How can I be sure if I am still infected with "Win32/Small.CA" virus".

Page 1 of 10 123 ... LastLast

  1. shiphen
    Posts : 207
    Windows7 Pro x64
       New #1

    How can I be sure if I am still infected with "Win32/Small.CA" virus".


    Hi

    I got a "Solve PC Issues" (white flag) saying "Remove the Win32/Small.CA virus".

    I am running MSE (Microsoft Security Essentials) on Windows 7 Pro (x64). So I did an update followed by a full scan using MSE. I then ran
    - Malware Anti-Virus
    - SUPERAntispyware
    - Microsoft Safety Scanner (full scan)
    - Windows Defender Offline (booting off a CD)
    - AVG Rescue CD
    - Avira Rescue CD

    But none of them have found any thing!

    I am nervous that I still have an infection - particularly after the trouble that I had recently running updates.
    (See my thread: "Windows Update failing with Error codes: 8007371B, 800736B3, 80070246"
    Windows Update failing with Error codes: 8007371B, 800736B3, 80070246)

    Any thoughts?

    J
      My Computer
    Quote Quote

  3. bassfisher6522
    Posts : 2,240
    Windows 7 Ultimate 64 bit
       New #2

    Rerun them in safe mode.
      My Computer
    Quote Quote

  4. shiphen
    Posts : 207
    Windows7 Pro x64
    Thread Starter
       New #3

    Er I assume you mean reboot the computer and run windows itself in Safe Mode by hitting F8 (about a million times!) during reboot?

    Okay I have just started running Windows Maciious Software Removal Tool (x64).
    More news when I get it.

    Obviously the Rescue disks can not be run in Safe Mode because they are booting from their own CDs.

    Meanwhile do you have any other suggestions about what exactly I need to test my system with? (using Safe Mode)

    J
      My Computer
    Quote Quote

  6. shiphen
    Posts : 207
    Windows7 Pro x64
    Thread Starter
       New #4

    OK It ran Microsoft Malicious Software Removal Tool in Windows Safe Mode without a problem.

    However I just ran SUPERAntiSpyware in Safe Mode and it just caused my computer to reboot. :^[
    I am trying again now
    What next?

    J
      My Computer
    Quote Quote

  7. Golden
    Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       New #5

    Hi Shiphen,

    You are correct to be so cautious, since there are many variants of this malware, including a rootkit variant:
    Encyclopedia Search Results: win32/small.CA - Learn more about malware - Microsoft Malware Protection Center

    Do you know for sure what type (trojan, dropper, rootkit etc.) was reported? If not, please run the following and report back:

    1. ESET on-line scan (will take a long time)
    2. TDSSKiller (for rootkits)

    Regards,
    Golden
      My Computer
    Quote Quote

  8. DavidE
    Posts : 6,330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64 +Linux_VMs +Chromium_VM
       New #6

    shiphen said:
    Hi
    I am nervous that I still have an infection - particularly after the trouble that I had recently running updates.
    (See my thread: "Windows Update failing with Error codes: 8007371B, 800736B3, 80070246"
    Windows Update failing with Error codes: 8007371B, 800736B3, 80070246)

    Any thoughts?

    J
    For this "nervous reason" i believe keeping periodic system backup images stored offline is a best line of defense and recovery.
    Not only for malware, but also for most hardware failures, OS problems, Win boot problems, ... whatever

    I know a backup/restore strategy doesn't help you now if you don't have a system image to recover, but it's something you should consider using going forward for recovery ability.

    If you are still nervous or have problems after following Golden's and all others suggestions, you might consider a CLEAN INSTALL, and then use system backup imaging...
      My Computer
    Quote Quote

  10. shiphen
    Posts : 207
    Windows7 Pro x64
    Thread Starter
       New #7

    1. ESET:
    "C:\Users\Alec\Downloads\MyPhoneExplorer_Setup_1.8.2.exe Win32/OpenCandy application cleaned by deleting - quarantined"

    2. TDSSKiller
    I got rather confused and this may have ran a few times in the end, but here is a final text results output:
    03:24:30.0184 3680 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
    03:24:30.0386 3680 ============================================================
    03:24:30.0386 3680 Current date / time: 2012/11/01 03:24:30.0386
    03:24:30.0386 3680 SystemInfo:
    03:24:30.0386 3680
    03:24:30.0386 3680 OS Version: 6.1.7601 ServicePack: 1.0
    03:24:30.0386 3680 Product type: Workstation
    03:24:30.0386 3680 ComputerName: ALEC09
    03:24:30.0386 3680 UserName: Alec
    03:24:30.0386 3680 Windows directory: C:\Windows
    03:24:30.0386 3680 System windows directory: C:\Windows
    03:24:30.0386 3680 Running under WOW64
    03:24:30.0386 3680 Processor architecture: Intel x64
    03:24:30.0386 3680 Number of processors: 4
    03:24:30.0386 3680 Page size: 0x1000
    03:24:30.0386 3680 Boot type: Normal boot
    03:24:30.0386 3680 ============================================================
    03:24:31.0151 3680 Drive \Device\Harddisk0\DR0 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    03:24:31.0151 3680 ============================================================
    03:24:31.0151 3680 \Device\Harddisk0\DR0:
    03:24:31.0151 3680 MBR partitions:
    03:24:31.0151 3680 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    03:24:31.0151 3680 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x22EB9000
    03:24:31.0151 3680 ============================================================
    03:24:31.0151 3680 C: <-> \Device\Harddisk0\DR0\Partition2
    03:24:31.0151 3680 ============================================================
    03:24:31.0151 3680 Initialize success
    03:24:31.0151 3680 ============================================================
    03:25:08.0656 4320 ============================================================
    03:25:08.0656 4320 Scan started
    03:25:08.0656 4320 Mode: Manual;
    03:25:08.0656 4320 ============================================================
    03:25:08.0718 4320 ================ Scan system memory ========================
    03:25:08.0718 4320 System memory - ok
    03:25:08.0718 4320 ================ Scan services =============================
    03:25:08.0734 4320 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    03:25:08.0734 4320 !SASCORE - ok
    03:25:08.0765 4320 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    03:25:08.0765 4320 1394ohci - ok
    03:25:08.0765 4320 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    03:25:08.0780 4320 ACPI - ok
    03:25:08.0780 4320 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    03:25:08.0780 4320 AcpiPmi - ok
    03:25:08.0780 4320 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    03:25:08.0780 4320 AdobeARMservice - ok
    03:25:08.0796 4320 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
    03:25:08.0796 4320 adp94xx - ok
    03:25:08.0812 4320 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
    03:25:08.0812 4320 adpahci - ok
    03:25:08.0827 4320 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
    03:25:08.0827 4320 adpu320 - ok
    03:25:08.0827 4320 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    03:25:08.0827 4320 AeLookupSvc - ok
    03:25:08.0843 4320 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    03:25:08.0843 4320 AFD - ok
    03:25:08.0843 4320 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    03:25:08.0843 4320 agp440 - ok
    03:25:08.0858 4320 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    03:25:08.0858 4320 ALG - ok
    03:25:08.0858 4320 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    03:25:08.0858 4320 aliide - ok
    03:25:08.0874 4320 ALSysIO - ok
    03:25:08.0874 4320 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    03:25:08.0905 4320 AMD External Events Utility - ok
    03:25:08.0921 4320 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    03:25:08.0921 4320 amdide - ok
    03:25:08.0921 4320 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
    03:25:08.0921 4320 AmdK8 - ok
    03:25:09.0030 4320 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    03:25:09.0155 4320 amdkmdag - ok
    03:25:09.0170 4320 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
    03:25:09.0170 4320 amdkmdap - ok
    03:25:09.0186 4320 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
    03:25:09.0186 4320 AmdPPM - ok
    03:25:09.0186 4320 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    03:25:09.0186 4320 amdsata - ok
    03:25:09.0186 4320 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
    03:25:09.0202 4320 amdsbs - ok
    03:25:09.0202 4320 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    03:25:09.0202 4320 amdxata - ok
    03:25:09.0202 4320 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    03:25:09.0202 4320 AppID - ok
    03:25:09.0202 4320 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    03:25:09.0202 4320 AppIDSvc - ok
    03:25:09.0217 4320 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
    03:25:09.0217 4320 Appinfo - ok
    03:25:09.0217 4320 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
    03:25:09.0217 4320 AppMgmt - ok
    03:25:09.0217 4320 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
    03:25:09.0233 4320 arc - ok
    03:25:09.0233 4320 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
    03:25:09.0233 4320 arcsas - ok
    03:25:09.0233 4320 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    03:25:09.0248 4320 aspnet_state - ok
    03:25:09.0248 4320 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    03:25:09.0248 4320 AsyncMac - ok
    03:25:09.0248 4320 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    03:25:09.0248 4320 atapi - ok
    03:25:09.0264 4320 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
    03:25:09.0264 4320 AtiHDAudioService - ok
    03:25:09.0264 4320 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    03:25:09.0280 4320 AudioEndpointBuilder - ok
    03:25:09.0280 4320 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    03:25:09.0295 4320 AudioSrv - ok
    03:25:09.0295 4320 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    03:25:09.0295 4320 AxInstSV - ok
    03:25:09.0311 4320 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
    03:25:09.0311 4320 b06bdrv - ok
    03:25:09.0311 4320 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    03:25:09.0326 4320 b57nd60a - ok
    03:25:09.0326 4320 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    03:25:09.0326 4320 BDESVC - ok
    03:25:09.0326 4320 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    03:25:09.0326 4320 Beep - ok
    03:25:09.0342 4320 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    03:25:09.0358 4320 BFE - ok
    03:25:09.0358 4320 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
    03:25:09.0358 4320 BingDesktopUpdate - ok
    03:25:09.0373 4320 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
    03:25:09.0389 4320 BITS - ok
    03:25:09.0389 4320 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    03:25:09.0389 4320 blbdrive - ok
    03:25:09.0389 4320 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    03:25:09.0389 4320 bowser - ok
    03:25:09.0389 4320 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
    03:25:09.0389 4320 BrFiltLo - ok
    03:25:09.0404 4320 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
    03:25:09.0404 4320 BrFiltUp - ok
    03:25:09.0404 4320 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    03:25:09.0404 4320 Browser - ok
    03:25:09.0404 4320 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    03:25:09.0420 4320 Brserid - ok
    03:25:09.0420 4320 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    03:25:09.0420 4320 BrSerWdm - ok
    03:25:09.0420 4320 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    03:25:09.0420 4320 BrUsbMdm - ok
    03:25:09.0420 4320 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    03:25:09.0420 4320 BrUsbSer - ok
    03:25:09.0436 4320 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
    03:25:09.0436 4320 BTHMODEM - ok
    03:25:09.0436 4320 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    03:25:09.0436 4320 bthserv - ok
    03:25:09.0436 4320 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    03:25:09.0436 4320 cdfs - ok
    03:25:09.0451 4320 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
    03:25:09.0451 4320 cdrom - ok
    03:25:09.0451 4320 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    03:25:09.0451 4320 CertPropSvc - ok
    03:25:09.0451 4320 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
    03:25:09.0451 4320 circlass - ok
    03:25:09.0467 4320 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    03:25:09.0467 4320 CLFS - ok
    03:25:09.0482 4320 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    03:25:09.0482 4320 clr_optimization_v2.0.50727_32 - ok
    03:25:09.0482 4320 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    03:25:09.0498 4320 clr_optimization_v2.0.50727_64 - ok
    03:25:09.0498 4320 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    03:25:09.0514 4320 clr_optimization_v4.0.30319_32 - ok
    03:25:09.0514 4320 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    03:25:09.0514 4320 clr_optimization_v4.0.30319_64 - ok
    03:25:09.0529 4320 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    03:25:09.0529 4320 CmBatt - ok
    03:25:09.0529 4320 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    03:25:09.0529 4320 cmdide - ok
    03:25:09.0529 4320 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
    03:25:09.0545 4320 CNG - ok
    03:25:09.0545 4320 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    03:25:09.0545 4320 Compbatt - ok
    03:25:09.0545 4320 [ 59D203C3F46F3CA536ECAC0E084CD887 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys
    03:25:09.0545 4320 CompFilter64 - ok
    03:25:09.0545 4320 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    03:25:09.0545 4320 CompositeBus - ok
    03:25:09.0560 4320 COMSysApp - ok
    03:25:09.0560 4320 [ 3CA734CE373E5675FBC15CA2C45228E5 ] cpudrv64 C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
    03:25:09.0560 4320 cpudrv64 - ok
    03:25:09.0560 4320 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
    03:25:09.0576 4320 crcdisk - ok
    03:25:09.0576 4320 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
    03:25:09.0576 4320 CryptSvc - ok
    03:25:09.0592 4320 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
    03:25:09.0592 4320 CSC - ok
    03:25:09.0607 4320 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
    03:25:09.0607 4320 CscService - ok
    03:25:09.0623 4320 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    03:25:09.0623 4320 DcomLaunch - ok
    03:25:09.0638 4320 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    03:25:09.0638 4320 defragsvc - ok
    03:25:09.0638 4320 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    03:25:09.0638 4320 DfsC - ok
    03:25:09.0638 4320 dgderdrv - ok
    03:25:09.0654 4320 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
    03:25:09.0654 4320 dg_ssudbus - ok
    03:25:09.0654 4320 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    03:25:09.0670 4320 Dhcp - ok
    03:25:09.0670 4320 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    03:25:09.0670 4320 discache - ok
    03:25:09.0685 4320 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
    03:25:09.0685 4320 Disk - ok
    03:25:09.0685 4320 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    03:25:09.0685 4320 Dnscache - ok
    03:25:09.0685 4320 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    03:25:09.0701 4320 dot3svc - ok
    03:25:09.0701 4320 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    03:25:09.0701 4320 DPS - ok
    03:25:09.0701 4320 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    03:25:09.0701 4320 drmkaud - ok
    03:25:09.0716 4320 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    03:25:09.0716 4320 DXGKrnl - ok
    03:25:09.0732 4320 [ 324FCD2DD8A4229DDEF3CC954FF12FA5 ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
    03:25:09.0732 4320 e1kexpress - ok
    03:25:09.0732 4320 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    03:25:09.0732 4320 EapHost - ok
    03:25:09.0779 4320 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
    03:25:09.0810 4320 ebdrv - ok
    03:25:09.0810 4320 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    03:25:09.0810 4320 EFS - ok
    03:25:09.0826 4320 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    03:25:09.0826 4320 ehRecvr - ok
    03:25:09.0826 4320 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    03:25:09.0841 4320 ehSched - ok
    03:25:09.0841 4320 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
    03:25:09.0857 4320 elxstor - ok
    03:25:09.0857 4320 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    03:25:09.0857 4320 ErrDev - ok
    03:25:09.0872 4320 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    03:25:09.0872 4320 EventSystem - ok
    03:25:09.0872 4320 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    03:25:09.0872 4320 exfat - ok
    03:25:09.0888 4320 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    03:25:09.0888 4320 fastfat - ok
    03:25:09.0904 4320 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    03:25:09.0904 4320 Fax - ok
    03:25:09.0904 4320 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
    03:25:09.0904 4320 fdc - ok
    03:25:09.0919 4320 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    03:25:09.0919 4320 fdPHost - ok
    03:25:09.0919 4320 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    03:25:09.0919 4320 FDResPub - ok
    03:25:09.0919 4320 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    03:25:09.0919 4320 FileInfo - ok
    03:25:09.0919 4320 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    03:25:09.0919 4320 Filetrace - ok
    03:25:09.0935 4320 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
    03:25:09.0935 4320 flpydisk - ok
    03:25:09.0935 4320 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    03:25:09.0935 4320 FltMgr - ok
    03:25:09.0950 4320 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
    03:25:09.0966 4320 FontCache - ok
    03:25:09.0966 4320 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    03:25:09.0966 4320 FontCache3.0.0.0 - ok
    03:25:09.0966 4320 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    03:25:09.0982 4320 FsDepends - ok
    03:25:09.0982 4320 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    03:25:09.0982 4320 Fs_Rec - ok
    03:25:09.0982 4320 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    03:25:09.0982 4320 fvevol - ok
    03:25:09.0982 4320 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
    03:25:09.0997 4320 gagp30kx - ok
    03:25:09.0997 4320 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    03:25:10.0013 4320 gpsvc - ok
    03:25:10.0013 4320 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    03:25:10.0013 4320 gupdate - ok
    03:25:10.0013 4320 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    03:25:10.0028 4320 gupdatem - ok
    03:25:10.0028 4320 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    03:25:10.0028 4320 gusvc - ok
    03:25:10.0028 4320 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    03:25:10.0028 4320 hcw85cir - ok
    03:25:10.0044 4320 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    03:25:10.0044 4320 HdAudAddService - ok
    03:25:10.0044 4320 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    03:25:10.0044 4320 HDAudBus - ok
    03:25:10.0060 4320 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
    03:25:10.0060 4320 HidBatt - ok
    03:25:10.0060 4320 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
    03:25:10.0060 4320 HidBth - ok
    03:25:10.0060 4320 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
    03:25:10.0060 4320 HidIr - ok
    03:25:10.0060 4320 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    03:25:10.0060 4320 hidserv - ok
    03:25:10.0075 4320 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    03:25:10.0075 4320 HidUsb - ok
    03:25:10.0075 4320 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    03:25:10.0075 4320 hkmsvc - ok
    03:25:10.0075 4320 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    03:25:10.0091 4320 HomeGroupListener - ok
    03:25:10.0091 4320 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    03:25:10.0091 4320 HomeGroupProvider - ok
    03:25:10.0091 4320 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    03:25:10.0091 4320 HpSAMD - ok
    03:25:10.0106 4320 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    03:25:10.0122 4320 HTTP - ok
    03:25:10.0122 4320 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    03:25:10.0122 4320 hwpolicy - ok
    03:25:10.0122 4320 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    03:25:10.0122 4320 i8042prt - ok
    03:25:10.0138 4320 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    03:25:10.0138 4320 iaStorV - ok
    03:25:10.0153 4320 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    03:25:10.0169 4320 idsvc - ok
    03:25:10.0169 4320 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
    03:25:10.0169 4320 iirsp - ok
    03:25:10.0184 4320 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    03:25:10.0184 4320 IKEEXT - ok
    03:25:10.0231 4320 [ 5F6A3EA5BD7CA861863A3A06CECC115C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    03:25:10.0247 4320 IntcAzAudAddService - ok
    03:25:10.0262 4320 [ FE098EF3DB8E8064CF6BE4CA6DD1FDF0 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
    03:25:10.0278 4320 Intel(R) PROSet Monitoring Service - ok
    03:25:10.0278 4320 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    03:25:10.0278 4320 intelide - ok
    03:25:10.0278 4320 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    03:25:10.0278 4320 intelppm - ok
    03:25:10.0294 4320 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    03:25:10.0294 4320 IPBusEnum - ok
    03:25:10.0294 4320 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    03:25:10.0309 4320 IpFilterDriver - ok
    03:25:10.0325 4320 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    03:25:10.0340 4320 iphlpsvc - ok
    03:25:10.0340 4320 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    03:25:10.0340 4320 IPMIDRV - ok
    03:25:10.0356 4320 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    03:25:10.0356 4320 IPNAT - ok
    03:25:10.0356 4320 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    03:25:10.0356 4320 IRENUM - ok
    03:25:10.0372 4320 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    03:25:10.0372 4320 isapnp - ok
    03:25:10.0387 4320 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    03:25:10.0387 4320 iScsiPrt - ok
    03:25:10.0387 4320 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
    03:25:10.0387 4320 kbdclass - ok
    03:25:10.0403 4320 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
    03:25:10.0403 4320 kbdhid - ok
    03:25:10.0418 4320 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    03:25:10.0418 4320 KeyIso - ok
    03:25:10.0418 4320 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    03:25:10.0418 4320 KSecDD - ok
    03:25:10.0434 4320 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    03:25:10.0434 4320 KSecPkg - ok
    03:25:10.0450 4320 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    03:25:10.0450 4320 ksthunk - ok
    03:25:10.0450 4320 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    03:25:10.0465 4320 KtmRm - ok
    03:25:10.0481 4320 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    03:25:10.0481 4320 LanmanServer - ok
    03:25:10.0481 4320 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    03:25:10.0496 4320 LanmanWorkstation - ok
    03:25:10.0496 4320 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    03:25:10.0496 4320 lltdio - ok
    03:25:10.0512 4320 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    03:25:10.0512 4320 lltdsvc - ok
    03:25:10.0512 4320 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    03:25:10.0512 4320 lmhosts - ok
    03:25:10.0528 4320 [ 98B0FCC176DFB711B67651BECB88C445 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
    03:25:10.0528 4320 LMIGuardianSvc - ok
    03:25:10.0528 4320 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
    03:25:10.0528 4320 LMIInfo - ok
    03:25:10.0543 4320 [ B712511029CBD68645A90A241FD6AE43 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
    03:25:10.0543 4320 LMIMaint - ok
    03:25:10.0543 4320 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
    03:25:10.0543 4320 lmimirr - ok
    03:25:10.0543 4320 LMIRfsClientNP - ok
    03:25:10.0559 4320 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
    03:25:10.0559 4320 LMIRfsDriver - ok
    03:25:10.0559 4320 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
    03:25:10.0574 4320 LogMeIn - ok
    03:25:10.0574 4320 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
    03:25:10.0574 4320 LSI_FC - ok
    03:25:10.0574 4320 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
    03:25:10.0574 4320 LSI_SAS - ok
    03:25:10.0590 4320 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
    03:25:10.0590 4320 LSI_SAS2 - ok
    03:25:10.0590 4320 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
    03:25:10.0590 4320 LSI_SCSI - ok
    03:25:10.0590 4320 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    03:25:10.0606 4320 luafv - ok
    03:25:10.0606 4320 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
    03:25:10.0606 4320 LVRS64 - ok
    03:25:10.0652 4320 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
    03:25:10.0684 4320 LVUVC64 - ok
    03:25:10.0684 4320 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
    03:25:10.0684 4320 MBAMProtector - ok
    03:25:10.0684 4320 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    03:25:10.0699 4320 MBAMScheduler - ok
    03:25:10.0699 4320 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    03:25:10.0715 4320 MBAMService - ok
    03:25:10.0715 4320 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    03:25:10.0715 4320 Mcx2Svc - ok
    03:25:10.0730 4320 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    03:25:10.0730 4320 MDM - ok
    03:25:10.0730 4320 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
    03:25:10.0730 4320 megasas - ok
    03:25:10.0746 4320 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
    03:25:10.0746 4320 MegaSR - ok
    03:25:10.0746 4320 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    03:25:10.0746 4320 MMCSS - ok
    03:25:10.0746 4320 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    03:25:10.0746 4320 Modem - ok
    03:25:10.0762 4320 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    03:25:10.0762 4320 monitor - ok
    03:25:10.0762 4320 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    03:25:10.0762 4320 mouclass - ok
    03:25:10.0762 4320 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    03:25:10.0762 4320 mouhid - ok
    03:25:10.0762 4320 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    03:25:10.0762 4320 mountmgr - ok
    03:25:10.0777 4320 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
    03:25:10.0777 4320 MpFilter - ok
    03:25:10.0777 4320 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    03:25:10.0777 4320 mpio - ok
    03:25:10.0777 4320 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    03:25:10.0793 4320 mpsdrv - ok
    03:25:10.0793 4320 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    03:25:10.0808 4320 MpsSvc - ok
    03:25:10.0808 4320 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    03:25:10.0808 4320 MRxDAV - ok
    03:25:10.0824 4320 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    03:25:10.0824 4320 mrxsmb - ok
    03:25:10.0824 4320 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    03:25:10.0824 4320 mrxsmb10 - ok
    03:25:10.0840 4320 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    03:25:10.0840 4320 mrxsmb20 - ok
    03:25:10.0840 4320 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    03:25:10.0840 4320 msahci - ok
    03:25:10.0840 4320 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    03:25:10.0840 4320 msdsm - ok
    03:25:10.0855 4320 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    03:25:10.0855 4320 MSDTC - ok
    03:25:10.0855 4320 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    03:25:10.0855 4320 Msfs - ok
    03:25:10.0855 4320 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    03:25:10.0855 4320 mshidkmdf - ok
    03:25:10.0855 4320 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    03:25:10.0871 4320 msisadrv - ok
    03:25:10.0871 4320 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    03:25:10.0871 4320 MSiSCSI - ok
    03:25:10.0871 4320 msiserver - ok
    03:25:10.0871 4320 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    03:25:10.0871 4320 MSKSSRV - ok
    03:25:10.0886 4320 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
    03:25:10.0886 4320 MsMpSvc - ok
    03:25:10.0886 4320 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    03:25:10.0886 4320 MSPCLOCK - ok
    03:25:10.0886 4320 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    03:25:10.0886 4320 MSPQM - ok
    03:25:10.0886 4320 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    03:25:10.0902 4320 MsRPC - ok
    03:25:10.0902 4320 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    03:25:10.0902 4320 mssmbios - ok
    03:25:10.0902 4320 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    03:25:10.0902 4320 MSTEE - ok
    03:25:10.0902 4320 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
    03:25:10.0902 4320 MTConfig - ok
    03:25:10.0918 4320 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    03:25:10.0918 4320 Mup - ok
    03:25:10.0918 4320 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    03:25:10.0933 4320 napagent - ok
    03:25:10.0933 4320 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    03:25:10.0933 4320 NativeWifiP - ok
    03:25:10.0949 4320 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    03:25:10.0964 4320 NDIS - ok
    03:25:10.0964 4320 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    03:25:10.0964 4320 NdisCap - ok
    03:25:10.0964 4320 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    03:25:10.0964 4320 NdisTapi - ok
    03:25:10.0964 4320 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    03:25:10.0964 4320 Ndisuio - ok
    03:25:10.0980 4320 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    03:25:10.0980 4320 NdisWan - ok
    03:25:10.0980 4320 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    03:25:10.0980 4320 NDProxy - ok
    03:25:10.0980 4320 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    03:25:10.0980 4320 NetBIOS - ok
    03:25:10.0996 4320 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    03:25:10.0996 4320 NetBT - ok
    03:25:10.0996 4320 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    03:25:10.0996 4320 Netlogon - ok
    03:25:10.0996 4320 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    03:25:11.0011 4320 Netman - ok
    03:25:11.0011 4320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    03:25:11.0011 4320 NetMsmqActivator - ok
    03:25:11.0011 4320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    03:25:11.0011 4320 NetPipeActivator - ok
    03:25:11.0027 4320 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    03:25:11.0027 4320 netprofm - ok
    03:25:11.0042 4320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    03:25:11.0042 4320 NetTcpActivator - ok
    03:25:11.0042 4320 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    03:25:11.0042 4320 NetTcpPortSharing - ok
    03:25:11.0042 4320 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
    03:25:11.0042 4320 nfrd960 - ok
    03:25:11.0042 4320 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    03:25:11.0042 4320 NisDrv - ok
    03:25:11.0058 4320 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
    03:25:11.0058 4320 NisSrv - ok
    03:25:11.0074 4320 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
    03:25:11.0074 4320 NlaSvc - ok
    03:25:11.0074 4320 NPF - ok
    03:25:11.0074 4320 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    03:25:11.0074 4320 Npfs - ok
    03:25:11.0074 4320 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    03:25:11.0074 4320 nsi - ok
    03:25:11.0089 4320 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    03:25:11.0089 4320 nsiproxy - ok
    03:25:11.0105 4320 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    03:25:11.0120 4320 Ntfs - ok
    03:25:11.0120 4320 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    03:25:11.0120 4320 Null - ok
    03:25:11.0120 4320 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    03:25:11.0136 4320 nvraid - ok
    03:25:11.0136 4320 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    03:25:11.0136 4320 nvstor - ok
    03:25:11.0136 4320 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    03:25:11.0136 4320 nv_agp - ok
    03:25:11.0152 4320 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    03:25:11.0152 4320 ohci1394 - ok
    03:25:11.0152 4320 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    03:25:11.0152 4320 ose - ok
    03:25:11.0198 4320 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    03:25:11.0245 4320 osppsvc - ok
    03:25:11.0245 4320 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    03:25:11.0245 4320 p2pimsvc - ok
    03:25:11.0261 4320 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    03:25:11.0261 4320 p2psvc - ok
    03:25:11.0276 4320 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    03:25:11.0276 4320 Parport - ok
    03:25:11.0276 4320 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    03:25:11.0276 4320 partmgr - ok
    03:25:11.0276 4320 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    03:25:11.0276 4320 PcaSvc - ok
    03:25:11.0292 4320 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    03:25:11.0292 4320 pci - ok
    03:25:11.0292 4320 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    03:25:11.0292 4320 pciide - ok
    03:25:11.0292 4320 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
    03:25:11.0308 4320 pcmcia - ok
    03:25:11.0308 4320 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    03:25:11.0308 4320 pcw - ok
    03:25:11.0308 4320 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    03:25:11.0323 4320 PEAUTH - ok
    03:25:11.0339 4320 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
    03:25:11.0354 4320 PeerDistSvc - ok
    03:25:11.0370 4320 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    03:25:11.0370 4320 PerfHost - ok
    03:25:11.0386 4320 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    03:25:11.0401 4320 pla - ok
    03:25:11.0417 4320 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    03:25:11.0417 4320 PlugPlay - ok
    03:25:11.0417 4320 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    03:25:11.0432 4320 PNRPAutoReg - ok
    03:25:11.0432 4320 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    03:25:11.0432 4320 PNRPsvc - ok
    03:25:11.0432 4320 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
    03:25:11.0432 4320 Point64 - ok
    03:25:11.0448 4320 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    03:25:11.0448 4320 PolicyAgent - ok
    03:25:11.0464 4320 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    03:25:11.0464 4320 Power - ok
    03:25:11.0464 4320 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    03:25:11.0464 4320 PptpMiniport - ok
    03:25:11.0479 4320 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
    03:25:11.0479 4320 Processor - ok
    03:25:11.0479 4320 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    03:25:11.0479 4320 ProfSvc - ok
    03:25:11.0479 4320 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    03:25:11.0479 4320 ProtectedStorage - ok
    03:25:11.0495 4320 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    03:25:11.0495 4320 Psched - ok
    03:25:11.0510 4320 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
    03:25:11.0526 4320 ql2300 - ok
    03:25:11.0526 4320 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
    03:25:11.0526 4320 ql40xx - ok
    03:25:11.0542 4320 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    03:25:11.0542 4320 QWAVE - ok
    03:25:11.0542 4320 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    03:25:11.0542 4320 QWAVEdrv - ok
    03:25:11.0542 4320 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    03:25:11.0542 4320 RasAcd - ok
    03:25:11.0557 4320 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    03:25:11.0557 4320 RasAgileVpn - ok
    03:25:11.0557 4320 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    03:25:11.0557 4320 RasAuto - ok
    03:25:11.0557 4320 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    03:25:11.0557 4320 Rasl2tp - ok
    03:25:11.0573 4320 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    03:25:11.0573 4320 RasMan - ok
    03:25:11.0573 4320 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    03:25:11.0573 4320 RasPppoe - ok
    03:25:11.0588 4320 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    03:25:11.0588 4320 RasSstp - ok
    03:25:11.0588 4320 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    03:25:11.0588 4320 rdbss - ok
    03:25:11.0604 4320 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    03:25:11.0604 4320 rdpbus - ok
    03:25:11.0604 4320 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    03:25:11.0604 4320 RDPCDD - ok
    03:25:11.0604 4320 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
    03:25:11.0604 4320 RDPDR - ok
    03:25:11.0604 4320 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    03:25:11.0604 4320 RDPENCDD - ok
    03:25:11.0620 4320 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    03:25:11.0620 4320 RDPREFMP - ok
    03:25:11.0620 4320 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    03:25:11.0620 4320 RdpVideoMiniport - ok
    03:25:11.0620 4320 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    03:25:11.0635 4320 RDPWD - ok
    03:25:11.0635 4320 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    03:25:11.0635 4320 rdyboost - ok
    03:25:11.0635 4320 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    03:25:11.0635 4320 RemoteAccess - ok
    03:25:11.0651 4320 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    03:25:11.0651 4320 RemoteRegistry - ok
    03:25:11.0651 4320 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    03:25:11.0651 4320 RpcEptMapper - ok
    03:25:11.0651 4320 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    03:25:11.0651 4320 RpcLocator - ok
    03:25:11.0682 4320 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    03:25:11.0682 4320 RpcSs - ok
    03:25:11.0682 4320 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    03:25:11.0682 4320 rspndr - ok
    03:25:11.0682 4320 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
    03:25:11.0682 4320 s3cap - ok
    03:25:11.0682 4320 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    03:25:11.0698 4320 SamSs - ok
    03:25:11.0698 4320 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    03:25:11.0698 4320 SASDIFSV - ok
    03:25:11.0698 4320 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    03:25:11.0698 4320 SASKUTIL - ok
    03:25:11.0698 4320 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    03:25:11.0698 4320 sbp2port - ok
    03:25:11.0698 4320 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    03:25:11.0713 4320 SCardSvr - ok
    03:25:11.0713 4320 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    03:25:11.0713 4320 scfilter - ok
    03:25:11.0729 4320 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    03:25:11.0744 4320 Schedule - ok
    03:25:11.0744 4320 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    03:25:11.0744 4320 SCPolicySvc - ok
    03:25:11.0744 4320 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    03:25:11.0744 4320 SDRSVC - ok
    03:25:11.0760 4320 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    03:25:11.0760 4320 secdrv - ok
    03:25:11.0760 4320 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    03:25:11.0760 4320 seclogon - ok
    03:25:11.0760 4320 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    03:25:11.0760 4320 SENS - ok
    03:25:11.0760 4320 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    03:25:11.0760 4320 SensrSvc - ok
    03:25:11.0776 4320 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
    03:25:11.0776 4320 Serenum - ok
    03:25:11.0776 4320 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
    03:25:11.0776 4320 Serial - ok
    03:25:11.0776 4320 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
    03:25:11.0776 4320 sermouse - ok
    03:25:11.0791 4320 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    03:25:11.0791 4320 SessionEnv - ok
    03:25:11.0791 4320 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    03:25:11.0791 4320 sffdisk - ok
    03:25:11.0791 4320 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    03:25:11.0791 4320 sffp_mmc - ok
    03:25:11.0791 4320 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    03:25:11.0791 4320 sffp_sd - ok
    03:25:11.0807 4320 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
    03:25:11.0807 4320 sfloppy - ok
    03:25:11.0807 4320 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    03:25:11.0807 4320 SharedAccess - ok
    03:25:11.0822 4320 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    03:25:11.0822 4320 ShellHWDetection - ok
    03:25:11.0822 4320 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
    03:25:11.0822 4320 SiSRaid2 - ok
    03:25:11.0838 4320 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
    03:25:11.0838 4320 SiSRaid4 - ok
    03:25:11.0869 4320 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    03:25:11.0885 4320 Skype C2C Service - ok
    03:25:11.0900 4320 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    03:25:11.0900 4320 SkypeUpdate - ok
    03:25:11.0900 4320 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    03:25:11.0900 4320 Smb - ok
    03:25:11.0900 4320 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    03:25:11.0900 4320 SNMPTRAP - ok
    03:25:11.0916 4320 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    03:25:11.0916 4320 spldr - ok
    03:25:11.0916 4320 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    03:25:11.0932 4320 Spooler - ok
    03:25:11.0963 4320 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    03:25:11.0994 4320 sppsvc - ok
    03:25:11.0994 4320 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    03:25:11.0994 4320 sppuinotify - ok
    03:25:12.0010 4320 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    03:25:12.0010 4320 srv - ok
    03:25:12.0025 4320 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    03:25:12.0025 4320 srv2 - ok
    03:25:12.0025 4320 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    03:25:12.0041 4320 srvnet - ok
    03:25:12.0041 4320 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    03:25:12.0041 4320 SSDPSRV - ok
    03:25:12.0041 4320 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    03:25:12.0041 4320 SstpSvc - ok
    03:25:12.0056 4320 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
    03:25:12.0056 4320 ssudmdm - ok
    03:25:12.0056 4320 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
    03:25:12.0056 4320 stexstor - ok
    03:25:12.0072 4320 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    03:25:12.0072 4320 stisvc - ok
    03:25:12.0088 4320 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
    03:25:12.0088 4320 storflt - ok
    03:25:12.0088 4320 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
    03:25:12.0088 4320 StorSvc - ok
    03:25:12.0088 4320 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
    03:25:12.0088 4320 storvsc - ok
    03:25:12.0088 4320 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    03:25:12.0088 4320 swenum - ok
    03:25:12.0103 4320 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    03:25:12.0103 4320 swprv - ok
    03:25:12.0119 4320 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    03:25:12.0150 4320 SysMain - ok
    03:25:12.0150 4320 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    03:25:12.0150 4320 TabletInputService - ok
    03:25:12.0150 4320 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    03:25:12.0166 4320 TapiSrv - ok
    03:25:12.0166 4320 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    03:25:12.0166 4320 TBS - ok
    03:25:12.0181 4320 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    03:25:12.0197 4320 Tcpip - ok
    03:25:12.0228 4320 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    03:25:12.0228 4320 TCPIP6 - ok
    03:25:12.0244 4320 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    03:25:12.0244 4320 tcpipreg - ok
    03:25:12.0244 4320 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    03:25:12.0244 4320 TDPIPE - ok
    03:25:12.0244 4320 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    03:25:12.0244 4320 TDTCP - ok
    03:25:12.0244 4320 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    03:25:12.0259 4320 tdx - ok
    03:25:12.0290 4320 [ C9B9373A0A430C11F0213E359D0772B2 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    03:25:12.0306 4320 TeamViewer7 - ok
    03:25:12.0306 4320 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    03:25:12.0306 4320 TermDD - ok
    03:25:12.0322 4320 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    03:25:12.0322 4320 TermService - ok
    03:25:12.0322 4320 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    03:25:12.0337 4320 Themes - ok
    03:25:12.0337 4320 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    03:25:12.0337 4320 THREADORDER - ok
    03:25:12.0337 4320 [ E319535A8124F25C1C9C5288CACF3101 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    03:25:12.0337 4320 TomTomHOMEService - ok
    03:25:12.0337 4320 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    03:25:12.0353 4320 TrkWks - ok
    03:25:12.0353 4320 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    03:25:12.0353 4320 TrustedInstaller - ok
    03:25:12.0353 4320 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    03:25:12.0353 4320 tssecsrv - ok
    03:25:12.0368 4320 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    03:25:12.0368 4320 TsUsbFlt - ok
    03:25:12.0368 4320 Tunman0 - ok
    03:25:12.0368 4320 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    03:25:12.0368 4320 tunnel - ok
    03:25:12.0368 4320 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
    03:25:12.0384 4320 uagp35 - ok
    03:25:12.0384 4320 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    03:25:12.0384 4320 udfs - ok
    03:25:12.0400 4320 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    03:25:12.0400 4320 UI0Detect - ok
    03:25:12.0400 4320 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    03:25:12.0400 4320 uliagpkx - ok
    03:25:12.0400 4320 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
    03:25:12.0400 4320 umbus - ok
    03:25:12.0400 4320 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    03:25:12.0415 4320 UmPass - ok
    03:25:12.0415 4320 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
    03:25:12.0415 4320 UmRdpService - ok
    03:25:12.0431 4320 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    03:25:12.0431 4320 UMVPFSrv - ok
    03:25:12.0431 4320 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    03:25:12.0446 4320 upnphost - ok
    03:25:12.0446 4320 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
    03:25:12.0446 4320 usbaudio - ok
    03:25:12.0446 4320 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    03:25:12.0446 4320 usbccgp - ok
    03:25:12.0462 4320 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    03:25:12.0462 4320 usbcir - ok
    03:25:12.0462 4320 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    03:25:12.0462 4320 usbehci - ok
    03:25:12.0462 4320 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    03:25:12.0478 4320 usbhub - ok
    03:25:12.0478 4320 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    03:25:12.0478 4320 usbohci - ok
    03:25:12.0478 4320 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    03:25:12.0478 4320 usbprint - ok
    03:25:12.0493 4320 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    03:25:12.0493 4320 usbscan - ok
    03:25:12.0493 4320 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    03:25:12.0493 4320 USBSTOR - ok
    03:25:12.0493 4320 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    03:25:12.0493 4320 usbuhci - ok
    03:25:12.0493 4320 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
    03:25:12.0509 4320 usbvideo - ok
    03:25:12.0509 4320 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    03:25:12.0509 4320 UxSms - ok
    03:25:12.0524 4320 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    03:25:12.0524 4320 VaultSvc - ok
    03:25:12.0524 4320 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    03:25:12.0524 4320 vdrvroot - ok
    03:25:12.0540 4320 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    03:25:12.0556 4320 vds - ok
    03:25:12.0556 4320 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    03:25:12.0556 4320 vga - ok
    03:25:12.0556 4320 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    03:25:12.0556 4320 VgaSave - ok
    03:25:12.0571 4320 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    03:25:12.0571 4320 vhdmp - ok
    03:25:12.0571 4320 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    03:25:12.0571 4320 viaide - ok
    03:25:12.0587 4320 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
    03:25:12.0587 4320 vmbus - ok
    03:25:12.0587 4320 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
    03:25:12.0587 4320 VMBusHID - ok
    03:25:12.0602 4320 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    03:25:12.0602 4320 volmgr - ok
    03:25:12.0618 4320 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    03:25:12.0618 4320 volmgrx - ok
    03:25:12.0634 4320 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
    03:25:12.0634 4320 volsnap - ok
    03:25:12.0649 4320 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
    03:25:12.0649 4320 vsmraid - ok
    03:25:12.0727 4320 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    03:25:12.0758 4320 VSS - ok
    03:25:12.0758 4320 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
    03:25:12.0758 4320 vwifibus - ok
    03:25:12.0774 4320 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    03:25:12.0790 4320 W32Time - ok
    03:25:12.0790 4320 [ 37E4600E2CDAD3C1A3613A25B97D457C ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
    03:25:12.0790 4320 wacmoumonitor - ok
    03:25:12.0805 4320 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
    03:25:12.0805 4320 WacomPen - ok
    03:25:12.0805 4320 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    03:25:12.0805 4320 WANARP - ok
    03:25:12.0821 4320 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    03:25:12.0821 4320 Wanarpv6 - ok
    03:25:12.0868 4320 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    03:25:12.0883 4320 WatAdminSvc - ok
    03:25:12.0899 4320 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    03:25:12.0914 4320 wbengine - ok
    03:25:12.0930 4320 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    03:25:12.0930 4320 WbioSrvc - ok
    03:25:12.0930 4320 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    03:25:12.0946 4320 wcncsvc - ok
    03:25:12.0946 4320 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    03:25:12.0946 4320 WcsPlugInService - ok
    03:25:12.0946 4320 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
    03:25:12.0946 4320 Wd - ok
    03:25:12.0961 4320 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    03:25:12.0977 4320 Wdf01000 - ok
    03:25:12.0977 4320 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    03:25:12.0977 4320 WdiServiceHost - ok
    03:25:12.0977 4320 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    03:25:12.0977 4320 WdiSystemHost - ok
    03:25:12.0992 4320 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    03:25:12.0992 4320 WebClient - ok
    03:25:12.0992 4320 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    03:25:13.0008 4320 Wecsvc - ok
    03:25:13.0008 4320 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    03:25:13.0008 4320 wercplsupport - ok
    03:25:13.0008 4320 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    03:25:13.0008 4320 WerSvc - ok
    03:25:13.0024 4320 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    03:25:13.0024 4320 WfpLwf - ok
    03:25:13.0024 4320 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    03:25:13.0024 4320 WIMMount - ok
    03:25:13.0024 4320 WinDefend - ok
    03:25:13.0024 4320 WinHttpAutoProxySvc - ok
    03:25:13.0039 4320 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    03:25:13.0039 4320 Winmgmt - ok
    03:25:13.0055 4320 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    03:25:13.0086 4320 WinRM - ok
    03:25:13.0086 4320 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
    03:25:13.0086 4320 WinUsb - ok
    03:25:13.0102 4320 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    03:25:13.0117 4320 Wlansvc - ok
    03:25:13.0117 4320 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    03:25:13.0117 4320 WmiAcpi - ok
    03:25:13.0117 4320 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    03:25:13.0133 4320 wmiApSrv - ok
    03:25:13.0133 4320 WMPNetworkSvc - ok
    03:25:13.0133 4320 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    03:25:13.0133 4320 WPCSvc - ok
    03:25:13.0133 4320 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    03:25:13.0133 4320 WPDBusEnum - ok
    03:25:13.0148 4320 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    03:25:13.0148 4320 ws2ifsl - ok
    03:25:13.0148 4320 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
    03:25:13.0148 4320 wscsvc - ok
    03:25:13.0148 4320 WSearch - ok
    03:25:13.0180 4320 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    03:25:13.0195 4320 wuauserv - ok
    03:25:13.0211 4320 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    03:25:13.0211 4320 WudfPf - ok
    03:25:13.0211 4320 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    03:25:13.0211 4320 WUDFRd - ok
    03:25:13.0211 4320 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    03:25:13.0226 4320 wudfsvc - ok
    03:25:13.0226 4320 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
    03:25:13.0226 4320 WwanSvc - ok
    03:25:13.0226 4320 ================ Scan global ===============================
    03:25:13.0226 4320 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    03:25:13.0242 4320 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
    03:25:13.0242 4320 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
    03:25:13.0242 4320 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    03:25:13.0258 4320 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    03:25:13.0258 4320 [Global] - ok
    03:25:13.0258 4320 ================ Scan MBR ==================================
    03:25:13.0258 4320 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    03:25:13.0367 4320 \Device\Harddisk0\DR0 - ok
    03:25:13.0367 4320 ================ Scan VBR ==================================
    03:25:13.0367 4320 [ 90CC70F9E5E876F9C364AE754F643579 ] \Device\Harddisk0\DR0\Partition1
    03:25:13.0367 4320 \Device\Harddisk0\DR0\Partition1 - ok
    03:25:13.0382 4320 [ AE6CED5954C2AF44AEEAC3082DA4684A ] \Device\Harddisk0\DR0\Partition2
    03:25:13.0382 4320 \Device\Harddisk0\DR0\Partition2 - ok
    03:25:13.0382 4320 ================ Scan active images ========================
    03:25:13.0382 4320 ============================================================
    03:25:13.0382 4320 Scan finished
    03:25:13.0382 4320 ============================================================
    03:25:13.0382 4300 Detected object count: 0
    03:25:13.0382 4300 Actual detected object count: 0

    With thanks

    J
      My Computer
    Quote Quote

  11. shiphen
    Posts : 207
    Windows7 Pro x64
    Thread Starter
       New #8

    Regarding backups
    Yes I have been taking backups on not only of all my data but of my entire computer (I assume this is what you mean by a "System Backup", yes?) which are currently stored on an external Iomega hard disk and I only turn this disk on to take backups. I have an archive of full copies of all my data which I take about once every week or two and I take a full system back up about once a month so I may have a valid one system backup that I could use.

    My problem is that as I dont know when the infection happened, I am now unsure whether these backups have been infected.

    In fact even if were to do a full formatting of my hard disk (in fact a SSD) I still dont really know if my data is infected.

    Fwiw, I sync data on a daily basis with my old WinXP laptop and take it thus to work, so there is a reasonable chance that my laptop will also have been infected. However when I have run various scans on my laptop no serious errors have been found.

    - What next? (he asked nerviously!)
    J
      My Computer
    Quote Quote

  12. Golden
    Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       New #9

    Win32/OpenCandy is fairly innocous. At a glance I would say the system looks clean, but I'll ask Jacee (trained in malware removal) to take a look for you.

    Look out for her reply.
      My Computer
    Quote Quote

  13. shiphen
    Posts : 207
    Windows7 Pro x64
    Thread Starter
       New #10

    Great - thanks Golden.

    Meanwhile, what is the plan for my data - particularly my archives?
    Having now run various scanners, with luck I may well have cleaned up my infection.
    But how can I tell for sure that my archives are clean?

    J

    P.S. Yikes! I am running ESET on my WindowsXP laptop (with which I sync data almost every day) and it has come up with: "Threat Found: A variant of Win32 /KeyLogger .Ardamax .NBK application". Is that serious? (It has taken 2 hours and is still only half way through, so I am crossing my fingers that it doesnt find anything else.)
    Last edited by shiphen; 01 Nov 2012 at 09:22.
      My Computer
    Quote Quote

 
Page 1 of 10 123 ... LastLast

  Related Discussions
Hi,All out there,I'm really hoping that someone can help me with my problem-I've somehow picked up the 'Behaviour:Win32/Powessere.D' virus,and despite running many different anti-virus programs,it always comes back.This is classed as a 'severe' risk,so I dare not use my laptop for anything...
Hi everyone! Yesterday my HP laptop (Windows 7) started getting BSOD with various types of errors (mostly "STOP: 0x00000F4", "STOP: 0x0000007A", "c00021a" and one "missing %hs, c0000135"). Most of the time it restarts without any issues and works fine right after the BSOD and then an hour or two...
My office just upgraded, and I can no longer use Windows XP. On this system, I was able to add a separate taskbar to facilitate quick access to commonly-browsed folder locations on our vast network, and another one expedited the launching of useful programs and lists. Each task on each taskbar...
I'm trying to run VIPRERESCUE to check for rootkit virus's, but when I dbl click on the application, I get a pop up saying "application can't be run in Win32 mode." I'm using a system that is loaded with the 64 bit version of Win 7 Home Premium. I have run this successfully in the past (don't...
My notebook is set to the recommended screen resolution, under display settings that allows you to change the text size indepdenent of the screen resolution, I was expecting to see 3 radio buttons (as per the windows 7 tutorial) but I can see only "Small" and "medium". I haven't played around with...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 19:30.
Find Us