I just ran TDSkiller again and no threats. Do you want me to run Speccy again?
Just let me know. You have bee very helpful in working with me real time tonight.
Rick
xp running slow posting otl log as requested
Started by
RickMath
, Oct 01 2013 06:42 AM
#16
Posted 02 October 2013 - 09:35 PM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
I just ran TDSkiller again and no threats. Do you want me to run Speccy again?
Just let me know. You have bee very helpful in working with me real time tonight.
Rick
#17
Posted 02 October 2013 - 11:42 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Not sure exactly what you have done. Did TDSSKiller see the Whistler rootkit and cure it? Can you post the TDSSKiller log? Please run aswMBR again so I can see if it still sees the rootkit.
If you still have the speccy log you can just Attach it. If not, please run it again and make a new log.
If you still have the speccy log you can just Attach it. If not, please run it again and make a new log.
#18
Posted 03 October 2013 - 07:53 AM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
It appears that TDDSKiller got the Rootkit.
I have included several TDDSKiller logs at different times last night and this morning. The first one is the one that saw Rootkit.
I tried to include all the logs in a post but the post was too big. So I will post each one separately and then the aswmbr log and the Speccy log in a single post.
I have also included in the posts the aswMBR log from this morning and the Speccy log. All these follow. Not that in the aswMBR log at 8:57 an infected file was found.
Let me know what's next.
Thanks
This log saw Rootkit and the one that follows seems to not detect it.
23:20:49.0687 42152 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:20:50.0093 42152 ============================================================
23:20:50.0093 42152 Current date / time: 2013/10/02 23:20:50.0093
23:20:50.0093 42152 SystemInfo:
23:20:50.0093 42152
23:20:50.0093 42152 OS Version: 5.1.2600 ServicePack: 3.0
23:20:50.0093 42152 Product type: Workstation
23:20:50.0093 42152 ComputerName: REMARK2
23:20:50.0093 42152 UserName: Compaq_Owner
23:20:50.0093 42152 Windows directory: C:\WINDOWS
23:20:50.0093 42152 System windows directory: C:\WINDOWS
23:20:50.0093 42152 Processor architecture: Intel x86
23:20:50.0093 42152 Number of processors: 1
23:20:50.0093 42152 Page size: 0x1000
23:20:50.0093 42152 Boot type: Normal boot
23:20:50.0093 42152 ============================================================
23:20:51.0156 42152 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
23:20:51.0312 42152 Drive \Device\Harddisk1\DR3 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:20:51.0640 42152 ============================================================
23:20:51.0640 42152 \Device\Harddisk0\DR0:
23:20:51.0640 42152 MBR partitions:
23:20:51.0640 42152 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0ECC51
23:20:51.0640 42152 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F07A0, BlocksNum 0xEA2C70
23:20:51.0640 42152 \Device\Harddisk1\DR3:
23:20:51.0640 42152 MBR partitions:
23:20:51.0640 42152 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
23:20:51.0640 42152 ============================================================
23:20:51.0687 42152 C: <-> \Device\Harddisk0\DR0\Partition1
23:20:51.0703 42152 D: <-> \Device\Harddisk0\DR0\Partition2
23:20:51.0734 42152 F: <-> \Device\Harddisk1\DR3\Partition1
23:20:51.0734 42152 ============================================================
23:20:51.0734 42152 Initialize success
23:20:51.0734 42152 ============================================================
23:20:53.0234 42216 ============================================================
23:20:53.0234 42216 Scan started
23:20:53.0234 42216 Mode: Manual;
23:20:53.0234 42216 ============================================================
23:20:54.0031 42216 ================ Scan system memory ========================
23:20:54.0031 42216 System memory - ok
23:20:54.0031 42216 ================ Scan services =============================
23:20:54.0218 42216 Abiosdsk - ok
23:20:54.0218 42216 abp480n5 - ok
23:20:54.0281 42216 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:20:54.0281 42216 ACPI - ok
23:20:54.0328 42216 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:20:54.0328 42216 ACPIEC - ok
23:20:54.0484 42216 [ 93E118B465160D9D01907EA3350353CA ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
23:20:54.0500 42216 AcrSch2Svc - ok
23:20:54.0500 42216 Ad-Watch Connect Filter - ok
23:20:54.0546 42216 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:20:54.0562 42216 Adobe LM Service - ok
23:20:54.0703 42216 [ 41D15EAD554396BF35B7C5246AD47A28 ] Adobe Version Cue CS2 C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
23:20:54.0703 42216 Adobe Version Cue CS2 - ok
23:20:54.0812 42216 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:20:54.0812 42216 AdobeFlashPlayerUpdateSvc - ok
23:20:54.0828 42216 adpu160m - ok
23:20:54.0968 42216 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
23:20:55.0031 42216 AdvancedSystemCareService6 - ok
23:20:55.0093 42216 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:20:55.0093 42216 aec - ok
23:20:55.0171 42216 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:20:55.0171 42216 AFD - ok
23:20:55.0171 42216 Aha154x - ok
23:20:55.0187 42216 aic78u2 - ok
23:20:55.0187 42216 aic78xx - ok
23:20:55.0234 42216 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:20:55.0234 42216 Alerter - ok
23:20:55.0265 42216 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
23:20:55.0265 42216 ALG - ok
23:20:55.0281 42216 AliIde - ok
23:20:55.0328 42216 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
23:20:55.0328 42216 AmdK8 - ok
23:20:55.0328 42216 amsint - ok
23:20:55.0421 42216 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
23:20:55.0421 42216 APC UPS Service - ok
23:20:55.0531 42216 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:20:55.0531 42216 Apple Mobile Device - ok
23:20:55.0531 42216 AppMgmt - ok
23:20:55.0546 42216 asc - ok
23:20:55.0546 42216 asc3350p - ok
23:20:55.0562 42216 asc3550 - ok
23:20:55.0734 42216 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:20:55.0734 42216 aspnet_state - ok
23:20:55.0765 42216 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:20:55.0765 42216 AsyncMac - ok
23:20:55.0796 42216 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:20:55.0796 42216 atapi - ok
23:20:55.0812 42216 Atdisk - ok
23:20:55.0843 42216 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:20:55.0843 42216 Atmarpc - ok
23:20:55.0890 42216 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:20:55.0906 42216 AudioSrv - ok
23:20:56.0015 42216 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:20:56.0015 42216 audstub - ok
23:20:56.0031 42216 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:20:56.0031 42216 Beep - ok
23:20:56.0328 42216 [ F4220FE21B61F45A1CA2E524A6E9B1FC ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130924.001\BHDrvx86.sys
23:20:56.0390 42216 BHDrvx86 - ok
23:20:56.0437 42216 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
23:20:56.0437 42216 BITS - ok
23:20:56.0546 42216 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:20:56.0562 42216 Bonjour Service - ok
23:20:56.0625 42216 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
23:20:56.0625 42216 Browser - ok
23:20:56.0671 42216 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
23:20:56.0671 42216 BVRPMPR5 - ok
23:20:56.0718 42216 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:20:56.0718 42216 cbidf2k - ok
23:20:56.0750 42216 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:20:56.0750 42216 CCDECODE - ok
23:20:56.0843 42216 [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1404000.028\ccSetx86.sys
23:20:56.0859 42216 ccSet_NAV - ok
23:20:56.0859 42216 cd20xrnt - ok
23:20:56.0890 42216 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:20:56.0890 42216 Cdaudio - ok
23:20:56.0953 42216 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:20:56.0953 42216 Cdfs - ok
23:20:56.0984 42216 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:20:56.0984 42216 Cdrom - ok
23:20:56.0984 42216 Changer - ok
23:20:57.0078 42216 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:20:57.0093 42216 CiSvc - ok
23:20:57.0140 42216 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:20:57.0156 42216 ClipSrv - ok
23:20:57.0265 42216 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:20:57.0343 42216 clr_optimization_v2.0.50727_32 - ok
23:20:57.0390 42216 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:20:57.0421 42216 clr_optimization_v4.0.30319_32 - ok
23:20:57.0421 42216 CmdIde - ok
23:20:57.0453 42216 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:20:57.0453 42216 Compbatt - ok
23:20:57.0468 42216 COMSysApp - ok
23:20:57.0484 42216 Cpqarray - ok
23:20:57.0640 42216 cpuz135 - ok
23:20:57.0703 42216 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:20:57.0703 42216 CryptSvc - ok
23:20:57.0703 42216 dac2w2k - ok
23:20:57.0718 42216 dac960nt - ok
23:20:57.0781 42216 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:20:57.0781 42216 DcomLaunch - ok
23:20:57.0843 42216 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:20:57.0843 42216 Dhcp - ok
23:20:57.0906 42216 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:20:57.0906 42216 Disk - ok
23:20:57.0921 42216 dmadmin - ok
23:20:57.0968 42216 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:20:57.0968 42216 dmboot - ok
23:20:58.0000 42216 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:20:58.0000 42216 dmio - ok
23:20:58.0031 42216 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:20:58.0031 42216 dmload - ok
23:20:58.0062 42216 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:20:58.0078 42216 dmserver - ok
23:20:58.0156 42216 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:20:58.0156 42216 DMusic - ok
23:20:58.0218 42216 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:20:58.0218 42216 Dnscache - ok
23:20:58.0281 42216 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:20:58.0281 42216 Dot3svc - ok
23:20:58.0281 42216 dpti2o - ok
23:20:58.0328 42216 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:20:58.0328 42216 drmkaud - ok
23:20:58.0359 42216 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:20:58.0359 42216 EapHost - ok
23:20:58.0468 42216 [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
23:20:58.0484 42216 eeCtrl - ok
23:20:58.0515 42216 [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:20:58.0515 42216 EraserUtilRebootDrv - ok
23:20:58.0562 42216 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:20:58.0562 42216 ERSvc - ok
23:20:58.0609 42216 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
23:20:58.0625 42216 Eventlog - ok
23:20:58.0687 42216 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
23:20:58.0687 42216 EventSystem - ok
23:20:58.0750 42216 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:20:58.0750 42216 Fastfat - ok
23:20:58.0796 42216 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:20:58.0796 42216 FastUserSwitchingCompatibility - ok
23:20:58.0812 42216 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
23:20:58.0812 42216 Fdc - ok
23:20:58.0859 42216 [ 678EB001BD22AAAF7C029523477B5C43 ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
23:20:58.0859 42216 FilterService - ok
23:20:58.0890 42216 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:20:58.0890 42216 Fips - ok
23:20:58.0953 42216 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:20:58.0984 42216 FLEXnet Licensing Service - ok
23:20:59.0015 42216 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
23:20:59.0015 42216 Flpydisk - ok
23:20:59.0078 42216 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:20:59.0078 42216 FltMgr - ok
23:20:59.0171 42216 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:20:59.0171 42216 FontCache3.0.0.0 - ok
23:20:59.0250 42216 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:20:59.0250 42216 Fs_Rec - ok
23:20:59.0312 42216 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:20:59.0328 42216 Ftdisk - ok
23:20:59.0328 42216 ftsata2 - ok
23:20:59.0359 42216 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:20:59.0359 42216 GEARAspiWDM - ok
23:20:59.0421 42216 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:20:59.0421 42216 Gpc - ok
23:20:59.0453 42216 [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
23:20:59.0453 42216 grmnusb - ok
23:20:59.0593 42216 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:20:59.0593 42216 gupdate - ok
23:20:59.0609 42216 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:20:59.0609 42216 gupdatem - ok
23:20:59.0656 42216 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:20:59.0671 42216 gusvc - ok
23:20:59.0703 42216 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:20:59.0703 42216 HDAudBus - ok
23:20:59.0796 42216 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:20:59.0796 42216 helpsvc - ok
23:20:59.0843 42216 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys
23:20:59.0843 42216 HidBatt - ok
23:20:59.0875 42216 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
23:20:59.0890 42216 HidServ - ok
23:20:59.0906 42216 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:20:59.0906 42216 HidUsb - ok
23:20:59.0953 42216 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:20:59.0953 42216 hkmsvc - ok
23:20:59.0953 42216 hpn - ok
23:21:00.0015 42216 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:21:00.0015 42216 HTTP - ok
23:21:00.0078 42216 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:21:00.0078 42216 HTTPFilter - ok
23:21:00.0078 42216 i2omgmt - ok
23:21:00.0093 42216 i2omp - ok
23:21:00.0156 42216 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:21:00.0156 42216 i8042prt - ok
23:21:00.0250 42216 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
23:21:00.0250 42216 IDriverT - ok
23:21:00.0328 42216 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:21:00.0343 42216 idsvc - ok
23:21:00.0468 42216 [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20131002.001\IDSxpx86.sys
23:21:00.0468 42216 IDSxpx86 - ok
23:21:00.0515 42216 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:21:00.0515 42216 Imapi - ok
23:21:00.0562 42216 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:21:00.0578 42216 ImapiService - ok
23:21:00.0578 42216 ini910u - ok
23:21:00.0765 42216 [ AB2FE0FAA519880BD16E4A0792D633D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:21:00.0796 42216 IntcAzAudAddService - ok
23:21:00.0812 42216 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
23:21:00.0812 42216 IntelIde - ok
23:21:00.0859 42216 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:21:00.0859 42216 intelppm - ok
23:21:01.0000 42216 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
23:21:01.0000 42216 IntuitUpdateService - ok
23:21:01.0062 42216 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
23:21:01.0062 42216 IntuitUpdateServiceV4 - ok
23:21:01.0093 42216 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
23:21:01.0093 42216 Ip6Fw - ok
23:21:01.0156 42216 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:21:01.0156 42216 IpFilterDriver - ok
23:21:01.0203 42216 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:21:01.0203 42216 IpInIp - ok
23:21:01.0250 42216 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:21:01.0250 42216 IpNat - ok
23:21:01.0328 42216 [ C00149A7027081539A66DC5A46695EAD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:21:01.0359 42216 iPod Service - ok
23:21:01.0375 42216 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:21:01.0375 42216 IPSec - ok
23:21:01.0421 42216 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:21:01.0421 42216 IRENUM - ok
23:21:01.0453 42216 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:21:01.0453 42216 isapnp - ok
23:21:01.0593 42216 JavaQuickStarterService - ok
23:21:01.0640 42216 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:21:01.0640 42216 Kbdclass - ok
23:21:01.0687 42216 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:21:01.0687 42216 kbdhid - ok
23:21:01.0718 42216 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:21:01.0718 42216 kmixer - ok
23:21:01.0765 42216 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:21:01.0765 42216 KSecDD - ok
23:21:01.0828 42216 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
23:21:01.0828 42216 lanmanserver - ok
23:21:01.0890 42216 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:21:01.0906 42216 lanmanworkstation - ok
23:21:01.0906 42216 Lbd - ok
23:21:01.0968 42216 [ 12E54181D584F72296FD6EC72309BD94 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
23:21:01.0968 42216 LBeepKE - ok
23:21:01.0968 42216 lbrtfdc - ok
23:21:02.0078 42216 [ 54581F1B8A4B517040AD316E5C430A2C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
23:21:02.0093 42216 LBTServ - ok
23:21:02.0125 42216 [ 2A727534372EDE8C0A4EDB1F037A44BF ] LEqdUsb C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
23:21:02.0125 42216 LEqdUsb - ok
23:21:02.0156 42216 [ 9C694DFC271AC043E4FA8DDF8BB4C57E ] LHidEqd C:\WINDOWS\system32\Drivers\LHidEqd.Sys
23:21:02.0156 42216 LHidEqd - ok
23:21:02.0203 42216 [ 5001C2B3557B53DED02ABED3BCC6FD2D ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
23:21:02.0203 42216 LHidFilt - ok
23:21:02.0281 42216 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:21:02.0281 42216 LmHosts - ok
23:21:02.0328 42216 [ 3AD9369E5D17014971A11728F198994C ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
23:21:02.0328 42216 LMouFilt - ok
23:21:02.0421 42216 [ F38E7600E2188B0FC640EBA498EC1D8F ] Lvckap C:\WINDOWS\system32\drivers\Lvckap.sys
23:21:02.0437 42216 Lvckap - ok
23:21:02.0515 42216 [ 98F2EB95589A29C3BAAD859779B5BAF4 ] lvmvdrv C:\WINDOWS\system32\drivers\lvmvdrv.sys
23:21:02.0531 42216 lvmvdrv - ok
23:21:02.0593 42216 [ 0354C6A753360CA5E1FE1EBA81CB1A35 ] LVPrcMon C:\WINDOWS\system32\drivers\LVPrcMon.sys
23:21:02.0593 42216 LVPrcMon - ok
23:21:02.0703 42216 [ 5576C4A655A5E18D5F93F01C6B2C30C4 ] LVPrcSrv c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
23:21:02.0703 42216 LVPrcSrv - ok
23:21:02.0750 42216 [ B8EDA4ECE968EABF99DC02141BAAA4E8 ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
23:21:02.0750 42216 LVUSBSta - ok
23:21:02.0828 42216 [ 9AE25062E3DC02DF670C7A4A2CFAE30C ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
23:21:02.0828 42216 LVUVC - ok
23:21:02.0843 42216 mdmxsdk - ok
23:21:02.0875 42216 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:21:02.0875 42216 Messenger - ok
23:21:02.0906 42216 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:21:02.0906 42216 mnmdd - ok
23:21:02.0953 42216 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:21:02.0953 42216 mnmsrvc - ok
23:21:03.0000 42216 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:21:03.0000 42216 Modem - ok
23:21:03.0031 42216 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:21:03.0031 42216 Mouclass - ok
23:21:03.0093 42216 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:21:03.0093 42216 mouhid - ok
23:21:03.0125 42216 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:21:03.0125 42216 MountMgr - ok
23:21:03.0187 42216 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:21:03.0187 42216 MozillaMaintenance - ok
23:21:03.0203 42216 mraid35x - ok
23:21:03.0234 42216 MREMP50 - ok
23:21:03.0234 42216 MREMP50a64 - ok
23:21:03.0250 42216 MREMPR5 - ok
23:21:03.0250 42216 MRENDIS5 - ok
23:21:03.0265 42216 MRESP50 - ok
23:21:03.0265 42216 MRESP50a64 - ok
23:21:03.0296 42216 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:21:03.0296 42216 MRxDAV - ok
23:21:03.0359 42216 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:21:03.0359 42216 MRxSmb - ok
23:21:03.0375 42216 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:21:03.0375 42216 Msfs - ok
23:21:03.0390 42216 MSIServer - ok
23:21:03.0437 42216 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:21:03.0437 42216 MSKSSRV - ok
23:21:03.0453 42216 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:21:03.0453 42216 MSPCLOCK - ok
23:21:03.0484 42216 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:21:03.0484 42216 MSPQM - ok
23:21:03.0515 42216 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:21:03.0515 42216 mssmbios - ok
23:21:03.0562 42216 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:21:03.0562 42216 MSTEE - ok
23:21:03.0593 42216 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:21:03.0593 42216 Mup - ok
23:21:03.0640 42216 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:21:03.0640 42216 NABTSFEC - ok
23:21:03.0671 42216 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:21:03.0671 42216 napagent - ok
23:21:03.0796 42216 [ 1BF9D6476061B31CD7FC2BF848529A56 ] NAV C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
23:21:03.0812 42216 NAV - ok
23:21:03.0921 42216 [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.009\NAVENG.SYS
23:21:03.0921 42216 NAVENG - ok
23:21:03.0984 42216 [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.009\NAVEX15.SYS
23:21:04.0031 42216 NAVEX15 - ok
23:21:04.0078 42216 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:21:04.0078 42216 NDIS - ok
23:21:04.0125 42216 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:21:04.0125 42216 NdisIP - ok
23:21:04.0187 42216 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:21:04.0187 42216 NdisTapi - ok
23:21:04.0203 42216 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:21:04.0203 42216 Ndisuio - ok
23:21:04.0218 42216 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:21:04.0218 42216 NdisWan - ok
23:21:04.0265 42216 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:21:04.0265 42216 NDProxy - ok
23:21:04.0343 42216 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:21:04.0343 42216 NetBIOS - ok
23:21:04.0359 42216 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:21:04.0359 42216 NetBT - ok
23:21:04.0406 42216 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
23:21:04.0406 42216 NetDDE - ok
23:21:04.0421 42216 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:21:04.0421 42216 NetDDEdsdm - ok
23:21:04.0468 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:21:04.0468 42216 Netlogon - ok
23:21:04.0515 42216 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
23:21:04.0515 42216 Netman - ok
23:21:04.0562 42216 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:21:04.0562 42216 NetTcpPortSharing - ok
23:21:04.0609 42216 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
23:21:04.0609 42216 Nla - ok
23:21:04.0671 42216 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:21:04.0671 42216 Npfs - ok
23:21:04.0703 42216 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:21:04.0703 42216 Ntfs - ok
23:21:04.0718 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:21:04.0718 42216 NtLmSsp - ok
23:21:04.0781 42216 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:21:04.0781 42216 NtmsSvc - ok
23:21:04.0812 42216 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
23:21:04.0812 42216 NuidFltr - ok
23:21:04.0859 42216 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:21:04.0859 42216 Null - ok
23:21:05.0171 42216 [ 4C3696C1ED1A36629EBB348BF745A328 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:21:05.0234 42216 nv - ok
23:21:05.0296 42216 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23:21:05.0296 42216 NVENETFD - ok
23:21:05.0343 42216 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23:21:05.0343 42216 nvnetbus - ok
23:21:05.0406 42216 [ 96F1A6F0A0D4F11047DF2F5C17C87E9D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
23:21:05.0421 42216 NVSvc - ok
23:21:05.0453 42216 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:21:05.0453 42216 NwlnkFlt - ok
23:21:05.0468 42216 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:21:05.0468 42216 NwlnkFwd - ok
23:21:05.0500 42216 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
23:21:05.0515 42216 NwlnkIpx - ok
23:21:05.0515 42216 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
23:21:05.0515 42216 NwlnkNb - ok
23:21:05.0578 42216 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
23:21:05.0578 42216 NwlnkSpx - ok
23:21:05.0625 42216 [ 4B83FCBBE72AF5F99D109798653E8B78 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
23:21:05.0625 42216 NwSapAgent - ok
23:21:05.0765 42216 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:21:05.0781 42216 odserv - ok
23:21:05.0828 42216 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:21:05.0828 42216 ose - ok
23:21:05.0937 42216 [ F01465E8D4A3ED49477DD3E2858D70C1 ] PanoptoRecorderService C:\Program Files\Panopto\Focus Recorder\Recorder.exe
23:21:05.0968 42216 PanoptoRecorderService - ok
23:21:06.0015 42216 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:21:06.0015 42216 Parport - ok
23:21:06.0031 42216 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:21:06.0031 42216 PartMgr - ok
23:21:06.0078 42216 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:21:06.0078 42216 ParVdm - ok
23:21:06.0125 42216 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:21:06.0125 42216 PCI - ok
23:21:06.0140 42216 PCIDump - ok
23:21:06.0156 42216 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:21:06.0156 42216 PCIIde - ok
23:21:06.0187 42216 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:21:06.0187 42216 Pcmcia - ok
23:21:06.0187 42216 PDCOMP - ok
23:21:06.0203 42216 PDFRAME - ok
23:21:06.0218 42216 PDRELI - ok
23:21:06.0218 42216 PDRFRAME - ok
23:21:06.0234 42216 perc2 - ok
23:21:06.0234 42216 perc2hib - ok
23:21:06.0281 42216 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
23:21:06.0281 42216 PlugPlay - ok
23:21:06.0328 42216 [ B4F59A953EF9E507F0D00C3A68580B8B ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
23:21:06.0328 42216 Point32 - ok
23:21:06.0359 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:21:06.0359 42216 PolicyAgent - ok
23:21:06.0421 42216 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:21:06.0421 42216 PptpMiniport - ok
23:21:06.0437 42216 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
23:21:06.0437 42216 Processor - ok
23:21:06.0453 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:21:06.0453 42216 ProtectedStorage - ok
23:21:06.0468 42216 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:21:06.0468 42216 PSched - ok
23:21:06.0500 42216 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:21:06.0500 42216 Ptilink - ok
23:21:06.0578 42216 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:21:06.0578 42216 PxHelp20 - ok
23:21:06.0593 42216 ql1080 - ok
23:21:06.0593 42216 Ql10wnt - ok
23:21:06.0609 42216 ql12160 - ok
23:21:06.0609 42216 ql1240 - ok
23:21:06.0625 42216 ql1280 - ok
23:21:06.0640 42216 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:21:06.0640 42216 RasAcd - ok
23:21:06.0687 42216 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:21:06.0687 42216 RasAuto - ok
23:21:06.0718 42216 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:21:06.0718 42216 Rasl2tp - ok
23:21:06.0781 42216 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:21:06.0781 42216 RasMan - ok
23:21:06.0812 42216 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:21:06.0812 42216 RasPppoe - ok
23:21:06.0843 42216 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:21:06.0843 42216 Raspti - ok
23:21:06.0968 42216 [ B694467B0325267C8EABF04A71D53D99 ] rcp_service C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe
23:21:06.0984 42216 rcp_service - ok
23:21:07.0015 42216 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:21:07.0015 42216 Rdbss - ok
23:21:07.0062 42216 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:21:07.0062 42216 RDPCDD - ok
23:21:07.0125 42216 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:21:07.0140 42216 RDPWD - ok
23:21:07.0171 42216 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:21:07.0187 42216 RDSessMgr - ok
23:21:07.0218 42216 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:21:07.0218 42216 redbook - ok
23:21:07.0265 42216 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:21:07.0265 42216 RemoteAccess - ok
23:21:07.0312 42216 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
23:21:07.0312 42216 RpcLocator - ok
23:21:07.0343 42216 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:21:07.0343 42216 RpcSs - ok
23:21:07.0390 42216 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:21:07.0406 42216 RSVP - ok
23:21:07.0437 42216 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
23:21:07.0437 42216 rtl8139 - ok
23:21:07.0453 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
23:21:07.0468 42216 SamSs - ok
23:21:07.0468 42216 SBRE - ok
23:21:07.0515 42216 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:21:07.0515 42216 SCardSvr - ok
23:21:07.0562 42216 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:21:07.0578 42216 Schedule - ok
23:21:07.0687 42216 [ 8582611E53929C9B18F6488A772A3EEF ] Seagate Dashboard Services C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
23:21:07.0687 42216 Seagate Dashboard Services - ok
23:21:07.0734 42216 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:21:07.0734 42216 Secdrv - ok
23:21:07.0765 42216 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:21:07.0781 42216 seclogon - ok
23:21:07.0796 42216 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
23:21:07.0796 42216 SENS - ok
23:21:07.0859 42216 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
23:21:07.0859 42216 Serial - ok
23:21:07.0937 42216 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:21:07.0937 42216 Sfloppy - ok
23:21:08.0000 42216 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:21:08.0000 42216 SharedAccess - ok
23:21:08.0031 42216 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:21:08.0031 42216 ShellHWDetection - ok
23:21:08.0046 42216 Simbad - ok
23:21:08.0078 42216 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:21:08.0078 42216 SLIP - ok
23:21:08.0140 42216 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
23:21:08.0156 42216 SmartDefragDriver - ok
23:21:08.0187 42216 [ E78C98378A071CE4D48A7C514FA98FA1 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
23:21:08.0187 42216 snapman - ok
23:21:08.0203 42216 Sparrow - ok
23:21:08.0218 42216 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:21:08.0218 42216 splitter - ok
23:21:08.0281 42216 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:21:08.0281 42216 Spooler - ok
23:21:08.0296 42216 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:21:08.0296 42216 sr - ok
23:21:08.0359 42216 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
23:21:08.0359 42216 srservice - ok
23:21:08.0468 42216 [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP C:\WINDOWS\System32\Drivers\NAV\1404000.028\SRTSP.SYS
23:21:08.0484 42216 SRTSP - ok
23:21:08.0531 42216 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NAV\1404000.028\SRTSPX.SYS
23:21:08.0531 42216 SRTSPX - ok
23:21:08.0609 42216 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:21:08.0609 42216 Srv - ok
23:21:08.0656 42216 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:21:08.0656 42216 SSDPSRV - ok
23:21:08.0734 42216 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:21:08.0734 42216 stisvc - ok
23:21:08.0781 42216 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:21:08.0781 42216 streamip - ok
23:21:08.0812 42216 [ C86A229BB5CB5DC47498B2C530A9458E ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
23:21:08.0812 42216 SWDUMon - ok
23:21:08.0859 42216 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:21:08.0859 42216 swenum - ok
23:21:08.0875 42216 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:21:08.0875 42216 swmidi - ok
23:21:08.0890 42216 SwPrv - ok
23:21:08.0906 42216 symc810 - ok
23:21:08.0906 42216 symc8xx - ok
23:21:08.0968 42216 [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMDS.SYS
23:21:08.0968 42216 SymDS - ok
23:21:09.0031 42216 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMEFA.SYS
23:21:09.0046 42216 SymEFA - ok
23:21:09.0109 42216 [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
23:21:09.0109 42216 SymEvent - ok
23:21:09.0171 42216 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIM C:\WINDOWS\system32\DRIVERS\SymIM.sys
23:21:09.0171 42216 SymIM - ok
23:21:09.0187 42216 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIMMP C:\WINDOWS\system32\DRIVERS\SymIM.sys
23:21:09.0187 42216 SymIMMP - ok
23:21:09.0234 42216 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NAV\1404000.028\Ironx86.SYS
23:21:09.0250 42216 SymIRON - ok
23:21:09.0312 42216 [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI C:\WINDOWS\System32\Drivers\NAV\1404000.028\SYMTDI.SYS
23:21:09.0312 42216 SYMTDI - ok
23:21:09.0328 42216 sym_hi - ok
23:21:09.0328 42216 sym_u3 - ok
23:21:09.0390 42216 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:21:09.0390 42216 sysaudio - ok
23:21:09.0421 42216 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:21:09.0437 42216 SysmonLog - ok
23:21:09.0484 42216 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:21:09.0484 42216 TapiSrv - ok
23:21:09.0562 42216 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:21:09.0562 42216 Tcpip - ok
23:21:09.0593 42216 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:21:09.0593 42216 TDPIPE - ok
23:21:09.0625 42216 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:21:09.0625 42216 TDTCP - ok
23:21:09.0656 42216 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:21:09.0656 42216 TermDD - ok
23:21:09.0718 42216 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
23:21:09.0734 42216 TermService - ok
23:21:09.0750 42216 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
23:21:09.0750 42216 Themes - ok
23:21:09.0812 42216 [ D352FFF2A623B916C08CEACBFC8B5C32 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
23:21:09.0812 42216 tifsfilter - ok
23:21:09.0859 42216 [ 64694B2A5C772E1C61FEAC300ED90CA6 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
23:21:09.0859 42216 timounter - ok
23:21:09.0875 42216 TosIde - ok
23:21:09.0921 42216 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:21:09.0921 42216 TrkWks - ok
23:21:09.0953 42216 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:21:09.0968 42216 Udfs - ok
23:21:09.0968 42216 ultra - ok
23:21:10.0031 42216 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:21:10.0031 42216 Update - ok
23:21:10.0078 42216 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:21:10.0078 42216 upnphost - ok
23:21:10.0109 42216 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
23:21:10.0109 42216 UPS - ok
23:21:10.0171 42216 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
23:21:10.0171 42216 USBAAPL - ok
23:21:10.0250 42216 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:21:10.0250 42216 usbaudio - ok
23:21:10.0296 42216 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:21:10.0296 42216 usbccgp - ok
23:21:10.0328 42216 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:21:10.0328 42216 usbehci - ok
23:21:10.0375 42216 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:21:10.0375 42216 usbhub - ok
23:21:10.0390 42216 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:21:10.0390 42216 usbohci - ok
23:21:10.0453 42216 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:21:10.0453 42216 usbstor - ok
23:21:10.0484 42216 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:21:10.0484 42216 usbuhci - ok
23:21:10.0515 42216 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:21:10.0515 42216 VgaSave - ok
23:21:10.0562 42216 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
23:21:10.0562 42216 ViaIde - ok
23:21:10.0578 42216 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:21:10.0578 42216 VolSnap - ok
23:21:10.0625 42216 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
23:21:10.0640 42216 VSS - ok
23:21:10.0671 42216 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
23:21:10.0687 42216 W32Time - ok
23:21:10.0703 42216 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:21:10.0703 42216 Wanarp - ok
23:21:10.0750 42216 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:21:10.0765 42216 Wdf01000 - ok
23:21:10.0765 42216 WDICA - ok
23:21:10.0812 42216 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:21:10.0812 42216 wdmaud - ok
23:21:10.0859 42216 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:21:10.0875 42216 WebClient - ok
23:21:10.0968 42216 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
23:21:10.0968 42216 WinDefend - ok
23:21:11.0078 42216 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:21:11.0093 42216 winmgmt - ok
23:21:11.0156 42216 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
23:21:11.0171 42216 WinRM - ok
23:21:11.0218 42216 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:21:11.0218 42216 WmdmPmSN - ok
23:21:11.0250 42216 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:21:11.0265 42216 WmiApSrv - ok
23:21:11.0359 42216 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
23:21:11.0390 42216 WMPNetworkSvc - ok
23:21:11.0500 42216 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:21:11.0531 42216 WPFFontCache_v0400 - ok
23:21:11.0593 42216 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:21:11.0593 42216 wscsvc - ok
23:21:11.0640 42216 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:21:11.0640 42216 WSTCODEC - ok
23:21:11.0671 42216 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:21:11.0687 42216 wuauserv - ok
23:21:11.0718 42216 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:21:11.0734 42216 WudfPf - ok
23:21:11.0750 42216 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
23:21:11.0750 42216 WudfSvc - ok
23:21:11.0812 42216 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:21:11.0812 42216 WZCSVC - ok
23:21:11.0859 42216 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:21:11.0859 42216 xmlprov - ok
23:21:11.0875 42216 ================ Scan global ===============================
23:21:11.0906 42216 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:21:11.0968 42216 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
23:21:12.0000 42216 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
23:21:12.0015 42216 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:21:12.0015 42216 [Global] - ok
23:21:12.0015 42216 ================ Scan MBR ==================================
23:21:12.0046 42216 [ B43C418AB9A62FCAEFFE647C9F7AA165 ] \Device\Harddisk0\DR0
23:21:12.0078 42216 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
23:21:12.0078 42216 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
23:21:12.0078 42216 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
23:21:12.0093 42216 \Device\Harddisk1\DR3 - ok
23:21:12.0093 42216 ================ Scan VBR ==================================
23:21:12.0109 42216 [ BE16CA4E2F814B60560933BBBDD2C762 ] \Device\Harddisk0\DR0\Partition1
23:21:12.0109 42216 \Device\Harddisk0\DR0\Partition1 - ok
23:21:12.0125 42216 [ 2827A630494220D8C78EAFC1DD7D35DB ] \Device\Harddisk0\DR0\Partition2
23:21:12.0125 42216 \Device\Harddisk0\DR0\Partition2 - ok
23:21:12.0140 42216 [ 8131F34771EA2DF6ED34799EB6547DDB ] \Device\Harddisk1\DR3\Partition1
23:21:12.0156 42216 \Device\Harddisk1\DR3\Partition1 - ok
23:21:12.0156 42216 ============================================================
23:21:12.0156 42216 Scan finished
23:21:12.0156 42216 ============================================================
23:21:12.0171 42208 Detected object count: 1
23:21:12.0171 42208 Actual detected object count: 1
23:21:43.0250 42208 \Device\Harddisk0\DR0\# - copied to quarantine
23:21:43.0250 42208 \Device\Harddisk0\DR0 - copied to quarantine
23:21:43.0734 42208 \Device\Harddisk0\DR0 - processing error
23:21:53.0843 42208 \Device\Harddisk0\DR0 - will be restored on reboot
23:21:53.0843 42208 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure Restore
23:21:58.0265 42116 Deinitialize success
00:51:46.0484 1568 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:51:47.0031 1568 ============================================================
00:51:47.0031 1568 Current date / time: 2013/10/03 00:51:47.0031
00:51:47.0031 1568 SystemInfo:
00:51:47.0031 1568
00:51:47.0031 1568 OS Version: 5.1.2600 ServicePack: 3.0
00:51:47.0031 1568 Product type: Workstation
00:51:47.0031 1568 ComputerName: REMARK2
00:51:47.0031 1568 UserName: Compaq_Owner
00:51:47.0031 1568 Windows directory: C:\WINDOWS
00:51:47.0031 1568 System windows directory: C:\WINDOWS
00:51:47.0031 1568 Processor architecture: Intel x86
00:51:47.0031 1568 Number of processors: 1
00:51:47.0031 1568 Page size: 0x1000
00:51:47.0031 1568 Boot type: Normal boot
00:51:47.0031 1568 ============================================================
00:51:47.0656 1568 BG loaded
00:51:47.0937 1568 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
00:51:47.0937 1568 Drive \Device\Harddisk1\DR3 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:51:47.0937 1568 ============================================================
00:51:47.0937 1568 \Device\Harddisk0\DR0:
00:51:47.0937 1568 MBR partitions:
00:51:47.0937 1568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0ECC51
00:51:47.0937 1568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F07A0, BlocksNum 0xEA2C70
00:51:47.0937 1568 \Device\Harddisk1\DR3:
00:51:47.0937 1568 MBR partitions:
00:51:47.0937 1568 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
00:51:47.0937 1568 ============================================================
00:51:47.0968 1568 C: <-> \Device\Harddisk0\DR0\Partition1
00:51:47.0984 1568 D: <-> \Device\Harddisk0\DR0\Partition2
00:51:48.0343 1568 F: <-> \Device\Harddisk1\DR3\Partition1
00:51:48.0343 1568 ============================================================
00:51:48.0343 1568 Initialize success
00:51:48.0343 1568 ============================================================
00:51:54.0281 3796 ============================================================
00:51:54.0281 3796 Scan started
00:51:54.0281 3796 Mode: Manual;
00:51:54.0281 3796 ============================================================
00:51:54.0609 3796 ================ Scan system memory ========================
00:51:54.0609 3796 System memory - ok
00:51:54.0609 3796 ================ Scan services =============================
00:51:54.0781 3796 Abiosdsk - ok
00:51:54.0781 3796 abp480n5 - ok
00:51:54.0843 3796 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:51:54.0843 3796 ACPI - ok
00:51:54.0875 3796 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:51:54.0875 3796 ACPIEC - ok
00:51:55.0015 3796 [ 93E118B465160D9D01907EA3350353CA ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
00:51:55.0031 3796 AcrSch2Svc - ok
00:51:55.0031 3796 Ad-Watch Connect Filter - ok
00:51:55.0078 3796 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
00:51:55.0078 3796 Adobe LM Service - ok
00:51:55.0187 3796 [ 41D15EAD554396BF35B7C5246AD47A28 ] Adobe Version Cue CS2 C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
00:51:55.0187 3796 Adobe Version Cue CS2 - ok
00:51:55.0265 3796 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:51:55.0265 3796 AdobeFlashPlayerUpdateSvc - ok
00:51:55.0281 3796 adpu160m - ok
00:51:55.0437 3796 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
00:51:55.0437 3796 AdvancedSystemCareService6 - ok
00:51:55.0515 3796 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:51:55.0515 3796 aec - ok
00:51:55.0562 3796 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:51:55.0562 3796 AFD - ok
00:51:55.0578 3796 Aha154x - ok
00:51:55.0578 3796 aic78u2 - ok
00:51:55.0593 3796 aic78xx - ok
00:51:55.0625 3796 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:51:55.0625 3796 Alerter - ok
00:51:55.0656 3796 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
00:51:55.0656 3796 ALG - ok
00:51:55.0671 3796 AliIde - ok
00:51:55.0718 3796 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
00:51:55.0718 3796 AmdK8 - ok
00:51:55.0718 3796 amsint - ok
00:51:55.0796 3796 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
00:51:55.0796 3796 APC UPS Service - ok
00:51:55.0890 3796 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:51:55.0890 3796 Apple Mobile Device - ok
00:51:55.0906 3796 AppMgmt - ok
00:51:55.0906 3796 asc - ok
00:51:55.0937 3796 asc3350p - ok
00:51:55.0953 3796 asc3550 - ok
00:51:56.0093 3796 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:51:56.0093 3796 aspnet_state - ok
00:51:56.0125 3796 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:51:56.0125 3796 AsyncMac - ok
00:51:56.0156 3796 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:51:56.0171 3796 atapi - ok
00:51:56.0171 3796 Atdisk - ok
00:51:56.0203 3796 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:51:56.0203 3796 Atmarpc - ok
00:51:56.0250 3796 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:51:56.0250 3796 AudioSrv - ok
00:51:56.0296 3796 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:51:56.0296 3796 audstub - ok
00:51:56.0312 3796 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:51:56.0312 3796 Beep - ok
00:51:56.0593 3796 [ F4220FE21B61F45A1CA2E524A6E9B1FC ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130924.001\BHDrvx86.sys
00:51:56.0593 3796 BHDrvx86 - ok
00:51:56.0640 3796 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
00:51:56.0656 3796 BITS - ok
00:51:56.0750 3796 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:51:56.0750 3796 Bonjour Service - ok
00:51:56.0812 3796 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
00:51:56.0812 3796 Browser - ok
00:51:56.0843 3796 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
00:51:56.0843 3796 BVRPMPR5 - ok
00:51:56.0875 3796 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:51:56.0875 3796 cbidf2k - ok
00:51:56.0906 3796 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:51:56.0906 3796 CCDECODE - ok
00:51:57.0015 3796 [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1404000.028\ccSetx86.sys
00:51:57.0015 3796 ccSet_NAV - ok
00:51:57.0015 3796 cd20xrnt - ok
00:51:57.0046 3796 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:51:57.0046 3796 Cdaudio - ok
00:51:57.0109 3796 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:51:57.0109 3796 Cdfs - ok
00:51:57.0171 3796 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:51:57.0171 3796 Cdrom - ok
00:51:57.0171 3796 Changer - ok
00:51:57.0218 3796 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:51:57.0218 3796 CiSvc - ok
00:51:57.0234 3796 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:51:57.0250 3796 ClipSrv - ok
00:51:57.0312 3796 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:51:57.0312 3796 clr_optimization_v2.0.50727_32 - ok
00:51:57.0359 3796 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:51:57.0359 3796 clr_optimization_v4.0.30319_32 - ok
00:51:57.0375 3796 CmdIde - ok
00:51:57.0390 3796 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:51:57.0390 3796 Compbatt - ok
00:51:57.0406 3796 COMSysApp - ok
00:51:57.0406 3796 Cpqarray - ok
00:51:57.0562 3796 cpuz135 - ok
00:51:57.0609 3796 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:51:57.0609 3796 CryptSvc - ok
00:51:57.0625 3796 dac2w2k - ok
00:51:57.0625 3796 dac960nt - ok
00:51:57.0687 3796 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:51:57.0703 3796 DcomLaunch - ok
00:51:57.0750 3796 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:51:57.0750 3796 Dhcp - ok
00:51:57.0796 3796 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:51:57.0796 3796 Disk - ok
00:51:57.0812 3796 dmadmin - ok
00:51:57.0843 3796 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:51:57.0859 3796 dmboot - ok
00:51:57.0890 3796 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:51:57.0890 3796 dmio - ok
00:51:57.0921 3796 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:51:57.0921 3796 dmload - ok
00:51:57.0953 3796 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:51:57.0953 3796 dmserver - ok
00:51:58.0000 3796 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:51:58.0000 3796 DMusic - ok
00:51:58.0046 3796 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:51:58.0046 3796 Dnscache - ok
00:51:58.0109 3796 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:51:58.0109 3796 Dot3svc - ok
00:51:58.0125 3796 dpti2o - ok
00:51:58.0140 3796 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:51:58.0140 3796 drmkaud - ok
00:51:58.0187 3796 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:51:58.0187 3796 EapHost - ok
00:51:58.0281 3796 [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
00:51:58.0296 3796 eeCtrl - ok
00:51:58.0328 3796 [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:51:58.0328 3796 EraserUtilRebootDrv - ok
00:51:58.0375 3796 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:51:58.0375 3796 ERSvc - ok
00:51:58.0421 3796 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
00:51:58.0421 3796 Eventlog - ok
00:51:58.0484 3796 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
00:51:58.0484 3796 EventSystem - ok
00:51:58.0531 3796 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:51:58.0546 3796 Fastfat - ok
00:51:58.0593 3796 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:51:58.0593 3796 FastUserSwitchingCompatibility - ok
00:51:58.0609 3796 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:51:58.0609 3796 Fdc - ok
00:51:58.0640 3796 [ 678EB001BD22AAAF7C029523477B5C43 ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
00:51:58.0640 3796 FilterService - ok
00:51:58.0671 3796 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:51:58.0671 3796 Fips - ok
00:51:58.0718 3796 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:51:58.0734 3796 FLEXnet Licensing Service - ok
00:51:58.0765 3796 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:51:58.0765 3796 Flpydisk - ok
00:51:58.0812 3796 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:51:58.0812 3796 FltMgr - ok
00:51:58.0921 3796 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:51:58.0921 3796 FontCache3.0.0.0 - ok
00:51:58.0953 3796 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:51:58.0953 3796 Fs_Rec - ok
00:51:58.0968 3796 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:51:58.0984 3796 Ftdisk - ok
00:51:58.0984 3796 ftsata2 - ok
00:51:59.0015 3796 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:51:59.0015 3796 GEARAspiWDM - ok
00:51:59.0078 3796 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:51:59.0078 3796 Gpc - ok
00:51:59.0125 3796 [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
00:51:59.0125 3796 grmnusb - ok
00:51:59.0218 3796 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:51:59.0218 3796 gupdate - ok
00:51:59.0234 3796 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:51:59.0234 3796 gupdatem - ok
00:51:59.0296 3796 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:51:59.0296 3796 gusvc - ok
00:51:59.0328 3796 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:51:59.0328 3796 HDAudBus - ok
00:51:59.0421 3796 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:51:59.0421 3796 helpsvc - ok
00:51:59.0453 3796 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys
00:51:59.0453 3796 HidBatt - ok
00:51:59.0500 3796 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:51:59.0500 3796 HidServ - ok
00:51:59.0515 3796 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:51:59.0515 3796 HidUsb - ok
00:51:59.0562 3796 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:51:59.0562 3796 hkmsvc - ok
00:51:59.0562 3796 hpn - ok
00:51:59.0609 3796 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:51:59.0609 3796 HTTP - ok
00:51:59.0640 3796 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:51:59.0640 3796 HTTPFilter - ok
00:51:59.0656 3796 i2omgmt - ok
00:51:59.0656 3796 i2omp - ok
00:51:59.0718 3796 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:51:59.0718 3796 i8042prt - ok
00:51:59.0796 3796 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
00:51:59.0796 3796 IDriverT - ok
00:51:59.0875 3796 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:51:59.0875 3796 idsvc - ok
00:52:00.0000 3796 [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20131002.001\IDSxpx86.sys
00:52:00.0000 3796 IDSxpx86 - ok
00:52:00.0046 3796 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:52:00.0046 3796 Imapi - ok
00:52:00.0078 3796 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
00:52:00.0078 3796 ImapiService - ok
00:52:00.0093 3796 ini910u - ok
00:52:00.0265 3796 [ AB2FE0FAA519880BD16E4A0792D633D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:52:00.0296 3796 IntcAzAudAddService - ok
00:52:00.0312 3796 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
00:52:00.0312 3796 IntelIde - ok
00:52:00.0359 3796 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:52:00.0359 3796 intelppm - ok
00:52:00.0484 3796 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
00:52:00.0484 3796 IntuitUpdateService - ok
00:52:00.0578 3796 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
00:52:00.0578 3796 IntuitUpdateServiceV4 - ok
00:52:00.0609 3796 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:52:00.0609 3796 Ip6Fw - ok
00:52:00.0640 3796 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:52:00.0640 3796 IpFilterDriver - ok
00:52:00.0671 3796 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:52:00.0671 3796 IpInIp - ok
00:52:00.0718 3796 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:52:00.0718 3796 IpNat - ok
00:52:00.0796 3796 [ C00149A7027081539A66DC5A46695EAD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:52:00.0812 3796 iPod Service - ok
00:52:00.0843 3796 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:52:00.0843 3796 IPSec - ok
00:52:00.0859 3796 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:52:00.0859 3796 IRENUM - ok
00:52:00.0890 3796 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:52:00.0890 3796 isapnp - ok
00:52:00.0984 3796 JavaQuickStarterService - ok
00:52:01.0031 3796 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:52:01.0031 3796 Kbdclass - ok
00:52:01.0093 3796 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:52:01.0093 3796 kbdhid - ok
00:52:01.0140 3796 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:52:01.0140 3796 kmixer - ok
00:52:01.0203 3796 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:52:01.0203 3796 KSecDD - ok
00:52:01.0250 3796 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:52:01.0265 3796 lanmanserver - ok
00:52:01.0328 3796 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:52:01.0328 3796 lanmanworkstation - ok
00:52:01.0328 3796 Lbd - ok
00:52:01.0375 3796 [ 12E54181D584F72296FD6EC72309BD94 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
00:52:01.0375 3796 LBeepKE - ok
00:52:01.0390 3796 lbrtfdc - ok
00:52:01.0468 3796 [ 54581F1B8A4B517040AD316E5C430A2C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:52:01.0468 3796 LBTServ - ok
00:52:01.0500 3796 [ 2A727534372EDE8C0A4EDB1F037A44BF ] LEqdUsb C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
00:52:01.0500 3796 LEqdUsb - ok
00:52:01.0546 3796 [ 9C694DFC271AC043E4FA8DDF8BB4C57E ] LHidEqd C:\WINDOWS\system32\Drivers\LHidEqd.Sys
00:52:01.0546 3796 LHidEqd - ok
00:52:01.0578 3796 [ 5001C2B3557B53DED02ABED3BCC6FD2D ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
00:52:01.0578 3796 LHidFilt - ok
00:52:01.0625 3796 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:52:01.0625 3796 LmHosts - ok
00:52:01.0671 3796 [ 3AD9369E5D17014971A11728F198994C ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
00:52:01.0671 3796 LMouFilt - ok
00:52:01.0765 3796 [ F38E7600E2188B0FC640EBA498EC1D8F ] Lvckap C:\WINDOWS\system32\drivers\Lvckap.sys
00:52:01.0781 3796 Lvckap - ok
00:52:01.0859 3796 [ 98F2EB95589A29C3BAAD859779B5BAF4 ] lvmvdrv C:\WINDOWS\system32\drivers\lvmvdrv.sys
00:52:01.0875 3796 lvmvdrv - ok
00:52:01.0906 3796 [ 0354C6A753360CA5E1FE1EBA81CB1A35 ] LVPrcMon C:\WINDOWS\system32\drivers\LVPrcMon.sys
00:52:01.0906 3796 LVPrcMon - ok
00:52:02.0000 3796 [ 5576C4A655A5E18D5F93F01C6B2C30C4 ] LVPrcSrv c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
00:52:02.0000 3796 LVPrcSrv - ok
00:52:02.0046 3796 [ B8EDA4ECE968EABF99DC02141BAAA4E8 ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
00:52:02.0062 3796 LVUSBSta - ok
00:52:02.0125 3796 [ 9AE25062E3DC02DF670C7A4A2CFAE30C ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
00:52:02.0140 3796 LVUVC - ok
00:52:02.0140 3796 mdmxsdk - ok
00:52:02.0171 3796 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:52:02.0171 3796 Messenger - ok
00:52:02.0218 3796 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:52:02.0234 3796 mnmdd - ok
00:52:02.0265 3796 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:52:02.0265 3796 mnmsrvc - ok
00:52:02.0328 3796 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:52:02.0328 3796 Modem - ok
00:52:02.0359 3796 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:52:02.0359 3796 Mouclass - ok
00:52:02.0421 3796 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:52:02.0421 3796 mouhid - ok
00:52:02.0468 3796 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:52:02.0468 3796 MountMgr - ok
00:52:02.0531 3796 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:52:02.0531 3796 MozillaMaintenance - ok
00:52:02.0531 3796 mraid35x - ok
00:52:02.0578 3796 MREMP50 - ok
00:52:02.0578 3796 MREMP50a64 - ok
00:52:02.0593 3796 MREMPR5 - ok
00:52:02.0593 3796 MRENDIS5 - ok
00:52:02.0593 3796 MRESP50 - ok
00:52:02.0609 3796 MRESP50a64 - ok
00:52:02.0640 3796 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:52:02.0640 3796 MRxDAV - ok
00:52:02.0687 3796 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:52:02.0703 3796 MRxSmb - ok
00:52:02.0718 3796 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:52:02.0718 3796 Msfs - ok
00:52:02.0718 3796 MSIServer - ok
00:52:02.0765 3796 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:52:02.0765 3796 MSKSSRV - ok
00:52:02.0781 3796 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:52:02.0796 3796 MSPCLOCK - ok
00:52:02.0812 3796 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:52:02.0812 3796 MSPQM - ok
00:52:02.0843 3796 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:52:02.0843 3796 mssmbios - ok
00:52:02.0890 3796 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:52:02.0890 3796 MSTEE - ok
00:52:02.0921 3796 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:52:02.0921 3796 Mup - ok
00:52:02.0968 3796 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:52:02.0968 3796 NABTSFEC - ok
00:52:03.0000 3796 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:52:03.0000 3796 napagent - ok
00:52:03.0140 3796 [ 1BF9D6476061B31CD7FC2BF848529A56 ] NAV C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
00:52:03.0140 3796 NAV - ok
00:52:03.0250 3796 [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.009\NAVENG.SYS
00:52:03.0250 3796 NAVENG - ok
00:52:03.0328 3796 [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.009\NAVEX15.SYS
00:52:03.0343 3796 NAVEX15 - ok
00:52:03.0406 3796 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:52:03.0406 3796 NDIS - ok
00:52:03.0453 3796 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:52:03.0453 3796 NdisIP - ok
00:52:03.0484 3796 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:52:03.0484 3796 NdisTapi - ok
00:52:03.0500 3796 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:52:03.0500 3796 Ndisuio - ok
00:52:03.0531 3796 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:52:03.0531 3796 NdisWan - ok
00:52:03.0578 3796 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:52:03.0578 3796 NDProxy - ok
00:52:03.0625 3796 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:52:03.0625 3796 NetBIOS - ok
00:52:03.0640 3796 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:52:03.0640 3796 NetBT - ok
00:52:03.0687 3796 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
00:52:03.0703 3796 NetDDE - ok
00:52:03.0703 3796 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:52:03.0718 3796 NetDDEdsdm - ok
00:52:03.0750 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:52:03.0750 3796 Netlogon - ok
00:52:03.0812 3796 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
00:52:03.0812 3796 Netman - ok
00:52:03.0859 3796 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:52:03.0859 3796 NetTcpPortSharing - ok
00:52:03.0890 3796 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
00:52:03.0906 3796 Nla - ok
00:52:03.0953 3796 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:52:03.0953 3796 Npfs - ok
00:52:03.0984 3796 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:52:03.0984 3796 Ntfs - ok
00:52:04.0000 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:52:04.0000 3796 NtLmSsp - ok
00:52:04.0062 3796 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:52:04.0062 3796 NtmsSvc - ok
00:52:04.0093 3796 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
00:52:04.0093 3796 NuidFltr - ok
00:52:04.0156 3796 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:52:04.0156 3796 Null - ok
00:52:04.0437 3796 [ 4C3696C1ED1A36629EBB348BF745A328 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:52:04.0484 3796 nv - ok
00:52:04.0546 3796 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
00:52:04.0546 3796 NVENETFD - ok
00:52:04.0593 3796 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
00:52:04.0593 3796 nvnetbus - ok
00:52:04.0656 3796 [ 96F1A6F0A0D4F11047DF2F5C17C87E9D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
00:52:04.0656 3796 NVSvc - ok
00:52:04.0687 3796 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:52:04.0687 3796 NwlnkFlt - ok
00:52:04.0703 3796 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:52:04.0703 3796 NwlnkFwd - ok
00:52:04.0734 3796 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
00:52:04.0734 3796 NwlnkIpx - ok
00:52:04.0750 3796 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
00:52:04.0750 3796 NwlnkNb - ok
00:52:04.0796 3796 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
00:52:04.0796 3796 NwlnkSpx - ok
00:52:04.0859 3796 [ 4B83FCBBE72AF5F99D109798653E8B78 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
00:52:04.0859 3796 NwSapAgent - ok
00:52:05.0015 3796 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:52:05.0015 3796 odserv - ok
00:52:05.0046 3796 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:52:05.0046 3796 ose - ok
00:52:05.0156 3796 [ F01465E8D4A3ED49477DD3E2858D70C1 ] PanoptoRecorderService C:\Program Files\Panopto\Focus Recorder\Recorder.exe
00:52:05.0156 3796 PanoptoRecorderService - ok
00:52:05.0203 3796 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:52:05.0203 3796 Parport - ok
00:52:05.0234 3796 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:52:05.0234 3796 PartMgr - ok
00:52:05.0281 3796 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:52:05.0281 3796 ParVdm - ok
00:52:05.0328 3796 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:52:05.0328 3796 PCI - ok
00:52:05.0328 3796 PCIDump - ok
00:52:05.0343 3796 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:52:05.0343 3796 PCIIde - ok
00:52:05.0375 3796 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:52:05.0375 3796 Pcmcia - ok
00:52:05.0390 3796 PDCOMP - ok
00:52:05.0390 3796 PDFRAME - ok
00:52:05.0406 3796 PDRELI - ok
00:52:05.0406 3796 PDRFRAME - ok
00:52:05.0421 3796 perc2 - ok
00:52:05.0421 3796 perc2hib - ok
00:52:05.0468 3796 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
00:52:05.0468 3796 PlugPlay - ok
00:52:05.0515 3796 [ B4F59A953EF9E507F0D00C3A68580B8B ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
00:52:05.0515 3796 Point32 - ok
00:52:05.0546 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:52:05.0546 3796 PolicyAgent - ok
00:52:05.0609 3796 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:52:05.0609 3796 PptpMiniport - ok
00:52:05.0625 3796 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
00:52:05.0625 3796 Processor - ok
00:52:05.0640 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:52:05.0640 3796 ProtectedStorage - ok
00:52:05.0656 3796 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:52:05.0656 3796 PSched - ok
00:52:05.0718 3796 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:52:05.0718 3796 Ptilink - ok
00:52:05.0765 3796 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:52:05.0765 3796 PxHelp20 - ok
00:52:05.0781 3796 ql1080 - ok
00:52:05.0781 3796 Ql10wnt - ok
00:52:05.0796 3796 ql12160 - ok
00:52:05.0796 3796 ql1240 - ok
00:52:05.0812 3796 ql1280 - ok
00:52:05.0828 3796 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:52:05.0828 3796 RasAcd - ok
00:52:05.0875 3796 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:52:05.0875 3796 RasAuto - ok
00:52:05.0906 3796 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:52:05.0906 3796 Rasl2tp - ok
00:52:05.0953 3796 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:52:05.0968 3796 RasMan - ok
00:52:05.0984 3796 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:52:05.0984 3796 RasPppoe - ok
00:52:06.0031 3796 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:52:06.0031 3796 Raspti - ok
00:52:06.0140 3796 [ B694467B0325267C8EABF04A71D53D99 ] rcp_service C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe
00:52:06.0140 3796 rcp_service - ok
00:52:06.0187 3796 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:52:06.0187 3796 Rdbss - ok
00:52:06.0234 3796 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:52:06.0234 3796 RDPCDD - ok
00:52:06.0296 3796 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:52:06.0296 3796 RDPWD - ok
00:52:06.0328 3796 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:52:06.0343 3796 RDSessMgr - ok
00:52:06.0359 3796 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:52:06.0359 3796 redbook - ok
00:52:06.0406 3796 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:52:06.0406 3796 RemoteAccess - ok
00:52:06.0453 3796 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
00:52:06.0453 3796 RpcLocator - ok
00:52:06.0484 3796 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
00:52:06.0500 3796 RpcSs - ok
00:52:06.0531 3796 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:52:06.0531 3796 RSVP - ok
00:52:06.0578 3796 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
00:52:06.0578 3796 rtl8139 - ok
00:52:06.0593 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
00:52:06.0609 3796 SamSs - ok
00:52:06.0609 3796 SBRE - ok
00:52:06.0656 3796 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:52:06.0656 3796 SCardSvr - ok
00:52:06.0703 3796 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:52:06.0703 3796 Schedule - ok
00:52:06.0812 3796 [ 8582611E53929C9B18F6488A772A3EEF ] Seagate Dashboard Services C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
00:52:06.0812 3796 Seagate Dashboard Services - ok
00:52:06.0859 3796 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:52:06.0859 3796 Secdrv - ok
00:52:06.0906 3796 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:52:06.0906 3796 seclogon - ok
00:52:06.0921 3796 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
00:52:06.0921 3796 SENS - ok
00:52:06.0968 3796 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
00:52:06.0984 3796 Serial - ok
00:52:07.0031 3796 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:52:07.0046 3796 Sfloppy - ok
00:52:07.0109 3796 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:52:07.0109 3796 SharedAccess - ok
00:52:07.0125 3796 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:52:07.0140 3796 ShellHWDetection - ok
00:52:07.0140 3796 Simbad - ok
00:52:07.0187 3796 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:52:07.0187 3796 SLIP - ok
00:52:07.0218 3796 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
00:52:07.0234 3796 SmartDefragDriver - ok
00:52:07.0265 3796 [ E78C98378A071CE4D48A7C514FA98FA1 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
00:52:07.0265 3796 snapman - ok
00:52:07.0281 3796 Sparrow - ok
00:52:07.0296 3796 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:52:07.0296 3796 splitter - ok
00:52:07.0343 3796 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:52:07.0343 3796 Spooler - ok
00:52:07.0359 3796 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:52:07.0359 3796 sr - ok
00:52:07.0406 3796 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
00:52:07.0421 3796 srservice - ok
00:52:07.0531 3796 [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP C:\WINDOWS\System32\Drivers\NAV\1404000.028\SRTSP.SYS
00:52:07.0531 3796 SRTSP - ok
00:52:07.0562 3796 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NAV\1404000.028\SRTSPX.SYS
00:52:07.0562 3796 SRTSPX - ok
00:52:07.0609 3796 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:52:07.0625 3796 Srv - ok
00:52:07.0671 3796 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:52:07.0671 3796 SSDPSRV - ok
00:52:07.0718 3796 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:52:07.0718 3796 stisvc - ok
00:52:07.0765 3796 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:52:07.0765 3796 streamip - ok
00:52:07.0796 3796 [ C86A229BB5CB5DC47498B2C530A9458E ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
00:52:07.0796 3796 SWDUMon - ok
00:52:07.0843 3796 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:52:07.0843 3796 swenum - ok
00:52:07.0859 3796 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:52:07.0859 3796 swmidi - ok
00:52:07.0859 3796 SwPrv - ok
00:52:07.0875 3796 symc810 - ok
00:52:07.0890 3796 symc8xx - ok
00:52:07.0937 3796 [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMDS.SYS
00:52:07.0937 3796 SymDS - ok
00:52:08.0000 3796 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMEFA.SYS
00:52:08.0031 3796 SymEFA - ok
00:52:08.0046 3796 [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
00:52:08.0046 3796 SymEvent - ok
00:52:08.0109 3796 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIM C:\WINDOWS\system32\DRIVERS\SymIM.sys
00:52:08.0109 3796 SymIM - ok
00:52:08.0109 3796 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIMMP C:\WINDOWS\system32\DRIVERS\SymIM.sys
00:52:08.0109 3796 SymIMMP - ok
00:52:08.0171 3796 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NAV\1404000.028\Ironx86.SYS
00:52:08.0171 3796 SymIRON - ok
00:52:08.0218 3796 [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI C:\WINDOWS\System32\Drivers\NAV\1404000.028\SYMTDI.SYS
00:52:08.0234 3796 SYMTDI - ok
00:52:08.0234 3796 sym_hi - ok
00:52:08.0250 3796 sym_u3 - ok
00:52:08.0296 3796 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:52:08.0296 3796 sysaudio - ok
00:52:08.0328 3796 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:52:08.0343 3796 SysmonLog - ok
00:52:08.0375 3796 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:52:08.0375 3796 TapiSrv - ok
00:52:08.0437 3796 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:52:08.0453 3796 Tcpip - ok
00:52:08.0484 3796 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:52:08.0484 3796 TDPIPE - ok
00:52:08.0515 3796 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:52:08.0515 3796 TDTCP - ok
00:52:08.0546 3796 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:52:08.0546 3796 TermDD - ok
00:52:08.0593 3796 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
00:52:08.0609 3796 TermService - ok
00:52:08.0625 3796 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
00:52:08.0640 3796 Themes - ok
00:52:08.0687 3796 [ D352FFF2A623B916C08CEACBFC8B5C32 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
00:52:08.0687 3796 tifsfilter - ok
00:52:08.0703 3796 [ 64694B2A5C772E1C61FEAC300ED90CA6 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
00:52:08.0718 3796 timounter - ok
00:52:08.0718 3796 TosIde - ok
00:52:08.0750 3796 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:52:08.0765 3796 TrkWks - ok
00:52:08.0796 3796 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:52:08.0796 3796 Udfs - ok
00:52:08.0796 3796 ultra - ok
00:52:08.0843 3796 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:52:08.0859 3796 Update - ok
00:52:08.0890 3796 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:52:08.0906 3796 upnphost - ok
00:52:08.0921 3796 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
00:52:08.0921 3796 UPS - ok
00:52:08.0968 3796 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:52:08.0968 3796 USBAAPL - ok
00:52:09.0000 3796 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:52:09.0000 3796 usbaudio - ok
00:52:09.0062 3796 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:52:09.0062 3796 usbccgp - ok
00:52:09.0093 3796 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:52:09.0109 3796 usbehci - ok
00:52:09.0140 3796 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:52:09.0156 3796 usbhub - ok
00:52:09.0187 3796 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
00:52:09.0187 3796 usbohci - ok
00:52:09.0234 3796 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:52:09.0234 3796 usbstor - ok
00:52:09.0265 3796 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:52:09.0265 3796 usbuhci - ok
00:52:09.0312 3796 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:52:09.0312 3796 VgaSave - ok
00:52:09.0359 3796 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
00:52:09.0359 3796 ViaIde - ok
00:52:09.0375 3796 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:52:09.0375 3796 VolSnap - ok
00:52:09.0406 3796 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
00:52:09.0421 3796 VSS - ok
00:52:09.0453 3796 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
00:52:09.0453 3796 W32Time - ok
00:52:09.0484 3796 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:52:09.0484 3796 Wanarp - ok
00:52:09.0531 3796 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:52:09.0531 3796 Wdf01000 - ok
00:52:09.0546 3796 WDICA - ok
00:52:09.0578 3796 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:52:09.0593 3796 wdmaud - ok
00:52:09.0640 3796 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:52:09.0640 3796 WebClient - ok
00:52:09.0734 3796 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
00:52:09.0734 3796 WinDefend - ok
00:52:09.0828 3796 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:52:09.0828 3796 winmgmt - ok
00:52:09.0906 3796 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
00:52:09.0906 3796 WinRM - ok
00:52:09.0968 3796 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:52:09.0968 3796 WmdmPmSN - ok
00:52:10.0000 3796 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:52:10.0000 3796 WmiApSrv - ok
00:52:10.0093 3796 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
00:52:10.0109 3796 WMPNetworkSvc - ok
00:52:10.0218 3796 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:52:10.0218 3796 WPFFontCache_v0400 - ok
00:52:10.0265 3796 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:52:10.0265 3796 wscsvc - ok
00:52:10.0312 3796 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:52:10.0312 3796 WSTCODEC - ok
00:52:10.0359 3796 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:52:10.0359 3796 wuauserv - ok
00:52:10.0406 3796 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:52:10.0406 3796 WudfPf - ok
00:52:10.0421 3796 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:52:10.0421 3796 WudfSvc - ok
00:52:10.0484 3796 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:52:10.0484 3796 WZCSVC - ok
00:52:10.0531 3796 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:52:10.0531 3796 xmlprov - ok
00:52:10.0546 3796 ================ Scan global ===============================
00:52:10.0593 3796 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
00:52:10.0640 3796 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
00:52:10.0671 3796 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
00:52:10.0703 3796 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
00:52:10.0703 3796 [Global] - ok
00:52:10.0703 3796 ================ Scan MBR ==================================
00:52:10.0718 3796 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:52:10.0906 3796 \Device\Harddisk0\DR0 - ok
00:52:10.0921 3796 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
00:52:10.0937 3796 \Device\Harddisk1\DR3 - ok
00:52:10.0937 3796 ================ Scan VBR ==================================
00:52:10.0937 3796 [ BE16CA4E2F814B60560933BBBDD2C762 ] \Device\Harddisk0\DR0\Partition1
00:52:10.0937 3796 \Device\Harddisk0\DR0\Partition1 - ok
00:52:10.0984 3796 [ F43D78A768FA96C0FD36742AD824D923 ] \Device\Harddisk0\DR0\Partition2
00:52:10.0984 3796 \Device\Harddisk0\DR0\Partition2 - ok
00:52:10.0984 3796 [ 8131F34771EA2DF6ED34799EB6547DDB ] \Device\Harddisk1\DR3\Partition1
00:52:11.0000 3796 \Device\Harddisk1\DR3\Partition1 - ok
00:52:11.0000 3796 ============================================================
00:52:11.0000 3796 Scan finished
00:52:11.0000 3796 ============================================================
00:52:11.0015 0820 Detected object count: 0
00:52:11.0015 0820 Actual detected object count: 0
00:52:28.0687 2628 Deinitialize success
I have included several TDDSKiller logs at different times last night and this morning. The first one is the one that saw Rootkit.
I tried to include all the logs in a post but the post was too big. So I will post each one separately and then the aswmbr log and the Speccy log in a single post.
I have also included in the posts the aswMBR log from this morning and the Speccy log. All these follow. Not that in the aswMBR log at 8:57 an infected file was found.
Let me know what's next.
Thanks
This log saw Rootkit and the one that follows seems to not detect it.
23:20:49.0687 42152 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:20:50.0093 42152 ============================================================
23:20:50.0093 42152 Current date / time: 2013/10/02 23:20:50.0093
23:20:50.0093 42152 SystemInfo:
23:20:50.0093 42152
23:20:50.0093 42152 OS Version: 5.1.2600 ServicePack: 3.0
23:20:50.0093 42152 Product type: Workstation
23:20:50.0093 42152 ComputerName: REMARK2
23:20:50.0093 42152 UserName: Compaq_Owner
23:20:50.0093 42152 Windows directory: C:\WINDOWS
23:20:50.0093 42152 System windows directory: C:\WINDOWS
23:20:50.0093 42152 Processor architecture: Intel x86
23:20:50.0093 42152 Number of processors: 1
23:20:50.0093 42152 Page size: 0x1000
23:20:50.0093 42152 Boot type: Normal boot
23:20:50.0093 42152 ============================================================
23:20:51.0156 42152 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
23:20:51.0312 42152 Drive \Device\Harddisk1\DR3 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:20:51.0640 42152 ============================================================
23:20:51.0640 42152 \Device\Harddisk0\DR0:
23:20:51.0640 42152 MBR partitions:
23:20:51.0640 42152 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0ECC51
23:20:51.0640 42152 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F07A0, BlocksNum 0xEA2C70
23:20:51.0640 42152 \Device\Harddisk1\DR3:
23:20:51.0640 42152 MBR partitions:
23:20:51.0640 42152 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
23:20:51.0640 42152 ============================================================
23:20:51.0687 42152 C: <-> \Device\Harddisk0\DR0\Partition1
23:20:51.0703 42152 D: <-> \Device\Harddisk0\DR0\Partition2
23:20:51.0734 42152 F: <-> \Device\Harddisk1\DR3\Partition1
23:20:51.0734 42152 ============================================================
23:20:51.0734 42152 Initialize success
23:20:51.0734 42152 ============================================================
23:20:53.0234 42216 ============================================================
23:20:53.0234 42216 Scan started
23:20:53.0234 42216 Mode: Manual;
23:20:53.0234 42216 ============================================================
23:20:54.0031 42216 ================ Scan system memory ========================
23:20:54.0031 42216 System memory - ok
23:20:54.0031 42216 ================ Scan services =============================
23:20:54.0218 42216 Abiosdsk - ok
23:20:54.0218 42216 abp480n5 - ok
23:20:54.0281 42216 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:20:54.0281 42216 ACPI - ok
23:20:54.0328 42216 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:20:54.0328 42216 ACPIEC - ok
23:20:54.0484 42216 [ 93E118B465160D9D01907EA3350353CA ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
23:20:54.0500 42216 AcrSch2Svc - ok
23:20:54.0500 42216 Ad-Watch Connect Filter - ok
23:20:54.0546 42216 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:20:54.0562 42216 Adobe LM Service - ok
23:20:54.0703 42216 [ 41D15EAD554396BF35B7C5246AD47A28 ] Adobe Version Cue CS2 C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
23:20:54.0703 42216 Adobe Version Cue CS2 - ok
23:20:54.0812 42216 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:20:54.0812 42216 AdobeFlashPlayerUpdateSvc - ok
23:20:54.0828 42216 adpu160m - ok
23:20:54.0968 42216 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
23:20:55.0031 42216 AdvancedSystemCareService6 - ok
23:20:55.0093 42216 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:20:55.0093 42216 aec - ok
23:20:55.0171 42216 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:20:55.0171 42216 AFD - ok
23:20:55.0171 42216 Aha154x - ok
23:20:55.0187 42216 aic78u2 - ok
23:20:55.0187 42216 aic78xx - ok
23:20:55.0234 42216 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:20:55.0234 42216 Alerter - ok
23:20:55.0265 42216 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
23:20:55.0265 42216 ALG - ok
23:20:55.0281 42216 AliIde - ok
23:20:55.0328 42216 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
23:20:55.0328 42216 AmdK8 - ok
23:20:55.0328 42216 amsint - ok
23:20:55.0421 42216 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
23:20:55.0421 42216 APC UPS Service - ok
23:20:55.0531 42216 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:20:55.0531 42216 Apple Mobile Device - ok
23:20:55.0531 42216 AppMgmt - ok
23:20:55.0546 42216 asc - ok
23:20:55.0546 42216 asc3350p - ok
23:20:55.0562 42216 asc3550 - ok
23:20:55.0734 42216 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:20:55.0734 42216 aspnet_state - ok
23:20:55.0765 42216 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:20:55.0765 42216 AsyncMac - ok
23:20:55.0796 42216 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:20:55.0796 42216 atapi - ok
23:20:55.0812 42216 Atdisk - ok
23:20:55.0843 42216 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:20:55.0843 42216 Atmarpc - ok
23:20:55.0890 42216 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:20:55.0906 42216 AudioSrv - ok
23:20:56.0015 42216 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:20:56.0015 42216 audstub - ok
23:20:56.0031 42216 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:20:56.0031 42216 Beep - ok
23:20:56.0328 42216 [ F4220FE21B61F45A1CA2E524A6E9B1FC ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130924.001\BHDrvx86.sys
23:20:56.0390 42216 BHDrvx86 - ok
23:20:56.0437 42216 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
23:20:56.0437 42216 BITS - ok
23:20:56.0546 42216 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:20:56.0562 42216 Bonjour Service - ok
23:20:56.0625 42216 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
23:20:56.0625 42216 Browser - ok
23:20:56.0671 42216 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
23:20:56.0671 42216 BVRPMPR5 - ok
23:20:56.0718 42216 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:20:56.0718 42216 cbidf2k - ok
23:20:56.0750 42216 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:20:56.0750 42216 CCDECODE - ok
23:20:56.0843 42216 [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1404000.028\ccSetx86.sys
23:20:56.0859 42216 ccSet_NAV - ok
23:20:56.0859 42216 cd20xrnt - ok
23:20:56.0890 42216 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:20:56.0890 42216 Cdaudio - ok
23:20:56.0953 42216 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:20:56.0953 42216 Cdfs - ok
23:20:56.0984 42216 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:20:56.0984 42216 Cdrom - ok
23:20:56.0984 42216 Changer - ok
23:20:57.0078 42216 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:20:57.0093 42216 CiSvc - ok
23:20:57.0140 42216 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:20:57.0156 42216 ClipSrv - ok
23:20:57.0265 42216 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:20:57.0343 42216 clr_optimization_v2.0.50727_32 - ok
23:20:57.0390 42216 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:20:57.0421 42216 clr_optimization_v4.0.30319_32 - ok
23:20:57.0421 42216 CmdIde - ok
23:20:57.0453 42216 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:20:57.0453 42216 Compbatt - ok
23:20:57.0468 42216 COMSysApp - ok
23:20:57.0484 42216 Cpqarray - ok
23:20:57.0640 42216 cpuz135 - ok
23:20:57.0703 42216 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:20:57.0703 42216 CryptSvc - ok
23:20:57.0703 42216 dac2w2k - ok
23:20:57.0718 42216 dac960nt - ok
23:20:57.0781 42216 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:20:57.0781 42216 DcomLaunch - ok
23:20:57.0843 42216 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:20:57.0843 42216 Dhcp - ok
23:20:57.0906 42216 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:20:57.0906 42216 Disk - ok
23:20:57.0921 42216 dmadmin - ok
23:20:57.0968 42216 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:20:57.0968 42216 dmboot - ok
23:20:58.0000 42216 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:20:58.0000 42216 dmio - ok
23:20:58.0031 42216 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:20:58.0031 42216 dmload - ok
23:20:58.0062 42216 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:20:58.0078 42216 dmserver - ok
23:20:58.0156 42216 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:20:58.0156 42216 DMusic - ok
23:20:58.0218 42216 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:20:58.0218 42216 Dnscache - ok
23:20:58.0281 42216 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:20:58.0281 42216 Dot3svc - ok
23:20:58.0281 42216 dpti2o - ok
23:20:58.0328 42216 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:20:58.0328 42216 drmkaud - ok
23:20:58.0359 42216 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:20:58.0359 42216 EapHost - ok
23:20:58.0468 42216 [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
23:20:58.0484 42216 eeCtrl - ok
23:20:58.0515 42216 [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:20:58.0515 42216 EraserUtilRebootDrv - ok
23:20:58.0562 42216 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:20:58.0562 42216 ERSvc - ok
23:20:58.0609 42216 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
23:20:58.0625 42216 Eventlog - ok
23:20:58.0687 42216 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
23:20:58.0687 42216 EventSystem - ok
23:20:58.0750 42216 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:20:58.0750 42216 Fastfat - ok
23:20:58.0796 42216 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:20:58.0796 42216 FastUserSwitchingCompatibility - ok
23:20:58.0812 42216 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
23:20:58.0812 42216 Fdc - ok
23:20:58.0859 42216 [ 678EB001BD22AAAF7C029523477B5C43 ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
23:20:58.0859 42216 FilterService - ok
23:20:58.0890 42216 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:20:58.0890 42216 Fips - ok
23:20:58.0953 42216 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:20:58.0984 42216 FLEXnet Licensing Service - ok
23:20:59.0015 42216 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
23:20:59.0015 42216 Flpydisk - ok
23:20:59.0078 42216 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:20:59.0078 42216 FltMgr - ok
23:20:59.0171 42216 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:20:59.0171 42216 FontCache3.0.0.0 - ok
23:20:59.0250 42216 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:20:59.0250 42216 Fs_Rec - ok
23:20:59.0312 42216 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:20:59.0328 42216 Ftdisk - ok
23:20:59.0328 42216 ftsata2 - ok
23:20:59.0359 42216 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:20:59.0359 42216 GEARAspiWDM - ok
23:20:59.0421 42216 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:20:59.0421 42216 Gpc - ok
23:20:59.0453 42216 [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
23:20:59.0453 42216 grmnusb - ok
23:20:59.0593 42216 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:20:59.0593 42216 gupdate - ok
23:20:59.0609 42216 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:20:59.0609 42216 gupdatem - ok
23:20:59.0656 42216 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:20:59.0671 42216 gusvc - ok
23:20:59.0703 42216 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:20:59.0703 42216 HDAudBus - ok
23:20:59.0796 42216 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:20:59.0796 42216 helpsvc - ok
23:20:59.0843 42216 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys
23:20:59.0843 42216 HidBatt - ok
23:20:59.0875 42216 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
23:20:59.0890 42216 HidServ - ok
23:20:59.0906 42216 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:20:59.0906 42216 HidUsb - ok
23:20:59.0953 42216 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:20:59.0953 42216 hkmsvc - ok
23:20:59.0953 42216 hpn - ok
23:21:00.0015 42216 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:21:00.0015 42216 HTTP - ok
23:21:00.0078 42216 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:21:00.0078 42216 HTTPFilter - ok
23:21:00.0078 42216 i2omgmt - ok
23:21:00.0093 42216 i2omp - ok
23:21:00.0156 42216 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:21:00.0156 42216 i8042prt - ok
23:21:00.0250 42216 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
23:21:00.0250 42216 IDriverT - ok
23:21:00.0328 42216 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:21:00.0343 42216 idsvc - ok
23:21:00.0468 42216 [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20131002.001\IDSxpx86.sys
23:21:00.0468 42216 IDSxpx86 - ok
23:21:00.0515 42216 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:21:00.0515 42216 Imapi - ok
23:21:00.0562 42216 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:21:00.0578 42216 ImapiService - ok
23:21:00.0578 42216 ini910u - ok
23:21:00.0765 42216 [ AB2FE0FAA519880BD16E4A0792D633D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:21:00.0796 42216 IntcAzAudAddService - ok
23:21:00.0812 42216 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
23:21:00.0812 42216 IntelIde - ok
23:21:00.0859 42216 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:21:00.0859 42216 intelppm - ok
23:21:01.0000 42216 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
23:21:01.0000 42216 IntuitUpdateService - ok
23:21:01.0062 42216 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
23:21:01.0062 42216 IntuitUpdateServiceV4 - ok
23:21:01.0093 42216 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
23:21:01.0093 42216 Ip6Fw - ok
23:21:01.0156 42216 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:21:01.0156 42216 IpFilterDriver - ok
23:21:01.0203 42216 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:21:01.0203 42216 IpInIp - ok
23:21:01.0250 42216 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:21:01.0250 42216 IpNat - ok
23:21:01.0328 42216 [ C00149A7027081539A66DC5A46695EAD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:21:01.0359 42216 iPod Service - ok
23:21:01.0375 42216 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:21:01.0375 42216 IPSec - ok
23:21:01.0421 42216 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:21:01.0421 42216 IRENUM - ok
23:21:01.0453 42216 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:21:01.0453 42216 isapnp - ok
23:21:01.0593 42216 JavaQuickStarterService - ok
23:21:01.0640 42216 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:21:01.0640 42216 Kbdclass - ok
23:21:01.0687 42216 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:21:01.0687 42216 kbdhid - ok
23:21:01.0718 42216 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:21:01.0718 42216 kmixer - ok
23:21:01.0765 42216 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:21:01.0765 42216 KSecDD - ok
23:21:01.0828 42216 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
23:21:01.0828 42216 lanmanserver - ok
23:21:01.0890 42216 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:21:01.0906 42216 lanmanworkstation - ok
23:21:01.0906 42216 Lbd - ok
23:21:01.0968 42216 [ 12E54181D584F72296FD6EC72309BD94 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
23:21:01.0968 42216 LBeepKE - ok
23:21:01.0968 42216 lbrtfdc - ok
23:21:02.0078 42216 [ 54581F1B8A4B517040AD316E5C430A2C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
23:21:02.0093 42216 LBTServ - ok
23:21:02.0125 42216 [ 2A727534372EDE8C0A4EDB1F037A44BF ] LEqdUsb C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
23:21:02.0125 42216 LEqdUsb - ok
23:21:02.0156 42216 [ 9C694DFC271AC043E4FA8DDF8BB4C57E ] LHidEqd C:\WINDOWS\system32\Drivers\LHidEqd.Sys
23:21:02.0156 42216 LHidEqd - ok
23:21:02.0203 42216 [ 5001C2B3557B53DED02ABED3BCC6FD2D ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
23:21:02.0203 42216 LHidFilt - ok
23:21:02.0281 42216 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:21:02.0281 42216 LmHosts - ok
23:21:02.0328 42216 [ 3AD9369E5D17014971A11728F198994C ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
23:21:02.0328 42216 LMouFilt - ok
23:21:02.0421 42216 [ F38E7600E2188B0FC640EBA498EC1D8F ] Lvckap C:\WINDOWS\system32\drivers\Lvckap.sys
23:21:02.0437 42216 Lvckap - ok
23:21:02.0515 42216 [ 98F2EB95589A29C3BAAD859779B5BAF4 ] lvmvdrv C:\WINDOWS\system32\drivers\lvmvdrv.sys
23:21:02.0531 42216 lvmvdrv - ok
23:21:02.0593 42216 [ 0354C6A753360CA5E1FE1EBA81CB1A35 ] LVPrcMon C:\WINDOWS\system32\drivers\LVPrcMon.sys
23:21:02.0593 42216 LVPrcMon - ok
23:21:02.0703 42216 [ 5576C4A655A5E18D5F93F01C6B2C30C4 ] LVPrcSrv c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
23:21:02.0703 42216 LVPrcSrv - ok
23:21:02.0750 42216 [ B8EDA4ECE968EABF99DC02141BAAA4E8 ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
23:21:02.0750 42216 LVUSBSta - ok
23:21:02.0828 42216 [ 9AE25062E3DC02DF670C7A4A2CFAE30C ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
23:21:02.0828 42216 LVUVC - ok
23:21:02.0843 42216 mdmxsdk - ok
23:21:02.0875 42216 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:21:02.0875 42216 Messenger - ok
23:21:02.0906 42216 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:21:02.0906 42216 mnmdd - ok
23:21:02.0953 42216 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:21:02.0953 42216 mnmsrvc - ok
23:21:03.0000 42216 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:21:03.0000 42216 Modem - ok
23:21:03.0031 42216 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:21:03.0031 42216 Mouclass - ok
23:21:03.0093 42216 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:21:03.0093 42216 mouhid - ok
23:21:03.0125 42216 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:21:03.0125 42216 MountMgr - ok
23:21:03.0187 42216 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:21:03.0187 42216 MozillaMaintenance - ok
23:21:03.0203 42216 mraid35x - ok
23:21:03.0234 42216 MREMP50 - ok
23:21:03.0234 42216 MREMP50a64 - ok
23:21:03.0250 42216 MREMPR5 - ok
23:21:03.0250 42216 MRENDIS5 - ok
23:21:03.0265 42216 MRESP50 - ok
23:21:03.0265 42216 MRESP50a64 - ok
23:21:03.0296 42216 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:21:03.0296 42216 MRxDAV - ok
23:21:03.0359 42216 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:21:03.0359 42216 MRxSmb - ok
23:21:03.0375 42216 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:21:03.0375 42216 Msfs - ok
23:21:03.0390 42216 MSIServer - ok
23:21:03.0437 42216 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:21:03.0437 42216 MSKSSRV - ok
23:21:03.0453 42216 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:21:03.0453 42216 MSPCLOCK - ok
23:21:03.0484 42216 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:21:03.0484 42216 MSPQM - ok
23:21:03.0515 42216 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:21:03.0515 42216 mssmbios - ok
23:21:03.0562 42216 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:21:03.0562 42216 MSTEE - ok
23:21:03.0593 42216 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:21:03.0593 42216 Mup - ok
23:21:03.0640 42216 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:21:03.0640 42216 NABTSFEC - ok
23:21:03.0671 42216 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:21:03.0671 42216 napagent - ok
23:21:03.0796 42216 [ 1BF9D6476061B31CD7FC2BF848529A56 ] NAV C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
23:21:03.0812 42216 NAV - ok
23:21:03.0921 42216 [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.009\NAVENG.SYS
23:21:03.0921 42216 NAVENG - ok
23:21:03.0984 42216 [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.009\NAVEX15.SYS
23:21:04.0031 42216 NAVEX15 - ok
23:21:04.0078 42216 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:21:04.0078 42216 NDIS - ok
23:21:04.0125 42216 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:21:04.0125 42216 NdisIP - ok
23:21:04.0187 42216 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:21:04.0187 42216 NdisTapi - ok
23:21:04.0203 42216 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:21:04.0203 42216 Ndisuio - ok
23:21:04.0218 42216 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:21:04.0218 42216 NdisWan - ok
23:21:04.0265 42216 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:21:04.0265 42216 NDProxy - ok
23:21:04.0343 42216 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:21:04.0343 42216 NetBIOS - ok
23:21:04.0359 42216 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:21:04.0359 42216 NetBT - ok
23:21:04.0406 42216 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
23:21:04.0406 42216 NetDDE - ok
23:21:04.0421 42216 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:21:04.0421 42216 NetDDEdsdm - ok
23:21:04.0468 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:21:04.0468 42216 Netlogon - ok
23:21:04.0515 42216 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
23:21:04.0515 42216 Netman - ok
23:21:04.0562 42216 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:21:04.0562 42216 NetTcpPortSharing - ok
23:21:04.0609 42216 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
23:21:04.0609 42216 Nla - ok
23:21:04.0671 42216 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:21:04.0671 42216 Npfs - ok
23:21:04.0703 42216 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:21:04.0703 42216 Ntfs - ok
23:21:04.0718 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:21:04.0718 42216 NtLmSsp - ok
23:21:04.0781 42216 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:21:04.0781 42216 NtmsSvc - ok
23:21:04.0812 42216 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
23:21:04.0812 42216 NuidFltr - ok
23:21:04.0859 42216 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:21:04.0859 42216 Null - ok
23:21:05.0171 42216 [ 4C3696C1ED1A36629EBB348BF745A328 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:21:05.0234 42216 nv - ok
23:21:05.0296 42216 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23:21:05.0296 42216 NVENETFD - ok
23:21:05.0343 42216 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23:21:05.0343 42216 nvnetbus - ok
23:21:05.0406 42216 [ 96F1A6F0A0D4F11047DF2F5C17C87E9D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
23:21:05.0421 42216 NVSvc - ok
23:21:05.0453 42216 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:21:05.0453 42216 NwlnkFlt - ok
23:21:05.0468 42216 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:21:05.0468 42216 NwlnkFwd - ok
23:21:05.0500 42216 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
23:21:05.0515 42216 NwlnkIpx - ok
23:21:05.0515 42216 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
23:21:05.0515 42216 NwlnkNb - ok
23:21:05.0578 42216 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
23:21:05.0578 42216 NwlnkSpx - ok
23:21:05.0625 42216 [ 4B83FCBBE72AF5F99D109798653E8B78 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
23:21:05.0625 42216 NwSapAgent - ok
23:21:05.0765 42216 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:21:05.0781 42216 odserv - ok
23:21:05.0828 42216 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:21:05.0828 42216 ose - ok
23:21:05.0937 42216 [ F01465E8D4A3ED49477DD3E2858D70C1 ] PanoptoRecorderService C:\Program Files\Panopto\Focus Recorder\Recorder.exe
23:21:05.0968 42216 PanoptoRecorderService - ok
23:21:06.0015 42216 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:21:06.0015 42216 Parport - ok
23:21:06.0031 42216 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:21:06.0031 42216 PartMgr - ok
23:21:06.0078 42216 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:21:06.0078 42216 ParVdm - ok
23:21:06.0125 42216 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:21:06.0125 42216 PCI - ok
23:21:06.0140 42216 PCIDump - ok
23:21:06.0156 42216 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:21:06.0156 42216 PCIIde - ok
23:21:06.0187 42216 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:21:06.0187 42216 Pcmcia - ok
23:21:06.0187 42216 PDCOMP - ok
23:21:06.0203 42216 PDFRAME - ok
23:21:06.0218 42216 PDRELI - ok
23:21:06.0218 42216 PDRFRAME - ok
23:21:06.0234 42216 perc2 - ok
23:21:06.0234 42216 perc2hib - ok
23:21:06.0281 42216 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
23:21:06.0281 42216 PlugPlay - ok
23:21:06.0328 42216 [ B4F59A953EF9E507F0D00C3A68580B8B ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
23:21:06.0328 42216 Point32 - ok
23:21:06.0359 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:21:06.0359 42216 PolicyAgent - ok
23:21:06.0421 42216 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:21:06.0421 42216 PptpMiniport - ok
23:21:06.0437 42216 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
23:21:06.0437 42216 Processor - ok
23:21:06.0453 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:21:06.0453 42216 ProtectedStorage - ok
23:21:06.0468 42216 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:21:06.0468 42216 PSched - ok
23:21:06.0500 42216 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:21:06.0500 42216 Ptilink - ok
23:21:06.0578 42216 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:21:06.0578 42216 PxHelp20 - ok
23:21:06.0593 42216 ql1080 - ok
23:21:06.0593 42216 Ql10wnt - ok
23:21:06.0609 42216 ql12160 - ok
23:21:06.0609 42216 ql1240 - ok
23:21:06.0625 42216 ql1280 - ok
23:21:06.0640 42216 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:21:06.0640 42216 RasAcd - ok
23:21:06.0687 42216 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:21:06.0687 42216 RasAuto - ok
23:21:06.0718 42216 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:21:06.0718 42216 Rasl2tp - ok
23:21:06.0781 42216 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:21:06.0781 42216 RasMan - ok
23:21:06.0812 42216 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:21:06.0812 42216 RasPppoe - ok
23:21:06.0843 42216 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:21:06.0843 42216 Raspti - ok
23:21:06.0968 42216 [ B694467B0325267C8EABF04A71D53D99 ] rcp_service C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe
23:21:06.0984 42216 rcp_service - ok
23:21:07.0015 42216 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:21:07.0015 42216 Rdbss - ok
23:21:07.0062 42216 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:21:07.0062 42216 RDPCDD - ok
23:21:07.0125 42216 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:21:07.0140 42216 RDPWD - ok
23:21:07.0171 42216 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:21:07.0187 42216 RDSessMgr - ok
23:21:07.0218 42216 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:21:07.0218 42216 redbook - ok
23:21:07.0265 42216 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:21:07.0265 42216 RemoteAccess - ok
23:21:07.0312 42216 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
23:21:07.0312 42216 RpcLocator - ok
23:21:07.0343 42216 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:21:07.0343 42216 RpcSs - ok
23:21:07.0390 42216 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:21:07.0406 42216 RSVP - ok
23:21:07.0437 42216 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
23:21:07.0437 42216 rtl8139 - ok
23:21:07.0453 42216 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
23:21:07.0468 42216 SamSs - ok
23:21:07.0468 42216 SBRE - ok
23:21:07.0515 42216 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:21:07.0515 42216 SCardSvr - ok
23:21:07.0562 42216 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:21:07.0578 42216 Schedule - ok
23:21:07.0687 42216 [ 8582611E53929C9B18F6488A772A3EEF ] Seagate Dashboard Services C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
23:21:07.0687 42216 Seagate Dashboard Services - ok
23:21:07.0734 42216 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:21:07.0734 42216 Secdrv - ok
23:21:07.0765 42216 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:21:07.0781 42216 seclogon - ok
23:21:07.0796 42216 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
23:21:07.0796 42216 SENS - ok
23:21:07.0859 42216 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
23:21:07.0859 42216 Serial - ok
23:21:07.0937 42216 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:21:07.0937 42216 Sfloppy - ok
23:21:08.0000 42216 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:21:08.0000 42216 SharedAccess - ok
23:21:08.0031 42216 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:21:08.0031 42216 ShellHWDetection - ok
23:21:08.0046 42216 Simbad - ok
23:21:08.0078 42216 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:21:08.0078 42216 SLIP - ok
23:21:08.0140 42216 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
23:21:08.0156 42216 SmartDefragDriver - ok
23:21:08.0187 42216 [ E78C98378A071CE4D48A7C514FA98FA1 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
23:21:08.0187 42216 snapman - ok
23:21:08.0203 42216 Sparrow - ok
23:21:08.0218 42216 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:21:08.0218 42216 splitter - ok
23:21:08.0281 42216 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:21:08.0281 42216 Spooler - ok
23:21:08.0296 42216 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:21:08.0296 42216 sr - ok
23:21:08.0359 42216 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
23:21:08.0359 42216 srservice - ok
23:21:08.0468 42216 [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP C:\WINDOWS\System32\Drivers\NAV\1404000.028\SRTSP.SYS
23:21:08.0484 42216 SRTSP - ok
23:21:08.0531 42216 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NAV\1404000.028\SRTSPX.SYS
23:21:08.0531 42216 SRTSPX - ok
23:21:08.0609 42216 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:21:08.0609 42216 Srv - ok
23:21:08.0656 42216 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:21:08.0656 42216 SSDPSRV - ok
23:21:08.0734 42216 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:21:08.0734 42216 stisvc - ok
23:21:08.0781 42216 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:21:08.0781 42216 streamip - ok
23:21:08.0812 42216 [ C86A229BB5CB5DC47498B2C530A9458E ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
23:21:08.0812 42216 SWDUMon - ok
23:21:08.0859 42216 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:21:08.0859 42216 swenum - ok
23:21:08.0875 42216 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:21:08.0875 42216 swmidi - ok
23:21:08.0890 42216 SwPrv - ok
23:21:08.0906 42216 symc810 - ok
23:21:08.0906 42216 symc8xx - ok
23:21:08.0968 42216 [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMDS.SYS
23:21:08.0968 42216 SymDS - ok
23:21:09.0031 42216 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMEFA.SYS
23:21:09.0046 42216 SymEFA - ok
23:21:09.0109 42216 [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
23:21:09.0109 42216 SymEvent - ok
23:21:09.0171 42216 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIM C:\WINDOWS\system32\DRIVERS\SymIM.sys
23:21:09.0171 42216 SymIM - ok
23:21:09.0187 42216 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIMMP C:\WINDOWS\system32\DRIVERS\SymIM.sys
23:21:09.0187 42216 SymIMMP - ok
23:21:09.0234 42216 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NAV\1404000.028\Ironx86.SYS
23:21:09.0250 42216 SymIRON - ok
23:21:09.0312 42216 [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI C:\WINDOWS\System32\Drivers\NAV\1404000.028\SYMTDI.SYS
23:21:09.0312 42216 SYMTDI - ok
23:21:09.0328 42216 sym_hi - ok
23:21:09.0328 42216 sym_u3 - ok
23:21:09.0390 42216 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:21:09.0390 42216 sysaudio - ok
23:21:09.0421 42216 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:21:09.0437 42216 SysmonLog - ok
23:21:09.0484 42216 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:21:09.0484 42216 TapiSrv - ok
23:21:09.0562 42216 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:21:09.0562 42216 Tcpip - ok
23:21:09.0593 42216 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:21:09.0593 42216 TDPIPE - ok
23:21:09.0625 42216 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:21:09.0625 42216 TDTCP - ok
23:21:09.0656 42216 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:21:09.0656 42216 TermDD - ok
23:21:09.0718 42216 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
23:21:09.0734 42216 TermService - ok
23:21:09.0750 42216 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
23:21:09.0750 42216 Themes - ok
23:21:09.0812 42216 [ D352FFF2A623B916C08CEACBFC8B5C32 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
23:21:09.0812 42216 tifsfilter - ok
23:21:09.0859 42216 [ 64694B2A5C772E1C61FEAC300ED90CA6 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
23:21:09.0859 42216 timounter - ok
23:21:09.0875 42216 TosIde - ok
23:21:09.0921 42216 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:21:09.0921 42216 TrkWks - ok
23:21:09.0953 42216 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:21:09.0968 42216 Udfs - ok
23:21:09.0968 42216 ultra - ok
23:21:10.0031 42216 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:21:10.0031 42216 Update - ok
23:21:10.0078 42216 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:21:10.0078 42216 upnphost - ok
23:21:10.0109 42216 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
23:21:10.0109 42216 UPS - ok
23:21:10.0171 42216 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
23:21:10.0171 42216 USBAAPL - ok
23:21:10.0250 42216 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:21:10.0250 42216 usbaudio - ok
23:21:10.0296 42216 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:21:10.0296 42216 usbccgp - ok
23:21:10.0328 42216 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:21:10.0328 42216 usbehci - ok
23:21:10.0375 42216 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:21:10.0375 42216 usbhub - ok
23:21:10.0390 42216 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:21:10.0390 42216 usbohci - ok
23:21:10.0453 42216 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:21:10.0453 42216 usbstor - ok
23:21:10.0484 42216 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:21:10.0484 42216 usbuhci - ok
23:21:10.0515 42216 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:21:10.0515 42216 VgaSave - ok
23:21:10.0562 42216 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
23:21:10.0562 42216 ViaIde - ok
23:21:10.0578 42216 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:21:10.0578 42216 VolSnap - ok
23:21:10.0625 42216 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
23:21:10.0640 42216 VSS - ok
23:21:10.0671 42216 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
23:21:10.0687 42216 W32Time - ok
23:21:10.0703 42216 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:21:10.0703 42216 Wanarp - ok
23:21:10.0750 42216 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:21:10.0765 42216 Wdf01000 - ok
23:21:10.0765 42216 WDICA - ok
23:21:10.0812 42216 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:21:10.0812 42216 wdmaud - ok
23:21:10.0859 42216 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:21:10.0875 42216 WebClient - ok
23:21:10.0968 42216 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
23:21:10.0968 42216 WinDefend - ok
23:21:11.0078 42216 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:21:11.0093 42216 winmgmt - ok
23:21:11.0156 42216 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
23:21:11.0171 42216 WinRM - ok
23:21:11.0218 42216 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:21:11.0218 42216 WmdmPmSN - ok
23:21:11.0250 42216 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:21:11.0265 42216 WmiApSrv - ok
23:21:11.0359 42216 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
23:21:11.0390 42216 WMPNetworkSvc - ok
23:21:11.0500 42216 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:21:11.0531 42216 WPFFontCache_v0400 - ok
23:21:11.0593 42216 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:21:11.0593 42216 wscsvc - ok
23:21:11.0640 42216 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:21:11.0640 42216 WSTCODEC - ok
23:21:11.0671 42216 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:21:11.0687 42216 wuauserv - ok
23:21:11.0718 42216 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:21:11.0734 42216 WudfPf - ok
23:21:11.0750 42216 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
23:21:11.0750 42216 WudfSvc - ok
23:21:11.0812 42216 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:21:11.0812 42216 WZCSVC - ok
23:21:11.0859 42216 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:21:11.0859 42216 xmlprov - ok
23:21:11.0875 42216 ================ Scan global ===============================
23:21:11.0906 42216 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:21:11.0968 42216 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
23:21:12.0000 42216 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
23:21:12.0015 42216 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:21:12.0015 42216 [Global] - ok
23:21:12.0015 42216 ================ Scan MBR ==================================
23:21:12.0046 42216 [ B43C418AB9A62FCAEFFE647C9F7AA165 ] \Device\Harddisk0\DR0
23:21:12.0078 42216 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
23:21:12.0078 42216 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
23:21:12.0078 42216 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
23:21:12.0093 42216 \Device\Harddisk1\DR3 - ok
23:21:12.0093 42216 ================ Scan VBR ==================================
23:21:12.0109 42216 [ BE16CA4E2F814B60560933BBBDD2C762 ] \Device\Harddisk0\DR0\Partition1
23:21:12.0109 42216 \Device\Harddisk0\DR0\Partition1 - ok
23:21:12.0125 42216 [ 2827A630494220D8C78EAFC1DD7D35DB ] \Device\Harddisk0\DR0\Partition2
23:21:12.0125 42216 \Device\Harddisk0\DR0\Partition2 - ok
23:21:12.0140 42216 [ 8131F34771EA2DF6ED34799EB6547DDB ] \Device\Harddisk1\DR3\Partition1
23:21:12.0156 42216 \Device\Harddisk1\DR3\Partition1 - ok
23:21:12.0156 42216 ============================================================
23:21:12.0156 42216 Scan finished
23:21:12.0156 42216 ============================================================
23:21:12.0171 42208 Detected object count: 1
23:21:12.0171 42208 Actual detected object count: 1
23:21:43.0250 42208 \Device\Harddisk0\DR0\# - copied to quarantine
23:21:43.0250 42208 \Device\Harddisk0\DR0 - copied to quarantine
23:21:43.0734 42208 \Device\Harddisk0\DR0 - processing error
23:21:53.0843 42208 \Device\Harddisk0\DR0 - will be restored on reboot
23:21:53.0843 42208 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure Restore
23:21:58.0265 42116 Deinitialize success
00:51:46.0484 1568 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:51:47.0031 1568 ============================================================
00:51:47.0031 1568 Current date / time: 2013/10/03 00:51:47.0031
00:51:47.0031 1568 SystemInfo:
00:51:47.0031 1568
00:51:47.0031 1568 OS Version: 5.1.2600 ServicePack: 3.0
00:51:47.0031 1568 Product type: Workstation
00:51:47.0031 1568 ComputerName: REMARK2
00:51:47.0031 1568 UserName: Compaq_Owner
00:51:47.0031 1568 Windows directory: C:\WINDOWS
00:51:47.0031 1568 System windows directory: C:\WINDOWS
00:51:47.0031 1568 Processor architecture: Intel x86
00:51:47.0031 1568 Number of processors: 1
00:51:47.0031 1568 Page size: 0x1000
00:51:47.0031 1568 Boot type: Normal boot
00:51:47.0031 1568 ============================================================
00:51:47.0656 1568 BG loaded
00:51:47.0937 1568 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
00:51:47.0937 1568 Drive \Device\Harddisk1\DR3 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:51:47.0937 1568 ============================================================
00:51:47.0937 1568 \Device\Harddisk0\DR0:
00:51:47.0937 1568 MBR partitions:
00:51:47.0937 1568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0ECC51
00:51:47.0937 1568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F07A0, BlocksNum 0xEA2C70
00:51:47.0937 1568 \Device\Harddisk1\DR3:
00:51:47.0937 1568 MBR partitions:
00:51:47.0937 1568 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
00:51:47.0937 1568 ============================================================
00:51:47.0968 1568 C: <-> \Device\Harddisk0\DR0\Partition1
00:51:47.0984 1568 D: <-> \Device\Harddisk0\DR0\Partition2
00:51:48.0343 1568 F: <-> \Device\Harddisk1\DR3\Partition1
00:51:48.0343 1568 ============================================================
00:51:48.0343 1568 Initialize success
00:51:48.0343 1568 ============================================================
00:51:54.0281 3796 ============================================================
00:51:54.0281 3796 Scan started
00:51:54.0281 3796 Mode: Manual;
00:51:54.0281 3796 ============================================================
00:51:54.0609 3796 ================ Scan system memory ========================
00:51:54.0609 3796 System memory - ok
00:51:54.0609 3796 ================ Scan services =============================
00:51:54.0781 3796 Abiosdsk - ok
00:51:54.0781 3796 abp480n5 - ok
00:51:54.0843 3796 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:51:54.0843 3796 ACPI - ok
00:51:54.0875 3796 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:51:54.0875 3796 ACPIEC - ok
00:51:55.0015 3796 [ 93E118B465160D9D01907EA3350353CA ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
00:51:55.0031 3796 AcrSch2Svc - ok
00:51:55.0031 3796 Ad-Watch Connect Filter - ok
00:51:55.0078 3796 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
00:51:55.0078 3796 Adobe LM Service - ok
00:51:55.0187 3796 [ 41D15EAD554396BF35B7C5246AD47A28 ] Adobe Version Cue CS2 C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
00:51:55.0187 3796 Adobe Version Cue CS2 - ok
00:51:55.0265 3796 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:51:55.0265 3796 AdobeFlashPlayerUpdateSvc - ok
00:51:55.0281 3796 adpu160m - ok
00:51:55.0437 3796 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
00:51:55.0437 3796 AdvancedSystemCareService6 - ok
00:51:55.0515 3796 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:51:55.0515 3796 aec - ok
00:51:55.0562 3796 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:51:55.0562 3796 AFD - ok
00:51:55.0578 3796 Aha154x - ok
00:51:55.0578 3796 aic78u2 - ok
00:51:55.0593 3796 aic78xx - ok
00:51:55.0625 3796 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:51:55.0625 3796 Alerter - ok
00:51:55.0656 3796 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
00:51:55.0656 3796 ALG - ok
00:51:55.0671 3796 AliIde - ok
00:51:55.0718 3796 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
00:51:55.0718 3796 AmdK8 - ok
00:51:55.0718 3796 amsint - ok
00:51:55.0796 3796 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
00:51:55.0796 3796 APC UPS Service - ok
00:51:55.0890 3796 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:51:55.0890 3796 Apple Mobile Device - ok
00:51:55.0906 3796 AppMgmt - ok
00:51:55.0906 3796 asc - ok
00:51:55.0937 3796 asc3350p - ok
00:51:55.0953 3796 asc3550 - ok
00:51:56.0093 3796 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:51:56.0093 3796 aspnet_state - ok
00:51:56.0125 3796 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:51:56.0125 3796 AsyncMac - ok
00:51:56.0156 3796 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:51:56.0171 3796 atapi - ok
00:51:56.0171 3796 Atdisk - ok
00:51:56.0203 3796 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:51:56.0203 3796 Atmarpc - ok
00:51:56.0250 3796 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:51:56.0250 3796 AudioSrv - ok
00:51:56.0296 3796 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:51:56.0296 3796 audstub - ok
00:51:56.0312 3796 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:51:56.0312 3796 Beep - ok
00:51:56.0593 3796 [ F4220FE21B61F45A1CA2E524A6E9B1FC ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130924.001\BHDrvx86.sys
00:51:56.0593 3796 BHDrvx86 - ok
00:51:56.0640 3796 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
00:51:56.0656 3796 BITS - ok
00:51:56.0750 3796 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:51:56.0750 3796 Bonjour Service - ok
00:51:56.0812 3796 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
00:51:56.0812 3796 Browser - ok
00:51:56.0843 3796 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
00:51:56.0843 3796 BVRPMPR5 - ok
00:51:56.0875 3796 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:51:56.0875 3796 cbidf2k - ok
00:51:56.0906 3796 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:51:56.0906 3796 CCDECODE - ok
00:51:57.0015 3796 [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1404000.028\ccSetx86.sys
00:51:57.0015 3796 ccSet_NAV - ok
00:51:57.0015 3796 cd20xrnt - ok
00:51:57.0046 3796 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:51:57.0046 3796 Cdaudio - ok
00:51:57.0109 3796 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:51:57.0109 3796 Cdfs - ok
00:51:57.0171 3796 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:51:57.0171 3796 Cdrom - ok
00:51:57.0171 3796 Changer - ok
00:51:57.0218 3796 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:51:57.0218 3796 CiSvc - ok
00:51:57.0234 3796 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:51:57.0250 3796 ClipSrv - ok
00:51:57.0312 3796 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:51:57.0312 3796 clr_optimization_v2.0.50727_32 - ok
00:51:57.0359 3796 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:51:57.0359 3796 clr_optimization_v4.0.30319_32 - ok
00:51:57.0375 3796 CmdIde - ok
00:51:57.0390 3796 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:51:57.0390 3796 Compbatt - ok
00:51:57.0406 3796 COMSysApp - ok
00:51:57.0406 3796 Cpqarray - ok
00:51:57.0562 3796 cpuz135 - ok
00:51:57.0609 3796 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:51:57.0609 3796 CryptSvc - ok
00:51:57.0625 3796 dac2w2k - ok
00:51:57.0625 3796 dac960nt - ok
00:51:57.0687 3796 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:51:57.0703 3796 DcomLaunch - ok
00:51:57.0750 3796 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:51:57.0750 3796 Dhcp - ok
00:51:57.0796 3796 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:51:57.0796 3796 Disk - ok
00:51:57.0812 3796 dmadmin - ok
00:51:57.0843 3796 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:51:57.0859 3796 dmboot - ok
00:51:57.0890 3796 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:51:57.0890 3796 dmio - ok
00:51:57.0921 3796 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:51:57.0921 3796 dmload - ok
00:51:57.0953 3796 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:51:57.0953 3796 dmserver - ok
00:51:58.0000 3796 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:51:58.0000 3796 DMusic - ok
00:51:58.0046 3796 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:51:58.0046 3796 Dnscache - ok
00:51:58.0109 3796 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:51:58.0109 3796 Dot3svc - ok
00:51:58.0125 3796 dpti2o - ok
00:51:58.0140 3796 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:51:58.0140 3796 drmkaud - ok
00:51:58.0187 3796 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:51:58.0187 3796 EapHost - ok
00:51:58.0281 3796 [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
00:51:58.0296 3796 eeCtrl - ok
00:51:58.0328 3796 [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:51:58.0328 3796 EraserUtilRebootDrv - ok
00:51:58.0375 3796 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:51:58.0375 3796 ERSvc - ok
00:51:58.0421 3796 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
00:51:58.0421 3796 Eventlog - ok
00:51:58.0484 3796 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
00:51:58.0484 3796 EventSystem - ok
00:51:58.0531 3796 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:51:58.0546 3796 Fastfat - ok
00:51:58.0593 3796 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:51:58.0593 3796 FastUserSwitchingCompatibility - ok
00:51:58.0609 3796 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:51:58.0609 3796 Fdc - ok
00:51:58.0640 3796 [ 678EB001BD22AAAF7C029523477B5C43 ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
00:51:58.0640 3796 FilterService - ok
00:51:58.0671 3796 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:51:58.0671 3796 Fips - ok
00:51:58.0718 3796 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:51:58.0734 3796 FLEXnet Licensing Service - ok
00:51:58.0765 3796 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:51:58.0765 3796 Flpydisk - ok
00:51:58.0812 3796 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:51:58.0812 3796 FltMgr - ok
00:51:58.0921 3796 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:51:58.0921 3796 FontCache3.0.0.0 - ok
00:51:58.0953 3796 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:51:58.0953 3796 Fs_Rec - ok
00:51:58.0968 3796 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:51:58.0984 3796 Ftdisk - ok
00:51:58.0984 3796 ftsata2 - ok
00:51:59.0015 3796 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
00:51:59.0015 3796 GEARAspiWDM - ok
00:51:59.0078 3796 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:51:59.0078 3796 Gpc - ok
00:51:59.0125 3796 [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
00:51:59.0125 3796 grmnusb - ok
00:51:59.0218 3796 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:51:59.0218 3796 gupdate - ok
00:51:59.0234 3796 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:51:59.0234 3796 gupdatem - ok
00:51:59.0296 3796 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:51:59.0296 3796 gusvc - ok
00:51:59.0328 3796 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:51:59.0328 3796 HDAudBus - ok
00:51:59.0421 3796 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:51:59.0421 3796 helpsvc - ok
00:51:59.0453 3796 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys
00:51:59.0453 3796 HidBatt - ok
00:51:59.0500 3796 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:51:59.0500 3796 HidServ - ok
00:51:59.0515 3796 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:51:59.0515 3796 HidUsb - ok
00:51:59.0562 3796 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:51:59.0562 3796 hkmsvc - ok
00:51:59.0562 3796 hpn - ok
00:51:59.0609 3796 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:51:59.0609 3796 HTTP - ok
00:51:59.0640 3796 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:51:59.0640 3796 HTTPFilter - ok
00:51:59.0656 3796 i2omgmt - ok
00:51:59.0656 3796 i2omp - ok
00:51:59.0718 3796 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:51:59.0718 3796 i8042prt - ok
00:51:59.0796 3796 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
00:51:59.0796 3796 IDriverT - ok
00:51:59.0875 3796 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:51:59.0875 3796 idsvc - ok
00:52:00.0000 3796 [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20131002.001\IDSxpx86.sys
00:52:00.0000 3796 IDSxpx86 - ok
00:52:00.0046 3796 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:52:00.0046 3796 Imapi - ok
00:52:00.0078 3796 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
00:52:00.0078 3796 ImapiService - ok
00:52:00.0093 3796 ini910u - ok
00:52:00.0265 3796 [ AB2FE0FAA519880BD16E4A0792D633D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
00:52:00.0296 3796 IntcAzAudAddService - ok
00:52:00.0312 3796 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
00:52:00.0312 3796 IntelIde - ok
00:52:00.0359 3796 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:52:00.0359 3796 intelppm - ok
00:52:00.0484 3796 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
00:52:00.0484 3796 IntuitUpdateService - ok
00:52:00.0578 3796 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
00:52:00.0578 3796 IntuitUpdateServiceV4 - ok
00:52:00.0609 3796 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:52:00.0609 3796 Ip6Fw - ok
00:52:00.0640 3796 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:52:00.0640 3796 IpFilterDriver - ok
00:52:00.0671 3796 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:52:00.0671 3796 IpInIp - ok
00:52:00.0718 3796 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:52:00.0718 3796 IpNat - ok
00:52:00.0796 3796 [ C00149A7027081539A66DC5A46695EAD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:52:00.0812 3796 iPod Service - ok
00:52:00.0843 3796 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:52:00.0843 3796 IPSec - ok
00:52:00.0859 3796 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:52:00.0859 3796 IRENUM - ok
00:52:00.0890 3796 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:52:00.0890 3796 isapnp - ok
00:52:00.0984 3796 JavaQuickStarterService - ok
00:52:01.0031 3796 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:52:01.0031 3796 Kbdclass - ok
00:52:01.0093 3796 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:52:01.0093 3796 kbdhid - ok
00:52:01.0140 3796 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:52:01.0140 3796 kmixer - ok
00:52:01.0203 3796 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:52:01.0203 3796 KSecDD - ok
00:52:01.0250 3796 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:52:01.0265 3796 lanmanserver - ok
00:52:01.0328 3796 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:52:01.0328 3796 lanmanworkstation - ok
00:52:01.0328 3796 Lbd - ok
00:52:01.0375 3796 [ 12E54181D584F72296FD6EC72309BD94 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
00:52:01.0375 3796 LBeepKE - ok
00:52:01.0390 3796 lbrtfdc - ok
00:52:01.0468 3796 [ 54581F1B8A4B517040AD316E5C430A2C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:52:01.0468 3796 LBTServ - ok
00:52:01.0500 3796 [ 2A727534372EDE8C0A4EDB1F037A44BF ] LEqdUsb C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
00:52:01.0500 3796 LEqdUsb - ok
00:52:01.0546 3796 [ 9C694DFC271AC043E4FA8DDF8BB4C57E ] LHidEqd C:\WINDOWS\system32\Drivers\LHidEqd.Sys
00:52:01.0546 3796 LHidEqd - ok
00:52:01.0578 3796 [ 5001C2B3557B53DED02ABED3BCC6FD2D ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
00:52:01.0578 3796 LHidFilt - ok
00:52:01.0625 3796 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:52:01.0625 3796 LmHosts - ok
00:52:01.0671 3796 [ 3AD9369E5D17014971A11728F198994C ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
00:52:01.0671 3796 LMouFilt - ok
00:52:01.0765 3796 [ F38E7600E2188B0FC640EBA498EC1D8F ] Lvckap C:\WINDOWS\system32\drivers\Lvckap.sys
00:52:01.0781 3796 Lvckap - ok
00:52:01.0859 3796 [ 98F2EB95589A29C3BAAD859779B5BAF4 ] lvmvdrv C:\WINDOWS\system32\drivers\lvmvdrv.sys
00:52:01.0875 3796 lvmvdrv - ok
00:52:01.0906 3796 [ 0354C6A753360CA5E1FE1EBA81CB1A35 ] LVPrcMon C:\WINDOWS\system32\drivers\LVPrcMon.sys
00:52:01.0906 3796 LVPrcMon - ok
00:52:02.0000 3796 [ 5576C4A655A5E18D5F93F01C6B2C30C4 ] LVPrcSrv c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
00:52:02.0000 3796 LVPrcSrv - ok
00:52:02.0046 3796 [ B8EDA4ECE968EABF99DC02141BAAA4E8 ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
00:52:02.0062 3796 LVUSBSta - ok
00:52:02.0125 3796 [ 9AE25062E3DC02DF670C7A4A2CFAE30C ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
00:52:02.0140 3796 LVUVC - ok
00:52:02.0140 3796 mdmxsdk - ok
00:52:02.0171 3796 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:52:02.0171 3796 Messenger - ok
00:52:02.0218 3796 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:52:02.0234 3796 mnmdd - ok
00:52:02.0265 3796 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:52:02.0265 3796 mnmsrvc - ok
00:52:02.0328 3796 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:52:02.0328 3796 Modem - ok
00:52:02.0359 3796 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:52:02.0359 3796 Mouclass - ok
00:52:02.0421 3796 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:52:02.0421 3796 mouhid - ok
00:52:02.0468 3796 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:52:02.0468 3796 MountMgr - ok
00:52:02.0531 3796 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:52:02.0531 3796 MozillaMaintenance - ok
00:52:02.0531 3796 mraid35x - ok
00:52:02.0578 3796 MREMP50 - ok
00:52:02.0578 3796 MREMP50a64 - ok
00:52:02.0593 3796 MREMPR5 - ok
00:52:02.0593 3796 MRENDIS5 - ok
00:52:02.0593 3796 MRESP50 - ok
00:52:02.0609 3796 MRESP50a64 - ok
00:52:02.0640 3796 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:52:02.0640 3796 MRxDAV - ok
00:52:02.0687 3796 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:52:02.0703 3796 MRxSmb - ok
00:52:02.0718 3796 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:52:02.0718 3796 Msfs - ok
00:52:02.0718 3796 MSIServer - ok
00:52:02.0765 3796 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:52:02.0765 3796 MSKSSRV - ok
00:52:02.0781 3796 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:52:02.0796 3796 MSPCLOCK - ok
00:52:02.0812 3796 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:52:02.0812 3796 MSPQM - ok
00:52:02.0843 3796 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:52:02.0843 3796 mssmbios - ok
00:52:02.0890 3796 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:52:02.0890 3796 MSTEE - ok
00:52:02.0921 3796 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:52:02.0921 3796 Mup - ok
00:52:02.0968 3796 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:52:02.0968 3796 NABTSFEC - ok
00:52:03.0000 3796 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:52:03.0000 3796 napagent - ok
00:52:03.0140 3796 [ 1BF9D6476061B31CD7FC2BF848529A56 ] NAV C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
00:52:03.0140 3796 NAV - ok
00:52:03.0250 3796 [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.009\NAVENG.SYS
00:52:03.0250 3796 NAVENG - ok
00:52:03.0328 3796 [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.009\NAVEX15.SYS
00:52:03.0343 3796 NAVEX15 - ok
00:52:03.0406 3796 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:52:03.0406 3796 NDIS - ok
00:52:03.0453 3796 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:52:03.0453 3796 NdisIP - ok
00:52:03.0484 3796 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:52:03.0484 3796 NdisTapi - ok
00:52:03.0500 3796 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:52:03.0500 3796 Ndisuio - ok
00:52:03.0531 3796 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:52:03.0531 3796 NdisWan - ok
00:52:03.0578 3796 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:52:03.0578 3796 NDProxy - ok
00:52:03.0625 3796 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:52:03.0625 3796 NetBIOS - ok
00:52:03.0640 3796 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:52:03.0640 3796 NetBT - ok
00:52:03.0687 3796 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
00:52:03.0703 3796 NetDDE - ok
00:52:03.0703 3796 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:52:03.0718 3796 NetDDEdsdm - ok
00:52:03.0750 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:52:03.0750 3796 Netlogon - ok
00:52:03.0812 3796 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
00:52:03.0812 3796 Netman - ok
00:52:03.0859 3796 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:52:03.0859 3796 NetTcpPortSharing - ok
00:52:03.0890 3796 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
00:52:03.0906 3796 Nla - ok
00:52:03.0953 3796 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:52:03.0953 3796 Npfs - ok
00:52:03.0984 3796 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:52:03.0984 3796 Ntfs - ok
00:52:04.0000 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:52:04.0000 3796 NtLmSsp - ok
00:52:04.0062 3796 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:52:04.0062 3796 NtmsSvc - ok
00:52:04.0093 3796 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
00:52:04.0093 3796 NuidFltr - ok
00:52:04.0156 3796 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:52:04.0156 3796 Null - ok
00:52:04.0437 3796 [ 4C3696C1ED1A36629EBB348BF745A328 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:52:04.0484 3796 nv - ok
00:52:04.0546 3796 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
00:52:04.0546 3796 NVENETFD - ok
00:52:04.0593 3796 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
00:52:04.0593 3796 nvnetbus - ok
00:52:04.0656 3796 [ 96F1A6F0A0D4F11047DF2F5C17C87E9D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
00:52:04.0656 3796 NVSvc - ok
00:52:04.0687 3796 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:52:04.0687 3796 NwlnkFlt - ok
00:52:04.0703 3796 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:52:04.0703 3796 NwlnkFwd - ok
00:52:04.0734 3796 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
00:52:04.0734 3796 NwlnkIpx - ok
00:52:04.0750 3796 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
00:52:04.0750 3796 NwlnkNb - ok
00:52:04.0796 3796 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
00:52:04.0796 3796 NwlnkSpx - ok
00:52:04.0859 3796 [ 4B83FCBBE72AF5F99D109798653E8B78 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
00:52:04.0859 3796 NwSapAgent - ok
00:52:05.0015 3796 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:52:05.0015 3796 odserv - ok
00:52:05.0046 3796 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:52:05.0046 3796 ose - ok
00:52:05.0156 3796 [ F01465E8D4A3ED49477DD3E2858D70C1 ] PanoptoRecorderService C:\Program Files\Panopto\Focus Recorder\Recorder.exe
00:52:05.0156 3796 PanoptoRecorderService - ok
00:52:05.0203 3796 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:52:05.0203 3796 Parport - ok
00:52:05.0234 3796 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:52:05.0234 3796 PartMgr - ok
00:52:05.0281 3796 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:52:05.0281 3796 ParVdm - ok
00:52:05.0328 3796 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:52:05.0328 3796 PCI - ok
00:52:05.0328 3796 PCIDump - ok
00:52:05.0343 3796 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:52:05.0343 3796 PCIIde - ok
00:52:05.0375 3796 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:52:05.0375 3796 Pcmcia - ok
00:52:05.0390 3796 PDCOMP - ok
00:52:05.0390 3796 PDFRAME - ok
00:52:05.0406 3796 PDRELI - ok
00:52:05.0406 3796 PDRFRAME - ok
00:52:05.0421 3796 perc2 - ok
00:52:05.0421 3796 perc2hib - ok
00:52:05.0468 3796 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
00:52:05.0468 3796 PlugPlay - ok
00:52:05.0515 3796 [ B4F59A953EF9E507F0D00C3A68580B8B ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
00:52:05.0515 3796 Point32 - ok
00:52:05.0546 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:52:05.0546 3796 PolicyAgent - ok
00:52:05.0609 3796 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:52:05.0609 3796 PptpMiniport - ok
00:52:05.0625 3796 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
00:52:05.0625 3796 Processor - ok
00:52:05.0640 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:52:05.0640 3796 ProtectedStorage - ok
00:52:05.0656 3796 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:52:05.0656 3796 PSched - ok
00:52:05.0718 3796 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:52:05.0718 3796 Ptilink - ok
00:52:05.0765 3796 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:52:05.0765 3796 PxHelp20 - ok
00:52:05.0781 3796 ql1080 - ok
00:52:05.0781 3796 Ql10wnt - ok
00:52:05.0796 3796 ql12160 - ok
00:52:05.0796 3796 ql1240 - ok
00:52:05.0812 3796 ql1280 - ok
00:52:05.0828 3796 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:52:05.0828 3796 RasAcd - ok
00:52:05.0875 3796 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:52:05.0875 3796 RasAuto - ok
00:52:05.0906 3796 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:52:05.0906 3796 Rasl2tp - ok
00:52:05.0953 3796 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:52:05.0968 3796 RasMan - ok
00:52:05.0984 3796 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:52:05.0984 3796 RasPppoe - ok
00:52:06.0031 3796 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:52:06.0031 3796 Raspti - ok
00:52:06.0140 3796 [ B694467B0325267C8EABF04A71D53D99 ] rcp_service C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe
00:52:06.0140 3796 rcp_service - ok
00:52:06.0187 3796 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:52:06.0187 3796 Rdbss - ok
00:52:06.0234 3796 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:52:06.0234 3796 RDPCDD - ok
00:52:06.0296 3796 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:52:06.0296 3796 RDPWD - ok
00:52:06.0328 3796 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:52:06.0343 3796 RDSessMgr - ok
00:52:06.0359 3796 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:52:06.0359 3796 redbook - ok
00:52:06.0406 3796 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:52:06.0406 3796 RemoteAccess - ok
00:52:06.0453 3796 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
00:52:06.0453 3796 RpcLocator - ok
00:52:06.0484 3796 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
00:52:06.0500 3796 RpcSs - ok
00:52:06.0531 3796 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:52:06.0531 3796 RSVP - ok
00:52:06.0578 3796 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
00:52:06.0578 3796 rtl8139 - ok
00:52:06.0593 3796 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
00:52:06.0609 3796 SamSs - ok
00:52:06.0609 3796 SBRE - ok
00:52:06.0656 3796 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:52:06.0656 3796 SCardSvr - ok
00:52:06.0703 3796 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:52:06.0703 3796 Schedule - ok
00:52:06.0812 3796 [ 8582611E53929C9B18F6488A772A3EEF ] Seagate Dashboard Services C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
00:52:06.0812 3796 Seagate Dashboard Services - ok
00:52:06.0859 3796 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:52:06.0859 3796 Secdrv - ok
00:52:06.0906 3796 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:52:06.0906 3796 seclogon - ok
00:52:06.0921 3796 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
00:52:06.0921 3796 SENS - ok
00:52:06.0968 3796 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
00:52:06.0984 3796 Serial - ok
00:52:07.0031 3796 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:52:07.0046 3796 Sfloppy - ok
00:52:07.0109 3796 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:52:07.0109 3796 SharedAccess - ok
00:52:07.0125 3796 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:52:07.0140 3796 ShellHWDetection - ok
00:52:07.0140 3796 Simbad - ok
00:52:07.0187 3796 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:52:07.0187 3796 SLIP - ok
00:52:07.0218 3796 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
00:52:07.0234 3796 SmartDefragDriver - ok
00:52:07.0265 3796 [ E78C98378A071CE4D48A7C514FA98FA1 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
00:52:07.0265 3796 snapman - ok
00:52:07.0281 3796 Sparrow - ok
00:52:07.0296 3796 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:52:07.0296 3796 splitter - ok
00:52:07.0343 3796 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:52:07.0343 3796 Spooler - ok
00:52:07.0359 3796 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:52:07.0359 3796 sr - ok
00:52:07.0406 3796 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
00:52:07.0421 3796 srservice - ok
00:52:07.0531 3796 [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP C:\WINDOWS\System32\Drivers\NAV\1404000.028\SRTSP.SYS
00:52:07.0531 3796 SRTSP - ok
00:52:07.0562 3796 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NAV\1404000.028\SRTSPX.SYS
00:52:07.0562 3796 SRTSPX - ok
00:52:07.0609 3796 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:52:07.0625 3796 Srv - ok
00:52:07.0671 3796 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:52:07.0671 3796 SSDPSRV - ok
00:52:07.0718 3796 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:52:07.0718 3796 stisvc - ok
00:52:07.0765 3796 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:52:07.0765 3796 streamip - ok
00:52:07.0796 3796 [ C86A229BB5CB5DC47498B2C530A9458E ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
00:52:07.0796 3796 SWDUMon - ok
00:52:07.0843 3796 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:52:07.0843 3796 swenum - ok
00:52:07.0859 3796 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:52:07.0859 3796 swmidi - ok
00:52:07.0859 3796 SwPrv - ok
00:52:07.0875 3796 symc810 - ok
00:52:07.0890 3796 symc8xx - ok
00:52:07.0937 3796 [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMDS.SYS
00:52:07.0937 3796 SymDS - ok
00:52:08.0000 3796 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMEFA.SYS
00:52:08.0031 3796 SymEFA - ok
00:52:08.0046 3796 [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
00:52:08.0046 3796 SymEvent - ok
00:52:08.0109 3796 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIM C:\WINDOWS\system32\DRIVERS\SymIM.sys
00:52:08.0109 3796 SymIM - ok
00:52:08.0109 3796 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIMMP C:\WINDOWS\system32\DRIVERS\SymIM.sys
00:52:08.0109 3796 SymIMMP - ok
00:52:08.0171 3796 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NAV\1404000.028\Ironx86.SYS
00:52:08.0171 3796 SymIRON - ok
00:52:08.0218 3796 [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI C:\WINDOWS\System32\Drivers\NAV\1404000.028\SYMTDI.SYS
00:52:08.0234 3796 SYMTDI - ok
00:52:08.0234 3796 sym_hi - ok
00:52:08.0250 3796 sym_u3 - ok
00:52:08.0296 3796 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:52:08.0296 3796 sysaudio - ok
00:52:08.0328 3796 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:52:08.0343 3796 SysmonLog - ok
00:52:08.0375 3796 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:52:08.0375 3796 TapiSrv - ok
00:52:08.0437 3796 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:52:08.0453 3796 Tcpip - ok
00:52:08.0484 3796 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:52:08.0484 3796 TDPIPE - ok
00:52:08.0515 3796 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:52:08.0515 3796 TDTCP - ok
00:52:08.0546 3796 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:52:08.0546 3796 TermDD - ok
00:52:08.0593 3796 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
00:52:08.0609 3796 TermService - ok
00:52:08.0625 3796 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
00:52:08.0640 3796 Themes - ok
00:52:08.0687 3796 [ D352FFF2A623B916C08CEACBFC8B5C32 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
00:52:08.0687 3796 tifsfilter - ok
00:52:08.0703 3796 [ 64694B2A5C772E1C61FEAC300ED90CA6 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
00:52:08.0718 3796 timounter - ok
00:52:08.0718 3796 TosIde - ok
00:52:08.0750 3796 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:52:08.0765 3796 TrkWks - ok
00:52:08.0796 3796 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:52:08.0796 3796 Udfs - ok
00:52:08.0796 3796 ultra - ok
00:52:08.0843 3796 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:52:08.0859 3796 Update - ok
00:52:08.0890 3796 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:52:08.0906 3796 upnphost - ok
00:52:08.0921 3796 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
00:52:08.0921 3796 UPS - ok
00:52:08.0968 3796 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:52:08.0968 3796 USBAAPL - ok
00:52:09.0000 3796 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:52:09.0000 3796 usbaudio - ok
00:52:09.0062 3796 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:52:09.0062 3796 usbccgp - ok
00:52:09.0093 3796 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:52:09.0109 3796 usbehci - ok
00:52:09.0140 3796 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:52:09.0156 3796 usbhub - ok
00:52:09.0187 3796 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
00:52:09.0187 3796 usbohci - ok
00:52:09.0234 3796 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:52:09.0234 3796 usbstor - ok
00:52:09.0265 3796 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:52:09.0265 3796 usbuhci - ok
00:52:09.0312 3796 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:52:09.0312 3796 VgaSave - ok
00:52:09.0359 3796 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
00:52:09.0359 3796 ViaIde - ok
00:52:09.0375 3796 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:52:09.0375 3796 VolSnap - ok
00:52:09.0406 3796 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
00:52:09.0421 3796 VSS - ok
00:52:09.0453 3796 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
00:52:09.0453 3796 W32Time - ok
00:52:09.0484 3796 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:52:09.0484 3796 Wanarp - ok
00:52:09.0531 3796 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:52:09.0531 3796 Wdf01000 - ok
00:52:09.0546 3796 WDICA - ok
00:52:09.0578 3796 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:52:09.0593 3796 wdmaud - ok
00:52:09.0640 3796 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:52:09.0640 3796 WebClient - ok
00:52:09.0734 3796 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
00:52:09.0734 3796 WinDefend - ok
00:52:09.0828 3796 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:52:09.0828 3796 winmgmt - ok
00:52:09.0906 3796 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
00:52:09.0906 3796 WinRM - ok
00:52:09.0968 3796 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:52:09.0968 3796 WmdmPmSN - ok
00:52:10.0000 3796 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:52:10.0000 3796 WmiApSrv - ok
00:52:10.0093 3796 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
00:52:10.0109 3796 WMPNetworkSvc - ok
00:52:10.0218 3796 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:52:10.0218 3796 WPFFontCache_v0400 - ok
00:52:10.0265 3796 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:52:10.0265 3796 wscsvc - ok
00:52:10.0312 3796 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:52:10.0312 3796 WSTCODEC - ok
00:52:10.0359 3796 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:52:10.0359 3796 wuauserv - ok
00:52:10.0406 3796 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:52:10.0406 3796 WudfPf - ok
00:52:10.0421 3796 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:52:10.0421 3796 WudfSvc - ok
00:52:10.0484 3796 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:52:10.0484 3796 WZCSVC - ok
00:52:10.0531 3796 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:52:10.0531 3796 xmlprov - ok
00:52:10.0546 3796 ================ Scan global ===============================
00:52:10.0593 3796 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
00:52:10.0640 3796 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
00:52:10.0671 3796 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
00:52:10.0703 3796 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
00:52:10.0703 3796 [Global] - ok
00:52:10.0703 3796 ================ Scan MBR ==================================
00:52:10.0718 3796 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:52:10.0906 3796 \Device\Harddisk0\DR0 - ok
00:52:10.0921 3796 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
00:52:10.0937 3796 \Device\Harddisk1\DR3 - ok
00:52:10.0937 3796 ================ Scan VBR ==================================
00:52:10.0937 3796 [ BE16CA4E2F814B60560933BBBDD2C762 ] \Device\Harddisk0\DR0\Partition1
00:52:10.0937 3796 \Device\Harddisk0\DR0\Partition1 - ok
00:52:10.0984 3796 [ F43D78A768FA96C0FD36742AD824D923 ] \Device\Harddisk0\DR0\Partition2
00:52:10.0984 3796 \Device\Harddisk0\DR0\Partition2 - ok
00:52:10.0984 3796 [ 8131F34771EA2DF6ED34799EB6547DDB ] \Device\Harddisk1\DR3\Partition1
00:52:11.0000 3796 \Device\Harddisk1\DR3\Partition1 - ok
00:52:11.0000 3796 ============================================================
00:52:11.0000 3796 Scan finished
00:52:11.0000 3796 ============================================================
00:52:11.0015 0820 Detected object count: 0
00:52:11.0015 0820 Actual detected object count: 0
00:52:28.0687 2628 Deinitialize success
#19
Posted 03 October 2013 - 08:08 AM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
TDDSKiller log and aswMBR log from this morning.
09:38:03.0558 1336 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:38:04.0105 1336 ============================================================
09:38:04.0105 1336 Current date / time: 2013/10/03 09:38:04.0105
09:38:04.0105 1336 SystemInfo:
09:38:04.0105 1336
09:38:04.0105 1336 OS Version: 5.1.2600 ServicePack: 3.0
09:38:04.0105 1336 Product type: Workstation
09:38:04.0105 1336 ComputerName: REMARK2
09:38:04.0105 1336 UserName: Compaq_Owner
09:38:04.0105 1336 Windows directory: C:\WINDOWS
09:38:04.0105 1336 System windows directory: C:\WINDOWS
09:38:04.0105 1336 Processor architecture: Intel x86
09:38:04.0105 1336 Number of processors: 1
09:38:04.0105 1336 Page size: 0x1000
09:38:04.0105 1336 Boot type: Normal boot
09:38:04.0105 1336 ============================================================
09:38:04.0746 1336 BG loaded
09:38:05.0136 1336 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
09:38:05.0152 1336 Drive \Device\Harddisk1\DR3 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:38:05.0465 1336 ============================================================
09:38:05.0465 1336 \Device\Harddisk0\DR0:
09:38:05.0496 1336 MBR partitions:
09:38:05.0496 1336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0ECC51
09:38:05.0496 1336 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F07A0, BlocksNum 0xEA2C70
09:38:05.0496 1336 \Device\Harddisk1\DR3:
09:38:05.0496 1336 MBR partitions:
09:38:05.0496 1336 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
09:38:05.0496 1336 ============================================================
09:38:05.0715 1336 C: <-> \Device\Harddisk0\DR0\Partition1
09:38:05.0730 1336 D: <-> \Device\Harddisk0\DR0\Partition2
09:38:05.0777 1336 F: <-> \Device\Harddisk1\DR3\Partition1
09:38:05.0777 1336 ============================================================
09:38:05.0777 1336 Initialize success
09:38:05.0777 1336 ============================================================
09:38:07.0199 5076 ============================================================
09:38:07.0199 5076 Scan started
09:38:07.0199 5076 Mode: Manual;
09:38:07.0199 5076 ============================================================
09:38:08.0074 5076 ================ Scan system memory ========================
09:38:08.0074 5076 System memory - ok
09:38:08.0074 5076 ================ Scan services =============================
09:38:08.0277 5076 Abiosdsk - ok
09:38:08.0277 5076 abp480n5 - ok
09:38:08.0340 5076 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:38:08.0371 5076 ACPI - ok
09:38:08.0402 5076 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:38:08.0433 5076 ACPIEC - ok
09:38:08.0605 5076 [ 93E118B465160D9D01907EA3350353CA ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
09:38:08.0605 5076 AcrSch2Svc - ok
09:38:08.0605 5076 Ad-Watch Connect Filter - ok
09:38:08.0683 5076 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
09:38:08.0683 5076 Adobe LM Service - ok
09:38:08.0840 5076 [ 41D15EAD554396BF35B7C5246AD47A28 ] Adobe Version Cue CS2 C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
09:38:08.0840 5076 Adobe Version Cue CS2 - ok
09:38:08.0933 5076 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:38:08.0933 5076 AdobeFlashPlayerUpdateSvc - ok
09:38:08.0949 5076 adpu160m - ok
09:38:09.0215 5076 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
09:38:09.0215 5076 AdvancedSystemCareService6 - ok
09:38:09.0293 5076 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:38:09.0418 5076 aec - ok
09:38:09.0480 5076 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:38:09.0558 5076 AFD - ok
09:38:09.0558 5076 Aha154x - ok
09:38:09.0574 5076 aic78u2 - ok
09:38:09.0574 5076 aic78xx - ok
09:38:09.0652 5076 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:38:09.0652 5076 Alerter - ok
09:38:09.0699 5076 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
09:38:09.0699 5076 ALG - ok
09:38:09.0699 5076 AliIde - ok
09:38:09.0746 5076 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
09:38:09.0777 5076 AmdK8 - ok
09:38:09.0793 5076 amsint - ok
09:38:09.0965 5076 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
09:38:09.0980 5076 APC UPS Service - ok
09:38:10.0105 5076 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:38:10.0105 5076 Apple Mobile Device - ok
09:38:10.0121 5076 AppMgmt - ok
09:38:10.0121 5076 asc - ok
09:38:10.0136 5076 asc3350p - ok
09:38:10.0136 5076 asc3550 - ok
09:38:10.0277 5076 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:38:10.0465 5076 aspnet_state - ok
09:38:10.0543 5076 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:38:10.0574 5076 AsyncMac - ok
09:38:10.0590 5076 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:38:10.0590 5076 atapi - ok
09:38:10.0605 5076 Atdisk - ok
09:38:10.0636 5076 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:38:10.0683 5076 Atmarpc - ok
09:38:10.0746 5076 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:38:10.0746 5076 AudioSrv - ok
09:38:10.0808 5076 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:38:10.0808 5076 audstub - ok
09:38:10.0855 5076 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:38:10.0855 5076 Beep - ok
09:38:11.0136 5076 [ F4220FE21B61F45A1CA2E524A6E9B1FC ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130924.001\BHDrvx86.sys
09:38:11.0199 5076 BHDrvx86 - ok
09:38:11.0246 5076 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
09:38:11.0246 5076 BITS - ok
09:38:11.0340 5076 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:38:11.0355 5076 Bonjour Service - ok
09:38:11.0418 5076 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
09:38:11.0433 5076 Browser - ok
09:38:11.0480 5076 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
09:38:11.0480 5076 BVRPMPR5 - ok
09:38:11.0511 5076 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:38:11.0527 5076 cbidf2k - ok
09:38:11.0543 5076 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:38:11.0558 5076 CCDECODE - ok
09:38:11.0652 5076 [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1404000.028\ccSetx86.sys
09:38:11.0652 5076 ccSet_NAV - ok
09:38:11.0652 5076 cd20xrnt - ok
09:38:11.0668 5076 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:38:11.0668 5076 Cdaudio - ok
09:38:11.0746 5076 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:38:11.0746 5076 Cdfs - ok
09:38:11.0761 5076 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:38:11.0761 5076 Cdrom - ok
09:38:11.0777 5076 Changer - ok
09:38:11.0808 5076 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:38:11.0824 5076 CiSvc - ok
09:38:11.0840 5076 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:38:11.0840 5076 ClipSrv - ok
09:38:11.0918 5076 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:38:12.0152 5076 clr_optimization_v2.0.50727_32 - ok
09:38:12.0199 5076 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:38:12.0465 5076 clr_optimization_v4.0.30319_32 - ok
09:38:12.0465 5076 CmdIde - ok
09:38:12.0480 5076 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:38:12.0480 5076 Compbatt - ok
09:38:12.0496 5076 COMSysApp - ok
09:38:12.0511 5076 Cpqarray - ok
09:38:12.0636 5076 cpuz135 - ok
09:38:12.0683 5076 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:38:12.0683 5076 CryptSvc - ok
09:38:12.0699 5076 dac2w2k - ok
09:38:12.0699 5076 dac960nt - ok
09:38:12.0761 5076 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:38:12.0777 5076 DcomLaunch - ok
09:38:12.0840 5076 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:38:12.0840 5076 Dhcp - ok
09:38:12.0840 5076 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:38:12.0855 5076 Disk - ok
09:38:12.0855 5076 dmadmin - ok
09:38:12.0902 5076 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:38:12.0933 5076 dmboot - ok
09:38:12.0965 5076 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:38:12.0965 5076 dmio - ok
09:38:12.0996 5076 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:38:12.0996 5076 dmload - ok
09:38:13.0027 5076 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:38:13.0027 5076 dmserver - ok
09:38:13.0074 5076 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:38:13.0074 5076 DMusic - ok
09:38:13.0136 5076 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:38:13.0136 5076 Dnscache - ok
09:38:13.0183 5076 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:38:13.0183 5076 Dot3svc - ok
09:38:13.0199 5076 dpti2o - ok
09:38:13.0230 5076 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:38:13.0230 5076 drmkaud - ok
09:38:13.0261 5076 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:38:13.0277 5076 EapHost - ok
09:38:13.0371 5076 [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:38:13.0418 5076 eeCtrl - ok
09:38:13.0449 5076 [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:38:13.0449 5076 EraserUtilRebootDrv - ok
09:38:13.0496 5076 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:38:13.0496 5076 ERSvc - ok
09:38:13.0543 5076 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
09:38:13.0543 5076 Eventlog - ok
09:38:13.0605 5076 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
09:38:13.0605 5076 EventSystem - ok
09:38:13.0668 5076 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:38:13.0668 5076 Fastfat - ok
09:38:13.0746 5076 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:38:13.0746 5076 FastUserSwitchingCompatibility - ok
09:38:13.0761 5076 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:38:13.0761 5076 Fdc - ok
09:38:13.0840 5076 [ 678EB001BD22AAAF7C029523477B5C43 ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
09:38:13.0871 5076 FilterService - ok
09:38:13.0886 5076 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:38:13.0886 5076 Fips - ok
09:38:13.0965 5076 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:38:13.0980 5076 FLEXnet Licensing Service - ok
09:38:14.0011 5076 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:38:14.0011 5076 Flpydisk - ok
09:38:14.0105 5076 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:38:14.0121 5076 FltMgr - ok
09:38:14.0277 5076 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:38:14.0277 5076 FontCache3.0.0.0 - ok
09:38:14.0324 5076 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:38:14.0324 5076 Fs_Rec - ok
09:38:14.0371 5076 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:38:14.0371 5076 Ftdisk - ok
09:38:14.0386 5076 ftsata2 - ok
09:38:14.0418 5076 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
09:38:14.0418 5076 GEARAspiWDM - ok
09:38:14.0480 5076 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:38:14.0480 5076 Gpc - ok
09:38:14.0527 5076 [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
09:38:14.0527 5076 grmnusb - ok
09:38:14.0621 5076 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:38:14.0621 5076 gupdate - ok
09:38:14.0636 5076 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:38:14.0636 5076 gupdatem - ok
09:38:14.0699 5076 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:38:14.0699 5076 gusvc - ok
09:38:14.0746 5076 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:38:14.0746 5076 HDAudBus - ok
09:38:14.0840 5076 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:38:14.0840 5076 helpsvc - ok
09:38:14.0871 5076 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys
09:38:14.0871 5076 HidBatt - ok
09:38:14.0918 5076 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:38:14.0918 5076 HidServ - ok
09:38:14.0933 5076 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:38:14.0933 5076 HidUsb - ok
09:38:14.0980 5076 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:38:14.0980 5076 hkmsvc - ok
09:38:14.0996 5076 hpn - ok
09:38:15.0027 5076 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:38:15.0027 5076 HTTP - ok
09:38:15.0074 5076 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:38:15.0074 5076 HTTPFilter - ok
09:38:15.0090 5076 i2omgmt - ok
09:38:15.0090 5076 i2omp - ok
09:38:15.0136 5076 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:38:15.0152 5076 i8042prt - ok
09:38:15.0230 5076 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:38:15.0230 5076 IDriverT - ok
09:38:15.0308 5076 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:38:15.0355 5076 idsvc - ok
09:38:15.0465 5076 [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20131002.001\IDSxpx86.sys
09:38:15.0480 5076 IDSxpx86 - ok
09:38:15.0527 5076 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:38:15.0527 5076 Imapi - ok
09:38:15.0558 5076 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:38:15.0558 5076 ImapiService - ok
09:38:15.0574 5076 ini910u - ok
09:38:15.0746 5076 [ AB2FE0FAA519880BD16E4A0792D633D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:38:15.0886 5076 IntcAzAudAddService - ok
09:38:15.0918 5076 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
09:38:15.0918 5076 IntelIde - ok
09:38:15.0965 5076 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:38:15.0965 5076 intelppm - ok
09:38:16.0105 5076 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
09:38:16.0105 5076 IntuitUpdateService - ok
09:38:16.0199 5076 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
09:38:16.0199 5076 IntuitUpdateServiceV4 - ok
09:38:16.0230 5076 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:38:16.0230 5076 Ip6Fw - ok
09:38:16.0261 5076 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:38:16.0261 5076 IpFilterDriver - ok
09:38:16.0277 5076 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:38:16.0277 5076 IpInIp - ok
09:38:16.0324 5076 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:38:16.0340 5076 IpNat - ok
09:38:16.0402 5076 [ C00149A7027081539A66DC5A46695EAD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:38:16.0418 5076 iPod Service - ok
09:38:16.0449 5076 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:38:16.0449 5076 IPSec - ok
09:38:16.0480 5076 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:38:16.0480 5076 IRENUM - ok
09:38:16.0511 5076 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:38:16.0511 5076 isapnp - ok
09:38:16.0590 5076 JavaQuickStarterService - ok
09:38:16.0636 5076 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:38:16.0636 5076 Kbdclass - ok
09:38:16.0683 5076 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:38:16.0683 5076 kbdhid - ok
09:38:16.0730 5076 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:38:16.0746 5076 kmixer - ok
09:38:16.0793 5076 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:38:16.0793 5076 KSecDD - ok
09:38:16.0840 5076 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:38:16.0855 5076 lanmanserver - ok
09:38:16.0902 5076 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:38:16.0902 5076 lanmanworkstation - ok
09:38:16.0918 5076 Lbd - ok
09:38:16.0965 5076 [ 12E54181D584F72296FD6EC72309BD94 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
09:38:16.0965 5076 LBeepKE - ok
09:38:16.0980 5076 lbrtfdc - ok
09:38:17.0058 5076 [ 54581F1B8A4B517040AD316E5C430A2C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
09:38:17.0074 5076 LBTServ - ok
09:38:17.0105 5076 [ 2A727534372EDE8C0A4EDB1F037A44BF ] LEqdUsb C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
09:38:17.0105 5076 LEqdUsb - ok
09:38:17.0152 5076 [ 9C694DFC271AC043E4FA8DDF8BB4C57E ] LHidEqd C:\WINDOWS\system32\Drivers\LHidEqd.Sys
09:38:17.0152 5076 LHidEqd - ok
09:38:17.0199 5076 [ 5001C2B3557B53DED02ABED3BCC6FD2D ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
09:38:17.0230 5076 LHidFilt - ok
09:38:17.0293 5076 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:38:17.0308 5076 LmHosts - ok
09:38:17.0355 5076 [ 3AD9369E5D17014971A11728F198994C ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
09:38:17.0355 5076 LMouFilt - ok
09:38:17.0449 5076 [ F38E7600E2188B0FC640EBA498EC1D8F ] Lvckap C:\WINDOWS\system32\drivers\Lvckap.sys
09:38:17.0543 5076 Lvckap - ok
09:38:17.0621 5076 [ 98F2EB95589A29C3BAAD859779B5BAF4 ] lvmvdrv C:\WINDOWS\system32\drivers\lvmvdrv.sys
09:38:17.0668 5076 lvmvdrv - ok
09:38:17.0715 5076 [ 0354C6A753360CA5E1FE1EBA81CB1A35 ] LVPrcMon C:\WINDOWS\system32\drivers\LVPrcMon.sys
09:38:17.0715 5076 LVPrcMon - ok
09:38:17.0824 5076 [ 5576C4A655A5E18D5F93F01C6B2C30C4 ] LVPrcSrv c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
09:38:17.0840 5076 LVPrcSrv - ok
09:38:17.0886 5076 [ B8EDA4ECE968EABF99DC02141BAAA4E8 ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
09:38:17.0886 5076 LVUSBSta - ok
09:38:17.0949 5076 [ 9AE25062E3DC02DF670C7A4A2CFAE30C ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
09:38:17.0980 5076 LVUVC - ok
09:38:17.0996 5076 mdmxsdk - ok
09:38:18.0027 5076 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:38:18.0027 5076 Messenger - ok
09:38:18.0058 5076 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:38:18.0058 5076 mnmdd - ok
09:38:18.0105 5076 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:38:18.0105 5076 mnmsrvc - ok
09:38:18.0152 5076 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:38:18.0152 5076 Modem - ok
09:38:18.0183 5076 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:38:18.0183 5076 Mouclass - ok
09:38:18.0246 5076 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:38:18.0246 5076 mouhid - ok
09:38:18.0261 5076 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:38:18.0261 5076 MountMgr - ok
09:38:18.0308 5076 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:38:18.0308 5076 MozillaMaintenance - ok
09:38:18.0324 5076 mraid35x - ok
09:38:18.0340 5076 MREMP50 - ok
09:38:18.0355 5076 MREMP50a64 - ok
09:38:18.0355 5076 MREMPR5 - ok
09:38:18.0371 5076 MRENDIS5 - ok
09:38:18.0371 5076 MRESP50 - ok
09:38:18.0386 5076 MRESP50a64 - ok
09:38:18.0402 5076 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:38:18.0402 5076 MRxDAV - ok
09:38:18.0465 5076 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:38:18.0480 5076 MRxSmb - ok
09:38:18.0496 5076 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:38:18.0496 5076 Msfs - ok
09:38:18.0511 5076 MSIServer - ok
09:38:18.0543 5076 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:38:18.0543 5076 MSKSSRV - ok
09:38:18.0574 5076 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:38:18.0574 5076 MSPCLOCK - ok
09:38:18.0590 5076 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:38:18.0590 5076 MSPQM - ok
09:38:18.0621 5076 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:38:18.0621 5076 mssmbios - ok
09:38:18.0668 5076 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:38:18.0668 5076 MSTEE - ok
09:38:18.0715 5076 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:38:18.0715 5076 Mup - ok
09:38:18.0761 5076 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:38:18.0761 5076 NABTSFEC - ok
09:38:18.0793 5076 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:38:18.0808 5076 napagent - ok
09:38:18.0933 5076 [ 1BF9D6476061B31CD7FC2BF848529A56 ] NAV C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
09:38:18.0949 5076 NAV - ok
09:38:19.0058 5076 [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131003.002\NAVENG.SYS
09:38:19.0074 5076 NAVENG - ok
09:38:19.0152 5076 [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131003.002\NAVEX15.SYS
09:38:19.0168 5076 NAVEX15 - ok
09:38:19.0215 5076 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:38:19.0230 5076 NDIS - ok
09:38:19.0277 5076 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:38:19.0277 5076 NdisIP - ok
09:38:19.0308 5076 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:38:19.0308 5076 NdisTapi - ok
09:38:19.0324 5076 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:38:19.0324 5076 Ndisuio - ok
09:38:19.0340 5076 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:38:19.0340 5076 NdisWan - ok
09:38:19.0386 5076 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:38:19.0386 5076 NDProxy - ok
09:38:19.0449 5076 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:38:19.0465 5076 NetBIOS - ok
09:38:19.0480 5076 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:38:19.0480 5076 NetBT - ok
09:38:19.0527 5076 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
09:38:19.0543 5076 NetDDE - ok
09:38:19.0543 5076 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:38:19.0543 5076 NetDDEdsdm - ok
09:38:19.0590 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:38:19.0590 5076 Netlogon - ok
09:38:19.0652 5076 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
09:38:19.0652 5076 Netman - ok
09:38:19.0699 5076 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:38:19.0699 5076 NetTcpPortSharing - ok
09:38:19.0746 5076 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
09:38:19.0746 5076 Nla - ok
09:38:19.0793 5076 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:38:19.0793 5076 Npfs - ok
09:38:19.0824 5076 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:38:19.0840 5076 Ntfs - ok
09:38:19.0855 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:38:19.0855 5076 NtLmSsp - ok
09:38:19.0902 5076 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:38:19.0918 5076 NtmsSvc - ok
09:38:19.0949 5076 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
09:38:19.0949 5076 NuidFltr - ok
09:38:19.0980 5076 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:38:19.0996 5076 Null - ok
09:38:20.0261 5076 [ 4C3696C1ED1A36629EBB348BF745A328 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:38:21.0043 5076 nv - ok
09:38:21.0105 5076 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
09:38:21.0121 5076 NVENETFD - ok
09:38:21.0183 5076 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
09:38:21.0199 5076 nvnetbus - ok
09:38:21.0277 5076 [ 96F1A6F0A0D4F11047DF2F5C17C87E9D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
09:38:21.0277 5076 NVSvc - ok
09:38:21.0324 5076 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:38:21.0324 5076 NwlnkFlt - ok
09:38:21.0340 5076 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:38:21.0340 5076 NwlnkFwd - ok
09:38:21.0371 5076 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
09:38:21.0371 5076 NwlnkIpx - ok
09:38:21.0386 5076 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
09:38:21.0386 5076 NwlnkNb - ok
09:38:21.0433 5076 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
09:38:21.0449 5076 NwlnkSpx - ok
09:38:21.0480 5076 [ 4B83FCBBE72AF5F99D109798653E8B78 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
09:38:21.0480 5076 NwSapAgent - ok
09:38:21.0636 5076 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:38:21.0683 5076 odserv - ok
09:38:21.0730 5076 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:38:21.0746 5076 ose - ok
09:38:21.0855 5076 [ F01465E8D4A3ED49477DD3E2858D70C1 ] PanoptoRecorderService C:\Program Files\Panopto\Focus Recorder\Recorder.exe
09:38:21.0855 5076 PanoptoRecorderService - ok
09:38:21.0918 5076 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:38:21.0918 5076 Parport - ok
09:38:21.0949 5076 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:38:21.0949 5076 PartMgr - ok
09:38:22.0011 5076 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:38:22.0011 5076 ParVdm - ok
09:38:22.0058 5076 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:38:22.0058 5076 PCI - ok
09:38:22.0058 5076 PCIDump - ok
09:38:22.0074 5076 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:38:22.0074 5076 PCIIde - ok
09:38:22.0105 5076 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:38:22.0105 5076 Pcmcia - ok
09:38:22.0121 5076 PDCOMP - ok
09:38:22.0121 5076 PDFRAME - ok
09:38:22.0136 5076 PDRELI - ok
09:38:22.0136 5076 PDRFRAME - ok
09:38:22.0152 5076 perc2 - ok
09:38:22.0152 5076 perc2hib - ok
09:38:22.0277 5076 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
09:38:22.0277 5076 PlugPlay - ok
09:38:22.0324 5076 [ B4F59A953EF9E507F0D00C3A68580B8B ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
09:38:22.0324 5076 Point32 - ok
09:38:22.0355 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:38:22.0355 5076 PolicyAgent - ok
09:38:22.0402 5076 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:38:22.0402 5076 PptpMiniport - ok
09:38:22.0418 5076 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
09:38:22.0418 5076 Processor - ok
09:38:22.0465 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:38:22.0465 5076 ProtectedStorage - ok
09:38:22.0480 5076 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:38:22.0480 5076 PSched - ok
09:38:22.0543 5076 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:38:22.0543 5076 Ptilink - ok
09:38:22.0590 5076 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:38:22.0590 5076 PxHelp20 - ok
09:38:22.0605 5076 ql1080 - ok
09:38:22.0605 5076 Ql10wnt - ok
09:38:22.0621 5076 ql12160 - ok
09:38:22.0621 5076 ql1240 - ok
09:38:22.0636 5076 ql1280 - ok
09:38:22.0652 5076 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:38:22.0652 5076 RasAcd - ok
09:38:22.0699 5076 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:38:22.0699 5076 RasAuto - ok
09:38:22.0730 5076 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:38:22.0730 5076 Rasl2tp - ok
09:38:22.0793 5076 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:38:22.0793 5076 RasMan - ok
09:38:22.0808 5076 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:38:22.0808 5076 RasPppoe - ok
09:38:22.0855 5076 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:38:22.0855 5076 Raspti - ok
09:38:22.0965 5076 [ B694467B0325267C8EABF04A71D53D99 ] rcp_service C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe
09:38:23.0011 5076 rcp_service - ok
09:38:23.0043 5076 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:38:23.0043 5076 Rdbss - ok
09:38:23.0090 5076 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:38:23.0090 5076 RDPCDD - ok
09:38:23.0152 5076 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:38:23.0152 5076 RDPWD - ok
09:38:23.0183 5076 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:38:23.0199 5076 RDSessMgr - ok
09:38:23.0230 5076 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:38:23.0230 5076 redbook - ok
09:38:23.0277 5076 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:38:23.0277 5076 RemoteAccess - ok
09:38:23.0340 5076 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:38:23.0340 5076 RpcLocator - ok
09:38:23.0371 5076 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:38:23.0371 5076 RpcSs - ok
09:38:23.0418 5076 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:38:23.0418 5076 RSVP - ok
09:38:23.0496 5076 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
09:38:23.0496 5076 rtl8139 - ok
09:38:23.0527 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
09:38:23.0527 5076 SamSs - ok
09:38:23.0527 5076 SBRE - ok
09:38:23.0574 5076 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:38:23.0574 5076 SCardSvr - ok
09:38:23.0621 5076 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:38:23.0621 5076 Schedule - ok
09:38:23.0730 5076 [ 8582611E53929C9B18F6488A772A3EEF ] Seagate Dashboard Services C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
09:38:23.0730 5076 Seagate Dashboard Services - ok
09:38:23.0777 5076 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:38:23.0777 5076 Secdrv - ok
09:38:23.0824 5076 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:38:23.0824 5076 seclogon - ok
09:38:23.0840 5076 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
09:38:23.0840 5076 SENS - ok
09:38:23.0902 5076 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
09:38:23.0902 5076 Serial - ok
09:38:23.0965 5076 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:38:23.0965 5076 Sfloppy - ok
09:38:24.0027 5076 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:38:24.0058 5076 SharedAccess - ok
09:38:24.0105 5076 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:38:24.0105 5076 ShellHWDetection - ok
09:38:24.0121 5076 Simbad - ok
09:38:24.0136 5076 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:38:24.0152 5076 SLIP - ok
09:38:24.0183 5076 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
09:38:24.0183 5076 SmartDefragDriver - ok
09:38:24.0215 5076 [ E78C98378A071CE4D48A7C514FA98FA1 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
09:38:24.0230 5076 snapman - ok
09:38:24.0230 5076 Sparrow - ok
09:38:24.0246 5076 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:38:24.0261 5076 splitter - ok
09:38:24.0308 5076 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:38:24.0308 5076 Spooler - ok
09:38:24.0324 5076 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:38:24.0324 5076 sr - ok
09:38:24.0371 5076 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
09:38:24.0386 5076 srservice - ok
09:38:24.0480 5076 [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP C:\WINDOWS\System32\Drivers\NAV\1404000.028\SRTSP.SYS
09:38:24.0574 5076 SRTSP - ok
09:38:24.0621 5076 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NAV\1404000.028\SRTSPX.SYS
09:38:24.0621 5076 SRTSPX - ok
09:38:24.0683 5076 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:38:24.0699 5076 Srv - ok
09:38:24.0746 5076 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:38:24.0746 5076 SSDPSRV - ok
09:38:24.0793 5076 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:38:24.0824 5076 stisvc - ok
09:38:24.0855 5076 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:38:24.0855 5076 streamip - ok
09:38:24.0886 5076 [ C86A229BB5CB5DC47498B2C530A9458E ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
09:38:24.0886 5076 SWDUMon - ok
09:38:24.0933 5076 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:38:24.0933 5076 swenum - ok
09:38:24.0949 5076 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:38:24.0949 5076 swmidi - ok
09:38:24.0949 5076 SwPrv - ok
09:38:24.0965 5076 symc810 - ok
09:38:24.0965 5076 symc8xx - ok
09:38:25.0027 5076 [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMDS.SYS
09:38:25.0027 5076 SymDS - ok
09:38:25.0090 5076 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMEFA.SYS
09:38:25.0121 5076 SymEFA - ok
09:38:25.0168 5076 [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
09:38:25.0168 5076 SymEvent - ok
09:38:25.0215 5076 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIM C:\WINDOWS\system32\DRIVERS\SymIM.sys
09:38:25.0215 5076 SymIM - ok
09:38:25.0230 5076 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIMMP C:\WINDOWS\system32\DRIVERS\SymIM.sys
09:38:25.0230 5076 SymIMMP - ok
09:38:25.0293 5076 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NAV\1404000.028\Ironx86.SYS
09:38:25.0308 5076 SymIRON - ok
09:38:25.0371 5076 [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI C:\WINDOWS\System32\Drivers\NAV\1404000.028\SYMTDI.SYS
09:38:25.0371 5076 SYMTDI - ok
09:38:25.0386 5076 sym_hi - ok
09:38:25.0386 5076 sym_u3 - ok
09:38:25.0824 5076 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:38:25.0824 5076 sysaudio - ok
09:38:25.0886 5076 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:38:25.0886 5076 SysmonLog - ok
09:38:25.0918 5076 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:38:25.0933 5076 TapiSrv - ok
09:38:26.0011 5076 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:38:26.0011 5076 Tcpip - ok
09:38:26.0058 5076 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:38:26.0058 5076 TDPIPE - ok
09:38:26.0090 5076 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:38:26.0090 5076 TDTCP - ok
09:38:26.0136 5076 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:38:26.0136 5076 TermDD - ok
09:38:26.0199 5076 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
09:38:26.0215 5076 TermService - ok
09:38:26.0246 5076 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
09:38:26.0246 5076 Themes - ok
09:38:26.0308 5076 [ D352FFF2A623B916C08CEACBFC8B5C32 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
09:38:26.0308 5076 tifsfilter - ok
09:38:26.0355 5076 [ 64694B2A5C772E1C61FEAC300ED90CA6 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
09:38:26.0355 5076 timounter - ok
09:38:26.0371 5076 TosIde - ok
09:38:26.0402 5076 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:38:26.0418 5076 TrkWks - ok
09:38:26.0449 5076 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:38:26.0449 5076 Udfs - ok
09:38:26.0465 5076 ultra - ok
09:38:26.0511 5076 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:38:26.0511 5076 Update - ok
09:38:26.0574 5076 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:38:26.0574 5076 upnphost - ok
09:38:26.0590 5076 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
09:38:26.0590 5076 UPS - ok
09:38:26.0636 5076 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
09:38:26.0636 5076 USBAAPL - ok
09:38:26.0683 5076 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:38:26.0699 5076 usbaudio - ok
09:38:26.0746 5076 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:38:26.0761 5076 usbccgp - ok
09:38:26.0793 5076 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:38:26.0793 5076 usbehci - ok
09:38:26.0855 5076 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:38:26.0855 5076 usbhub - ok
09:38:26.0871 5076 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:38:26.0871 5076 usbohci - ok
09:38:26.0933 5076 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:38:26.0933 5076 usbstor - ok
09:38:26.0965 5076 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:38:26.0965 5076 usbuhci - ok
09:38:26.0980 5076 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:38:26.0980 5076 VgaSave - ok
09:38:27.0043 5076 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
09:38:27.0043 5076 ViaIde - ok
09:38:27.0058 5076 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:38:27.0058 5076 VolSnap - ok
09:38:27.0105 5076 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
09:38:27.0105 5076 VSS - ok
09:38:27.0136 5076 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
09:38:27.0152 5076 W32Time - ok
09:38:27.0168 5076 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:38:27.0168 5076 Wanarp - ok
09:38:27.0215 5076 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:38:27.0230 5076 Wdf01000 - ok
09:38:27.0246 5076 WDICA - ok
09:38:27.0293 5076 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:38:27.0293 5076 wdmaud - ok
09:38:27.0340 5076 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:38:27.0340 5076 WebClient - ok
09:38:27.0418 5076 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
09:38:27.0433 5076 WinDefend - ok
09:38:27.0543 5076 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:38:27.0543 5076 winmgmt - ok
09:38:27.0621 5076 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:38:27.0652 5076 WinRM - ok
09:38:27.0683 5076 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:38:27.0699 5076 WmdmPmSN - ok
09:38:27.0746 5076 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:38:27.0746 5076 WmiApSrv - ok
09:38:27.0886 5076 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
09:38:27.0918 5076 WMPNetworkSvc - ok
09:38:28.0011 5076 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:38:28.0074 5076 WPFFontCache_v0400 - ok
09:38:28.0121 5076 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:38:28.0121 5076 wscsvc - ok
09:38:28.0183 5076 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:38:28.0183 5076 WSTCODEC - ok
09:38:28.0230 5076 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:38:28.0230 5076 wuauserv - ok
09:38:28.0308 5076 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:38:28.0324 5076 WudfPf - ok
09:38:28.0340 5076 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:38:28.0355 5076 WudfSvc - ok
09:38:28.0496 5076 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:38:28.0715 5076 WZCSVC - ok
09:38:28.0793 5076 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:38:28.0824 5076 xmlprov - ok
09:38:28.0840 5076 ================ Scan global ===============================
09:38:28.0902 5076 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:38:29.0011 5076 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:38:29.0230 5076 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:38:29.0261 5076 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:38:29.0261 5076 [Global] - ok
09:38:29.0261 5076 ================ Scan MBR ==================================
09:38:29.0293 5076 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:38:31.0636 5076 \Device\Harddisk0\DR0 - ok
09:38:31.0652 5076 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
09:38:31.0668 5076 \Device\Harddisk1\DR3 - ok
09:38:31.0668 5076 ================ Scan VBR ==================================
09:38:31.0683 5076 [ BE16CA4E2F814B60560933BBBDD2C762 ] \Device\Harddisk0\DR0\Partition1
09:38:31.0683 5076 \Device\Harddisk0\DR0\Partition1 - ok
09:38:31.0730 5076 [ F43D78A768FA96C0FD36742AD824D923 ] \Device\Harddisk0\DR0\Partition2
09:38:31.0746 5076 \Device\Harddisk0\DR0\Partition2 - ok
09:38:32.0074 5076 [ 8131F34771EA2DF6ED34799EB6547DDB ] \Device\Harddisk1\DR3\Partition1
09:38:32.0090 5076 \Device\Harddisk1\DR3\Partition1 - ok
09:38:32.0090 5076 ============================================================
09:38:32.0090 5076 Scan finished
09:38:32.0090 5076 ============================================================
09:38:32.0105 5124 Detected object count: 0
09:38:32.0105 5124 Actual detected object count: 0
09:39:27.0027 1532 Deinitialize success
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-10-03 08:44:47
-----------------------------
08:44:47.433 OS Version: Windows 5.1.2600 Service Pack 3
08:44:47.433 Number of processors: 1 586 0x4F02
08:44:47.433 ComputerName: REMARK2 UserName:
08:44:47.933 Initialize success
08:45:29.527 AVAST engine defs: 13100201
08:55:47.980 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
08:55:47.980 Disk 0 Vendor: ST3120213AS 3.AHH Size: 114473MB BusType: 3
08:55:48.199 Disk 0 MBR read successfully
08:55:48.215 Disk 0 MBR scan
08:55:48.230 Disk 0 Windows XP default MBR code
08:55:48.246 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 106969 MB offset 63
08:55:48.277 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 7493 MB offset 219088800
08:55:48.308 Disk 0 scanning sectors +234435600
08:55:48.590 Disk 0 scanning C:\WINDOWS\system32\drivers
08:56:06.011 Service scanning
08:56:10.949 Service BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130924.001\BHDrvx86.sys **LOCKED** 5
08:56:12.433 Service ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1404000.028\ccSetx86.sys **LOCKED** 5
08:56:24.121 Service IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20131002.001\IDSxpx86.sys **LOCKED** 5
08:56:36.121 Service NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.022\NAVENG.SYS **LOCKED** 5
08:56:36.621 Service NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.022\NAVEX15.SYS **LOCKED** 5
08:56:53.761 Service SRTSPX C:\WINDOWS\system32\drivers\NAV\1404000.028\SRTSPX.SYS **LOCKED** 5
08:56:55.636 Service SymDS C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMDS.SYS **LOCKED** 5
08:56:56.340 Service SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS **LOCKED** 5
08:56:57.168 Service SymIRON C:\WINDOWS\system32\drivers\NAV\1404000.028\Ironx86.SYS **LOCKED** 5
08:56:57.480 Service SYMTDI C:\WINDOWS\System32\Drivers\NAV\1404000.028\SYMTDI.SYS **LOCKED** 5
08:57:06.902 Modules scanning
08:57:36.230 AVAST engine scan C:\WINDOWS
08:57:41.386 File: C:\WINDOWS\IsUninst.exe **INFECTED** Win32:Injected-AZ
08:57:45.027 AVAST engine scan C:\WINDOWS\system32
09:02:46.824 AVAST engine scan C:\WINDOWS\system32\drivers
09:03:13.980 AVAST engine scan C:\Documents and Settings\Compaq_Owner
09:23:51.449 AVAST engine scan C:\Documents and Settings\All Users
09:28:22.527 Scan finished successfully
09:32:15.480 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat"
09:32:15.496 The log file has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR2.txt"
09:38:03.0558 1336 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:38:04.0105 1336 ============================================================
09:38:04.0105 1336 Current date / time: 2013/10/03 09:38:04.0105
09:38:04.0105 1336 SystemInfo:
09:38:04.0105 1336
09:38:04.0105 1336 OS Version: 5.1.2600 ServicePack: 3.0
09:38:04.0105 1336 Product type: Workstation
09:38:04.0105 1336 ComputerName: REMARK2
09:38:04.0105 1336 UserName: Compaq_Owner
09:38:04.0105 1336 Windows directory: C:\WINDOWS
09:38:04.0105 1336 System windows directory: C:\WINDOWS
09:38:04.0105 1336 Processor architecture: Intel x86
09:38:04.0105 1336 Number of processors: 1
09:38:04.0105 1336 Page size: 0x1000
09:38:04.0105 1336 Boot type: Normal boot
09:38:04.0105 1336 ============================================================
09:38:04.0746 1336 BG loaded
09:38:05.0136 1336 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3C91, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
09:38:05.0152 1336 Drive \Device\Harddisk1\DR3 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:38:05.0465 1336 ============================================================
09:38:05.0465 1336 \Device\Harddisk0\DR0:
09:38:05.0496 1336 MBR partitions:
09:38:05.0496 1336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xD0ECC51
09:38:05.0496 1336 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0xD0F07A0, BlocksNum 0xEA2C70
09:38:05.0496 1336 \Device\Harddisk1\DR3:
09:38:05.0496 1336 MBR partitions:
09:38:05.0496 1336 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
09:38:05.0496 1336 ============================================================
09:38:05.0715 1336 C: <-> \Device\Harddisk0\DR0\Partition1
09:38:05.0730 1336 D: <-> \Device\Harddisk0\DR0\Partition2
09:38:05.0777 1336 F: <-> \Device\Harddisk1\DR3\Partition1
09:38:05.0777 1336 ============================================================
09:38:05.0777 1336 Initialize success
09:38:05.0777 1336 ============================================================
09:38:07.0199 5076 ============================================================
09:38:07.0199 5076 Scan started
09:38:07.0199 5076 Mode: Manual;
09:38:07.0199 5076 ============================================================
09:38:08.0074 5076 ================ Scan system memory ========================
09:38:08.0074 5076 System memory - ok
09:38:08.0074 5076 ================ Scan services =============================
09:38:08.0277 5076 Abiosdsk - ok
09:38:08.0277 5076 abp480n5 - ok
09:38:08.0340 5076 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:38:08.0371 5076 ACPI - ok
09:38:08.0402 5076 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:38:08.0433 5076 ACPIEC - ok
09:38:08.0605 5076 [ 93E118B465160D9D01907EA3350353CA ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
09:38:08.0605 5076 AcrSch2Svc - ok
09:38:08.0605 5076 Ad-Watch Connect Filter - ok
09:38:08.0683 5076 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
09:38:08.0683 5076 Adobe LM Service - ok
09:38:08.0840 5076 [ 41D15EAD554396BF35B7C5246AD47A28 ] Adobe Version Cue CS2 C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
09:38:08.0840 5076 Adobe Version Cue CS2 - ok
09:38:08.0933 5076 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:38:08.0933 5076 AdobeFlashPlayerUpdateSvc - ok
09:38:08.0949 5076 adpu160m - ok
09:38:09.0215 5076 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
09:38:09.0215 5076 AdvancedSystemCareService6 - ok
09:38:09.0293 5076 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:38:09.0418 5076 aec - ok
09:38:09.0480 5076 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:38:09.0558 5076 AFD - ok
09:38:09.0558 5076 Aha154x - ok
09:38:09.0574 5076 aic78u2 - ok
09:38:09.0574 5076 aic78xx - ok
09:38:09.0652 5076 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:38:09.0652 5076 Alerter - ok
09:38:09.0699 5076 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
09:38:09.0699 5076 ALG - ok
09:38:09.0699 5076 AliIde - ok
09:38:09.0746 5076 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
09:38:09.0777 5076 AmdK8 - ok
09:38:09.0793 5076 amsint - ok
09:38:09.0965 5076 [ DC45AB27932447B598848B10650313C5 ] APC UPS Service C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
09:38:09.0980 5076 APC UPS Service - ok
09:38:10.0105 5076 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:38:10.0105 5076 Apple Mobile Device - ok
09:38:10.0121 5076 AppMgmt - ok
09:38:10.0121 5076 asc - ok
09:38:10.0136 5076 asc3350p - ok
09:38:10.0136 5076 asc3550 - ok
09:38:10.0277 5076 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:38:10.0465 5076 aspnet_state - ok
09:38:10.0543 5076 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:38:10.0574 5076 AsyncMac - ok
09:38:10.0590 5076 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:38:10.0590 5076 atapi - ok
09:38:10.0605 5076 Atdisk - ok
09:38:10.0636 5076 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:38:10.0683 5076 Atmarpc - ok
09:38:10.0746 5076 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:38:10.0746 5076 AudioSrv - ok
09:38:10.0808 5076 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:38:10.0808 5076 audstub - ok
09:38:10.0855 5076 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:38:10.0855 5076 Beep - ok
09:38:11.0136 5076 [ F4220FE21B61F45A1CA2E524A6E9B1FC ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130924.001\BHDrvx86.sys
09:38:11.0199 5076 BHDrvx86 - ok
09:38:11.0246 5076 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
09:38:11.0246 5076 BITS - ok
09:38:11.0340 5076 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:38:11.0355 5076 Bonjour Service - ok
09:38:11.0418 5076 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
09:38:11.0433 5076 Browser - ok
09:38:11.0480 5076 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
09:38:11.0480 5076 BVRPMPR5 - ok
09:38:11.0511 5076 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:38:11.0527 5076 cbidf2k - ok
09:38:11.0543 5076 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:38:11.0558 5076 CCDECODE - ok
09:38:11.0652 5076 [ 3BEE52611F22C9C0023A98A4425E084F ] ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1404000.028\ccSetx86.sys
09:38:11.0652 5076 ccSet_NAV - ok
09:38:11.0652 5076 cd20xrnt - ok
09:38:11.0668 5076 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:38:11.0668 5076 Cdaudio - ok
09:38:11.0746 5076 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:38:11.0746 5076 Cdfs - ok
09:38:11.0761 5076 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:38:11.0761 5076 Cdrom - ok
09:38:11.0777 5076 Changer - ok
09:38:11.0808 5076 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:38:11.0824 5076 CiSvc - ok
09:38:11.0840 5076 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:38:11.0840 5076 ClipSrv - ok
09:38:11.0918 5076 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:38:12.0152 5076 clr_optimization_v2.0.50727_32 - ok
09:38:12.0199 5076 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:38:12.0465 5076 clr_optimization_v4.0.30319_32 - ok
09:38:12.0465 5076 CmdIde - ok
09:38:12.0480 5076 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:38:12.0480 5076 Compbatt - ok
09:38:12.0496 5076 COMSysApp - ok
09:38:12.0511 5076 Cpqarray - ok
09:38:12.0636 5076 cpuz135 - ok
09:38:12.0683 5076 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:38:12.0683 5076 CryptSvc - ok
09:38:12.0699 5076 dac2w2k - ok
09:38:12.0699 5076 dac960nt - ok
09:38:12.0761 5076 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:38:12.0777 5076 DcomLaunch - ok
09:38:12.0840 5076 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:38:12.0840 5076 Dhcp - ok
09:38:12.0840 5076 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:38:12.0855 5076 Disk - ok
09:38:12.0855 5076 dmadmin - ok
09:38:12.0902 5076 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:38:12.0933 5076 dmboot - ok
09:38:12.0965 5076 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:38:12.0965 5076 dmio - ok
09:38:12.0996 5076 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:38:12.0996 5076 dmload - ok
09:38:13.0027 5076 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:38:13.0027 5076 dmserver - ok
09:38:13.0074 5076 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:38:13.0074 5076 DMusic - ok
09:38:13.0136 5076 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:38:13.0136 5076 Dnscache - ok
09:38:13.0183 5076 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:38:13.0183 5076 Dot3svc - ok
09:38:13.0199 5076 dpti2o - ok
09:38:13.0230 5076 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:38:13.0230 5076 drmkaud - ok
09:38:13.0261 5076 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:38:13.0277 5076 EapHost - ok
09:38:13.0371 5076 [ E1E3804F7C59EA3E14637C2A763F65E2 ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:38:13.0418 5076 eeCtrl - ok
09:38:13.0449 5076 [ 6D84DFC3B5C5052881BF50470D0C03D1 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:38:13.0449 5076 EraserUtilRebootDrv - ok
09:38:13.0496 5076 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:38:13.0496 5076 ERSvc - ok
09:38:13.0543 5076 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
09:38:13.0543 5076 Eventlog - ok
09:38:13.0605 5076 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
09:38:13.0605 5076 EventSystem - ok
09:38:13.0668 5076 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:38:13.0668 5076 Fastfat - ok
09:38:13.0746 5076 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:38:13.0746 5076 FastUserSwitchingCompatibility - ok
09:38:13.0761 5076 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:38:13.0761 5076 Fdc - ok
09:38:13.0840 5076 [ 678EB001BD22AAAF7C029523477B5C43 ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
09:38:13.0871 5076 FilterService - ok
09:38:13.0886 5076 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:38:13.0886 5076 Fips - ok
09:38:13.0965 5076 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:38:13.0980 5076 FLEXnet Licensing Service - ok
09:38:14.0011 5076 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:38:14.0011 5076 Flpydisk - ok
09:38:14.0105 5076 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:38:14.0121 5076 FltMgr - ok
09:38:14.0277 5076 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:38:14.0277 5076 FontCache3.0.0.0 - ok
09:38:14.0324 5076 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:38:14.0324 5076 Fs_Rec - ok
09:38:14.0371 5076 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:38:14.0371 5076 Ftdisk - ok
09:38:14.0386 5076 ftsata2 - ok
09:38:14.0418 5076 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
09:38:14.0418 5076 GEARAspiWDM - ok
09:38:14.0480 5076 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:38:14.0480 5076 Gpc - ok
09:38:14.0527 5076 [ D956358054E99E6FFAC69CD87E893A89 ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
09:38:14.0527 5076 grmnusb - ok
09:38:14.0621 5076 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:38:14.0621 5076 gupdate - ok
09:38:14.0636 5076 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:38:14.0636 5076 gupdatem - ok
09:38:14.0699 5076 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:38:14.0699 5076 gusvc - ok
09:38:14.0746 5076 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:38:14.0746 5076 HDAudBus - ok
09:38:14.0840 5076 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:38:14.0840 5076 helpsvc - ok
09:38:14.0871 5076 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINDOWS\system32\DRIVERS\HidBatt.sys
09:38:14.0871 5076 HidBatt - ok
09:38:14.0918 5076 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:38:14.0918 5076 HidServ - ok
09:38:14.0933 5076 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:38:14.0933 5076 HidUsb - ok
09:38:14.0980 5076 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:38:14.0980 5076 hkmsvc - ok
09:38:14.0996 5076 hpn - ok
09:38:15.0027 5076 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:38:15.0027 5076 HTTP - ok
09:38:15.0074 5076 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:38:15.0074 5076 HTTPFilter - ok
09:38:15.0090 5076 i2omgmt - ok
09:38:15.0090 5076 i2omp - ok
09:38:15.0136 5076 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:38:15.0152 5076 i8042prt - ok
09:38:15.0230 5076 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:38:15.0230 5076 IDriverT - ok
09:38:15.0308 5076 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:38:15.0355 5076 idsvc - ok
09:38:15.0465 5076 [ E66112BA8090C121681A0D6A067ED73D ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20131002.001\IDSxpx86.sys
09:38:15.0480 5076 IDSxpx86 - ok
09:38:15.0527 5076 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:38:15.0527 5076 Imapi - ok
09:38:15.0558 5076 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:38:15.0558 5076 ImapiService - ok
09:38:15.0574 5076 ini910u - ok
09:38:15.0746 5076 [ AB2FE0FAA519880BD16E4A0792D633D2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:38:15.0886 5076 IntcAzAudAddService - ok
09:38:15.0918 5076 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
09:38:15.0918 5076 IntelIde - ok
09:38:15.0965 5076 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:38:15.0965 5076 intelppm - ok
09:38:16.0105 5076 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
09:38:16.0105 5076 IntuitUpdateService - ok
09:38:16.0199 5076 [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
09:38:16.0199 5076 IntuitUpdateServiceV4 - ok
09:38:16.0230 5076 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:38:16.0230 5076 Ip6Fw - ok
09:38:16.0261 5076 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:38:16.0261 5076 IpFilterDriver - ok
09:38:16.0277 5076 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:38:16.0277 5076 IpInIp - ok
09:38:16.0324 5076 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:38:16.0340 5076 IpNat - ok
09:38:16.0402 5076 [ C00149A7027081539A66DC5A46695EAD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:38:16.0418 5076 iPod Service - ok
09:38:16.0449 5076 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:38:16.0449 5076 IPSec - ok
09:38:16.0480 5076 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:38:16.0480 5076 IRENUM - ok
09:38:16.0511 5076 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:38:16.0511 5076 isapnp - ok
09:38:16.0590 5076 JavaQuickStarterService - ok
09:38:16.0636 5076 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:38:16.0636 5076 Kbdclass - ok
09:38:16.0683 5076 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:38:16.0683 5076 kbdhid - ok
09:38:16.0730 5076 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:38:16.0746 5076 kmixer - ok
09:38:16.0793 5076 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:38:16.0793 5076 KSecDD - ok
09:38:16.0840 5076 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:38:16.0855 5076 lanmanserver - ok
09:38:16.0902 5076 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:38:16.0902 5076 lanmanworkstation - ok
09:38:16.0918 5076 Lbd - ok
09:38:16.0965 5076 [ 12E54181D584F72296FD6EC72309BD94 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
09:38:16.0965 5076 LBeepKE - ok
09:38:16.0980 5076 lbrtfdc - ok
09:38:17.0058 5076 [ 54581F1B8A4B517040AD316E5C430A2C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
09:38:17.0074 5076 LBTServ - ok
09:38:17.0105 5076 [ 2A727534372EDE8C0A4EDB1F037A44BF ] LEqdUsb C:\WINDOWS\system32\Drivers\LEqdUsb.Sys
09:38:17.0105 5076 LEqdUsb - ok
09:38:17.0152 5076 [ 9C694DFC271AC043E4FA8DDF8BB4C57E ] LHidEqd C:\WINDOWS\system32\Drivers\LHidEqd.Sys
09:38:17.0152 5076 LHidEqd - ok
09:38:17.0199 5076 [ 5001C2B3557B53DED02ABED3BCC6FD2D ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
09:38:17.0230 5076 LHidFilt - ok
09:38:17.0293 5076 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:38:17.0308 5076 LmHosts - ok
09:38:17.0355 5076 [ 3AD9369E5D17014971A11728F198994C ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
09:38:17.0355 5076 LMouFilt - ok
09:38:17.0449 5076 [ F38E7600E2188B0FC640EBA498EC1D8F ] Lvckap C:\WINDOWS\system32\drivers\Lvckap.sys
09:38:17.0543 5076 Lvckap - ok
09:38:17.0621 5076 [ 98F2EB95589A29C3BAAD859779B5BAF4 ] lvmvdrv C:\WINDOWS\system32\drivers\lvmvdrv.sys
09:38:17.0668 5076 lvmvdrv - ok
09:38:17.0715 5076 [ 0354C6A753360CA5E1FE1EBA81CB1A35 ] LVPrcMon C:\WINDOWS\system32\drivers\LVPrcMon.sys
09:38:17.0715 5076 LVPrcMon - ok
09:38:17.0824 5076 [ 5576C4A655A5E18D5F93F01C6B2C30C4 ] LVPrcSrv c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
09:38:17.0840 5076 LVPrcSrv - ok
09:38:17.0886 5076 [ B8EDA4ECE968EABF99DC02141BAAA4E8 ] LVUSBSta C:\WINDOWS\system32\drivers\lvusbsta.sys
09:38:17.0886 5076 LVUSBSta - ok
09:38:17.0949 5076 [ 9AE25062E3DC02DF670C7A4A2CFAE30C ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
09:38:17.0980 5076 LVUVC - ok
09:38:17.0996 5076 mdmxsdk - ok
09:38:18.0027 5076 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:38:18.0027 5076 Messenger - ok
09:38:18.0058 5076 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:38:18.0058 5076 mnmdd - ok
09:38:18.0105 5076 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:38:18.0105 5076 mnmsrvc - ok
09:38:18.0152 5076 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:38:18.0152 5076 Modem - ok
09:38:18.0183 5076 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:38:18.0183 5076 Mouclass - ok
09:38:18.0246 5076 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:38:18.0246 5076 mouhid - ok
09:38:18.0261 5076 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:38:18.0261 5076 MountMgr - ok
09:38:18.0308 5076 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:38:18.0308 5076 MozillaMaintenance - ok
09:38:18.0324 5076 mraid35x - ok
09:38:18.0340 5076 MREMP50 - ok
09:38:18.0355 5076 MREMP50a64 - ok
09:38:18.0355 5076 MREMPR5 - ok
09:38:18.0371 5076 MRENDIS5 - ok
09:38:18.0371 5076 MRESP50 - ok
09:38:18.0386 5076 MRESP50a64 - ok
09:38:18.0402 5076 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:38:18.0402 5076 MRxDAV - ok
09:38:18.0465 5076 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:38:18.0480 5076 MRxSmb - ok
09:38:18.0496 5076 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:38:18.0496 5076 Msfs - ok
09:38:18.0511 5076 MSIServer - ok
09:38:18.0543 5076 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:38:18.0543 5076 MSKSSRV - ok
09:38:18.0574 5076 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:38:18.0574 5076 MSPCLOCK - ok
09:38:18.0590 5076 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:38:18.0590 5076 MSPQM - ok
09:38:18.0621 5076 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:38:18.0621 5076 mssmbios - ok
09:38:18.0668 5076 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:38:18.0668 5076 MSTEE - ok
09:38:18.0715 5076 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:38:18.0715 5076 Mup - ok
09:38:18.0761 5076 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:38:18.0761 5076 NABTSFEC - ok
09:38:18.0793 5076 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:38:18.0808 5076 napagent - ok
09:38:18.0933 5076 [ 1BF9D6476061B31CD7FC2BF848529A56 ] NAV C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
09:38:18.0949 5076 NAV - ok
09:38:19.0058 5076 [ 81E928EE3751FAF725C87CC17726C05D ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131003.002\NAVENG.SYS
09:38:19.0074 5076 NAVENG - ok
09:38:19.0152 5076 [ E0C39FA6C76AE8ED53ABF043F35ECDFF ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131003.002\NAVEX15.SYS
09:38:19.0168 5076 NAVEX15 - ok
09:38:19.0215 5076 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:38:19.0230 5076 NDIS - ok
09:38:19.0277 5076 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:38:19.0277 5076 NdisIP - ok
09:38:19.0308 5076 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:38:19.0308 5076 NdisTapi - ok
09:38:19.0324 5076 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:38:19.0324 5076 Ndisuio - ok
09:38:19.0340 5076 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:38:19.0340 5076 NdisWan - ok
09:38:19.0386 5076 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:38:19.0386 5076 NDProxy - ok
09:38:19.0449 5076 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:38:19.0465 5076 NetBIOS - ok
09:38:19.0480 5076 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:38:19.0480 5076 NetBT - ok
09:38:19.0527 5076 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
09:38:19.0543 5076 NetDDE - ok
09:38:19.0543 5076 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:38:19.0543 5076 NetDDEdsdm - ok
09:38:19.0590 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:38:19.0590 5076 Netlogon - ok
09:38:19.0652 5076 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
09:38:19.0652 5076 Netman - ok
09:38:19.0699 5076 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:38:19.0699 5076 NetTcpPortSharing - ok
09:38:19.0746 5076 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
09:38:19.0746 5076 Nla - ok
09:38:19.0793 5076 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:38:19.0793 5076 Npfs - ok
09:38:19.0824 5076 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:38:19.0840 5076 Ntfs - ok
09:38:19.0855 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:38:19.0855 5076 NtLmSsp - ok
09:38:19.0902 5076 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:38:19.0918 5076 NtmsSvc - ok
09:38:19.0949 5076 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
09:38:19.0949 5076 NuidFltr - ok
09:38:19.0980 5076 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:38:19.0996 5076 Null - ok
09:38:20.0261 5076 [ 4C3696C1ED1A36629EBB348BF745A328 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:38:21.0043 5076 nv - ok
09:38:21.0105 5076 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
09:38:21.0121 5076 NVENETFD - ok
09:38:21.0183 5076 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
09:38:21.0199 5076 nvnetbus - ok
09:38:21.0277 5076 [ 96F1A6F0A0D4F11047DF2F5C17C87E9D ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
09:38:21.0277 5076 NVSvc - ok
09:38:21.0324 5076 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:38:21.0324 5076 NwlnkFlt - ok
09:38:21.0340 5076 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:38:21.0340 5076 NwlnkFwd - ok
09:38:21.0371 5076 [ 8B8B1BE2DBA4025DA6786C645F77F123 ] NwlnkIpx C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
09:38:21.0371 5076 NwlnkIpx - ok
09:38:21.0386 5076 [ 56D34A67C05E94E16377C60609741FF8 ] NwlnkNb C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
09:38:21.0386 5076 NwlnkNb - ok
09:38:21.0433 5076 [ C0BB7D1615E1ACBDC99757F6CEAF8CF0 ] NwlnkSpx C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
09:38:21.0449 5076 NwlnkSpx - ok
09:38:21.0480 5076 [ 4B83FCBBE72AF5F99D109798653E8B78 ] NwSapAgent C:\WINDOWS\System32\ipxsap.dll
09:38:21.0480 5076 NwSapAgent - ok
09:38:21.0636 5076 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:38:21.0683 5076 odserv - ok
09:38:21.0730 5076 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:38:21.0746 5076 ose - ok
09:38:21.0855 5076 [ F01465E8D4A3ED49477DD3E2858D70C1 ] PanoptoRecorderService C:\Program Files\Panopto\Focus Recorder\Recorder.exe
09:38:21.0855 5076 PanoptoRecorderService - ok
09:38:21.0918 5076 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:38:21.0918 5076 Parport - ok
09:38:21.0949 5076 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:38:21.0949 5076 PartMgr - ok
09:38:22.0011 5076 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:38:22.0011 5076 ParVdm - ok
09:38:22.0058 5076 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:38:22.0058 5076 PCI - ok
09:38:22.0058 5076 PCIDump - ok
09:38:22.0074 5076 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:38:22.0074 5076 PCIIde - ok
09:38:22.0105 5076 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:38:22.0105 5076 Pcmcia - ok
09:38:22.0121 5076 PDCOMP - ok
09:38:22.0121 5076 PDFRAME - ok
09:38:22.0136 5076 PDRELI - ok
09:38:22.0136 5076 PDRFRAME - ok
09:38:22.0152 5076 perc2 - ok
09:38:22.0152 5076 perc2hib - ok
09:38:22.0277 5076 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
09:38:22.0277 5076 PlugPlay - ok
09:38:22.0324 5076 [ B4F59A953EF9E507F0D00C3A68580B8B ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
09:38:22.0324 5076 Point32 - ok
09:38:22.0355 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:38:22.0355 5076 PolicyAgent - ok
09:38:22.0402 5076 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:38:22.0402 5076 PptpMiniport - ok
09:38:22.0418 5076 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
09:38:22.0418 5076 Processor - ok
09:38:22.0465 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:38:22.0465 5076 ProtectedStorage - ok
09:38:22.0480 5076 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:38:22.0480 5076 PSched - ok
09:38:22.0543 5076 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:38:22.0543 5076 Ptilink - ok
09:38:22.0590 5076 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:38:22.0590 5076 PxHelp20 - ok
09:38:22.0605 5076 ql1080 - ok
09:38:22.0605 5076 Ql10wnt - ok
09:38:22.0621 5076 ql12160 - ok
09:38:22.0621 5076 ql1240 - ok
09:38:22.0636 5076 ql1280 - ok
09:38:22.0652 5076 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:38:22.0652 5076 RasAcd - ok
09:38:22.0699 5076 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:38:22.0699 5076 RasAuto - ok
09:38:22.0730 5076 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:38:22.0730 5076 Rasl2tp - ok
09:38:22.0793 5076 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:38:22.0793 5076 RasMan - ok
09:38:22.0808 5076 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:38:22.0808 5076 RasPppoe - ok
09:38:22.0855 5076 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:38:22.0855 5076 Raspti - ok
09:38:22.0965 5076 [ B694467B0325267C8EABF04A71D53D99 ] rcp_service C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe
09:38:23.0011 5076 rcp_service - ok
09:38:23.0043 5076 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:38:23.0043 5076 Rdbss - ok
09:38:23.0090 5076 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:38:23.0090 5076 RDPCDD - ok
09:38:23.0152 5076 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:38:23.0152 5076 RDPWD - ok
09:38:23.0183 5076 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:38:23.0199 5076 RDSessMgr - ok
09:38:23.0230 5076 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:38:23.0230 5076 redbook - ok
09:38:23.0277 5076 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:38:23.0277 5076 RemoteAccess - ok
09:38:23.0340 5076 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:38:23.0340 5076 RpcLocator - ok
09:38:23.0371 5076 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:38:23.0371 5076 RpcSs - ok
09:38:23.0418 5076 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:38:23.0418 5076 RSVP - ok
09:38:23.0496 5076 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
09:38:23.0496 5076 rtl8139 - ok
09:38:23.0527 5076 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
09:38:23.0527 5076 SamSs - ok
09:38:23.0527 5076 SBRE - ok
09:38:23.0574 5076 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:38:23.0574 5076 SCardSvr - ok
09:38:23.0621 5076 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:38:23.0621 5076 Schedule - ok
09:38:23.0730 5076 [ 8582611E53929C9B18F6488A772A3EEF ] Seagate Dashboard Services C:\Program Files\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
09:38:23.0730 5076 Seagate Dashboard Services - ok
09:38:23.0777 5076 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:38:23.0777 5076 Secdrv - ok
09:38:23.0824 5076 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:38:23.0824 5076 seclogon - ok
09:38:23.0840 5076 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
09:38:23.0840 5076 SENS - ok
09:38:23.0902 5076 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
09:38:23.0902 5076 Serial - ok
09:38:23.0965 5076 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:38:23.0965 5076 Sfloppy - ok
09:38:24.0027 5076 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:38:24.0058 5076 SharedAccess - ok
09:38:24.0105 5076 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:38:24.0105 5076 ShellHWDetection - ok
09:38:24.0121 5076 Simbad - ok
09:38:24.0136 5076 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:38:24.0152 5076 SLIP - ok
09:38:24.0183 5076 [ 14BB60A4F1C5291217A05D5728C403E6 ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
09:38:24.0183 5076 SmartDefragDriver - ok
09:38:24.0215 5076 [ E78C98378A071CE4D48A7C514FA98FA1 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys
09:38:24.0230 5076 snapman - ok
09:38:24.0230 5076 Sparrow - ok
09:38:24.0246 5076 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:38:24.0261 5076 splitter - ok
09:38:24.0308 5076 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:38:24.0308 5076 Spooler - ok
09:38:24.0324 5076 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:38:24.0324 5076 sr - ok
09:38:24.0371 5076 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
09:38:24.0386 5076 srservice - ok
09:38:24.0480 5076 [ C743E384E9EFCA10B41C60D406DE39C0 ] SRTSP C:\WINDOWS\System32\Drivers\NAV\1404000.028\SRTSP.SYS
09:38:24.0574 5076 SRTSP - ok
09:38:24.0621 5076 [ FE9BD381778A344F0E39AE2D5E607D7F ] SRTSPX C:\WINDOWS\system32\drivers\NAV\1404000.028\SRTSPX.SYS
09:38:24.0621 5076 SRTSPX - ok
09:38:24.0683 5076 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:38:24.0699 5076 Srv - ok
09:38:24.0746 5076 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:38:24.0746 5076 SSDPSRV - ok
09:38:24.0793 5076 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:38:24.0824 5076 stisvc - ok
09:38:24.0855 5076 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:38:24.0855 5076 streamip - ok
09:38:24.0886 5076 [ C86A229BB5CB5DC47498B2C530A9458E ] SWDUMon C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
09:38:24.0886 5076 SWDUMon - ok
09:38:24.0933 5076 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:38:24.0933 5076 swenum - ok
09:38:24.0949 5076 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:38:24.0949 5076 swmidi - ok
09:38:24.0949 5076 SwPrv - ok
09:38:24.0965 5076 symc810 - ok
09:38:24.0965 5076 symc8xx - ok
09:38:25.0027 5076 [ 5A193E5E0F0A776430E5D62A051C1E16 ] SymDS C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMDS.SYS
09:38:25.0027 5076 SymDS - ok
09:38:25.0090 5076 [ 1773FB2920EBB3A8BAD0360618091470 ] SymEFA C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMEFA.SYS
09:38:25.0121 5076 SymEFA - ok
09:38:25.0168 5076 [ F50D81D3E0C7A353F205562B89CD06D6 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
09:38:25.0168 5076 SymEvent - ok
09:38:25.0215 5076 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIM C:\WINDOWS\system32\DRIVERS\SymIM.sys
09:38:25.0215 5076 SymIM - ok
09:38:25.0230 5076 [ 123A13DCD5210F8A3BE5FC8CACBFE324 ] SymIMMP C:\WINDOWS\system32\DRIVERS\SymIM.sys
09:38:25.0230 5076 SymIMMP - ok
09:38:25.0293 5076 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NAV\1404000.028\Ironx86.SYS
09:38:25.0308 5076 SymIRON - ok
09:38:25.0371 5076 [ E9C316262C48BF299E02FC8B1CE2B925 ] SYMTDI C:\WINDOWS\System32\Drivers\NAV\1404000.028\SYMTDI.SYS
09:38:25.0371 5076 SYMTDI - ok
09:38:25.0386 5076 sym_hi - ok
09:38:25.0386 5076 sym_u3 - ok
09:38:25.0824 5076 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:38:25.0824 5076 sysaudio - ok
09:38:25.0886 5076 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:38:25.0886 5076 SysmonLog - ok
09:38:25.0918 5076 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:38:25.0933 5076 TapiSrv - ok
09:38:26.0011 5076 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:38:26.0011 5076 Tcpip - ok
09:38:26.0058 5076 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:38:26.0058 5076 TDPIPE - ok
09:38:26.0090 5076 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:38:26.0090 5076 TDTCP - ok
09:38:26.0136 5076 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:38:26.0136 5076 TermDD - ok
09:38:26.0199 5076 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
09:38:26.0215 5076 TermService - ok
09:38:26.0246 5076 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
09:38:26.0246 5076 Themes - ok
09:38:26.0308 5076 [ D352FFF2A623B916C08CEACBFC8B5C32 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
09:38:26.0308 5076 tifsfilter - ok
09:38:26.0355 5076 [ 64694B2A5C772E1C61FEAC300ED90CA6 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys
09:38:26.0355 5076 timounter - ok
09:38:26.0371 5076 TosIde - ok
09:38:26.0402 5076 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:38:26.0418 5076 TrkWks - ok
09:38:26.0449 5076 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:38:26.0449 5076 Udfs - ok
09:38:26.0465 5076 ultra - ok
09:38:26.0511 5076 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:38:26.0511 5076 Update - ok
09:38:26.0574 5076 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:38:26.0574 5076 upnphost - ok
09:38:26.0590 5076 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
09:38:26.0590 5076 UPS - ok
09:38:26.0636 5076 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
09:38:26.0636 5076 USBAAPL - ok
09:38:26.0683 5076 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:38:26.0699 5076 usbaudio - ok
09:38:26.0746 5076 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:38:26.0761 5076 usbccgp - ok
09:38:26.0793 5076 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:38:26.0793 5076 usbehci - ok
09:38:26.0855 5076 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:38:26.0855 5076 usbhub - ok
09:38:26.0871 5076 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:38:26.0871 5076 usbohci - ok
09:38:26.0933 5076 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:38:26.0933 5076 usbstor - ok
09:38:26.0965 5076 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:38:26.0965 5076 usbuhci - ok
09:38:26.0980 5076 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:38:26.0980 5076 VgaSave - ok
09:38:27.0043 5076 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
09:38:27.0043 5076 ViaIde - ok
09:38:27.0058 5076 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:38:27.0058 5076 VolSnap - ok
09:38:27.0105 5076 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
09:38:27.0105 5076 VSS - ok
09:38:27.0136 5076 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
09:38:27.0152 5076 W32Time - ok
09:38:27.0168 5076 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:38:27.0168 5076 Wanarp - ok
09:38:27.0215 5076 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:38:27.0230 5076 Wdf01000 - ok
09:38:27.0246 5076 WDICA - ok
09:38:27.0293 5076 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:38:27.0293 5076 wdmaud - ok
09:38:27.0340 5076 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:38:27.0340 5076 WebClient - ok
09:38:27.0418 5076 [ F45DD1E1365D857DD08BC23563370D0E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
09:38:27.0433 5076 WinDefend - ok
09:38:27.0543 5076 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:38:27.0543 5076 winmgmt - ok
09:38:27.0621 5076 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:38:27.0652 5076 WinRM - ok
09:38:27.0683 5076 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:38:27.0699 5076 WmdmPmSN - ok
09:38:27.0746 5076 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:38:27.0746 5076 WmiApSrv - ok
09:38:27.0886 5076 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
09:38:27.0918 5076 WMPNetworkSvc - ok
09:38:28.0011 5076 [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:38:28.0074 5076 WPFFontCache_v0400 - ok
09:38:28.0121 5076 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:38:28.0121 5076 wscsvc - ok
09:38:28.0183 5076 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:38:28.0183 5076 WSTCODEC - ok
09:38:28.0230 5076 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:38:28.0230 5076 wuauserv - ok
09:38:28.0308 5076 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:38:28.0324 5076 WudfPf - ok
09:38:28.0340 5076 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:38:28.0355 5076 WudfSvc - ok
09:38:28.0496 5076 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:38:28.0715 5076 WZCSVC - ok
09:38:28.0793 5076 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:38:28.0824 5076 xmlprov - ok
09:38:28.0840 5076 ================ Scan global ===============================
09:38:28.0902 5076 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:38:29.0011 5076 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:38:29.0230 5076 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
09:38:29.0261 5076 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:38:29.0261 5076 [Global] - ok
09:38:29.0261 5076 ================ Scan MBR ==================================
09:38:29.0293 5076 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:38:31.0636 5076 \Device\Harddisk0\DR0 - ok
09:38:31.0652 5076 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR3
09:38:31.0668 5076 \Device\Harddisk1\DR3 - ok
09:38:31.0668 5076 ================ Scan VBR ==================================
09:38:31.0683 5076 [ BE16CA4E2F814B60560933BBBDD2C762 ] \Device\Harddisk0\DR0\Partition1
09:38:31.0683 5076 \Device\Harddisk0\DR0\Partition1 - ok
09:38:31.0730 5076 [ F43D78A768FA96C0FD36742AD824D923 ] \Device\Harddisk0\DR0\Partition2
09:38:31.0746 5076 \Device\Harddisk0\DR0\Partition2 - ok
09:38:32.0074 5076 [ 8131F34771EA2DF6ED34799EB6547DDB ] \Device\Harddisk1\DR3\Partition1
09:38:32.0090 5076 \Device\Harddisk1\DR3\Partition1 - ok
09:38:32.0090 5076 ============================================================
09:38:32.0090 5076 Scan finished
09:38:32.0090 5076 ============================================================
09:38:32.0105 5124 Detected object count: 0
09:38:32.0105 5124 Actual detected object count: 0
09:39:27.0027 1532 Deinitialize success
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-10-03 08:44:47
-----------------------------
08:44:47.433 OS Version: Windows 5.1.2600 Service Pack 3
08:44:47.433 Number of processors: 1 586 0x4F02
08:44:47.433 ComputerName: REMARK2 UserName:
08:44:47.933 Initialize success
08:45:29.527 AVAST engine defs: 13100201
08:55:47.980 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
08:55:47.980 Disk 0 Vendor: ST3120213AS 3.AHH Size: 114473MB BusType: 3
08:55:48.199 Disk 0 MBR read successfully
08:55:48.215 Disk 0 MBR scan
08:55:48.230 Disk 0 Windows XP default MBR code
08:55:48.246 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 106969 MB offset 63
08:55:48.277 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 7493 MB offset 219088800
08:55:48.308 Disk 0 scanning sectors +234435600
08:55:48.590 Disk 0 scanning C:\WINDOWS\system32\drivers
08:56:06.011 Service scanning
08:56:10.949 Service BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20130924.001\BHDrvx86.sys **LOCKED** 5
08:56:12.433 Service ccSet_NAV C:\WINDOWS\system32\drivers\NAV\1404000.028\ccSetx86.sys **LOCKED** 5
08:56:24.121 Service IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20131002.001\IDSxpx86.sys **LOCKED** 5
08:56:36.121 Service NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.022\NAVENG.SYS **LOCKED** 5
08:56:36.621 Service NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\VirusDefs\20131002.022\NAVEX15.SYS **LOCKED** 5
08:56:53.761 Service SRTSPX C:\WINDOWS\system32\drivers\NAV\1404000.028\SRTSPX.SYS **LOCKED** 5
08:56:55.636 Service SymDS C:\WINDOWS\system32\drivers\NAV\1404000.028\SYMDS.SYS **LOCKED** 5
08:56:56.340 Service SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS **LOCKED** 5
08:56:57.168 Service SymIRON C:\WINDOWS\system32\drivers\NAV\1404000.028\Ironx86.SYS **LOCKED** 5
08:56:57.480 Service SYMTDI C:\WINDOWS\System32\Drivers\NAV\1404000.028\SYMTDI.SYS **LOCKED** 5
08:57:06.902 Modules scanning
08:57:36.230 AVAST engine scan C:\WINDOWS
08:57:41.386 File: C:\WINDOWS\IsUninst.exe **INFECTED** Win32:Injected-AZ
08:57:45.027 AVAST engine scan C:\WINDOWS\system32
09:02:46.824 AVAST engine scan C:\WINDOWS\system32\drivers
09:03:13.980 AVAST engine scan C:\Documents and Settings\Compaq_Owner
09:23:51.449 AVAST engine scan C:\Documents and Settings\All Users
09:28:22.527 Scan finished successfully
09:32:15.480 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\MBR.dat"
09:32:15.496 The log file has been saved successfully to "C:\Documents and Settings\Compaq_Owner\Desktop\aswMBR2.txt"
#20
Posted 03 October 2013 - 08:12 AM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
The Speccy log was too large to include in a post.
Hope it OK that I attached it.
Hope it OK that I attached it.
Attached Files
-
Speccy.txt 527.05KB
114 downloads
#21
Posted 03 October 2013 - 10:06 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
TDSSKiller did get rid of the rootkit OK. The file that aswMBR found looks like an uninstaller for malware but not one that is currently active so we will let OTL remove it along with some other junk:
First clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml
You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 9
Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/
Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
Uninstall all of these that you can find:
Advanced SystemCare 5 (Obsolete)
Advanced SystemCare 6 (May interfere and I don't have a good opinion of the company)
Yahoo! Toolbar (Foistware)
WinPatrol (May interfere. You can reinstall the newest version once we are done)
Copy the text in the code box by highlighting and Ctrl + c
then close Firefox and Internet Explorer (if open) and double click on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will probably not need to reboot the PC when it is done. Save the log and copy and paste it into a reply.
This should remove the last thing that aswMBR found. Now download and save SpeedyFox:
http://www.crystalidea.com/speedyfox
Run it and click on Optimize. Close it when done. This cleans up and streamlines Firefox's profile info so that it will start faster. You should keep it and run it anytime you make a change to Firefox's extensions or add-ons.
Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Double click on ComboFix to start the program.
* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free
SAVE Malwarebytes' Anti-Malware to your desktop.
* Double-click mbam-setup.exe to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.
Reboot.
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application.
Copy the text in the code box:
Run OTL
Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes
Select the All option in the Extra Registry group then Run Scan.
You should get two logs. Please copy and paste both of them.
Get Process Explorer
http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.
Wait a full minute then:
File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
How is it running now?
Attaching Speccy is actually what I asked you to do so that's fine. How long had the PC been on when you ran Speccy? It checks the temps and yours are very low for an old XP. It also checks your hard drive and it appears you might need to replace it in the near future. Getting a lot of errors:
01 Read Error Rate 118 (095) Data 000B6EDD02
07 Seek Error Rate 085 (060) Data 00140D36C7
C3 Hardware ECC Recovered 063 (051) Data 000481F253
Don't think that is causing your slowness tho. Just want to warn you to back up any data you can't afford to lose.
First clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml
You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 9
Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/
Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
Uninstall all of these that you can find:
Advanced SystemCare 5 (Obsolete)
Advanced SystemCare 6 (May interfere and I don't have a good opinion of the company)
Yahoo! Toolbar (Foistware)
WinPatrol (May interfere. You can reinstall the newest version once we are done)
Copy the text in the code box by highlighting and Ctrl + c
:commands
[CREATERESTOREPOINT]
[CLEARALLRESTOREPOINTS]
:OTL
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}: "URL" = http://dts.search-re...q={searchTerms}
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[2013/09/15 02:32:21 | 000,080,318 | ---- | M] () (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\rz3wieaw.default\extensions\[email protected]
[2012/07/06 08:48:08 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\rz3wieaw.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2013/08/17 22:04:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/08/17 22:04:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O33 - MountPoints2\{ccf9f728-e005-11dd-92d2-0018f301bf81}\Shell - "" = AutoRun
O33 - MountPoints2\{ccf9f728-e005-11dd-92d2-0018f301bf81}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ccf9f728-e005-11dd-92d2-0018f301bf81}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
[2013/09/29 20:31:44 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\ASC6_AutoClean.job
[2013/09/29 12:00:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
[2013/09/14 17:58:17 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Compaq_Owner.job
[2013/09/14 02:16:38 | 000,000,620 | ---- | M] () -- C:\WINDOWS\tasks\Compaq_Owner Merge.job
:files
C:\WINDOWS\IsUninst.exe
then close Firefox and Internet Explorer (if open) and double click on OTL to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will probably not need to reboot the PC when it is done. Save the log and copy and paste it into a reply.
This should remove the last thing that aswMBR found. Now download and save SpeedyFox:
http://www.crystalidea.com/speedyfox
Run it and click on Optimize. Close it when done. This cleans up and streamlines Firefox's profile info so that it will start faster. You should keep it and run it anytime you make a change to Firefox's extensions or add-ons.
Download and Save this file -- to your Desktop -- from either of these two sources:
http://download.blee...Bs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
Double click on ComboFix to start the program.
* :!: Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
* A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.
A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
A file will be created at => C:\Combofix.txt. I'll need to see that in your reply.
Malwarebytes' Anti-Malware
:!: If you have a previous version of MalwareBytes', remove it via Add or Remove Programs and download a fresh copy. :!:
http://www.malwareby...lwarebytes_free
SAVE Malwarebytes' Anti-Malware to your desktop.
* Double-click mbam-setup.exe to start the program.
* follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location.
* The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
* Post that log back here.
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application.
Reboot.
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application.
Copy the text in the code box:
DRIVES nnetsvcs %SYSTEMDRIVE%\*.exe %systemroot%\assembly\GAC_32\*.ini %systemroot%\assembly\GAC_64\*.ini msconfig safebootminimal safebootnetwork activex drivers32 %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*.exe %APPDATA%\*. /md5start pnrpnsp.dll nwprovau.dll nlaapi.dll napinsp.dll mswsock.dll winrnr.dll wshelper.dll services.exe atapi.sys explorer.exe winlogon.exe Userinit.exe svchost.exe csrss.exe PrintIsolationHost.exe consrv.dll /md5stop %systemroot%\*. /mp /s hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles CREATERESTOREPOINT
Run OTL
Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes
Select the All option in the Extra Registry group then Run Scan.
You should get two logs. Please copy and paste both of them.
Get Process Explorer
http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.
Wait a full minute then:
File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
How is it running now?
Attaching Speccy is actually what I asked you to do so that's fine. How long had the PC been on when you ran Speccy? It checks the temps and yours are very low for an old XP. It also checks your hard drive and it appears you might need to replace it in the near future. Getting a lot of errors:
01 Read Error Rate 118 (095) Data 000B6EDD02
07 Seek Error Rate 085 (060) Data 00140D36C7
C3 Hardware ECC Recovered 063 (051) Data 000481F253
Don't think that is causing your slowness tho. Just want to warn you to back up any data you can't afford to lose.
#22
Posted 03 October 2013 - 09:19 PM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
Ron
Too much for me to tackle tonight. I have imaged my hard drive just in case.
I will be away for a few day so I will complete the instructions on Sunday night.
Thanks for sticking with me.
Rick
Too much for me to tackle tonight. I have imaged my hard drive just in case.
I will be away for a few day so I will complete the instructions on Sunday night.
Thanks for sticking with me.
Rick
#23
Posted 15 October 2013 - 07:53 PM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
Please do not delete this thread. I have been dealing with a family medical problem. Be back soon to try the suggestions.
Thanks
Rick
Thanks
Rick
#24
Posted 16 October 2013 - 12:12 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
No problem. I do not close threads and I don't keep track. Take care of your important stuff and don't worry about this.
#25
Posted 07 November 2013 - 11:24 PM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
Running slow again at times. I have not had time to do the last instructions. Do you want me to start over?
Thanks
Thanks
#26
Posted 08 November 2013 - 12:35 AM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
I deleted the Apple apps of Bonjour and the mDNSResponder (think that is the name) and my system seems to be fater tonight. I will see later what happens.
Just a note on what I am trying.
Thanks
Rick
Just a note on what I am trying.
Thanks
Rick
#27
Posted 08 November 2013 - 04:26 PM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
Do I need to start over from the beginning. There may have been some changes to my system in the last month since I have been away.
Thanks for you help.
Rick
Thanks for you help.
Rick
#28
Posted 14 November 2013 - 11:31 PM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
I have not been able to do all of what your suggested. I have installed the latest version of JAVA.
Please guide me now to follow the next set of instructions.
Where do I need to start? My machine randomly runs slow and then faster.
Got the wrong HDD. Thought it was an IDE but appears to be a sata. It has a red cable.
Please help. I am going though other trying problems.
Let me know what to do next.
Thanks
Rick
Please guide me now to follow the next set of instructions.
Where do I need to start? My machine randomly runs slow and then faster.
Got the wrong HDD. Thought it was an IDE but appears to be a sata. It has a red cable.
Please help. I am going though other trying problems.
Let me know what to do next.
Thanks
Rick
#29
Posted 17 November 2013 - 05:14 PM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
Ron
I have successfully cloned my HDD and my system is running more smoothly. Now I want to continue to check for problems.
Should I continue on with the last suggestions or start over form the beginning?
Thanks
Rick
I have successfully cloned my HDD and my system is running more smoothly. Now I want to continue to check for problems.
Should I continue on with the last suggestions or start over form the beginning?
Thanks
Rick
#30
Posted 18 November 2013 - 05:51 AM
RickMath
- Topic Starter
-
- Member
-
- 177 posts
Member
Even with the new HDD my system has slowed again this morning.
I need help
Thanks
I need help
Thanks
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
