 9020 [ 5C5EECDD72C392F05328356FFCDF19AB ] ctxva51 C:\Windows\system32\DRIVERS\ctxva51.sys
10:45:58.0039 9020 ctxva51 - ok
10:45:58.0085 9020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:45:58.0117 9020 DcomLaunch - ok
10:45:58.0148 9020 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:45:58.0163 9020 defragsvc - ok
10:45:58.0195 9020 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:45:58.0195 9020 DfsC - ok
10:45:58.0241 9020 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:45:58.0257 9020 Dhcp - ok
10:45:58.0273 9020 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:45:58.0288 9020 discache - ok
10:45:58.0319 9020 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:45:58.0319 9020 Disk - ok
10:45:58.0366 9020 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
10:45:58.0366 9020 DNE - ok
10:45:58.0397 9020 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:45:58.0397 9020 Dnscache - ok
10:45:58.0460 9020 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:45:58.0475 9020 dot3svc - ok
10:45:58.0491 9020 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:45:58.0491 9020 DPS - ok
10:45:58.0538 9020 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:45:58.0538 9020 drmkaud - ok
10:45:58.0600 9020 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:45:58.0631 9020 DXGKrnl - ok
10:45:58.0678 9020 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:45:58.0678 9020 EapHost - ok
10:45:58.0787 9020 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:45:58.0897 9020 ebdrv - ok
10:45:58.0943 9020 [ 0C3F9EFF8DDD9F9EB56D754B4620155F ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:45:58.0975 9020 eeCtrl - ok
10:45:59.0006 9020 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:45:59.0006 9020 EFS - ok
10:45:59.0115 9020 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:45:59.0146 9020 ehRecvr - ok
10:45:59.0177 9020 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:45:59.0177 9020 ehSched - ok
10:45:59.0224 9020 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:45:59.0240 9020 elxstor - ok
10:45:59.0302 9020 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
10:45:59.0302 9020 EpsonBidirectionalService - ok
10:45:59.0365 9020 [ 757305C7AD34222F4A46D86FE0BEE241 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
10:45:59.0396 9020 EpsonCustomerParticipation - ok
10:45:59.0411 9020 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:45:59.0411 9020 ErrDev - ok
10:45:59.0489 9020 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:45:59.0505 9020 EventSystem - ok
10:45:59.0521 9020 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:45:59.0536 9020 exfat - ok
10:45:59.0567 9020 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:45:59.0567 9020 fastfat - ok
10:45:59.0614 9020 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:45:59.0645 9020 Fax - ok
10:45:59.0677 9020 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:45:59.0677 9020 fdc - ok
10:45:59.0708 9020 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:45:59.0708 9020 fdPHost - ok
10:45:59.0723 9020 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:45:59.0739 9020 FDResPub - ok
10:45:59.0770 9020 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:45:59.0770 9020 FileInfo - ok
10:45:59.0786 9020 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:45:59.0786 9020 Filetrace - ok
10:45:59.0833 9020 [ 3D9B36631032FDE0FFEA0DC0260E4E35 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:45:59.0864 9020 FLEXnet Licensing Service - ok
10:45:59.0911 9020 [ 52C0312AB35EB7187015FB6A99136BB5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
10:45:59.0942 9020 FLEXnet Licensing Service 64 - ok
10:45:59.0957 9020 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:45:59.0973 9020 flpydisk - ok
10:46:00.0004 9020 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:46:00.0020 9020 FltMgr - ok
10:46:00.0067 9020 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:46:00.0113 9020 FontCache - ok
10:46:00.0176 9020 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:46:00.0176 9020 FontCache3.0.0.0 - ok
10:46:00.0238 9020 [ CDC54DB949D1E2BBF86B0C7AB86B912E ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
10:46:00.0254 9020 FPLService - ok
10:46:00.0347 9020 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:46:00.0347 9020 FsDepends - ok
10:46:00.0379 9020 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:46:00.0379 9020 Fs_Rec - ok
10:46:00.0425 9020 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:46:00.0441 9020 fvevol - ok
10:46:00.0488 9020 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:46:00.0488 9020 gagp30kx - ok
10:46:00.0566 9020 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:46:00.0581 9020 GameConsoleService - ok
10:46:00.0628 9020 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:46:00.0628 9020 GEARAspiWDM - ok
10:46:00.0691 9020 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:46:00.0722 9020 gpsvc - ok
10:46:00.0738 9020 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:46:00.0753 9020 hcw85cir - ok
10:46:00.0800 9020 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:46:00.0831 9020 HdAudAddService - ok
10:46:00.0847 9020 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:46:00.0862 9020 HDAudBus - ok
10:46:00.0878 9020 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:46:00.0878 9020 HidBatt - ok
10:46:00.0909 9020 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:46:00.0909 9020 HidBth - ok
10:46:00.0925 9020 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:46:00.0925 9020 HidIr - ok
10:46:00.0956 9020 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:46:00.0956 9020 hidserv - ok
10:46:00.0987 9020 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:46:00.0987 9020 HidUsb - ok
10:46:01.0003 9020 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:46:01.0018 9020 hkmsvc - ok
10:46:01.0065 9020 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:46:01.0065 9020 HomeGroupListener - ok
10:46:01.0096 9020 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:46:01.0112 9020 HomeGroupProvider - ok
10:46:01.0174 9020 [ 7A24AD37416B91E4B5E5B46BD25C075F ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
10:46:01.0190 9020 HP Health Check Service - ok
10:46:01.0237 9020 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
10:46:01.0237 9020 HP Wireless Assistant Service - ok
10:46:01.0268 9020 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:46:01.0268 9020 HPClientSvc - ok
10:46:01.0330 9020 [ 2A047E7E0F1018E3134A4065636F2025 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
10:46:01.0330 9020 HPDrvMntSvc.exe - ok
10:46:01.0362 9020 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
10:46:01.0362 9020 hpdskflt - ok
10:46:01.0393 9020 [ 59CB6A1CA093EDC2881598A45518857D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:46:01.0440 9020 hpqwmiex - ok
10:46:01.0471 9020 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:46:01.0471 9020 HpSAMD - ok
10:46:01.0502 9020 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
10:46:01.0502 9020 hpsrv - ok
10:46:01.0564 9020 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:46:01.0564 9020 HPWMISVC - ok
10:46:01.0611 9020 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:46:01.0642 9020 HTTP - ok
10:46:01.0674 9020 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:46:01.0674 9020 hwpolicy - ok
10:46:01.0705 9020 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:46:01.0720 9020 i8042prt - ok
10:46:01.0767 9020 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:46:01.0783 9020 iaStor - ok
10:46:01.0861 9020 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:46:01.0861 9020 IAStorDataMgrSvc - ok
10:46:01.0923 9020 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:46:01.0939 9020 iaStorV - ok
10:46:02.0064 9020 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:46:02.0095 9020 idsvc - ok
10:46:02.0188 9020 [ 18C40C3F368323B203ACE403CB430DB1 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120406.002\IDSvia64.sys
10:46:02.0204 9020 IDSVia64 - ok
10:46:02.0578 9020 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:46:02.0890 9020 igfx - ok
10:46:02.0984 9020 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:46:02.0984 9020 iirsp - ok
10:46:03.0031 9020 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:46:03.0046 9020 IKEEXT - ok
10:46:03.0093 9020 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:46:03.0093 9020 IntcDAud - ok
10:46:03.0124 9020 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:46:03.0124 9020 intelide - ok
10:46:03.0156 9020 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:46:03.0156 9020 intelppm - ok
10:46:03.0234 9020 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
10:46:03.0234 9020 IntuitUpdateServiceV4 - ok
10:46:03.0265 9020 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:46:03.0265 9020 IPBusEnum - ok
10:46:03.0312 9020 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:46:03.0312 9020 IpFilterDriver - ok
10:46:03.0358 9020 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:46:03.0390 9020 iphlpsvc - ok
10:46:03.0405 9020 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:46:03.0421 9020 IPMIDRV - ok
10:46:03.0436 9020 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:46:03.0452 9020 IPNAT - ok
10:46:03.0530 9020 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:46:03.0561 9020 iPod Service - ok
10:46:03.0577 9020 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:46:03.0577 9020 IRENUM - ok
10:46:03.0608 9020 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:46:03.0608 9020 isapnp - ok
10:46:03.0639 9020 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:46:03.0655 9020 iScsiPrt - ok
10:46:03.0670 9020 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:46:03.0670 9020 kbdclass - ok
10:46:03.0717 9020 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:46:03.0717 9020 kbdhid - ok
10:46:03.0733 9020 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:46:03.0748 9020 KeyIso - ok
10:46:03.0780 9020 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:46:03.0780 9020 KSecDD - ok
10:46:03.0826 9020 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:46:03.0826 9020 KSecPkg - ok
10:46:03.0858 9020 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:46:03.0858 9020 ksthunk - ok
10:46:03.0889 9020 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:46:03.0904 9020 KtmRm - ok
10:46:03.0967 9020 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:46:03.0967 9020 LanmanServer - ok
10:46:03.0998 9020 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:46:04.0014 9020 LanmanWorkstation - ok
10:46:04.0060 9020 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:46:04.0060 9020 LightScribeService - ok
10:46:04.0092 9020 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:46:04.0092 9020 lltdio - ok
10:46:04.0138 9020 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:46:04.0138 9020 lltdsvc - ok
10:46:04.0170 9020 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:46:04.0170 9020 lmhosts - ok
10:46:04.0216 9020 [ C463A25F01C6237295917417C5E9E344 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:46:04.0232 9020 LMS - ok
10:46:04.0294 9020 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:46:04.0294 9020 LSI_FC - ok
10:46:04.0310 9020 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:46:04.0310 9020 LSI_SAS - ok
10:46:04.0326 9020 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:46:04.0326 9020 LSI_SAS2 - ok
10:46:04.0341 9020 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:46:04.0341 9020 LSI_SCSI - ok
10:46:04.0372 9020 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:46:04.0372 9020 luafv - ok
10:46:04.0404 9020 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:46:04.0404 9020 Mcx2Svc - ok
10:46:04.0419 9020 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:46:04.0419 9020 megasas - ok
10:46:04.0435 9020 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:46:04.0450 9020 MegaSR - ok
10:46:04.0482 9020 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:46:04.0482 9020 MEIx64 - ok
10:46:04.0497 9020 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:46:04.0497 9020 MMCSS - ok
10:46:04.0513 9020 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:46:04.0513 9020 Modem - ok
10:46:04.0528 9020 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:46:04.0528 9020 monitor - ok
10:46:04.0560 9020 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:46:04.0560 9020 mouclass - ok
10:46:04.0591 9020 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:46:04.0591 9020 mouhid - ok
10:46:04.0638 9020 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:46:04.0653 9020 mountmgr - ok
10:46:04.0700 9020 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:46:04.0700 9020 MozillaMaintenance - ok
10:46:04.0731 9020 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:46:04.0731 9020 mpio - ok
10:46:04.0778 9020 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:46:04.0778 9020 mpsdrv - ok
10:46:04.0840 9020 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:46:04.0872 9020 MpsSvc - ok
10:46:04.0903 9020 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:46:04.0903 9020 MRxDAV - ok
10:46:04.0918 9020 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:46:04.0918 9020 mrxsmb - ok
10:46:04.0950 9020 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:46:04.0950 9020 mrxsmb10 - ok
10:46:04.0981 9020 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:46:04.0981 9020 mrxsmb20 - ok
10:46:04.0996 9020 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:46:05.0012 9020 msahci - ok
10:46:05.0043 9020 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:46:05.0043 9020 msdsm - ok
10:46:05.0059 9020 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:46:05.0074 9020 MSDTC - ok
10:46:05.0090 9020 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:46:05.0090 9020 Msfs - ok
10:46:05.0106 9020 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:46:05.0106 9020 mshidkmdf - ok
10:46:05.0121 9020 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:46:05.0121 9020 msisadrv - ok
10:46:05.0168 9020 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:46:05.0168 9020 MSiSCSI - ok
10:46:05.0168 9020 msiserver - ok
10:46:05.0199 9020 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:46:05.0199 9020 MSKSSRV - ok
10:46:05.0215 9020 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:46:05.0215 9020 MSPCLOCK - ok
10:46:05.0230 9020 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:46:05.0230 9020 MSPQM - ok
10:46:05.0262 9020 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:46:05.0262 9020 MsRPC - ok
10:46:05.0293 9020 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:46:05.0293 9020 mssmbios - ok
10:46:05.0308 9020 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:46:05.0308 9020 MSTEE - ok
10:46:05.0308 9020 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:46:05.0308 9020 MTConfig - ok
10:46:05.0324 9020 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:46:05.0324 9020 Mup - ok
10:46:05.0371 9020 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:46:05.0371 9020 napagent - ok
10:46:05.0418 9020 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:46:05.0418 9020 NativeWifiP - ok
10:46:05.0496 9020 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120406.034\ENG64.SYS
10:46:05.0496 9020 NAVENG - ok
10:46:05.0589 9020 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120406.034\EX64.SYS
10:46:05.0683 9020 NAVEX15 - ok
10:46:05.0745 9020 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:46:05.0776 9020 NDIS - ok
10:46:05.0808 9020 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:46:05.0808 9020 NdisCap - ok
10:46:05.0839 9020 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:46:05.0839 9020 NdisTapi - ok
10:46:05.0870 9020 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:46:05.0870 9020 Ndisuio - ok
10:46:05.0917 9020 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:46:05.0917 9020 NdisWan - ok
10:46:05.0964 9020 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:46:05.0964 9020 NDProxy - ok
10:46:05.0995 9020 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:46:05.0995 9020 NetBIOS - ok
10:46:06.0042 9020 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:46:06.0057 9020 NetBT - ok
10:46:06.0073 9020 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:46:06.0073 9020 Netlogon - ok
10:46:06.0104 9020 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:46:06.0135 9020 Netman - ok
10:46:06.0151 9020 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:46:06.0182 9020 netprofm - ok
10:46:06.0229 9020 [ 24CF1304D899124336F67F88F3C15E21 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
10:46:06.0260 9020 netr28x - ok
10:46:06.0276 9020 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:46:06.0291 9020 NetTcpPortSharing - ok
10:46:06.0447 9020 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
10:46:06.0603 9020 netw5v64 - ok
10:46:06.0619 9020 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:46:06.0619 9020 nfrd960 - ok
10:46:06.0681 9020 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
10:46:06.0681 9020 NIS - ok
10:46:06.0712 9020 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:46:06.0728 9020 NlaSvc - ok
10:46:06.0744 9020 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:46:06.0759 9020 Npfs - ok
10:46:06.0790 9020 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:46:06.0790 9020 nsi - ok
10:46:06.0806 9020 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:46:06.0806 9020 nsiproxy - ok
10:46:06.0868 9020 [ 08849429CE646B4D10892D239F9D6A7A ] nsverctl C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
10:46:06.0868 9020 nsverctl - ok
10:46:06.0946 9020 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:46:06.0993 9020 Ntfs - ok
10:46:07.0024 9020 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:46:07.0024 9020 Null - ok
10:46:07.0071 9020 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:46:07.0087 9020 nusb3hub - ok
10:46:07.0149 9020 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:46:07.0165 9020 nusb3xhc - ok
10:46:07.0180 9020 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:46:07.0196 9020 nvraid - ok
10:46:07.0212 9020 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:46:07.0227 9020 nvstor - ok
10:46:07.0243 9020 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:46:07.0243 9020 nv_agp - ok
10:46:07.0461 9020 [ 19CC46ACD6B17CE92336B33A2018765D ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
10:46:07.0492 9020 OfficeSvc - ok
10:46:07.0524 9020 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:46:07.0524 9020 ohci1394 - ok
10:46:07.0602 9020 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:46:07.0602 9020 ose - ok
10:46:07.0789 9020 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:46:07.0914 9020 osppsvc - ok
10:46:07.0960 9020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:46:07.0976 9020 p2pimsvc - ok
10:46:07.0992 9020 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:46:08.0007 9020 p2psvc - ok
10:46:08.0038 9020 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:46:08.0038 9020 Parport - ok
10:46:08.0054 9020 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:46:08.0054 9020 partmgr - ok
10:46:08.0070 9020 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:46:08.0070 9020 PcaSvc - ok
10:46:08.0101 9020 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:46:08.0101 9020 pci - ok
10:46:08.0116 9020 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:46:08.0132 9020 pciide - ok
10:46:08.0132 9020 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:46:08.0148 9020 pcmcia - ok
10:46:08.0148 9020 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:46:08.0163 9020 pcw - ok
10:46:08.0179 9020 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:46:08.0194 9020 PEAUTH - ok
10:46:08.0319 9020 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:46:08.0319 9020 PerfHost - ok
10:46:08.0397 9020 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:46:08.0428 9020 pla - ok
10:46:08.0475 9020 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:46:08.0491 9020 PlugPlay - ok
10:46:08.0522 9020 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:46:08.0522 9020 PNRPAutoReg - ok
10:46:08.0553 9020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:46:08.0569 9020 PNRPsvc - ok
10:46:08.0600 9020 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:46:08.0616 9020 PolicyAgent - ok
10:46:08.0662 9020 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:46:08.0662 9020 Power - ok
10:46:08.0709 9020 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:46:08.0709 9020 PptpMiniport - ok
10:46:08.0740 9020 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:46:08.0740 9020 Processor - ok
10:46:08.0772 9020 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:46:08.0787 9020 ProfSvc - ok
10:46:08.0803 9020 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:46:08.0803 9020 ProtectedStorage - ok
10:46:08.0834 9020 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:46:08.0834 9020 Psched - ok
10:46:08.0896 9020 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:46:08.0943 9020 ql2300 - ok
10:46:08.0959 9020 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:46:08.0959 9020 ql40xx - ok
10:46:09.0006 9020 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:46:09.0006 9020 QWAVE - ok
10:46:09.0021 9020 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:46:09.0021 9020 QWAVEdrv - ok
10:46:09.0037 9020 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:46:09.0037 9020 RasAcd - ok
10:46:09.0068 9020 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:46:09.0068 9020 RasAgileVpn - ok
10:46:09.0099 9020 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:46:09.0115 9020 RasAuto - ok
10:46:09.0130 9020 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:46:09.0146 9020 Rasl2tp - ok
10:46:09.0177 9020 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:46:09.0193 9020 RasMan - ok
10:46:09.0224 9020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:46:09.0240 9020 RasPppoe - ok
10:46:09.0255 9020 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:46:09.0271 9020 RasSstp - ok
10:46:09.0302 9020 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:46:09.0302 9020 rdbss - ok
10:46:09.0333 9020 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:46:09.0333 9020 rdpbus - ok
10:46:09.0364 9020 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:46:09.0364 9020 RDPCDD - ok
10:46:09.0380 9020 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:46:09.0380 9020 RDPENCDD - ok
10:46:09.0411 9020 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:46:09.0411 9020 RDPREFMP - ok
10:46:09.0442 9020 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:46:09.0442 9020 RDPWD - ok
10:46:09.0505 9020 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:46:09.0505 9020 rdyboost - ok
10:46:09.0536 9020 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:46:09.0552 9020 RemoteAccess - ok
10:46:09.0583 9020 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:46:09.0583 9020 RemoteRegistry - ok
10:46:09.0630 9020 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:46:09.0630 9020 RFCOMM - ok
10:46:09.0708 9020 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
10:46:09.0723 9020 RoxioNow Service - ok
10:46:09.0754 9020 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:46:09.0754 9020 RpcEptMapper - ok
10:46:09.0786 9020 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:46:09.0801 9020 RpcLocator - ok
10:46:09.0832 9020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:46:09.0848 9020 RpcSs - ok
10:46:09.0895 9020 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
10:46:09.0910 9020 RSPCIESTOR - ok
10:46:09.0942 9020 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:46:09.0942 9020 rspndr - ok
10:46:09.0988 9020 [ 5D6A444BD37B52FF846387C87DCDF98A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:46:09.0988 9020 RTL8167 - ok
10:46:10.0004 9020 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:46:10.0004 9020 SamSs - ok
10:46:10.0051 9020 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:46:10.0051 9020 sbp2port - ok
10:46:10.0082 9020 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:46:10.0082 9020 SCardSvr - ok
10:46:10.0113 9020 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:46:10.0113 9020 scfilter - ok
10:46:10.0176 9020 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:46:10.0222 9020 Schedule - ok
10:46:10.0254 9020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:46:10.0254 9020 SCPolicySvc - ok
10:46:10.0300 9020 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
10:46:10.0300 9020 sdbus - ok
10:46:10.0332 9020 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:46:10.0347 9020 SDRSVC - ok
10:46:10.0378 9020 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:46:10.0378 9020 secdrv - ok
10:46:10.0394 9020 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:46:10.0394 9020 seclogon - ok
10:46:10.0425 9020 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:46:10.0441 9020 SENS - ok
10:46:10.0456 9020 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:46:10.0472 9020 SensrSvc - ok
10:46:10.0488 9020 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:46:10.0488 9020 Serenum - ok
10:46:10.0503 9020 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:46:10.0519 9020 Serial - ok
10:46:10.0550 9020 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:46:10.0550 9020 sermouse - ok
10:46:10.0597 9020 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:46:10.0612 9020 SessionEnv - ok
10:46:10.0644 9020 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:46:10.0644 9020 sffdisk - ok
10:46:10.0659 9020 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:46:10.0659 9020 sffp_mmc - ok
10:46:10.0675 9020 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:46:10.0690 9020 sffp_sd - ok
10:46:10.0722 9020 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:46:10.0722 9020 sfloppy - ok
10:46:10.0753 9020 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:46:10.0784 9020 SharedAccess - ok
10:46:10.0831 9020 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:46:10.0846 9020 ShellHWDetection - ok
10:46:10.0878 9020 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:46:10.0893 9020 SiSRaid2 - ok
10:46:10.0893 9020 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:46:10.0893 9020 SiSRaid4 - ok
10:46:10.0987 9020 [ 3467821FD04A66C9786DF0C8C0219A73 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:46:10.0987 9020 SkypeUpdate - ok
10:46:11.0018 9020 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:46:11.0018 9020 Smb - ok
10:46:11.0065 9020 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:46:11.0065 9020 SNMPTRAP - ok
10:46:11.0080 9020 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:46:11.0080 9020 spldr - ok
10:46:11.0127 9020 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:46:11.0205 9020 Spooler - ok
10:46:11.0314 9020 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:46:11.0424 9020 sppsvc - ok
10:46:11.0470 9020 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:46:11.0470 9020 sppuinotify - ok
10:46:11.0548 9020 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
10:46:11.0580 9020 SRTSP - ok
10:46:11.0611 9020 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
10:46:11.0611 9020 SRTSPX - ok
10:46:11.0658 9020 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:46:11.0673 9020 srv - ok
10:46:11.0704 9020 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:46:11.0720 9020 srv2 - ok
10:46:11.0751 9020 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:46:11.0767 9020 SrvHsfHDA - ok
10:46:11.0814 9020 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:46:11.0876 9020 SrvHsfV92 - ok
10:46:11.0923 9020 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:46:11.0954 9020 SrvHsfWinac - ok
10:46:11.0970 9020 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:46:11.0985 9020 srvnet - ok
10:46:12.0032 9020 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:46:12.0032 9020 SSDPSRV - ok
10:46:12.0048 9020 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:46:12.0048 9020 SstpSvc - ok
10:46:12.0126 9020 [ 7C49A5E1943AFDA4672D80726AF3BAE4 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
10:46:12.0126 9020 STacSV - ok
10:46:12.0157 9020 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:46:12.0157 9020 stexstor - ok
10:46:12.0204 9020 [ 0AAD250A31A7EE96E0945AB9E1F3BAA7 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
10:46:12.0219 9020 STHDA - ok
10:46:12.0282 9020 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:46:12.0313 9020 stisvc - ok
10:46:12.0328 9020 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:46:12.0344 9020 swenum - ok
10:46:12.0391 9020 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:46:12.0406 9020 swprv - ok
10:46:12.0453 9020 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
10:46:12.0469 9020 SymDS - ok
10:46:12.0516 9020 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
10:46:12.0547 9020 SymEFA - ok
10:46:12.0578 9020 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:46:12.0594 9020 SymEvent - ok
10:46:12.0609 9020 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
10:46:12.0625 9020 SymIRON - ok
10:46:12.0656 9020 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
10:46:12.0672 9020 SymNetS - ok
10:46:12.0750 9020 [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:46:12.0812 9020 SynTP - ok
10:46:12.0890 9020 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:46:12.0937 9020 SysMain - ok
10:46:12.0968 9020 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:46:12.0968 9020 TabletInputService - ok
10:46:13.0015 9020 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:46:13.0030 9020 TapiSrv - ok
10:46:13.0062 9020 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:46:13.0062 9020 TBS - ok
10:46:13.0140 9020 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:46:13.0202 9020 Tcpip - ok
10:46:13.0280 9020 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:46:13.0311 9020 TCPIP6 - ok
10:46:13.0327 9020 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:46:13.0327 9020 tcpipreg - ok
10:46:13.0358 9020 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:46:13.0358 9020 TDPIPE - ok
10:46:13.0374 9020 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:46:13.0389 9020 TDTCP - ok
10:46:13.0420 9020 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:46:13.0420 9020 tdx - ok
10:46:13.0452 9020 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:46:13.0452 9020 TermDD - ok
10:46:13.0483 9020 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:46:13.0498 9020 TermService - ok
10:46:13.0514 9020 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:46:13.0514 9020 Themes - ok
10:46:13.0545 9020 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:46:13.0545 9020 THREADORDER - ok
10:46:13.0561 9020 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:46:13.0561 9020 TrkWks - ok
10:46:13.0623 9020 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:46:13.0623 9020 TrustedInstaller - ok
10:46:13.0670 9020 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:46:13.0670 9020 tssecsrv - ok
10:46:13.0732 9020 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:46:13.0732 9020 TsUsbFlt - ok
10:46:13.0779 9020 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:46:13.0779 9020 tunnel - ok
10:46:13.0810 9020 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:46:13.0810 9020 uagp35 - ok
10:46:13.0857 9020 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:46:13.0857 9020 udfs - ok
10:46:13.0935 9020 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:46:13.0935 9020 UI0Detect - ok
10:46:13.0982 9020 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:46:13.0982 9020 uliagpkx - ok
10:46:13.0998 9020 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:46:14.0013 9020 umbus - ok
10:46:14.0029 9020 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:46:14.0029 9020 UmPass - ok
10:46:14.0185 9020 [ 3A1ECEF8D49FC1A786A6CCD5A86A8878 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:46:14.0278 9020 UNS - ok
10:46:14.0310 9020 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:46:14.0325 9020 upnphost - ok
10:46:14.0372 9020 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:46:14.0372 9020 USBAAPL64 - ok
10:46:14.0403 9020 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:46:14.0403 9020 usbccgp - ok
10:46:14.0434 9020 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:46:14.0434 9020 usbcir - ok
10:46:14.0466 9020 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:46:14.0466 9020 usbehci - ok
10:46:14.0497 9020 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:46:14.0512 9020 usbhub - ok
10:46:14.0528 9020 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:46:14.0528 9020 usbohci - ok
10:46:14.0559 9020 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:46:14.0559 9020 usbprint - ok
10:46:14.0622 9020 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:46:14.0622 9020 USBSTOR - ok
10:46:14.0653 9020 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:46:14.0653 9020 usbuhci - ok
10:46:14.0700 9020 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:46:14.0700 9020 usbvideo - ok
10:46:14.0731 9020 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:46:14.0731 9020 UxSms - ok
10:46:14.0746 9020 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:46:14.0746 9020 VaultSvc - ok
10:46:14.0778 9020 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:46:14.0778 9020 vdrvroot - ok
10:46:14.0824 9020 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:46:14.0856 9020 vds - ok
10:46:14.0871 9020 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:46:14.0887 9020 vga - ok
10:46:14.0902 9020 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:46:14.0918 9020 VgaSave - ok
10:46:14.0934 9020 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:46:14.0949 9020 vhdmp - ok
10:46:14.0980 9020 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:46:14.0980 9020 viaide - ok
10:46:14.0996 9020 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:46:15.0012 9020 volmgr - ok
10:46:15.0043 9020 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:46:15.0058 9020 volmgrx - ok
10:46:15.0090 9020 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:46:15.0105 9020 volsnap - ok
10:46:15.0121 9020 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:46:15.0136 9020 vsmraid - ok
10:46:15.0199 9020 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:46:15.0292 9020 VSS - ok
10:46:15.0324 9020 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:46:15.0324 9020 vwifibus - ok
10:46:15.0355 9020 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:46:15.0355 9020 vwififlt - ok
10:46:15.0402 9020 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:46:15.0417 9020 W32Time - ok
10:46:15.0448 9020 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:46:15.0448 9020 WacomPen - ok
10:46:15.0511 9020 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:46:15.0511 9020 WANARP - ok
10:46:15.0526 9020 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:46:15.0526 9020 Wanarpv6 - ok
10:46:15.0604 9020 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:46:15.0651 9020 WatAdminSvc - ok
10:46:15.0714 9020 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:46:15.0792 9020 wbengine - ok
10:46:15.0823 9020 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:46:15.0838 9020 WbioSrvc - ok
10:46:15.0870 9020 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:46:15.0901 9020 wcncsvc - ok
10:46:15.0916 9020 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:46:15.0916 9020 WcsPlugInService - ok
10:46:15.0948 9020 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:46:15.0948 9020 Wd - ok
10:46:15.0994 9020 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:46:16.0026 9020 Wdf01000 - ok
10:46:16.0041 9020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:46:16.0041 9020 WdiServiceHost - ok
10:46:16.0057 9020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:46:16.0057 9020 WdiSystemHost - ok
10:46:16.0104 9020 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:46:16.0119 9020 WebClient - ok
10:46:16.0150 9020 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:46:16.0182 9020 Wecsvc - ok
10:46:16.0197 9020 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:46:16.0197 9020 wercplsupport - ok
10:46:16.0213 9020 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:46:16.0228 9020 WerSvc - ok
10:46:16.0275 9020 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:46:16.0275 9020 WfpLwf - ok
10:46:16.0291 9020 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:46:16.0291 9020 WIMMount - ok
10:46:16.0306 9020 WinDefend - ok
10:46:16.0322 9020 WinHttpAutoProxySvc - ok
10:46:16.0369 9020 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:46:16.0384 9020 Winmgmt - ok
10:46:16.0447 9020 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:46:16.0540 9020 WinRM - ok
10:46:16.0587 9020 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
10:46:16.0587 9020 WinUsb - ok
10:46:16.0634 9020 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:46:16.0665 9020 Wlansvc - ok
10:46:16.0681 9020 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:46:16.0696 9020 WmiAcpi - ok
10:46:16.0728 9020 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:46:16.0728 9020 wmiApSrv - ok
10:46:16.0774 9020 WMPNetworkSvc - ok
10:46:16.0806 9020 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:46:16.0821 9020 WPCSvc - ok
10:46:16.0837 9020 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:46:16.0852 9020 WPDBusEnum - ok
10:46:16.0868 9020 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:46:16.0884 9020 ws2ifsl - ok
10:46:16.0899 9020 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:46:16.0899 9020 wscsvc - ok
10:46:16.0930 9020 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:46:16.0930 9020 WSDPrintDevice - ok
10:46:16.0962 9020 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
10:46:16.0962 9020 WSDScan - ok
10:46:16.0962 9020 WSearch - ok
10:46:17.0102 9020 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:46:17.0180 9020 wuauserv - ok
10:46:17.0211 9020 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:46:17.0211 9020 WudfPf - ok
10:46:17.0227 9020 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:46:17.0242 9020 WUDFRd - ok
10:46:17.0242 9020 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:46:17.0258 9020 wudfsvc - ok
10:46:17.0289 9020 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:46:17.0289 9020 WwanSvc - ok
10:46:17.0352 9020 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
10:46:17.0352 9020 yukonw7 - ok
10:46:17.0398 9020 ================ Scan global ===============================
10:46:17.0430 9020 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:46:17.0461 9020 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:46:17.0476 9020 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:46:17.0508 9020 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:46:17.0523 9020 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:46:17.0539 9020 [Global] - ok
10:46:17.0539 9020 ================ Scan MBR ==================================
10:46:17.0554 9020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:46:17.0866 9020 \Device\Harddisk0\DR0 - ok
10:46:17.0866 9020 ================ Scan VBR ==================================
10:46:17.0882 9020 [ 22DD9776BBBCE3ACA8CE6E6ABE32B66F ] \Device\Harddisk0\DR0\Partition1
10:46:17.0882 9020 \Device\Harddisk0\DR0\Partition1 - ok
10:46:17.0898 9020 [ 2DD336662FEAF8DFCB7D6393A56BD338 ] \Device\Harddisk0\DR0\Partition2
10:46:17.0898 9020 \Device\Harddisk0\DR0\Partition2 - ok
10:46:17.0944 9020 [ 9A38CA6698648C1C930FDE0569DC7C92 ] \Device\Harddisk0\DR0\Partition3
10:46:17.0960 9020 \Device\Harddisk0\DR0\Partition3 - ok
10:46:18.0007 9020 [ E538711485DBF7D37B15663ED2DFF791 ] \Device\Harddisk0\DR0\Partition4
10:46:18.0022 9020 \Device\Harddisk0\DR0\Partition4 - ok
10:46:18.0022 9020 ============================================================
10:46:18.0022 9020 Scan finished
10:46:18.0022 9020 ============================================================
10:46:18.0038 6288 Detected object count: 0
10:46:18.0038 6288 Actual detected object count: 0
10:46:35.0058 9100 ============================================================
10:46:35.0058 9100 Scan started
10:46:35.0058 9100 Mode: Manual; SigCheck; TDLFS;
10:46:35.0058 9100 ============================================================
10:46:35.0276 9100 ================ Scan system memory ========================
10:46:35.0276 9100 System memory - ok
10:46:35.0276 9100 ================ Scan services =============================
10:46:35.0463 9100 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:46:35.0650 9100 1394ohci - ok
10:46:35.0682 9100 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
10:46:35.0713 9100 Accelerometer - ok
10:46:35.0760 9100 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:46:35.0791 9100 ACPI - ok
10:46:35.0806 9100 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:46:35.0916 9100 AcpiPmi - ok
10:46:36.0009 9100 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:46:36.0040 9100 AdobeARMservice - ok
10:46:36.0165 9100 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:46:36.0181 9100 AdobeFlashPlayerUpdateSvc - ok
10:46:36.0243 9100 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:46:36.0274 9100 adp94xx - ok
10:46:36.0290 9100 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:46:36.0321 9100 adpahci - ok
10:46:36.0321 9100 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:46:36.0337 9100 adpu320 - ok
10:46:36.0368 9100 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:46:36.0555 9100 AeLookupSvc - ok
10:46:36.0618 9100 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
10:46:36.0711 9100 AESTFilters - ok
10:46:36.0758 9100 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:46:36.0836 9100 AFD - ok
10:46:36.0867 9100 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:46:36.0898 9100 agp440 - ok
10:46:36.0930 9100 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:46:37.0023 9100 ALG - ok
10:46:37.0054 9100 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:46:37.0070 9100 aliide - ok
10:46:37.0086 9100 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:46:37.0117 9100 amdide - ok
10:46:37.0148 9100 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:46:37.0226 9100 AmdK8 - ok
10:46:37.0226 9100 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:46:37.0288 9100 AmdPPM - ok
10:46:37.0320 9100 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:46:37.0351 9100 amdsata - ok
10:46:37.0366 9100 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:46:37.0398 9100 amdsbs - ok
10:46:37.0398 9100 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:46:37.0413 9100 amdxata - ok
10:46:37.0444 9100 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:46:37.0663 9100 AppID - ok
10:46:37.0694 9100 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:46:37.0803 9100 AppIDSvc - ok
10:46:37.0819 9100 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:46:37.0928 9100 Appinfo - ok
10:46:37.0990 9100 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:46:38.0022 9100 Apple Mobile Device - ok
10:46:38.0053 9100 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:46:38.0068 9100 arc - ok
10:46:38.0084 9100 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:46:38.0115 9100 arcsas - ok
10:46:38.0131 9100 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:46:38.0209 9100 AsyncMac - ok
10:46:38.0240 9100 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:46:38.0271 9100 atapi - ok
10:46:38.0334 9100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:46:38.0443 9100 AudioEndpointBuilder - ok
10:46:38.0474 9100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:46:38.0552 9100 AudioSrv - ok
10:46:38.0568 9100 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:46:38.0692 9100 AxInstSV - ok
10:46:38.0739 9100 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:46:38.0817 9100 b06bdrv - ok
10:46:38.0833 9100 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:46:38.0895 9100 b57nd60a - ok
10:46:38.0926 9100 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:46:39.0004 9100 BDESVC - ok
10:46:39.0020 9100 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:46:39.0129 9100 Beep - ok
10:46:39.0176 9100 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:46:39.0301 9100 BFE - ok
10:46:39.0457 9100 [ 6C64FA457C200874FAA87D74152E0D84 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
10:46:39.0519 9100 BHDrvx64 - ok
10:46:39.0550 9100 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:46:39.0644 9100 BITS - ok
10:46:39.0675 9100 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:46:39.0722 9100 blbdrive - ok
10:46:39.0894 9100 [ E7062088161C56BF42E7DBA53664E584 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
10:46:39.0956 9100 Bluetooth Device Manager - ok
10:46:39.0987 9100 [ 21B1CB06C0254BBC08B8C30D8F282E69 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
10:46:40.0003 9100 Bluetooth Media Service - ok
10:46:40.0034 9100 [ 0BC0DC720F22A9D6D721FD5B7D15E84F ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
10:46:40.0050 9100 Bluetooth OBEX Service - ok
10:46:40.0081 9100 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:46:40.0112 9100 Bonjour Service - ok
10:46:40.0143 9100 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:46:40.0221 9100 bowser - ok
10:46:40.0252 9100 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:46:40.0346 9100 BrFiltLo - ok
10:46:40.0362 9100 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:46:40.0393 9100 BrFiltUp - ok
10:46:40.0424 9100 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:46:40.0486 9100 Browser - ok
10:46:40.0518 9100 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:46:40.0596 9100 Brserid - ok
10:46:40.0596 9100 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:46:40.0642 9100 BrSerWdm - ok
10:46:40.0642 9100 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:46:40.0674 9100 BrUsbMdm - ok
10:46:40.0674 9100 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:46:40.0705 9100 BrUsbSer - ok
10:46:40.0736 9100 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:46:40.0830 9100 BthEnum - ok
10:46:40.0861 9100 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:46:40.0908 9100 BTHMODEM - ok
10:46:40.0954 9100 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:46:41.0017 9100 BthPan - ok
10:46:41.0064 9100 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:46:41.0173 9100 BTHPORT - ok
10:46:41.0204 9100 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:46:41.0298 9100 bthserv - ok
10:46:41.0344 9100 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:46:41.0391 9100 BTHUSB - ok
10:46:41.0438 9100 [ 6D3FF2B480F7AB8DA103CBC7FBEACD48 ] BTMCOM C:\Windows\system32\Drivers\btmcom.sys
10:46:41.0500 9100 BTMCOM - ok
10:46:41.0532 9100 [ 8AEF214DD4816AF9AFB5D425F7302DAE ] BTMNET C:\Windows\system32\DRIVERS\btmnet.sys
10:46:41.0766 9100 BTMNET - ok
10:46:41.0797 9100 [ 8515AA7DC5ECEBDFCC480D2001398BD7 ] BTMUSB C:\Windows\system32\Drivers\btmusb.sys
10:46:41.0875 9100 BTMUSB - ok
10:46:41.0937 9100 [ 37B50B3A19CD1F3BB751FCD9C33ACDAF ] cag C:\Program Files\Common Files\Deterministic Networks\Common Files\cag.sys
10:46:41.0968 9100 cag - ok
10:46:41.0984 9100 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:46:42.0093 9100 cdfs - ok
10:46:42.0124 9100 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:46:42.0187 9100 cdrom - ok
10:46:42.0218 9100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:46:42.0327 9100 CertPropSvc - ok
10:46:42.0358 9100 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:46:42.0436 9100 circlass - ok
10:46:42.0483 9100 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:46:42.0530 9100 CLFS - ok
10:46:42.0592 9100 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:46:42.0624 9100 clr_optimization_v2.0.50727_32 - ok
10:46:42.0655 9100 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:46:42.0686 9100 clr_optimization_v2.0.50727_64 - ok
10:46:42.0733 9100 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:46:42.0764 9100 clr_optimization_v4.0.30319_32 - ok
10:46:42.0795 9100 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:46:42.0811 9100 clr_optimization_v4.0.30319_64 - ok
10:46:42.0842 9100 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
10:46:42.0858 9100 clwvd - ok
10:46:42.0873 9100 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:46:42.0920 9100 CmBatt - ok
10:46:42.0967 9100 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:46:42.0998 9100 cmdide - ok
10:46:43.0029 9100 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:46:43.0092 9100 CNG - ok
10:46:43.0123 9100 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:46:43.0138 9100 Compbatt - ok
10:46:43.0154 9100 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:46:43.0201 9100 CompositeBus - ok
10:46:43.0216 9100 COMSysApp - ok
10:46:43.0232 9100 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:46:43.0263 9100 crcdisk - ok
10:46:43.0294 9100 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:46:43.0372 9100 CryptSvc - ok
10:46:43.0419 9100 [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
10:46:43.0450 9100 ctxusbm - ok
10:46:43.0482 9100 [ 5C5EECDD72C392F05328356FFCDF19AB ] ctxva51 C:\Windows\system32\DRIVERS\ctxva51.sys
10:46:43.0497 9100 ctxva51 - ok
10:46:43.0528 9100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:46:43.0653 9100 DcomLaunch - ok
10:46:43.0684 9100 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:46:43.0794 9100 defragsvc - ok
10:46:43.0840 9100 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:46:43.0934 9100 DfsC - ok
10:46:43.0981 9100 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:46:44.0059 9100 Dhcp - ok
10:46:44.0090 9100 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:46:44.0199 9100 discache - ok
10:46:44.0230 9100 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:46:44.0246 9100 Disk - ok
10:46:44.0277 9100 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
10:46:44.0293 9100 DNE - ok
10:46:44.0324 9100 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:46:44.0402 9100 Dnscache - ok
10:46:44.0449 9100 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:46:44.0542 9100 dot3svc - ok
10:46:44.0589 9100 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:46:44.0667 9100 DPS - ok
10:46:44.0698 9100 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:46:44.0761 9100 drmkaud - ok
10:46:44.0808 9100 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:46:44.0854 9100 DXGKrnl - ok
10:46:44.0886 9100 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:46:44.0995 9100 EapHost - ok
10:46:45.0104 9100 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:46:45.0198 9100 ebdrv - ok
10:46:45.0244 9100 [ 0C3F9EFF8DDD9F9EB56D754B4620155F ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:46:45.0276 9100 eeCtrl - ok
10:46:45.0307 9100 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:46:45.0369 9100 EFS - ok
10:46:45.0432 9100 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:46:45.0510 9100 ehRecvr - ok
10:46:45.0541 9100 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:46:45.0619 9100 ehSched - ok
10:46:45.0650 9100 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:46:45.0697 9100 elxstor - ok
10:46:45.0759 9100 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
10:46:45.0790 9100 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning
10:46:45.0790 9100 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)
10:46:45.0837 9100 [ 757305C7AD34222F4A46D86FE0BEE241 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
10:46:45.0868 9100 EpsonCustomerParticipation - ok
10:46:45.0900 9100 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:46:45.0946 9100 ErrDev - ok
10:46:46.0009 9100 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:46:46.0134 9100 EventSystem - ok
10:46:46.0165 9100 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:46:46.0258 9100 exfat - ok
10:46:46.0274 9100 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:46:46.0352 9100 fastfat - ok
10:46:46.0414 9100 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:46:46.0508 9100 Fax - ok
10:46:46.0524 9100 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:46:46.0570 9100 fdc - ok
10:46:46.0617 9100 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:46:46.0695 9100 fdPHost - ok
10:46:46.0695 9100 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:46:46.0789 9100 FDResPub - ok
10:46:46.0820 9100 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:46:46.0836 9100 FileInfo - ok
10:46:46.0851 9100 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:46:46.0945 9100 Filetrace - ok
10:46:46.0992 9100 [ 3D9B36631032FDE0FFEA0DC0260E4E35 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:46:47.0007 9100 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:46:47.0007 9100 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:46:47.0054 9100 [ 52C0312AB35EB7187015FB6A99136BB5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
10:46:47.0085 9100 FLEXnet Licensing Service 64 ( UnsignedFile.Multi.Generic ) - warning
10:46:47.0085 9100 FLEXnet Licensing Service 64 - detected UnsignedFile.Multi.Generic (1)
10:46:47.0101 9100 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:46:47.0132 9100 flpydisk - ok
10:46:47.0163 9100 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:46:47.0194 9100 FltMgr - ok
10:46:47.0241 9100 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:46:47.0335 9100 FontCache - ok
10:46:47.0382 9100 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:46:47.0413 9100 FontCache3.0.0.0 - ok
10:46:47.0460 9100 [ CDC54DB949D1E2BBF86B0C7AB86B912E ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
10:46:47.0491 9100 FPLService - ok
10:46:47.0522 9100 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:46:47.0538 9100 FsDepends - ok
10:46:47.0569 9100 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:46:47.0584 9100 Fs_Rec - ok
10:46:47.0631 9100 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:46:47.0662 9100 fvevol - ok
10:46:47.0678 9100 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:46:47.0694 9100 gagp30kx - ok
10:46:47.0756 9100 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:46:47.0787 9100 GameConsoleService - ok
10:46:47.0818 9100 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:46:47.0834 9100 GEARAspiWDM - ok
10:46:47.0881 9100 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:46:47.0974 9100 gpsvc - ok
10:46:48.0006 9100 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:46:48.0068 9100 hcw85cir - ok
10:46:48.0099 9100 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:46:48.0146 9100 HdAudAddService - ok
10:46:48.0177 9100 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:46:48.0224 9100 HDAudBus - ok
10:46:48.0255 9100 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:46:48.0302 9100 HidBatt - ok
10:46:48.0318 9100 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:46:48.0349 9100 HidBth - ok
10:46:48.0364 9100 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:46:48.0411 9100 HidIr - ok
10:46:48.0442 9100 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:46:48.0552 9100 hidserv - ok
10:46:48.0567 9100 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:46:48.0583 9100 HidUsb - ok
10:46:48.0598 9100 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:46:48.0676 9100 hkmsvc - ok
10:46:48.0708 9100 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:46:48.0739 9100 HomeGroupListener - ok
10:46:48.0770 9100 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:46:48.0817 9100 HomeGroupProvider - ok
10:46:48.0879 9100 [ 7A24AD37416B91E4B5E5B46BD25C075F ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
10:46:48.0910 9100 HP Health Check Service - ok
10:46:48.0957 9100 [ C930128C8F8FF03D8F8C42B570920D56 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
10:46:48.0988 9100 HP Wireless Assistant Service - ok
10:46:49.0020 9100 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:46:49.0051 9100 HPClientSvc - ok
10:46:49.0098 9100 [ 2A047E7E0F1018E3134A4065636F2025 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
10:46:49.0129 9100 HPDrvMntSvc.exe - ok
10:46:49.0160 9100 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
10:46:49.0176 9100 hpdskflt - ok
10:46:49.0207 9100 [ 59CB6A1CA093EDC2881598A45518857D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:46:49.0254 9100 hpqwmiex - ok
10:46:49.0285 9100 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:46:49.0300 9100 HpSAMD - ok
10:46:49.0316 9100 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
10:46:49.0332 9100 hpsrv - ok
10:46:49.0363 9100 [ F630DD7564EBB7248A13B1CC774D9EA6 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:46:49.0363 9100 HPWMISVC - ok
10:46:49.0410 9100 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:46:49.0503 9100 HTTP - ok
10:46:49.0519 9100 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:46:49.0534 9100 hwpolicy - ok
10:46:49.0566 9100 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:46:49.0597 9100 i8042prt - ok
10:46:49.0644 9100 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:46:49.0675 9100 iaStor - ok
10:46:49.0722 9100 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:46:49.0737 9100 IAStorDataMgrSvc - ok
10:46:49.0768 9100 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:46:49.0800 9100 iaStorV - ok
10:46:49.0862 9100 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:46:49.0909 9100 idsvc - ok
10:46:50.0002 9100 [ 18C40C3F368323B203ACE403CB430DB1 ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120406.002\IDSvia64.sys
10:46:50.0034 9100 IDSVia64 - ok
10:46:50.0299 9100 [ 6383899C5F964D71B0F96B81FBE59BB8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:46:50.0486 9100 igfx - ok
10:46:50.0533 9100 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:46:50.0548 9100 iirsp - ok
10:46:50.0595 9100 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:46:50.0642 9100 IKEEXT - ok
10:46:50.0673 9100 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:46:50.0736 9100 IntcDAud - ok
10:46:50.0767 9100 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:46:50.0782 9100 intelide - ok
10:46:50.0829 9100 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:46:50.0860 9100 intelppm - ok
10:46:50.0923 9100 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
10:46:50.0938 9100 IntuitUpdateServiceV4 - ok
10:46:50.0970 9100 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:46:51.0048 9100 IPBusEnum - ok
10:46:51.0094 9100 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:46:51.0172 9100 IpFilterDriver - ok
10:46:51.0219 9100 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:46:51.0282 9100 iphlpsvc - ok
10:46:51.0313 9100 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:46:51.0375 9100 IPMIDRV - ok
10:46:51.0406 9100 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:46:51.0516 9100 IPNAT - ok
10:46:51.0562 9100 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:46:51.0609 9100 iPod Service - ok
10:46:51.0609 9100 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:46:51.0718 9100 IRENUM - ok
10:46:51.0750 9100 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:46:51.0781 9100 isapnp - ok
10:46:51.0828 9100 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:46:51.0859 9100 iScsiPrt - ok
10:46:51.0874 9100 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:46:51.0890 9100 kbdclass - ok
10:46:51.0921 9100 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:46:51.0937 9100 kbdhid - ok
10:46:51.0968 9100 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:46:51.0984 9100 KeyIso - ok
10:46:52.0015 9100 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:46:52.0030 9100 KSecDD - ok
10:46:52.0077 9100 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:46:52.0108 9100 KSecPkg - ok
10:46:52.0124 9100 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:46:52.0233 9100 ksthunk - ok
10:46:52.0264 9100 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:46:52.0405 9100 KtmRm - ok
10:46:52.0452 9100 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:46:52.0545 9100 LanmanServer - ok
10:46:52.0576 9100 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:46:52.0623 9100 LanmanWorkstation - ok
10:46:52.0686 9100 [ FA4A45C179AB0E0F1A31B9751D4B18D7 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:46:52.0701 9100 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:46:52.0701 9100 LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:46:52.0717 9100 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:46:52.0810 9100 lltdio - ok
10:46:52.0857 9100 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:46:52.0951 9100 lltdsvc - ok
10:46:52.0982 9100 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:46:53.0029 9100 lmhosts - ok
10:46:53.0044 9100 [ C463A25F01C6237295917417C5E9E344 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:46:53.0060 9100 LMS - ok
10:46:53.0091 9100 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:46:53.0107 9100 LSI_FC - ok
10:46:53.0122 9100 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:46:53.0122 9100 LSI_SAS - ok
10:46:53.0138 9100 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:46:53.0154 9100 LSI_SAS2 - ok
10:46:53.0154 9100 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:46:53.0154 9100 LSI_SCSI - ok
10:46:53.0169 9100 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:46:53.0278 9100 luafv - ok
10:46:53.0310 9100 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:46:53.0341 9100 Mcx2Svc - ok
10:46:53.0388 9100 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:46:53.0403 9100 megasas - ok
10:46:53.0419 9100 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:46:53.0450 9100 MegaSR - ok
10:46:53.0481 9100 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:46:53.0497 9100 MEIx64 - ok
10:46:53.0528 9100 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:46:53.0622 9100 MMCSS - ok
10:46:53.0653 9100 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:46:53.0731 9100 Modem - ok
10:46:53.0762 9100 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:46:53.0793 9100 monitor - ok
10:46:53.0824 9100 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:46:53.0840 9100 mouclass - ok
10:46:53.0856 9100 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:46:53.0856 9100 mouhid - ok
10:46:53.0887 9100 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:46:53.0918 9100 mountmgr - ok
10:46:53.0965 9100 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:46:53.0980 9100 MozillaMaintenance - ok
10:46:54.0012 9100 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:46:54.0043 9100 mpio - ok
10:46:54.0074 9100 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:46:54.0136 9100 mpsdrv - ok
10:46:54.0168 9100 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:46:54.0246 9100 MpsSvc - ok
10:46:54.0277 9100 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:46:54.0324 9100 MRxDAV - ok
10:46:54.0370 9100 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:46:54.0433 9100 mrxsmb - ok
10:46:54.0464 9100 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:46:54.0511 9100 mrxsmb10 - ok
10:46:54.0542 9100 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:46:54.0573 9100 mrxsmb20 - ok
10:46:54.0589 9100 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:46:54.0620 9100 msahci - ok
10:46:54.0651 9100 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:46:54.0682 9100 msdsm - ok
10:46:54.0698 9100 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:46:54.0760 9100 MSDTC - ok
10:46:54.0807 9100 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:46:54.0885 9100 Msfs - ok
10:46:54.0885 9100 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:46:54.0916 9100 mshidkmdf - ok
10:46:54.0948 9100 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:46:54.0948 9100 msisadrv - ok
10:46:54.0979 9100 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:46:55.0057 9100 MSiSCSI - ok
10:46:55.0072 9100 msiserver - ok
10:46:55.0104 9100 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:46:55.0213 9100 MSKSSRV - ok
10:46:55.0213 9100 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:46:55.0275 9100 MSPCLOCK - ok
10:46:55.0291 9100 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:46:55.0384 9100 MSPQM - ok
10:46:55.0416 9100 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:46:55.0462 9100 MsRPC - ok
10:46:55.0478 9100 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:46:55.0494 9100 mssmbios - ok
10:46:55.0525 9100 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:46:55.0603 9100 MSTEE - ok
10:46:55.0603 9100 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:46:55.0618 9100 MTConfig - ok
10:46:55.0650 9100 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:46:55.0665 9100 Mup - ok
10:46:55.0712 9100 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:46:55.0806 9100 napagent - ok
10:46:55.0837 9100 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:46:55.0915 9100 NativeWifiP - ok
10:46:55.0993 9100 [ 2DBE90210DE76BE6E1653BB20EC70EC2 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120406.034\ENG64.SYS
10:46:56.0024 9100 NAVENG - ok
10:46:56.0086 9100 [ 346DA70E203B8E2C850277713DE8F71B ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120406.034\EX64.SYS
10:46:56.0149 9100 NAVEX15 - ok
10:46:56.0180 9100 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:46:56.0196 9100 NDIS - ok
10:46:56.0227 9100 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:46:56.0320 9100 NdisCap - ok
10:46:56.0336 9100 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:46:56.0383 9100 NdisTapi - ok
10:46:56.0414 9100 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:46:56.0476 9100 Ndisuio - ok
10:46:56.0492 9100 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:46:56.0586 9100 NdisWan - ok
10:46:56.0632 9100 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:46:56.0710 9100 NDProxy - ok
10:46:56.0742 9100 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:46:56.0851 9100 NetBIOS - ok
10:46:56.0898 9100 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:46:56.0991 9100 NetBT - ok
10:46:57.0022 9100 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:46:57.0038 9100 Netlogon - ok
10:46:57.0069 9100 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:46:57.0147 9100 Netman - ok
10:46:57.0178 9100 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:46:57.0241 9100 netprofm - ok
10:46:57.0303 9100 [ 24CF1304D899124336F67F88F3C15E21 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
10:46:57.0350 9100 netr28x - ok
10:46:57.0381 9100 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:46:57.0412 9100 NetTcpPortSharing - ok
10:46:57.0568 9100 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
10:46:57.0631 9100 netw5v64 - ok
10:46:57.0646 9100 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:46:57.0646 9100 nfrd960 - ok
10:46:57.0709 9100 [ E78A365CC3E0FBFC018A33DCE01909F8 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
10:46:57.0740 9100 NIS - ok
10:46:57.0756 9100 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:46:57.0802 9100 NlaSvc - ok
10:46:57.0849 9100 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:46:57.0912 9100 Npfs - ok
10:46:57.0943 9100 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:46:58.0021 9100 nsi - ok
10:46:58.0052 9100 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:46:58.0114 9100 nsiproxy - ok
10:46:58.0161 9100 [ 08849429CE646B4D10892D239F9D6A7A ] nsverctl C:\Program Files\Citrix\Secure Access Client\nsverctl.exe
10:46:58.0177 9100 nsverctl - ok
10:46:58.0239 9100 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:46:58.0317 9100 Ntfs - ok
10:46:58.0348 9100 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:46:58.0458 9100 Null - ok
10:46:58.0489 9100 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:46:58.0520 9100 nusb3hub - ok
10:46:58.0551 9100 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:46:58.0582 9100 nusb3xhc - ok
10:46:58.0614 9100 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:46:58.0645 9100 nvraid - ok
10:46:58.0676 9100 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:46:58.0707 9100 nvstor - ok
10:46:58.0723 9100 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:46:58.0754 9100 nv_agp - ok
10:46:58.0941 9100 [ 19CC46ACD6B17CE92336B33A2018765D ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
10:46:59.0035 9100 OfficeSvc - ok
10:46:59.0082 9100 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:46:59.0113 9100 ohci1394 - ok
10:46:59.0175 9100 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:46:59.0206 9100 ose - ok
10:46:59.0362 9100 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:46:59.0440 9100 osppsvc - ok
10:46:59.0487 9100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:46:59.0565 9100 p2pimsvc - ok
10:46:59.0565 9100 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:46:59.0596 9100 p2psvc - ok
10:46:59.0612 9100 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:46:59.0628 9100 Parport - ok
10:46:59.0659 9100 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:46:59.0674 9100 partmgr - ok
10:46:59.0706 9100 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:46:59.0752 9100 PcaSvc - ok
10:46:59.0784 9100 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:46:59.0799 9100 pci - ok
10:46:59.0815 9100 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:46:59.0830 9100 pciide - ok
10:46:59.0862 9100 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:46:59.0877 9100 pcmcia - ok
10:46:59.0893 9100 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:46:59.0908 9100 pcw - ok
10:46:59.0940 9100 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:47:00.0002 9100 PEAUTH - ok
10:47:00.0080 9100 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:47:00.0127 9100 PerfHost - ok
10:47:00.0205 9100 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:47:00.0283 9100 pla - ok
10:47:00.0314 9100 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:47:00.0408 9100 PlugPlay - ok
10:47:00.0439 9100 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:47:00.0454 9100 PNRPAutoReg - ok
10:47:00.0486 9100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:47:00.0532 9100 PNRPsvc - ok
10:47:00.0579 9100 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:47:00.0704 9100 PolicyAgent - ok
10:47:00.0751 9100 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:47:00.0844 9100 Power - ok
10:47:00.0876 9100 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:47:00.0969 9100 PptpMiniport - ok
10:47:01.0000 9100 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:47:01.0063 9100 Processor - ok
10:47:01.0110 9100 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:47:01.0188 9100 ProfSvc - ok
10:47:01.0203 9100 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:47:01.0234 9100 ProtectedStorage - ok
10:47:01.0250 9100 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:47:01.0359 9100 Psched - ok
10:47:01.0422 9100 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:47:01.0468 9100 ql2300 - ok
10:47:01.0468 9100 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:47:01.0484 9100 ql40xx - ok
10:47:01.0515 9100 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:47:01.0578 9100 QWAVE - ok
10:47:01.0609 9100 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:47:01.0671 9100 QWAVEdrv - ok
10:47:01.0702 9100 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:47:01.0812 9100 RasAcd - ok
10:47:01.0858 9100 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:47:01.0921 9100 RasAgileVpn - ok
10:47:01.0952 9100 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:47:02.0046 9100 RasAuto - ok
10:47:02.0077 9100 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:47:02.0155 9100 Rasl2tp - ok
10:47:02.0202 9100 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:47:02.0248 9100 RasMan - ok
10:47:02.0280 9100 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:47:02.0373 9100 RasPppoe - ok
10:47:02.0389 9100 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:47:02.0498 9100 RasSstp - ok
10:47:02.0529 9100 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:47:02.0607 9100 rdbss - ok
10:47:02.0638 9100 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:47:02.0685 9100 rdpbus - ok
10:47:02.0716 9100 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:47:02.0794 9100 RDPCDD - ok
10:47:02.0810 9100 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:47:02.0841 9100 RDPENCDD - ok
10:47:02.0872 9100 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:47:02.0904 9100 RDPREFMP - ok
10:47:02.0935 9100 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:47:03.0013 9100 RDPWD - ok
10:47:03.0060 9100 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:47:03.0075 9100 rdyboost - ok
10:47:03.0106 9100 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:47:03.0216 9100 RemoteAccess - ok
10:47:03.0262 9100 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:47:03.0356 9100 RemoteRegistry - ok
10:47:03.0403 9100 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:47:03.0450 9100 RFCOMM - ok
10:47:03.0512 9100 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
10:47:03.0559 9100 RoxioNow Service - ok
10:47:03.0574 9100 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:47:03.0668 9100 RpcEptMapper - ok
10:47:03.0699 9100 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:47:03.0730 9100 RpcLocator - ok
10:47:03.0777 9100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:47:03.0840 9100 RpcSs - ok
10:47:03.0855 9100 [ D5C3E1629A3F7F0857D27949252B94CE ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
10:47:03.0871 9100 RSPCIESTOR - ok
10:47:03.0886 9100 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:47:03.0918 9100 rspndr - ok
10:47:03.0949 9100 [ 5D6A444BD37B52FF846387C87DCDF98A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:47:03.0949 9100 RTL8167 - ok
10:47:03.0964 9100 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:47:03.0980 9100 SamSs - ok
10:47:03.0996 9100 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:47:04.0011 9100 sbp2port - ok
10:47:04.0027 9100 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:47:04.0074 9100 SCardSvr - ok
10:47:04.0120 9100 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:47:04.0214 9100 scfilter - ok
10:47:04.0276 9100 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:47:04.0401 9100 Schedule - ok
10:47:04.0448 9100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:47:04.0495 9100 SCPolicySvc - ok
10:47:04.0526 9100 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
10:47:04.0573 9100 sdbus - ok
10:47:04.0620 9100 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:47:04.0666 9100 SDRSVC - ok
10:47:04.0698 9100 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:47:04.0807 9100 secdrv - ok
10:47:04.0838 9100 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:47:04.0916 9100 seclogon - ok
10:47:04.0932 9100 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:47:04.0978 9100 SENS - ok
10:47:04.0994 9100 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:47:05.0072 9100 SensrSvc - ok
10:47:05.0088 9100 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:47:05.0134 9100 Serenum - ok
10:47:05.0150 9100 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:47:05.0181 9100 Serial - ok
10:47:05.0197 9100 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:47:05.0244 9100 sermouse - ok
10:47:05.0275 9100 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:47:05.0384 9100 SessionEnv - ok
10:47:05.0431 9100 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:47:05.0509 9100 sffdisk - ok
10:47:05.0524 9100 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:47:05.0571 9100 sffp_mmc - ok
10:47:05.0602 9100 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:47:05.0665 9100 sffp_sd - ok
10:47:05.0696 9100 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:47:05.0758 9100 sfloppy - ok
10:47:05.0790 9100 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:47:05.0899 9100 SharedAccess - ok
10:47:05.0930 9100 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:47:06.0008 9100 ShellHWDetection - ok
10:47:06.0055 9100 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:47:06.0070 9100 SiSRaid2 - ok
10:47:06.0086 9100 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:47:06.0102 9100 SiSRaid4 - ok
10:47:06.0164 9100 [ 3467821FD04A66C9786DF0C8C0219A73 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:47:06.0180 9100 SkypeUpdate - ok
10:47:06.0180 9100 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:47:06.0273 9100 Smb - ok
10:47:06.0320 9100 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:47:06.0367 9100 SNMPTRAP - ok
10:47:06.0382 9100 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:47:06.0398 9100 spldr - ok
10:47:06.0460 9100 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:47:06.0507 9100 Spooler - ok
10:47:06.0616 9100 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:47:06.0741 9100 sppsvc - ok
10:47:06.0772 9100 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:47:06.0882 9100 sppuinotify - ok
10:47:06.0975 9100 [ 90EF30C3867BCDE4579C01A6D6E75A7A ] SRTSP C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
10:47:07.0006 9100 SRTSP - ok
10:47:07.0022 9100 [ C513E8A5E7978DA49077F5484344EE1B ] SRTSPX C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
10:47:07.0022 9100 SRTSPX - ok
10:47:07.0053 9100 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:47:07.0131 9100 srv - ok
10:47:07.0162 9100 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:47:07.0209 9100 srv2 - ok
10:47:07.0256 9100 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:47:07.0287 9100 SrvHsfHDA - ok
10:47:07.0334 9100 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:47:07.0412 9100 SrvHsfV92 - ok
10:47:07.0443 9100 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:47:07.0474 9100 SrvHsfWinac - ok
10:47:07.0506 9100 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:47:07.0552 9100 srvnet - ok
10:47:07.0599 9100 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:47:07.0708 9100 SSDPSRV - ok
10:47:07.0724 9100 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:47:07.0786 9100 SstpSvc - ok
10:47:07.0833 9100 [ 7C49A5E1943AFDA4672D80726AF3BAE4 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
10:47:07.0880 9100 STacSV - ok
10:47:07.0911 9100 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:47:07.0942 9100 stexstor - ok
10:47:07.0958 9100 [ 0AAD250A31A7EE96E0945AB9E1F3BAA7 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
10:47:08.0036 9100 STHDA - ok
10:47:08.0083 9100 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:47:08.0176 9100 stisvc - ok
10:47:08.0208 9100 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:47:08.0223 9100 swenum - ok
10:47:08.0270 9100 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:47:08.0395 9100 swprv - ok
10:47:08.0442 9100 [ 6160145C7A87FC7672E8E3B886888176 ] SymDS C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
10:47:08.0473 9100 SymDS - ok
10:47:08.0504 9100 [ 96AEED40D4D3521568B42027687E69E0 ] SymEFA C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
10:47:08.0535 9100 SymEFA - ok
10:47:08.0566 9100 [ 21A1C2D694C3CF962D31F5E873AB3D6F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:47:08.0566 9100 SymEvent - ok
10:47:08.0598 9100 [ BD0D711D8CBFCAA19CA123306EAF53A5 ] SymIRON C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
10:47:08.0598 9100 SymIRON - ok
10:47:08.0629 9100 [ A6ADB3D83023F8DAA0F7B6FDA785D83B ] SymNetS C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
10:47:08.0644 9100 SymNetS - ok
10:47:08.0691 9100 [ 33E6A285DAA5134D8EA2247914C86C09 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:47:08.0738 9100 SynTP - ok
10:47:08.0816 9100 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:47:08.0894 9100 SysMain - ok
10:47:08.0925 9100 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:47:08.0941 9100 TabletInputService - ok
10:47:08.0956 9100 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:47:09.0034 9100 TapiSrv - ok
10:47:09.0050 9100 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:47:09.0097 9100 TBS - ok
10:47:09.0175 9100 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:47:09.0237 9100 Tcpip - ok
10:47:09.0284 9100 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:47:09.0315 9100 TCPIP6 - ok
10:47:09.0331 9100 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:47:09.0362 9100 tcpipreg - ok
10:47:09.0393 9100 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:47:09.0471 9100 TDPIPE - ok
10:47:09.0487 9100 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:47:09.0534 9100 TDTCP - ok
10:47:09.0580 9100 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:47:09.0658 9100 tdx - ok
10:47:09.0705 9100 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:47:09.0721 9100 TermDD - ok
10:47:09.0752 9100 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:47:09.0799 9100 TermService - ok
10:47:09.0830 9100 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:47:09.0892 9100 Themes - ok
10:47:09.0908 9100 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:47:09.0986 9100 THREADORDER - ok
10:47:09.0986 9100 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:47:10.0095 9100 TrkWks - ok
10:47:10.0158 9100 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:47:10.0251 9100 TrustedInstaller - ok
10:47:10.0298 9100 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:47:10.0392 9100 tssecsrv - ok
10:47:10.0423 9100 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:47:10.0485 9100 TsUsbFlt - ok
10:47:10.0516 9100 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:47:10.0626 9100 tunnel - ok
10:47:10.0657 9100 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:47:10.0688 9100 uagp35 - ok
10:47:10.0719 9100 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:47:10.0828 9100 udfs - ok
10:47:10.0875 9100 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:47:10.0906 9100 UI0Detect - ok
10:47:10.0938 9100 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:47:10.0953 9100 uliagpkx - ok
10:47:10.0969 9100 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:47:11.0016 9100 umbus - ok
10:47:11.0062 9100 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:47:11.0109 9100 UmPass - ok
10:47:11.0312 9100 [ 3A1ECEF8D49FC1A786A6CCD5A86A8878 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:47:11.0374 9100 UNS - ok
10:47:11.0390 9100 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:47:11.0484 9100 upnphost - ok
10:47:11.0515 9100 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:47:11.0577 9100 USBAAPL64 - ok
10:47:11.0608 9100 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:47:11.0655 9100 usbccgp - ok
10:47:11.0686 9100 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:47:11.0718 9100 usbcir - ok
10:47:11.0749 9100 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:47:11.0764 9100 usbehci - ok
10:47:11.0780 9100 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:47:11.0796 9100 usbhub - ok
10:47:11.0811 9100 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:47:11.0858 9100 usbohci - ok
10:47:11.0905 9100 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:47:11.0967 9100 usbprint - ok
10:47:12.0014 9100 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:47:12.0061 9100 USBSTOR - ok
10:47:12.0092 9100 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:47:12.0139 9100 usbuhci - ok
10:47:12.0170 9100 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:47:12.0201 9100 usbvideo - ok
10:47:12.0232 9100 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:47:12.0326 9100 UxSms - ok
10:47:12.0357 9100 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:47:12.0373 9100 VaultSvc - ok
10:47:12.0404 9100 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:47:12.0420 9100 vdrvroot - ok
10:47:12.0466 9100 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:47:12.0560 9100 vds - ok
10:47:12.0576 9100 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:47:12.0591 9100 vga - ok
10:47:12.0607 9100 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:47:12.0685 9100 VgaSave - ok
10:47:12.0732 9100 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:47:12.0747 9100 vhdmp - ok
10:47:12.0778 9100 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:47:12.0810 9100 viaide - ok
10:47:12.0825 9100 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:47:12.0841 9100 volmgr - ok
10:47:12.0872 9100 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:47:12.0919 9100 volmgrx - ok
10:47:12.0934 9100 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:47:12.0966 9100 volsnap - ok
10:47:12.0966 9100 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:47:12.0997 9100 vsmraid - ok
10:47:13.0059 9100 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:47:13.0184 9100 VSS - ok
10:47:13.0231 9100 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:47:13.0278 9100 vwifibus - ok
10:47:13.0309 9100 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:47:13.0356 9100 vwififlt - ok
10:47:13.0402 9100 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:47:13.0465 9100 W32Time - ok
10:47:13.0496 9100 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:47:13.0543 9100 WacomPen - ok
10:47:13.0590 9100 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:47:13.0683 9100 WANARP - ok
10:47:13.0699 9100 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:47:13.0761 9100 Wanarpv6 - ok
10:47:13.0808 9100 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:47:13.0855 9100 WatAdminSvc - ok
10:47:13.0948 9100 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:47:14.0011 9100 wbengine - ok
10:47:14.0026 9100 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:47:14.0042 9100 WbioSrvc - ok
10:47:14.0073 9100 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:47:14.0151 9100 wcncsvc - ok
10:47:14.0182 9100 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:47:14.0260 9100 WcsPlugInService - ok
10:47:14.0292 9100 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:47:14.0323 9100 Wd - ok
10:47:14.0370 9100 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:47:14.0416 9100 Wdf01000 - ok
10:47:14.0432 9100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:47:14.0572 9100 WdiServiceHost - ok
10:47:14.0572 9100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:47:14.0619 9100 WdiSystemHost - ok
10:47:14.0650 9100 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:47:14.0728 9100 WebClient - ok
10:47:14.0775 9100 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:47:14.0884 9100 Wecsvc - ok
10:47:14.0931 9100 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:47:15.0040 9100 wercplsupport - ok
10:47:15.0056 9100 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:47:15.0118 9100 WerSvc - ok
10:47:15.0134 9100 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:47:15.0165 9100 WfpLwf - ok
10:47:15.0181 9100 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:47:15.0181 9100 WIMMount - ok
10:47:15.0212 9100 WinDefend - ok
10:47:15.0212 9100 WinHttpAutoProxySvc - ok
10:47:15.0259 9100 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:47:15.0368 9100 Winmgmt - ok
10:47:15.0446 9100 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:47:15.0571 9100 WinRM - ok
10:47:15.0618 9100 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
10:47:15.0649 9100 WinUsb - ok
10:47:15.0696 9100 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:47:15.0774 9100 Wlansvc - ok
10:47:15.0805 9100 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:47:15.0852 9100 WmiAcpi - ok
10:47:15.0898 9100 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:47:15.0961 9100 wmiApSrv - ok
10:47:15.0992 9100 WMPNetworkSvc - ok
10:47:16.0023 9100 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:47:16.0070 9100 WPCSvc - ok
10:47:16.0086 9100 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:47:16.0132 9100 WPDBusEnum - ok
10:47:16.0148 9100 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:47:16.0242 9100 ws2ifsl - ok
10:47:16.0288 9100 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:47:16.0351 9100 wscsvc - ok
10:47:16.0382 9100 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:47:16.0429 9100 WSDPrintDevice - ok
10:47:16.0460 9100 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
10:47:16.0491 9100 WSDScan - ok
10:47:16.0507 9100 WSearch - ok
10:47:16.0600 9100 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:47:16.0663 9100 wuauserv - ok
10:47:16.0694 9100 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:47:16.0756 9100 WudfPf - ok
10:47:16.0772 9100 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:47:16.0819 9100 WUDFRd - ok
10:47:16.0850 9100 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:47:16.0912 9100 wudfsvc - ok
10:47:16.0959 9100 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:47:17.0022 9100 WwanSvc - ok
10:47:17.0084 9100 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
10:47:17.0131 9100 yukonw7 - ok
10:47:17.0162 9100 ================ Scan global ===============================
10:47:17.0193 9100 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:47:17.0224 9100 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:47:17.0240 9100 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:47:17.0271 9100 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:47:17.0302 9100 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:47:17.0302 9100 [Global] - ok
10:47:17.0302 9100 ================ Scan MBR ==================================
10:47:17.0318 9100 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:47:17.0677 9100 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:47:17.0677 9100 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:47:17.0677 9100 ================ Scan VBR ==================================
10:47:17.0692 9100 [ 22DD9776BBBCE3ACA8CE6E6ABE32B66F ] \Device\Harddisk0\DR0\Partition1
10:47:17.0692 9100 \Device\Harddisk0\DR0\Partition1 - ok
10:47:17.0739 9100 [ 2DD336662FEAF8DFCB7D6393A56BD338 ] \Device\Harddisk0\DR0\Partition2
10:47:17.0739 9100 \Device\Harddisk0\DR0\Partition2 - ok
10:47:17.0786 9100 [ 9A38CA6698648C1C930FDE0569DC7C92 ] \Device\Harddisk0\DR0\Partition3
10:47:17.0802 9100 \Device\Harddisk0\DR0\Partition3 - ok
10:47:17.0880 9100 [ E538711485DBF7D37B15663ED2DFF791 ] \Device\Harddisk0\DR0\Partition4
10:47:17.0880 9100 \Device\Harddisk0\DR0\Partition4 - ok
10:47:17.0880 9100 ============================================================
10:47:17.0880 9100 Scan finished
10:47:17.0880 9100 ============================================================
10:47:17.0895 8784 Detected object count: 5
10:47:17.0895 8784 Actual detected object count: 5
10:47:32.0793 8784 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user
10:47:32.0793 8784 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:47:32.0793 8784 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:47:32.0793 8784 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:47:32.0793 8784 FLEXnet Licensing Service 64 ( UnsignedFile.Multi.Generic ) - skipped by user
10:47:32.0793 8784 FLEXnet Licensing Service 64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:47:32.0809 8784 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:47:32.0809 8784 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:47:32.0840 8784 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
10:47:32.0840 8784 \Device\Harddisk0\DR0\TDLFS\cmd32.dll - copied to quarantine
10:47:32.0840 8784 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
10:47:32.0871 8784 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
10:47:32.0887 8784 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
10:47:32.0887 8784 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
10:47:32.0902 8784 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
10:47:32.0902 8784 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
10:47:32.0902 8784 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
10:47:32.0902 8784 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
10:47:32.0902 8784 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
10:47:32.0918 8784 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
10:47:32.0918 8784 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
10:47:32.0918 8784 \Device\Harddisk0\DR0\TDLFS\ua - copied to quarantine
10:47:32.0918 8784 \Device\Harddisk0\DR0\TDLFS - deleted
10:47:32.0918 8784 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

I will run Rough Killer
bdarger's Avatar
bdarger bdarger is offline
Member with 39 posts.
THREAD STARTER
 
Join Date: May 2013
25-May-2013, 11:54 AM #35
Rouge Killer log is below...
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files...3-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : brandon [Admin rights]
Mode : Scan -- Date : 05/25/2013 10:52:30
| ARK || FAK || MBR |

Bad processes : 0

Registry Entries : 8
[RUN][SUSP PATH] HKLM\[...]\Run : dshic ("C:\Windows\System32\rundll32.exe" "C:\Users\brandon\AppData\Roaming\dshic.dll",Method_Type) [7] -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : scogf ("C:\Windows\System32\rundll32.exe" "C:\Users\brandon\AppData\Roaming\scogf.dll",destroy_info_struct) [7] -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: ST9640320AS +++++
--- User ---
[MBR] 597da898a491cb466223cfd2bd97ac05
[BSP] cb3e273f3efe7253fd0d9aafe1a5a1da : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 593270 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1215426560 | Size: 16906 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_S_05252013_02d1052.txt >>
RKreport[1]_S_05092013_02d1139.txt ; RKreport[2]_S_05252013_02d1052.txt
Mark1956's Avatar
Malware Removal Specialist with 14,035 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
25-May-2013, 08:58 PM #36
Welcome back. Please now run RogueKiller again following these instructions below and run Rkill again and post that log also.

Please also tell me how well the system is running now.

  • Quit all running programs.
  • Start RogueKiller.exe by double clicking on the icon.
  • Wait until Prescan has finished.
  • Ensure all boxes are ticked under "Report" tab.
  • Click on Scan.
  • Click on Delete when complete.
  • Click on Report when the Deletion completes. Copy/paste the contents of the report into your next reply.
__________________
Please Copy & Paste scan results into your replies, DO NOT send them as attachments or in Code or Quote boxes unless asked to.
bdarger's Avatar
bdarger bdarger is offline
Member with 39 posts.
THREAD STARTER
 
Join Date: May 2013
26-May-2013, 02:53 PM #37
Rouge Killer below. It seems to be running normally.

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files...3-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : brandon [Admin rights]
Mode : Remove -- Date : 05/26/2013 13:51:38
| ARK || FAK || MBR |

Bad processes : 0

Registry Entries : 6
[RUN][SUSP PATH] HKLM\[...]\Run : dshic ("C:\Windows\System32\rundll32.exe" "C:\Users\brandon\AppData\Roaming\dshic.dll",Method_Type) [7] -> DELETED
[RUN][SUSP PATH] HKLM\[...]\Run : scogf ("C:\Windows\System32\rundll32.exe" "C:\Users\brandon\AppData\Roaming\scogf.dll",destroy_info_struct) [7] -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: ST9640320AS +++++
--- User ---
[MBR] 597da898a491cb466223cfd2bd97ac05
[BSP] cb3e273f3efe7253fd0d9aafe1a5a1da : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 593270 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1215426560 | Size: 16906 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[4]_D_05262013_02d1351.txt >>
RKreport[1]_S_05092013_02d1139.txt ; RKreport[2]_S_05252013_02d1052.txt ; RKreport[3]_S_05262013_02d1349.txt ; RKreport[4]_D_05262013_02d1351.txt
bdarger's Avatar
bdarger bdarger is offline
Member with 39 posts.
THREAD STARTER
 
Join Date: May 2013
26-May-2013, 02:54 PM #38
Rkill log below

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/26/2013 01:53:31 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPoli cy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Disabled

* Security Center (wscsvc) is not Running.
Startup Type set to: Disabled

* Windows Update (wuauserv) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 05/26/2013 01:53:45 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)
Mark1956's Avatar
Malware Removal Specialist with 14,035 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
26-May-2013, 05:55 PM #39
RKill still shows a couple of important service that are disabled.

Please run this tool to reset anything that may have been changed by the infection, after a reboot follow that with another scan with RKill and post the log.


Download this and save it to the desktop: Windows Repair NOTE: DO NOT use the green buttons at the top of the page as this is dubious software that could infect your system with Adware.

Close your browser and any running programs, double click on the Tweaking icon to run the tool. When the program opens click on the Step 4 tab. Under System Restore click on Create and wait for the confirmation to appear just below the button.

When complete click on the tab Start Repairs, click on the Start button. Then click on Unselect All and tick the boxes next to the following items only.

When done click on the Start button and leave it undisturbed until complete.

  • Reset Registry Permissions
  • Reset File Permissions
  • Register System Files
  • Remove Policies Set By Infections
  • Remove Temp Files
  • Unhide Non System Files
  • Repair Windows Updates
  • Set Windows Services To Default Startup
  • Repair MSI (Windows Installer)
  • Repair File Associations
  • Restore Important Windows Services


=========================================================================== =======

Please also run this scan which should pick up any remnants of the Rootkit infection.

STEP 1
NOTE: If you have already used Combofix please delete the icon from your desktop.
  • Please download DeFogger and save it to your desktop.
  • Once downloaded, double-click on the DeFogger icon to start the tool.
  • The application window will appear.
  • You should now click on the Disable button to disable your CD Emulation drivers.
  • When it prompts you whether or not you want to continue, please click on the Yes button to continue.
  • When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  • If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.



STEP 2
Please download ComboFix from one of the locations below and save it to your Desktop. <-Important!!!

Be sure to print out and follow these instructions: A guide and tutorial on using ComboFix

Vista/Windows 7 users can skip the Recovery Console instructions and use the Windows DVD to boot into the Vista Recovery Environment or Windows 7 System Recovery Options if something goes awry. If you do not have a Windows 7 DVD then please create a Windows 7 Repair Disc. XP users need to install the Recovery Console first, just follow the prompts when you run it.
  • Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Click this link to see a list of such programs and how to disable them.
  • If ComboFix detects an older version of itself, you will be asked to update the program.
  • ComboFix will begin by showing a Disclaimer. Read it and click I Agree if you want to continue.
  • Follow the prompts and click on Yes to continue scanning for malware.
  • If using Windows 7 or Vista and you receive a UAC prompt asking if you want to continue running the program, you should press the Continue button.
  • When finished, please copy and paste the contents of C:\ComboFix.txt (which will open after reboot) in your next reply.
  • Be sure to re-enable your anti-virus and other security programs.

-- Do not touch your mouse/keyboard until the ComboFix scan has completed, as this may cause the process to stall or the computer to lock.
-- ComboFix will temporarily disable your desktop, and if interrupted may leave it disabled. If this occurs, please reboot to restore it.
-- ComboFix disables autorun of all CD, floppy and USB devices to assist with malware removal and increase security.


If you no longer have access to your Internet connection after running ComboFix, please reboot to restore it. If that does not restore the connection, then follow the instructions for Manually restoring the Internet connection provided in the "How to Guide" you printed out earlier. Those instructions only apply to XP, for Vista and Windows 7 go here: Internet connection repair

NOTE: if you see a message like this when you attempt to open anything after the reboot "Illegal Operation attempted on a registry key that has been marked for deletion" please reboot the system again and the warning should not return.

Quote:
Do NOT use ComboFix unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, NOT for general public or personal use. Using this tool incorrectly could lead to serious problems with your operating system such as preventing it from ever starting again. This site, sUBs and myself will not be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Please read ComboFix's Disclaimer.
bdarger's Avatar
bdarger bdarger is offline
Member with 39 posts.
THREAD STARTER
 
Join Date: May 2013
27-May-2013, 08:27 PM #40
Rkill...

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/27/2013 07:25:37 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 05/27/2013 07:25:51 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)
bdarger's Avatar
bdarger bdarger is offline
Member with 39 posts.
THREAD STARTER
 
Join Date: May 2013
27-May-2013, 08:28 PM #41
ComboFix...
ComboFix 13-05-27.02 - brandon 05/27/2013 19:09:17.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6092.3773 [GMT -5:00]
Running from: c:\users\brandon\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\STHQ2Go7.exe.b
c:\programdata\STHQ2Go7.exe_.b
c:\users\brandon\AppData\Local\DownloadTerms\teMP.dat
c:\users\brandon\AppData\Local\Temp\VPNABB9.tmp
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Files Created from 2013-04-28 to 2013-05-28 )))))))))))))))))))))))))))))))
.
.
2013-05-28 00:13 . 2013-05-28 00:13 -------- d-----w- c:\users\sexy kate\AppData\Local\temp
2013-05-28 00:13 . 2013-05-28 00:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-27 23:23 . 2013-05-27 23:29 -------- d-----w- c:\windows\system32\catroot2
2013-05-27 20:55 . 2013-05-27 21:12 181064 ----a-w- c:\windows\PSEXESVC.EXE
2013-05-27 20:50 . 2013-05-27 20:50 -------- d-----w- c:\program files (x86)\Tweaking.com
2013-05-26 20:05 . 2013-05-26 20:05 -------- d-----w- c:\program files\Uninstaller
2013-05-26 19:53 . 2013-05-26 23:17 -------- d-----w- c:\users\brandon\AppData\Roaming\player
2013-05-26 19:50 . 2013-05-26 19:50 -------- d-----w- c:\program files (x86)\Conduit
2013-05-26 19:50 . 2013-05-26 19:50 -------- d-----w- c:\users\brandon\AppData\Local\Conduit
2013-05-26 19:50 . 2013-05-26 19:50 -------- d-----w- c:\program files (x86)\Vafmusic2
2013-05-26 19:49 . 2013-05-26 19:49 -------- d-----w- c:\program files (x86)\SearchProtect
2013-05-26 19:49 . 2013-05-26 19:49 -------- d-----w- c:\users\brandon\AppData\Local\Programs
2013-05-26 19:49 . 2013-05-26 19:49 -------- d-----w- c:\program files (x86)\SingAlong
2013-05-26 19:49 . 2013-05-28 00:13 -------- d-----w- c:\users\brandon\AppData\Local\DownloadTerms
2013-05-26 19:49 . 2013-05-26 19:55 -------- d-----w- c:\users\brandon\AppData\Roaming\SearchProtect
2013-05-23 00:49 . 2013-05-23 00:49 -------- d-----w- c:\users\brandon\AppData\Roaming\ICAClient
2013-05-21 00:14 . 2013-05-21 00:14 -------- d-----w- c:\program files (x86)\Common Files\Citrix
2013-05-09 19:11 . 2013-05-09 19:11 -------- d-----w- c:\users\brandon\AppData\Roaming\Tific
2013-05-09 18:13 . 2013-05-25 15:47 -------- d-----w- C:\TDSSKiller_Quarantine
2013-05-07 21:13 . 2013-05-07 21:13 -------- d-----w- c:\users\sexy kate\AppData\Local\Google
2013-05-07 19:58 . 2013-05-07 21:07 -------- d-----w- C:\MATS
2013-05-05 19:13 . 2013-05-05 19:13 -------- d-----w- c:\users\brandon\AppData\Roaming\Roxio Log Files
2013-05-02 03:06 . 2013-05-02 03:06 -------- d-----w- c:\users\brandon\AppData\Local\Symantec
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-25 15:53 . 2012-04-01 17:03 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-25 15:53 . 2012-02-08 17:03 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-21 00:02 . 2013-02-23 20:27 563920 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-05-08 06:10 . 2011-02-20 05:03 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
2013-04-04 19:50 . 2012-04-27 22:30 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7f3f960e-a836-45ca-8911-0accb522246e}"= "c:\program files (x86)\Vafmusic2\prxtbVafm.dll" [2013-05-16 231712]
.
[HKEY_CLASSES_ROOT\clsid\{7f3f960e-a836-45ca-8911-0accb522246e}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{7f3f960e-a836-45ca-8911-0accb522246e}]
2013-05-16 12:13 231712 ----a-w- c:\program files (x86)\Vafmusic2\prxtbVafm.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7f3f960e-a836-45ca-8911-0accb522246e}"= "c:\program files (x86)\Vafmusic2\prxtbVafm.dll" [2013-05-16 231712]
.
[HKEY_CLASSES_ROOT\clsid\{7f3f960e-a836-45ca-8911-0accb522246e}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\ex plorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-02-23 20:42 220632 ----a-w- c:\users\brandon\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSh ell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\ex plorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-02-23 20:42 220632 ----a-w- c:\users\brandon\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSh ell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\ex plorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-02-23 20:42 220632 ----a-w- c:\users\brandon\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveSh ell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-11-22 2736128]
"SearchProtect"="c:\users\brandon\AppData\Roaming\SearchProtect\bin\cltmng. exe" [2013-05-08 2852640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ru n]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2010-12-13 318520]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-09 856064]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-09 495616]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-07-27 380088]
"SearchProtectAll"="c:\program files (x86)\SearchProtect\bin\cltmng.exe" [2013-05-08 2852640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Citrix Access Gateway.lnk - c:\program files\Citrix\Secure Access Client\nsload.exe [2010-1-19 1483928]
Logitech Desktop Messenger.lnk - c:\program files (x86)\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2012-2-23 66864]
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-11-18 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Citrix\ICACLI~1\RSHook.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2010-12-01 52736]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-08 1255736]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [2012-03-02 1157240]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2012-04-25 93272]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120406.002\IDSvia64.sys [2012-02-08 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-12-01 679176]
S2 cag;Citrix cag plugin for Access Gateway;c:\program files\Common Files\Deterministic Networks\Common Files\cag.sys [2009-10-22 93720]
S2 CltMngSvc;Search Protect by Conduit Updater;c:\program files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-05-08 97056]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-06-09 555392]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2010-12-07 249672]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-11-04 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-14 30520]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-08-23 13672]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
S2 nsverctl;Citrix Secure Access Client Service;c:\program files\Citrix\Secure Access Client\nsverctl.exe [2010-01-19 154264]
S2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-04-20 1872568]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-11-23 2656280]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-12-01 4150864]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-12-01 1188616]
S3 BTMNET;Motorola Bluetooth Network Adapter Service;c:\windows\system32\DRIVERS\btmnet.sys [2010-12-01 30208]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2010-12-01 484224]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-12-11 31088]
S3 ctxva51;Citrix Virtual Adapter;c:\windows\system32\DRIVERS\ctxva51.sys [2010-01-19 45720]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-02-07 1028096]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-11-05 1041760]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-01-12 333928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-10-19 406632]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 22:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 15:53]
.
2013-05-21 c:\windows\Tasks\HPCeeScheduleForBRANDON-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2013-05-28 c:\windows\Tasks\HPCeeScheduleForbrandon.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2013-05-27 c:\windows\Tasks\HPCeeScheduleForsexy kate.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2013-05-27 c:\windows\Tasks\Sing Along Update.job
- c:\program files (x86)\SingAlong\SingalngUpdater.exe [2013-05-10 08:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-02-23 20:42 244696 ----a-w- c:\users\brandon\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyD riveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-02-23 20:42 244696 ----a-w- c:\users\brandon\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyD riveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-02-23 20:42 244696 ----a-w- c:\users\brandon\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyD riveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-05-21 00:03 2328760 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-05-21 00:03 2328760 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-05-21 00:03 2328760 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-12-02 524800]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-12-01 21705296]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-16 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-16 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-16 416024]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3294791&octid=CT3294791&SearchSource=61&CUI=UN27967944641767224&UM= 2&UP=SP34874E83-B81F-4881-B6DB-67890FB0855D
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.1.254
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files (x86)\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\users\brandon\AppData\Roaming\Mozilla\Firefox\Profiles\4ifshhpy.default\
FF - prefs.js: browser.search.selectedEngine - Vafmusic2 Customized Web Search
FF - prefs.js: browser.startup.homepage - yahoo.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3294791&SearchSource=2&CUI=UN31223290161326512&UM=2& q=
FF - ExtSQL: 2013-04-27 09:26; {bac3eb53-a317-11e2-8274-b8ac6f996f26}; c:\users\brandon\AppData\Roaming\Mozilla\Firefox\Profiles\4ifshhpy.default\ extensions\{bac3eb53-a317-11e2-8274-b8ac6f996f26}.xpi
FF - ExtSQL: 2013-05-09 09:21; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF - ExtSQL: 2013-05-25 23:00; eoppnrqmocgit@fmwplidnapyokntwh.net; c:\users\brandon\AppData\Roaming\Mozilla\Firefox\Profiles\4ifshhpy.default\ extensions\eoppnrqmocgit@fmwplidnapyokntwh.net
FF - ExtSQL: 2013-05-26 14:49; singalong@xenophesoft.com; c:\program files (x86)\SingAlong\FF
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
BHO-{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - c:\users\brandon\AppData\Local\DownloadTerms\temp.dat
Wow6432Node-HKLM-Run-CitrixReceiver - c:\programdata\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk
SafeBoot-92105180.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4} - c:\program files (x86)\InstallShield Installation Information\{9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_ 7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX .exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-05-27 19:16:16
ComboFix-quarantined-files.txt 2013-05-28 00:16
.
Pre-Run: 545,939,783,680 bytes free
Post-Run: 545,826,414,592 bytes free
.
- - End Of File - - E60B1A6A8566E0C9194BD81496205295
Mark1956's Avatar
Malware Removal Specialist with 14,035 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
28-May-2013, 03:21 AM #42
The RKill log is still showing the Security Center and Windows Update are not running and the Combofix log still shows some Adware.

Please reboot the system and run both ADWCleaner and RKill again and post both the logs.
bdarger's Avatar
bdarger bdarger is offline
Member with 39 posts.
THREAD STARTER
 
Join Date: May 2013
28-May-2013, 11:54 PM #43
Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/28/2013 10:52:15 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 05/28/2013 10:52:20 PM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)
bdarger's Avatar
bdarger bdarger is offline
Member with 39 posts.
THREAD STARTER
 
Join Date: May 2013
28-May-2013, 11:56 PM #44
# AdwCleaner v2.301 - Logfile created 05/28/2013 at 22:45:54
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : brandon - BRANDON-HP
# Boot Mode : Normal
# Running from : C:\Users\brandon\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : CltMngSvc

***** [Files / Folders] *****

File Deleted : C:\END
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\SingAlong
Folder Deleted : C:\Program Files (x86)\Vafmusic2
Folder Deleted : C:\Users\brandon\AppData\Local\Conduit
Folder Deleted : C:\Users\brandon\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\brandon\AppData\LocalLow\Vafmusic2
Folder Deleted : C:\Users\brandon\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\sexy kate\AppData\Roaming\SearchProtect

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Vafmusic2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F3F960E-A836-45CA-8911-0ACCB522246E}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3294791
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AACF7D0F-FF0C-4849-A7CE-33374F35BFD8}
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Vafmusic2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6492E171-2427-4932-B414-33574A089F5E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F3F960E-A836-45CA-8911-0ACCB522246E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AACF7D0F-FF0C-4849-A7CE-33374F35BFD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2601AA52-9395-4B77-816A-A84D8892B015}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2FAFA02-7F09-4FE0-A3D3-2436B26B13D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6492E171-2427-4932-B414-33574A089F5E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F3F960E-A836-45CA-8911-0ACCB522246E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search Protect
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vafmus ic2 Toolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7F3F960E-A836-45CA-8911-0ACCB522246E}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [singalong@xenophesoft.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7F3F960E-A836-45CA-8911-0ACCB522246E}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7F3F960E-A836-45CA-8911-0ACCB522246E}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16483

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com/?ctid=CT3294791&octid=CT3294791&SearchSource=61&CUI=UN27967944641767224&UM= 2&UP=SP34874E83-B81F-4881-B6DB-67890FB0855D --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\brandon\AppData\Roaming\Mozilla\Firefox\Profiles\4ifshhpy.default\ prefs.js

C:\Users\brandon\AppData\Roaming\Mozilla\Firefox\Profiles\4ifshhpy.default\ user.js ... Deleted !

Deleted : user_pref("CT3294791_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3294791&octid=CT329479[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Vafmusic2 Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3294791[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3294791");
Deleted : user_pref("browser.search.selectedEngine", "Vafmusic2 Customized Web Search");
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3294791&SearchSource=2&CU[...]

File : C:\Users\sexy kate\AppData\Roaming\Mozilla\Firefox\Profiles\qk70dgxy.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5095 octets] - [28/05/2013 22:45:01]
AdwCleaner[R2].txt - [5155 octets] - [28/05/2013 22:45:47]
AdwCleaner[S1].txt - [17813 octets] - [09/05/2013 10:41:19]
AdwCleaner[S2].txt - [1003 octets] - [09/05/2013 12:48:54]
AdwCleaner[S3].txt - [1063 octets] - [09/05/2013 12:55:45]
AdwCleaner[S4].txt - [1124 octets] - [09/05/2013 13:00:12]
AdwCleaner[S5].txt - [1166 octets] - [09/05/2013 20:03:42]
AdwCleaner[S6].txt - [5327 octets] - [28/05/2013 22:45:54]

########## EOF - C:\AdwCleaner[S6].txt - [5387 octets] ##########
Mark1956's Avatar
Malware Removal Specialist with 14,035 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
29-May-2013, 03:15 AM #45
There is still Adware present, sometimes ADWCleaner has to be run many times to kill it all off, but before we use it again I'd like you to update RKill. A new version has been released, please delete the RKill program and then download a fresh copy, run it again and post the log.

Please also run this scan:

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑