Jump to content

svchost.exe infection


Recommended Posts

I have attached the wanted logs to this post.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by Alyssa Rasmus at 15:28:44 on 2012-03-25

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1695 [GMT -7:00]

.

AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\vcsFPService.exe

C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\IDT\WDM\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

-netsvcs

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Alyssa Rasmus\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Brownie\BrStsW64.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files (x86)\real\realplayer\Update\realsched.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe

C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Brownie\brpjp04a.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

C:\Users\Alyssa Rasmus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alyssa Rasmus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alyssa Rasmus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alyssa Rasmus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Alyssa Rasmus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alyssa Rasmus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Alyssa Rasmus\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\notepad.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.searchqu.com/102

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\IPS\IPSBHO.DLL

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO: EgisPBIE Class: {7b51ccbe-4af9-44a6-bdab-d7f7e4c4e6f9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll

TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [PMCRemote]

uRun: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup

uRun: [Facebook Update] "C:\Users\Alyssa Rasmus\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

uRun: [Google Update] "C:\Users\Alyssa Rasmus\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

mRun: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [brStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [DATAMNGR] C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

StartupFolder: C:\Users\ALYSSA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Alyssa Rasmus\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\ALYSSA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v10.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{628A599D-8B35-43A3-8858-47BE0EB1D356} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{628A599D-8B35-43A3-8858-47BE0EB1D356}\2656C6B696E6E2369363 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{628A599D-8B35-43A3-8858-47BE0EB1D356}\57F677962756C6563737 : DhcpNameServer = 128.223.32.36 128.223.60.23

TCP: Interfaces\{628A599D-8B35-43A3-8858-47BE0EB1D356}\6456465627164796F6E613 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{628A599D-8B35-43A3-8858-47BE0EB1D356}\7414D4D414F5131374 : DhcpNameServer = 10.10.99.1

TCP: Interfaces\{628A599D-8B35-43A3-8858-47BE0EB1D356}\74C6F62616C6355796475675962756C6563737 : DhcpNameServer = 4.2.2.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs: C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll

LSA: Notification Packages = EgisPwdFilter EgisDSPwdFilter

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll

BHO-X64: Symantec NCO BHO - No File

BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\IPS\IPSBHO.DLL

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

BHO-X64: Search Helper - No File

BHO-X64: EgisPBIE Class: {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisPBIE.dll

BHO-X64: EgisPBIE - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

BHO-X64: Searchqu Toolbar - No File

BHO-X64: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll

TB-X64: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"

mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d

mRun-x64: [VitaKeyTSR] C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisTSR.exe /run

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

mRun-x64: [(Default)]

mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [brStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun

mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun-x64: [DATAMNGR] C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE

mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

AppInit_DLLs-X64: C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Alyssa Rasmus\AppData\Roaming\Mozilla\Firefox\Profiles\amqla8g3.default\

FF - prefs.js: browser.search.selectedEngine - Search Results

FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/102

FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=100&systemid=102&sr=0&q=

FF - prefs.js: network.proxy.type - 0

FF - component: C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\FFExt\components\EgisPBFF.dll

FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_2_3\components\coFFPlgn.dll

FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\components\IPSFFPl.dll

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Alyssa Rasmus\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Alyssa Rasmus\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\Alyssa Rasmus\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll

FF - plugin: C:\Users\Alyssa Rasmus\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll

FF - plugin: C:\Windows\system32\TVUAx\npTVUAx.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [2012-3-20 1157240]

R1 DVMIO;DeviceVM IO Service;C:\Windows\system32\DRIVERS\dvmio.sys --> C:\Windows\system32\DRIVERS\dvmio.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120323.002\IDSviA64.sys [2012-3-23 488568]

R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-3-5 89600]

R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-2-26 127984]

R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-3-31 338168]

R2 EgisTec Service;EgisTec Service;C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe [2010-2-4 689008]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-16 102968]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]

R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]

R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-18 20480]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-6-23 13336]

R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccsvchst.exe [2012-2-7 130008]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-6-23 2320920]

R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 1799472]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-5 138360]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-03-25 10:49:52 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{2126E3E6-B5EF-4996-A792-122B1B0F2476}

2012-03-25 10:49:41 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{C072D10A-85FE-4128-B0F7-3632B9E3FEB9}

2012-03-25 10:45:08 20480 ------w- C:\Windows\svchost.exe

2012-03-21 20:44:01 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{602BD639-4C6C-4150-AC32-8B20132B929E}

2012-03-21 20:43:47 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{9DFF09EE-36A4-4486-9F5E-481378898BE9}

2012-03-21 20:33:10 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{66250E0C-16AC-4818-A9E0-83A65C0C3FDC}

2012-03-21 20:32:55 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{C5AFA9DB-83C9-4FF5-9345-7229B21D0EEE}

2012-03-20 19:45:38 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{86EE47E0-9EDC-4716-A56B-131E48CD70C8}

2012-03-20 19:45:17 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{FD4548B1-BB3F-4D3A-863E-5261A9B2C7E9}

2012-03-19 00:49:10 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{5D149DAC-B04A-4A65-9472-7FAC9B93B730}

2012-03-19 00:48:59 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{98A4DF9F-44DD-43EB-A70F-86B91069D4EE}

2012-03-16 21:18:39 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{A29AF300-495F-4A6F-87A4-8AA1393C857F}

2012-03-16 21:18:12 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{F9897268-5ACB-47D6-931F-7F1AC15CC4E0}

2012-03-15 06:56:21 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{15E60DB5-9DDF-46C4-9F9D-AFC227E9592B}

2012-03-15 06:56:09 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{C1A1DD07-D16E-4DB7-9815-7D9253B70DE5}

2012-03-14 18:25:34 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Roaming\Tific

2012-03-14 18:25:25 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\Symantec

2012-03-14 18:24:51 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{9B907478-0574-48CE-A62C-89729F3A3400}

2012-03-14 18:24:39 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{0B3E99B9-F6F1-479A-AADB-0967C2F8FDD9}

2012-03-14 04:10:08 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-03-14 04:10:06 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-14 04:10:06 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-14 02:32:45 -------- d-----w- C:\Users\Alyssa Rasmus\.thumbnails

2012-03-13 19:37:41 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-13 19:37:41 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-13 19:37:41 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-13 19:37:38 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-13 19:37:38 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-03-13 19:37:38 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-13 19:37:38 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-03-13 19:32:13 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{F3AC0FED-6977-4F8C-8972-84557E521CB9}

2012-03-13 19:31:58 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{5AFA23A2-FA3D-4611-81C2-6EBC05F2DEF6}

2012-03-12 00:36:55 -------- d-----w- C:\Users\Alyssa Rasmus\.gimp-2.6

2012-03-11 23:47:55 -------- d-----w- C:\Program Files (x86)\GIMP-2.0

2012-03-11 08:43:14 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{2368C367-1557-4CEA-B91A-C75A7AEDD316}

2012-03-11 08:43:01 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{C741E5EB-4092-4F09-9DFD-C6243B7A3746}

2012-03-08 23:41:35 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{59074635-67C6-494A-8C3B-1F75FB4589EC}

2012-03-08 23:41:24 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{C9A998F0-3F6E-4671-B5EB-45FD7B3AFBD1}

2012-03-08 22:48:53 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-03-08 22:48:53 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2012-03-08 02:18:25 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{D41FC7C5-AB59-466B-BE35-030C9EC26DC9}

2012-03-08 02:18:07 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{FF7012F5-8984-4DD8-A641-14E8100C4EAC}

2012-03-07 19:07:05 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{5F59AD02-C3BE-4558-9F67-63301F3CB31F}

2012-03-07 19:06:46 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{0C91037F-90BC-4480-B6B1-683972D16B3B}

2012-03-06 20:00:08 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{5C2C316D-9311-49F6-8BED-067EDEF991CA}

2012-03-06 19:59:50 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{7FE1BFA4-C601-4EEA-A7A9-3E2BBDFA4881}

2012-03-03 21:25:29 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{66EFF46A-E077-452A-97C4-0DD3ECB92DBC}

2012-03-03 21:25:04 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{175E265B-B708-4BAB-B5CC-7C21C85579E6}

2012-03-01 19:42:27 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{49F118A4-39F2-4EE8-B4C8-C41A83084F76}

2012-03-01 19:42:15 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{C5ED8B05-8D63-4738-9118-C1B22D809ACC}

2012-03-01 00:49:38 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{56C5B22F-267A-4788-B679-D7CB2F7094DB}

2012-03-01 00:49:27 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{FCF713B4-95F4-43B3-856C-C6338E53262F}

2012-02-28 20:19:06 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{82A961AE-5C73-4BD0-8CA4-BE0557958463}

2012-02-28 20:18:54 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{A005B166-DB11-4384-AC01-D8596615642F}

2012-02-28 03:46:23 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{7BD395D9-A690-40ED-8B1B-E01E491EE19F}

2012-02-28 03:46:11 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{EDC63292-34EA-48A5-80EF-A4F9EF1B9DA1}

2012-02-26 04:24:19 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{FBA8E44B-3768-45F0-90AD-AB40000AB7BC}

2012-02-26 04:24:02 -------- d-----w- C:\Users\Alyssa Rasmus\AppData\Local\{2F5C0706-8BDA-4544-919E-AFAFEB44DFB7}

.

==================== Find3M ====================

.

2012-03-01 19:42:49 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-14 20:30:52 95544 ----a-w- C:\Windows\System32\bcmwlcoi.dll

2012-02-14 20:30:52 6656 ----a-w- C:\Windows\System32\bcmwlrc.dll

2012-02-14 20:30:52 3891200 ----a-w- C:\Windows\System32\bcmihvsrv64.dll

2012-02-14 20:30:52 3555840 ----a-w- C:\Windows\System32\bcmihvui64.dll

2012-02-14 20:30:52 3063360 ----a-w- C:\Windows\System32\drivers\BCMWL664.SYS

2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

2012-01-04 00:48:42 354176 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl

2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys

.

============= FINISH: 15:30:15.01 ===============

Attach.txt

DDS.txt

mbam-log-2012-03-25 (15-23-14).txt

Link to post
Share on other sites

:welcome:

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner»

Double-click ATF-Cleaner.exe to run the program.

Under Main choose: Select All

Click the Empty Selected button.

  • If you use Firefox browser
    Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

It's normal after running ATF cleaner that the PC will be slower to boot the first time or two.

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • It doesn't take long to run, once it is finished move onto the next step

Next:

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites

13:36:21.0700 5524 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48

13:36:22.0512 5524 ============================================================

13:36:22.0512 5524 Current date / time: 2012/04/02 13:36:22.0512

13:36:22.0512 5524 SystemInfo:

13:36:22.0512 5524

13:36:22.0512 5524 OS Version: 6.1.7601 ServicePack: 1.0

13:36:22.0512 5524 Product type: Workstation

13:36:22.0512 5524 ComputerName: ALYSSARASMUS-PC

13:36:22.0512 5524 UserName: Alyssa Rasmus

13:36:22.0512 5524 Windows directory: C:\Windows

13:36:22.0512 5524 System windows directory: C:\Windows

13:36:22.0512 5524 Running under WOW64

13:36:22.0512 5524 Processor architecture: Intel x64

13:36:22.0512 5524 Number of processors: 4

13:36:22.0512 5524 Page size: 0x1000

13:36:22.0512 5524 Boot type: Normal boot

13:36:22.0512 5524 ============================================================

13:36:23.0401 5524 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:36:23.0416 5524 \Device\Harddisk0\DR0:

13:36:23.0432 5524 MBR used

13:36:23.0432 5524 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

13:36:23.0432 5524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37E09800

13:36:23.0432 5524 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x37E6D800, BlocksNum 0x24E4800

13:36:23.0432 5524 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830

13:36:23.0666 5524 Initialize success

13:36:23.0666 5524 ============================================================

13:36:58.0095 4504 ============================================================

13:36:58.0095 4504 Scan started

13:36:58.0095 4504 Mode: Manual; SigCheck; TDLFS;

13:36:58.0095 4504 ============================================================

13:36:58.0735 4504 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:36:58.0953 4504 1394ohci - ok

13:36:59.0000 4504 Accelerometer (5aa055fe5ae506e19e9a8f537756ee10) C:\Windows\system32\DRIVERS\Accelerometer.sys

13:36:59.0062 4504 Accelerometer - ok

13:36:59.0172 4504 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:36:59.0234 4504 ACPI - ok

13:36:59.0312 4504 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:36:59.0452 4504 AcpiPmi - ok

13:36:59.0562 4504 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

13:36:59.0640 4504 adp94xx - ok

13:36:59.0733 4504 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

13:36:59.0811 4504 adpahci - ok

13:36:59.0874 4504 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

13:36:59.0905 4504 adpu320 - ok

13:36:59.0967 4504 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

13:37:00.0139 4504 AeLookupSvc - ok

13:37:00.0264 4504 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe

13:37:00.0357 4504 AESTFilters - ok

13:37:00.0513 4504 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

13:37:00.0638 4504 AFD - ok

13:37:00.0732 4504 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:37:00.0763 4504 agp440 - ok

13:37:00.0841 4504 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

13:37:00.0919 4504 ALG - ok

13:37:00.0950 4504 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:37:01.0012 4504 aliide - ok

13:37:01.0075 4504 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:37:01.0122 4504 amdide - ok

13:37:01.0200 4504 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

13:37:01.0293 4504 AmdK8 - ok

13:37:01.0309 4504 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

13:37:01.0371 4504 AmdPPM - ok

13:37:01.0434 4504 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

13:37:01.0465 4504 amdsata - ok

13:37:01.0558 4504 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

13:37:01.0605 4504 amdsbs - ok

13:37:01.0636 4504 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

13:37:01.0652 4504 amdxata - ok

13:37:01.0699 4504 AmUStor (2ebbb690068ee790c77ee4ae41ed777c) C:\Windows\system32\drivers\AmUStor.SYS

13:37:01.0808 4504 AmUStor - ok

13:37:01.0917 4504 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:37:02.0136 4504 AppID - ok

13:37:02.0214 4504 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

13:37:02.0307 4504 AppIDSvc - ok

13:37:02.0385 4504 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

13:37:02.0479 4504 Appinfo - ok

13:37:02.0572 4504 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:37:02.0588 4504 Apple Mobile Device - ok

13:37:02.0713 4504 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

13:37:02.0744 4504 arc - ok

13:37:02.0791 4504 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

13:37:02.0806 4504 arcsas - ok

13:37:02.0838 4504 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:37:02.0931 4504 AsyncMac - ok

13:37:02.0994 4504 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:37:03.0009 4504 atapi - ok

13:37:03.0134 4504 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:37:03.0259 4504 AudioEndpointBuilder - ok

13:37:03.0274 4504 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:37:03.0337 4504 AudioSrv - ok

13:37:03.0446 4504 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

13:37:03.0555 4504 AxInstSV - ok

13:37:03.0602 4504 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

13:37:03.0727 4504 b06bdrv - ok

13:37:03.0805 4504 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:37:03.0914 4504 b57nd60a - ok

13:37:04.0023 4504 BCM43XX (810be94a9e42309b3f74217ac28bc6ac) C:\Windows\system32\DRIVERS\bcmwl664.sys

13:37:04.0148 4504 BCM43XX - ok

13:37:04.0226 4504 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

13:37:04.0304 4504 BDESVC - ok

13:37:04.0351 4504 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:37:04.0444 4504 Beep - ok

13:37:04.0507 4504 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

13:37:04.0616 4504 BFE - ok

13:37:04.0912 4504 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys

13:37:04.0990 4504 BHDrvx64 - ok

13:37:05.0131 4504 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

13:37:05.0302 4504 BITS - ok

13:37:05.0396 4504 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:37:05.0458 4504 blbdrive - ok

13:37:05.0583 4504 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

13:37:05.0599 4504 Bonjour Service - ok

13:37:05.0708 4504 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:37:05.0817 4504 bowser - ok

13:37:05.0880 4504 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:37:05.0958 4504 BrFiltLo - ok

13:37:05.0989 4504 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:37:06.0020 4504 BrFiltUp - ok

13:37:06.0082 4504 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

13:37:06.0160 4504 Browser - ok

13:37:06.0238 4504 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:37:06.0285 4504 Brserid - ok

13:37:06.0332 4504 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:37:06.0379 4504 BrSerWdm - ok

13:37:06.0426 4504 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:37:06.0488 4504 BrUsbMdm - ok

13:37:06.0550 4504 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:37:06.0613 4504 BrUsbSer - ok

13:37:06.0722 4504 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

13:37:06.0831 4504 BthEnum - ok

13:37:06.0862 4504 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

13:37:06.0909 4504 BTHMODEM - ok

13:37:06.0972 4504 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

13:37:07.0034 4504 BthPan - ok

13:37:07.0128 4504 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

13:37:07.0237 4504 BTHPORT - ok

13:37:07.0315 4504 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

13:37:07.0408 4504 bthserv - ok

13:37:07.0486 4504 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

13:37:07.0533 4504 BTHUSB - ok

13:37:07.0627 4504 btwaudio (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys

13:37:07.0674 4504 btwaudio - ok

13:37:07.0736 4504 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys

13:37:07.0767 4504 btwavdt - ok

13:37:07.0861 4504 btwdins (10ffb5fa51d5713d872b41a59dfc2213) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

13:37:07.0908 4504 btwdins - ok

13:37:07.0986 4504 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys

13:37:07.0986 4504 btwl2cap - ok

13:37:08.0001 4504 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys

13:37:08.0048 4504 btwrchid - ok

13:37:08.0079 4504 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:37:08.0173 4504 cdfs - ok

13:37:08.0251 4504 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

13:37:08.0298 4504 cdrom - ok

13:37:08.0407 4504 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:37:08.0516 4504 CertPropSvc - ok

13:37:08.0563 4504 CinemaNow Service (2c24db5f78f0aca759803001e6b4f320) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

13:37:08.0594 4504 CinemaNow Service - ok

13:37:08.0656 4504 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

13:37:08.0703 4504 circlass - ok

13:37:08.0797 4504 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:37:08.0812 4504 CLFS - ok

13:37:08.0859 4504 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:37:08.0890 4504 clr_optimization_v2.0.50727_32 - ok

13:37:08.0953 4504 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:37:08.0984 4504 clr_optimization_v2.0.50727_64 - ok

13:37:09.0062 4504 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:37:09.0109 4504 clr_optimization_v4.0.30319_32 - ok

13:37:09.0156 4504 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:37:09.0234 4504 clr_optimization_v4.0.30319_64 - ok

13:37:09.0296 4504 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

13:37:09.0343 4504 CmBatt - ok

13:37:09.0405 4504 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:37:09.0421 4504 cmdide - ok

13:37:09.0499 4504 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

13:37:09.0577 4504 CNG - ok

13:37:09.0702 4504 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

13:37:09.0717 4504 Compbatt - ok

13:37:09.0764 4504 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

13:37:09.0842 4504 CompositeBus - ok

13:37:09.0873 4504 COMSysApp - ok

13:37:09.0904 4504 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

13:37:09.0951 4504 crcdisk - ok

13:37:10.0045 4504 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

13:37:10.0138 4504 CryptSvc - ok

13:37:10.0201 4504 dc3d (15c2afd86d8a58354fc100434c78b621) C:\Windows\system32\DRIVERS\dc3d.sys

13:37:10.0357 4504 dc3d - ok

13:37:10.0419 4504 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:37:10.0497 4504 DcomLaunch - ok

13:37:10.0606 4504 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

13:37:10.0778 4504 defragsvc - ok

13:37:10.0840 4504 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:37:10.0934 4504 DfsC - ok

13:37:11.0059 4504 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

13:37:11.0152 4504 Dhcp - ok

13:37:11.0199 4504 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:37:11.0230 4504 discache - ok

13:37:11.0293 4504 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

13:37:11.0355 4504 Disk - ok

13:37:11.0449 4504 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

13:37:11.0527 4504 Dnscache - ok

13:37:11.0589 4504 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

13:37:11.0714 4504 dot3svc - ok

13:37:11.0761 4504 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

13:37:11.0823 4504 DPS - ok

13:37:11.0917 4504 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:37:11.0979 4504 drmkaud - ok

13:37:12.0026 4504 DVMIO (a298aea9fca253e7eff040a08c7c6376) C:\Windows\system32\DRIVERS\dvmio.sys

13:37:12.0057 4504 DVMIO - ok

13:37:12.0151 4504 DvmMDES (b66b5b27c8c9881f90435a1f7fe370c3) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe

13:37:12.0198 4504 DvmMDES - ok

13:37:12.0307 4504 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:37:12.0354 4504 DXGKrnl - ok

13:37:12.0432 4504 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

13:37:12.0510 4504 EapHost - ok

13:37:12.0666 4504 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

13:37:12.0759 4504 ebdrv - ok

13:37:12.0837 4504 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

13:37:12.0915 4504 eeCtrl - ok

13:37:13.0009 4504 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

13:37:13.0087 4504 EFS - ok

13:37:13.0165 4504 EgisTec Service (b15b00955c4a4413b1cb3f056d65148d) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe

13:37:13.0196 4504 EgisTec Service - ok

13:37:13.0290 4504 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

13:37:13.0383 4504 ehRecvr - ok

13:37:13.0399 4504 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

13:37:13.0461 4504 ehSched - ok

13:37:13.0555 4504 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

13:37:13.0602 4504 elxstor - ok

13:37:13.0711 4504 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

13:37:13.0758 4504 EraserUtilRebootDrv - ok

13:37:13.0804 4504 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:37:13.0851 4504 ErrDev - ok

13:37:13.0945 4504 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

13:37:14.0054 4504 EventSystem - ok

13:37:14.0101 4504 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:37:14.0226 4504 exfat - ok

13:37:14.0257 4504 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:37:14.0335 4504 fastfat - ok

13:37:14.0460 4504 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

13:37:14.0522 4504 Fax - ok

13:37:14.0553 4504 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

13:37:14.0647 4504 fdc - ok

13:37:14.0725 4504 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

13:37:14.0818 4504 fdPHost - ok

13:37:14.0850 4504 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

13:37:14.0896 4504 FDResPub - ok

13:37:14.0959 4504 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:37:14.0974 4504 FileInfo - ok

13:37:14.0990 4504 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:37:15.0052 4504 Filetrace - ok

13:37:15.0146 4504 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

13:37:15.0146 4504 flpydisk - ok

13:37:15.0208 4504 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:37:15.0224 4504 FltMgr - ok

13:37:15.0349 4504 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

13:37:15.0427 4504 FontCache - ok

13:37:15.0536 4504 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:37:15.0552 4504 FontCache3.0.0.0 - ok

13:37:15.0614 4504 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:37:15.0645 4504 FsDepends - ok

13:37:15.0708 4504 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

13:37:15.0723 4504 Fs_Rec - ok

13:37:15.0786 4504 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:37:15.0817 4504 fvevol - ok

13:37:15.0848 4504 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

13:37:15.0864 4504 gagp30kx - ok

13:37:15.0926 4504 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

13:37:16.0004 4504 GEARAspiWDM - ok

13:37:16.0129 4504 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

13:37:16.0238 4504 gpsvc - ok

13:37:16.0316 4504 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:37:16.0394 4504 hcw85cir - ok

13:37:16.0456 4504 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

13:37:16.0566 4504 HdAudAddService - ok

13:37:16.0628 4504 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

13:37:16.0690 4504 HDAudBus - ok

13:37:16.0768 4504 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

13:37:16.0800 4504 HECIx64 - ok

13:37:16.0846 4504 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

13:37:16.0862 4504 HidBatt - ok

13:37:16.0893 4504 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

13:37:16.0940 4504 HidBth - ok

13:37:16.0971 4504 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

13:37:17.0034 4504 HidIr - ok

13:37:17.0096 4504 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

13:37:17.0174 4504 hidserv - ok

13:37:17.0252 4504 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

13:37:17.0268 4504 HidUsb - ok

13:37:17.0330 4504 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

13:37:17.0424 4504 hkmsvc - ok

13:37:17.0486 4504 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

13:37:17.0595 4504 HomeGroupListener - ok

13:37:17.0689 4504 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

13:37:17.0782 4504 HomeGroupProvider - ok

13:37:17.0923 4504 HP Support Assistant Service (170233b8d743efe35f462a5d516b93e3) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

13:37:17.0938 4504 HP Support Assistant Service - ok

13:37:18.0001 4504 HP Wireless Assistant Service (a2de0a67c77ebc6dfad3d55232790add) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

13:37:18.0016 4504 HP Wireless Assistant Service - ok

13:37:18.0157 4504 HPDrvMntSvc.exe (c958976c7daaf47084a33ebbc6e28b84) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

13:37:18.0266 4504 HPDrvMntSvc.exe - ok

13:37:18.0406 4504 hpdskflt (0ac88fbe4bf315f5f8fd862426c11540) C:\Windows\system32\DRIVERS\hpdskflt.sys

13:37:18.0438 4504 hpdskflt - ok

13:37:18.0625 4504 hpqwmiex (09fbd4c4db2fd84b9ab1c5bfdcc95559) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

13:37:18.0672 4504 hpqwmiex - ok

13:37:18.0921 4504 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:37:18.0937 4504 HpSAMD - ok

13:37:18.0984 4504 hpsrv (778ce2c015dec896c5c9323342bd71d4) C:\Windows\system32\Hpservice.exe

13:37:19.0015 4504 hpsrv - ok

13:37:19.0108 4504 HPWMISVC (b6492d01712a22ff3fea25a999dbd321) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

13:37:19.0140 4504 HPWMISVC ( UnsignedFile.Multi.Generic ) - warning

13:37:19.0140 4504 HPWMISVC - detected UnsignedFile.Multi.Generic (1)

13:37:19.0280 4504 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:37:19.0389 4504 HTTP - ok

13:37:19.0436 4504 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:37:19.0452 4504 hwpolicy - ok

13:37:19.0576 4504 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

13:37:19.0608 4504 i8042prt - ok

13:37:19.0654 4504 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys

13:37:19.0686 4504 iaStor - ok

13:37:19.0779 4504 IAStorDataMgrSvc (48362e5db5cb2c000c514ee1f3890acd) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

13:37:19.0795 4504 IAStorDataMgrSvc - ok

13:37:19.0935 4504 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:37:19.0966 4504 iaStorV - ok

13:37:20.0044 4504 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:37:20.0122 4504 idsvc - ok

13:37:20.0388 4504 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120330.002\IDSvia64.sys

13:37:20.0419 4504 IDSVia64 - ok

13:37:20.0668 4504 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

13:37:21.0027 4504 igfx - ok

13:37:21.0121 4504 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

13:37:21.0136 4504 iirsp - ok

13:37:21.0199 4504 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

13:37:21.0308 4504 IKEEXT - ok

13:37:21.0402 4504 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys

13:37:21.0542 4504 Impcd - ok

13:37:21.0636 4504 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys

13:37:21.0714 4504 IntcDAud - ok

13:37:21.0823 4504 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:37:21.0838 4504 intelide - ok

13:37:21.0885 4504 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:37:21.0916 4504 intelppm - ok

13:37:21.0979 4504 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

13:37:22.0041 4504 IPBusEnum - ok

13:37:22.0150 4504 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:37:22.0244 4504 IpFilterDriver - ok

13:37:22.0306 4504 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

13:37:22.0400 4504 iphlpsvc - ok

13:37:22.0447 4504 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:37:22.0494 4504 IPMIDRV - ok

13:37:22.0603 4504 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:37:22.0712 4504 IPNAT - ok

13:37:22.0884 4504 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe

13:37:22.0930 4504 iPod Service - ok

13:37:23.0040 4504 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:37:23.0164 4504 IRENUM - ok

13:37:23.0227 4504 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:37:23.0258 4504 isapnp - ok

13:37:23.0352 4504 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:37:23.0383 4504 iScsiPrt - ok

13:37:23.0414 4504 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

13:37:23.0445 4504 kbdclass - ok

13:37:23.0492 4504 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

13:37:23.0539 4504 kbdhid - ok

13:37:23.0586 4504 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:37:23.0601 4504 KeyIso - ok

13:37:23.0742 4504 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

13:37:23.0773 4504 KSecDD - ok

13:37:23.0804 4504 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

13:37:23.0835 4504 KSecPkg - ok

13:37:23.0882 4504 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:37:23.0944 4504 ksthunk - ok

13:37:23.0991 4504 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

13:37:24.0069 4504 KtmRm - ok

13:37:24.0210 4504 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

13:37:24.0288 4504 LanmanServer - ok

13:37:24.0334 4504 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

13:37:24.0397 4504 LanmanWorkstation - ok

13:37:24.0459 4504 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:37:24.0522 4504 lltdio - ok

13:37:24.0553 4504 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

13:37:24.0631 4504 lltdsvc - ok

13:37:24.0693 4504 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

13:37:24.0756 4504 lmhosts - ok

13:37:24.0834 4504 LMS (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

13:37:24.0880 4504 LMS - ok

13:37:24.0927 4504 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

13:37:24.0958 4504 LSI_FC - ok

13:37:25.0021 4504 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

13:37:25.0036 4504 LSI_SAS - ok

13:37:25.0068 4504 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:37:25.0099 4504 LSI_SAS2 - ok

13:37:25.0130 4504 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:37:25.0146 4504 LSI_SCSI - ok

13:37:25.0177 4504 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:37:25.0239 4504 luafv - ok

13:37:25.0302 4504 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

13:37:25.0380 4504 Mcx2Svc - ok

13:37:25.0473 4504 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

13:37:25.0504 4504 megasas - ok

13:37:25.0614 4504 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

13:37:25.0645 4504 MegaSR - ok

13:37:25.0738 4504 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:37:25.0848 4504 MMCSS - ok

13:37:25.0863 4504 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:37:25.0972 4504 Modem - ok

13:37:26.0082 4504 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:37:26.0144 4504 monitor - ok

13:37:26.0206 4504 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

13:37:26.0222 4504 mouclass - ok

13:37:26.0253 4504 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:37:26.0300 4504 mouhid - ok

13:37:26.0425 4504 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:37:26.0440 4504 mountmgr - ok

13:37:26.0487 4504 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:37:26.0518 4504 mpio - ok

13:37:26.0534 4504 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:37:26.0612 4504 mpsdrv - ok

13:37:26.0690 4504 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

13:37:26.0784 4504 MpsSvc - ok

13:37:26.0877 4504 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:37:26.0940 4504 MRxDAV - ok

13:37:26.0986 4504 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:37:27.0080 4504 mrxsmb - ok

13:37:27.0127 4504 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:37:27.0189 4504 mrxsmb10 - ok

13:37:27.0298 4504 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:37:27.0345 4504 mrxsmb20 - ok

13:37:27.0392 4504 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:37:27.0408 4504 msahci - ok

13:37:27.0470 4504 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:37:27.0486 4504 msdsm - ok

13:37:27.0517 4504 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

13:37:27.0564 4504 MSDTC - ok

13:37:27.0610 4504 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:37:27.0688 4504 Msfs - ok

13:37:27.0735 4504 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:37:27.0798 4504 mshidkmdf - ok

13:37:27.0844 4504 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:37:27.0891 4504 msisadrv - ok

13:37:27.0938 4504 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

13:37:28.0016 4504 MSiSCSI - ok

13:37:28.0047 4504 msiserver - ok

13:37:28.0125 4504 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:37:28.0188 4504 MSKSSRV - ok

13:37:28.0203 4504 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:37:28.0281 4504 MSPCLOCK - ok

13:37:28.0312 4504 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:37:28.0359 4504 MSPQM - ok

13:37:28.0422 4504 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:37:28.0468 4504 MsRPC - ok

13:37:28.0500 4504 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

13:37:28.0531 4504 mssmbios - ok

13:37:28.0593 4504 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:37:28.0702 4504 MSTEE - ok

13:37:28.0718 4504 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

13:37:28.0780 4504 MTConfig - ok

13:37:28.0812 4504 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:37:28.0843 4504 Mup - ok

13:37:28.0968 4504 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe

13:37:28.0999 4504 N360 - ok

13:37:29.0108 4504 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

13:37:29.0202 4504 napagent - ok

13:37:29.0280 4504 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:37:29.0326 4504 NativeWifiP - ok

13:37:29.0623 4504 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120402.002\ENG64.SYS

13:37:29.0654 4504 NAVENG - ok

13:37:29.0794 4504 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120402.002\EX64.SYS

13:37:29.0888 4504 NAVEX15 - ok

13:37:30.0013 4504 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:37:30.0060 4504 NDIS - ok

13:37:30.0091 4504 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:37:30.0153 4504 NdisCap - ok

13:37:30.0231 4504 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:37:30.0294 4504 NdisTapi - ok

13:37:30.0356 4504 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:37:30.0512 4504 Ndisuio - ok

13:37:30.0543 4504 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:37:30.0684 4504 NdisWan - ok

13:37:30.0777 4504 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:37:30.0871 4504 NDProxy - ok

13:37:30.0902 4504 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:37:30.0980 4504 NetBIOS - ok

13:37:31.0011 4504 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:37:31.0105 4504 NetBT - ok

13:37:31.0214 4504 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:37:31.0230 4504 Netlogon - ok

13:37:31.0276 4504 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

13:37:31.0370 4504 Netman - ok

13:37:31.0401 4504 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

13:37:31.0464 4504 netprofm - ok

13:37:31.0557 4504 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:37:31.0604 4504 NetTcpPortSharing - ok

13:37:31.0791 4504 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

13:37:31.0885 4504 netw5v64 - ok

13:37:31.0963 4504 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

13:37:31.0994 4504 nfrd960 - ok

13:37:32.0056 4504 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

13:37:32.0150 4504 NlaSvc - ok

13:37:32.0150 4504 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:37:32.0197 4504 Npfs - ok

13:37:32.0228 4504 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

13:37:32.0306 4504 nsi - ok

13:37:32.0337 4504 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:37:32.0384 4504 nsiproxy - ok

13:37:32.0446 4504 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:37:32.0556 4504 Ntfs - ok

13:37:32.0618 4504 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:37:32.0727 4504 Null - ok

13:37:32.0805 4504 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:37:32.0821 4504 nvraid - ok

13:37:32.0868 4504 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:37:32.0883 4504 nvstor - ok

13:37:32.0914 4504 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:37:32.0992 4504 nv_agp - ok

13:37:33.0086 4504 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:37:33.0117 4504 ohci1394 - ok

13:37:33.0195 4504 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:37:33.0258 4504 ose - ok

13:37:33.0429 4504 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

13:37:33.0601 4504 osppsvc - ok

13:37:33.0757 4504 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:37:33.0850 4504 p2pimsvc - ok

13:37:33.0882 4504 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

13:37:33.0928 4504 p2psvc - ok

13:37:33.0960 4504 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

13:37:33.0975 4504 Parport - ok

13:37:34.0022 4504 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

13:37:34.0038 4504 partmgr - ok

13:37:34.0100 4504 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

13:37:34.0162 4504 PcaSvc - ok

13:37:34.0194 4504 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:37:34.0225 4504 pci - ok

13:37:34.0240 4504 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:37:34.0256 4504 pciide - ok

13:37:34.0287 4504 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

13:37:34.0334 4504 pcmcia - ok

13:37:34.0365 4504 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:37:34.0381 4504 pcw - ok

13:37:34.0459 4504 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:37:34.0552 4504 PEAUTH - ok

13:37:34.0646 4504 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

13:37:34.0693 4504 PerfHost - ok

13:37:34.0802 4504 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

13:37:34.0911 4504 pla - ok

13:37:35.0005 4504 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

13:37:35.0192 4504 PlugPlay - ok

13:37:35.0239 4504 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

13:37:35.0286 4504 PNRPAutoReg - ok

13:37:35.0348 4504 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:37:35.0364 4504 PNRPsvc - ok

13:37:35.0410 4504 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

13:37:35.0504 4504 PolicyAgent - ok

13:37:35.0535 4504 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

13:37:35.0613 4504 Power - ok

13:37:35.0722 4504 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:37:35.0816 4504 PptpMiniport - ok

13:37:35.0847 4504 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

13:37:35.0894 4504 Processor - ok

13:37:35.0956 4504 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

13:37:36.0050 4504 ProfSvc - ok

13:37:36.0144 4504 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:37:36.0175 4504 ProtectedStorage - ok

13:37:36.0237 4504 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:37:36.0300 4504 Psched - ok

13:37:36.0362 4504 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

13:37:36.0393 4504 PxHlpa64 - ok

13:37:36.0456 4504 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

13:37:36.0534 4504 ql2300 - ok

13:37:36.0612 4504 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

13:37:36.0643 4504 ql40xx - ok

13:37:36.0690 4504 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

13:37:36.0768 4504 QWAVE - ok

13:37:36.0814 4504 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:37:36.0861 4504 QWAVEdrv - ok

13:37:36.0892 4504 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:37:36.0955 4504 RasAcd - ok

13:37:37.0048 4504 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:37:37.0142 4504 RasAgileVpn - ok

13:37:37.0173 4504 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

13:37:37.0282 4504 RasAuto - ok

13:37:37.0329 4504 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:37:37.0407 4504 Rasl2tp - ok

13:37:37.0485 4504 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

13:37:37.0594 4504 RasMan - ok

13:37:37.0672 4504 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:37:37.0750 4504 RasPppoe - ok

13:37:37.0782 4504 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:37:37.0875 4504 RasSstp - ok

13:37:37.0906 4504 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:37:38.0000 4504 rdbss - ok

13:37:38.0078 4504 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

13:37:38.0109 4504 rdpbus - ok

13:37:38.0140 4504 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:37:38.0218 4504 RDPCDD - ok

13:37:38.0250 4504 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:37:38.0312 4504 RDPENCDD - ok

13:37:38.0343 4504 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:37:38.0374 4504 RDPREFMP - ok

13:37:38.0421 4504 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

13:37:38.0562 4504 RDPWD - ok

13:37:38.0733 4504 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:37:38.0749 4504 rdyboost - ok

13:37:38.0796 4504 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

13:37:38.0889 4504 RemoteAccess - ok

13:37:38.0936 4504 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

13:37:39.0061 4504 RemoteRegistry - ok

13:37:39.0154 4504 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

13:37:39.0217 4504 RFCOMM - ok

13:37:39.0248 4504 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

13:37:39.0326 4504 RpcEptMapper - ok

13:37:39.0357 4504 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

13:37:39.0420 4504 RpcLocator - ok

13:37:39.0529 4504 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:37:39.0576 4504 RpcSs - ok

13:37:39.0685 4504 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:37:39.0778 4504 rspndr - ok

13:37:39.0841 4504 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys

13:37:39.0872 4504 RTL8167 - ok

13:37:39.0934 4504 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:37:39.0950 4504 SamSs - ok

13:37:40.0012 4504 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:37:40.0044 4504 sbp2port - ok

13:37:40.0090 4504 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

13:37:40.0231 4504 SCardSvr - ok

13:37:40.0278 4504 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:37:40.0387 4504 scfilter - ok

13:37:40.0480 4504 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

13:37:40.0590 4504 Schedule - ok

13:37:40.0668 4504 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:37:40.0730 4504 SCPolicySvc - ok

13:37:40.0855 4504 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

13:37:40.0886 4504 sdbus - ok

13:37:40.0917 4504 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

13:37:41.0011 4504 SDRSVC - ok

13:37:41.0073 4504 SeaPort (ab4a13f99be22a75046f770c23177d99) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

13:37:41.0104 4504 SeaPort - ok

13:37:41.0182 4504 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:37:41.0276 4504 secdrv - ok

13:37:41.0307 4504 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

13:37:41.0432 4504 seclogon - ok

13:37:41.0479 4504 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

13:37:41.0541 4504 SENS - ok

13:37:41.0619 4504 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

13:37:41.0697 4504 SensrSvc - ok

13:37:41.0744 4504 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

13:37:41.0775 4504 Serenum - ok

13:37:41.0806 4504 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

13:37:41.0822 4504 Serial - ok

13:37:41.0884 4504 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

13:37:41.0931 4504 sermouse - ok

13:37:42.0025 4504 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

13:37:42.0150 4504 SessionEnv - ok

13:37:42.0228 4504 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

13:37:42.0321 4504 sffdisk - ok

13:37:42.0337 4504 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:37:42.0368 4504 sffp_mmc - ok

13:37:42.0399 4504 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

13:37:42.0446 4504 sffp_sd - ok

13:37:42.0493 4504 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

13:37:42.0540 4504 sfloppy - ok

13:37:42.0618 4504 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

13:37:42.0758 4504 SharedAccess - ok

13:37:42.0914 4504 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

13:37:43.0039 4504 ShellHWDetection - ok

13:37:43.0366 4504 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:37:43.0460 4504 SiSRaid2 - ok

13:37:43.0569 4504 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

13:37:43.0600 4504 SiSRaid4 - ok

13:37:43.0850 4504 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:37:43.0959 4504 Smb - ok

13:37:44.0240 4504 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

13:37:44.0287 4504 SNMPTRAP - ok

13:37:44.0505 4504 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:37:44.0568 4504 spldr - ok

13:37:44.0848 4504 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

13:37:44.0911 4504 Spooler - ok

13:37:45.0519 4504 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

13:37:45.0753 4504 sppsvc - ok

13:37:45.0878 4504 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

13:37:45.0972 4504 sppuinotify - ok

13:37:46.0190 4504 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS

13:37:46.0268 4504 SRTSP - ok

13:37:46.0362 4504 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS

13:37:46.0377 4504 SRTSPX - ok

13:37:46.0440 4504 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:37:46.0549 4504 srv - ok

13:37:46.0658 4504 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:37:46.0736 4504 srv2 - ok

13:37:46.0830 4504 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

13:37:46.0892 4504 SrvHsfHDA - ok

13:37:47.0001 4504 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

13:37:47.0064 4504 SrvHsfV92 - ok

13:37:47.0329 4504 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

13:37:47.0360 4504 SrvHsfWinac - ok

13:37:47.0500 4504 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:37:47.0532 4504 srvnet - ok

13:37:47.0625 4504 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

13:37:47.0734 4504 SSDPSRV - ok

13:37:47.0828 4504 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

13:37:47.0906 4504 SstpSvc - ok

13:37:48.0015 4504 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe

13:37:48.0124 4504 STacSV - ok

13:37:48.0218 4504 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

13:37:48.0249 4504 stexstor - ok

13:37:48.0327 4504 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys

13:37:48.0374 4504 STHDA - ok

13:37:48.0499 4504 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

13:37:48.0546 4504 stisvc - ok

13:37:48.0592 4504 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

13:37:48.0608 4504 swenum - ok

13:37:48.0748 4504 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

13:37:48.0795 4504 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

13:37:48.0795 4504 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

13:37:48.0889 4504 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

13:37:48.0998 4504 swprv - ok

13:37:49.0201 4504 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS

13:37:49.0263 4504 SymDS - ok

13:37:49.0450 4504 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS

13:37:49.0482 4504 SymEFA - ok

13:37:49.0591 4504 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

13:37:49.0638 4504 SymEvent - ok

13:37:49.0762 4504 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS

13:37:49.0794 4504 SymIRON - ok

13:37:49.0856 4504 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS

13:37:49.0887 4504 SymNetS - ok

13:37:49.0996 4504 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys

13:37:50.0106 4504 SynTP - ok

13:37:50.0184 4504 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

13:37:50.0293 4504 SysMain - ok

13:37:50.0386 4504 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

13:37:50.0433 4504 TabletInputService - ok

13:37:50.0449 4504 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

13:37:50.0542 4504 TapiSrv - ok

13:37:50.0574 4504 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

13:37:50.0652 4504 TBS - ok

13:37:50.0761 4504 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

13:37:50.0854 4504 Tcpip - ok

13:37:51.0010 4504 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

13:37:51.0073 4504 TCPIP6 - ok

13:37:51.0120 4504 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:37:51.0213 4504 tcpipreg - ok

13:37:51.0322 4504 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:37:51.0369 4504 TDPIPE - ok

13:37:51.0416 4504 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

13:37:51.0478 4504 TDTCP - ok

13:37:51.0510 4504 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:37:51.0603 4504 tdx - ok

13:37:51.0666 4504 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

13:37:51.0681 4504 TermDD - ok

13:37:51.0759 4504 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

13:37:51.0837 4504 TermService - ok

13:37:51.0868 4504 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

13:37:51.0915 4504 Themes - ok

13:37:51.0946 4504 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:37:52.0009 4504 THREADORDER - ok

13:37:52.0024 4504 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

13:37:52.0071 4504 TrkWks - ok

13:37:52.0118 4504 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

13:37:52.0196 4504 TrustedInstaller - ok

13:37:52.0290 4504 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:37:52.0399 4504 tssecsrv - ok

13:37:52.0461 4504 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:37:52.0539 4504 TsUsbFlt - ok

13:37:52.0602 4504 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:37:52.0680 4504 tunnel - ok

13:37:52.0773 4504 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

13:37:52.0789 4504 uagp35 - ok

13:37:52.0851 4504 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:37:52.0929 4504 udfs - ok

13:37:52.0960 4504 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

13:37:53.0007 4504 UI0Detect - ok

13:37:53.0070 4504 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:37:53.0085 4504 uliagpkx - ok

13:37:53.0163 4504 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

13:37:53.0210 4504 umbus - ok

13:37:53.0241 4504 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

13:37:53.0304 4504 UmPass - ok

13:37:53.0444 4504 UNS (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

13:37:53.0522 4504 UNS - ok

13:37:53.0600 4504 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

13:37:53.0694 4504 upnphost - ok

13:37:53.0772 4504 USB28xxBGA (5f8b92c514b2189829988019923b182f) C:\Windows\system32\DRIVERS\emBDA64.sys

13:37:53.0850 4504 USB28xxBGA - ok

13:37:53.0943 4504 USB28xxOEM (44f21cdc25f1f5986d5a703bbb37b172) C:\Windows\system32\DRIVERS\emOEM64.sys

13:37:53.0990 4504 USB28xxOEM - ok

13:37:54.0052 4504 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

13:37:54.0115 4504 USBAAPL64 - ok

13:37:54.0162 4504 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:37:54.0240 4504 usbccgp - ok

13:37:54.0349 4504 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:37:54.0380 4504 usbcir - ok

13:37:54.0396 4504 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

13:37:54.0442 4504 usbehci - ok

13:37:54.0474 4504 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:37:54.0520 4504 usbhub - ok

13:37:54.0552 4504 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

13:37:54.0614 4504 usbohci - ok

13:37:54.0676 4504 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

13:37:54.0723 4504 usbprint - ok

13:37:54.0817 4504 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

13:37:54.0926 4504 usbscan - ok

13:37:54.0988 4504 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:37:55.0113 4504 USBSTOR - ok

13:37:55.0207 4504 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

13:37:55.0254 4504 usbuhci - ok

13:37:55.0363 4504 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

13:37:55.0425 4504 usbvideo - ok

13:37:55.0456 4504 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

13:37:55.0550 4504 UxSms - ok

13:37:55.0628 4504 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:37:55.0659 4504 VaultSvc - ok

13:37:55.0737 4504 vcsFPService (2662f24c7aee2a32cebdec907a5366f1) C:\Windows\system32\vcsFPService.exe

13:37:55.0800 4504 vcsFPService - ok

13:37:55.0909 4504 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:37:55.0924 4504 vdrvroot - ok

13:37:55.0971 4504 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

13:37:56.0080 4504 vds - ok

13:37:56.0127 4504 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:37:56.0190 4504 vga - ok

13:37:56.0221 4504 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:37:56.0299 4504 VgaSave - ok

13:37:56.0392 4504 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:37:56.0424 4504 vhdmp - ok

13:37:56.0470 4504 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:37:56.0502 4504 viaide - ok

13:37:56.0517 4504 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:37:56.0533 4504 volmgr - ok

13:37:56.0611 4504 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:37:56.0642 4504 volmgrx - ok

13:37:56.0704 4504 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:37:56.0751 4504 volsnap - ok

13:37:56.0845 4504 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

13:37:56.0860 4504 vsmraid - ok

13:37:57.0001 4504 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

13:37:57.0110 4504 VSS - ok

13:37:57.0157 4504 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

13:37:57.0204 4504 vwifibus - ok

13:37:57.0282 4504 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

13:37:57.0313 4504 vwififlt - ok

13:37:57.0360 4504 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

13:37:57.0438 4504 W32Time - ok

13:37:57.0484 4504 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

13:37:57.0516 4504 WacomPen - ok

13:37:57.0578 4504 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:37:57.0687 4504 WANARP - ok

13:37:57.0687 4504 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:37:57.0734 4504 Wanarpv6 - ok

13:37:57.0843 4504 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

13:37:57.0921 4504 WatAdminSvc - ok

13:37:57.0984 4504 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

13:37:58.0093 4504 wbengine - ok

13:37:58.0155 4504 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

13:37:58.0218 4504 WbioSrvc - ok

13:37:58.0264 4504 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

13:37:58.0327 4504 wcncsvc - ok

13:37:58.0374 4504 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

13:37:58.0436 4504 WcsPlugInService - ok

13:37:58.0452 4504 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

13:37:58.0467 4504 Wd - ok

13:37:58.0545 4504 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:37:58.0592 4504 Wdf01000 - ok

13:37:58.0623 4504 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:37:58.0717 4504 WdiServiceHost - ok

13:37:58.0717 4504 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:37:58.0748 4504 WdiSystemHost - ok

13:37:58.0842 4504 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

13:37:58.0904 4504 WebClient - ok

13:37:58.0935 4504 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

13:37:59.0044 4504 Wecsvc - ok

13:37:59.0076 4504 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

13:37:59.0169 4504 wercplsupport - ok

13:37:59.0200 4504 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

13:37:59.0263 4504 WerSvc - ok

13:37:59.0341 4504 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:37:59.0434 4504 WfpLwf - ok

13:37:59.0450 4504 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:37:59.0466 4504 WIMMount - ok

13:37:59.0481 4504 WinDefend - ok

13:37:59.0497 4504 WinHttpAutoProxySvc - ok

13:37:59.0544 4504 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

13:37:59.0637 4504 Winmgmt - ok

13:37:59.0746 4504 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

13:37:59.0871 4504 WinRM - ok

13:37:59.0996 4504 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys

13:38:00.0058 4504 WinUSB - ok

13:38:00.0105 4504 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

13:38:00.0152 4504 Wlansvc - ok

13:38:00.0308 4504 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

13:38:00.0355 4504 wlcrasvc - ok

13:38:00.0511 4504 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:38:00.0604 4504 wlidsvc - ok

13:38:00.0698 4504 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:38:00.0729 4504 WmiAcpi - ok

13:38:00.0792 4504 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

13:38:00.0854 4504 wmiApSrv - ok

13:38:00.0885 4504 WMPNetworkSvc - ok

13:38:00.0916 4504 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

13:38:00.0994 4504 WPCSvc - ok

13:38:01.0072 4504 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

13:38:01.0119 4504 WPDBusEnum - ok

13:38:01.0166 4504 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:38:01.0260 4504 ws2ifsl - ok

13:38:01.0291 4504 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

13:38:01.0322 4504 wscsvc - ok

13:38:01.0384 4504 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys

13:38:01.0478 4504 WSDPrintDevice - ok

13:38:01.0525 4504 WSearch - ok

13:38:01.0618 4504 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

13:38:01.0712 4504 wuauserv - ok

13:38:01.0821 4504 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:38:01.0899 4504 WudfPf - ok

13:38:01.0930 4504 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:38:01.0977 4504 WUDFRd - ok

13:38:02.0024 4504 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

13:38:02.0086 4504 wudfsvc - ok

13:38:02.0118 4504 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

13:38:02.0180 4504 WwanSvc - ok

13:38:02.0227 4504 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

13:38:02.0275 4504 yukonw7 - ok

13:38:02.0306 4504 MBR (0x1B8) (35a4fa451025305a24e864aaa8e364c9) \Device\Harddisk0\DR0

13:38:02.0337 4504 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

13:38:02.0337 4504 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

13:38:02.0384 4504 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

13:38:02.0384 4504 \Device\Harddisk0\DR0 - detected TDSS File System (1)

13:38:02.0415 4504 Boot (0x1200) (c3c5d7162cb9931e147f977736426ce4) \Device\Harddisk0\DR0\Partition0

13:38:02.0415 4504 \Device\Harddisk0\DR0\Partition0 - ok

13:38:02.0431 4504 Boot (0x1200) (02fe196921a42cbf066530155025dc49) \Device\Harddisk0\DR0\Partition1

13:38:02.0431 4504 \Device\Harddisk0\DR0\Partition1 - ok

13:38:02.0462 4504 Boot (0x1200) (f49f0702dd44480fba1865bf61cc5e72) \Device\Harddisk0\DR0\Partition2

13:38:02.0462 4504 \Device\Harddisk0\DR0\Partition2 - ok

13:38:02.0477 4504 Boot (0x1200) (580bda76ead5a172abc5dc541b1b8d90) \Device\Harddisk0\DR0\Partition3

13:38:02.0477 4504 \Device\Harddisk0\DR0\Partition3 - ok

13:38:02.0477 4504 ============================================================

13:38:02.0477 4504 Scan finished

13:38:02.0477 4504 ============================================================

13:38:02.0493 4668 Detected object count: 4

13:38:02.0493 4668 Actual detected object count: 4

13:38:39.0340 4668 HPWMISVC ( UnsignedFile.Multi.Generic ) - skipped by user

13:38:39.0340 4668 HPWMISVC ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:38:39.0340 4668 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

13:38:39.0340 4668 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:38:39.0418 4668 \Device\Harddisk0\DR0\# - copied to quarantine

13:38:39.0418 4668 \Device\Harddisk0\DR0 - copied to quarantine

13:38:39.0450 4668 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

13:38:39.0465 4668 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

13:38:39.0465 4668 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

13:38:39.0481 4668 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

13:38:39.0481 4668 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

13:38:39.0481 4668 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

13:38:39.0481 4668 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

13:38:39.0496 4668 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

13:38:39.0496 4668 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

13:38:39.0496 4668 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

13:38:39.0528 4668 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot

13:38:39.0528 4668 \Device\Harddisk0\DR0 - ok

13:38:40.0323 4668 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

13:38:40.0323 4668 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

13:38:40.0323 4668 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

13:38:52.0928 4280 Deinitialize success

Link to post
Share on other sites

14:42:03.0037 3120 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48

14:42:03.0427 3120 ============================================================

14:42:03.0427 3120 Current date / time: 2012/04/02 14:42:03.0427

14:42:03.0427 3120 SystemInfo:

14:42:03.0427 3120

14:42:03.0427 3120 OS Version: 6.1.7601 ServicePack: 1.0

14:42:03.0427 3120 Product type: Workstation

14:42:03.0427 3120 ComputerName: ALYSSARASMUS-PC

14:42:03.0427 3120 UserName: Alyssa Rasmus

14:42:03.0427 3120 Windows directory: C:\Windows

14:42:03.0427 3120 System windows directory: C:\Windows

14:42:03.0427 3120 Running under WOW64

14:42:03.0427 3120 Processor architecture: Intel x64

14:42:03.0427 3120 Number of processors: 4

14:42:03.0427 3120 Page size: 0x1000

14:42:03.0427 3120 Boot type: Normal boot

14:42:03.0427 3120 ============================================================

14:42:04.0176 3120 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

14:42:04.0176 3120 \Device\Harddisk0\DR0:

14:42:04.0176 3120 MBR used

14:42:04.0176 3120 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800

14:42:04.0176 3120 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37E09800

14:42:04.0176 3120 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x37E6D800, BlocksNum 0x24E4800

14:42:04.0176 3120 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830

14:42:04.0348 3120 Initialize success

14:42:04.0348 3120 ============================================================

14:42:12.0132 6960 ============================================================

14:42:12.0132 6960 Scan started

14:42:12.0132 6960 Mode: Manual; SigCheck; TDLFS;

14:42:12.0132 6960 ============================================================

14:42:13.0162 6960 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

14:42:13.0286 6960 1394ohci - ok

14:42:13.0364 6960 Accelerometer (5aa055fe5ae506e19e9a8f537756ee10) C:\Windows\system32\DRIVERS\Accelerometer.sys

14:42:13.0396 6960 Accelerometer - ok

14:42:13.0442 6960 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

14:42:13.0458 6960 ACPI - ok

14:42:13.0520 6960 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

14:42:13.0598 6960 AcpiPmi - ok

14:42:13.0708 6960 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

14:42:13.0739 6960 adp94xx - ok

14:42:13.0786 6960 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

14:42:13.0801 6960 adpahci - ok

14:42:13.0854 6960 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

14:42:13.0869 6960 adpu320 - ok

14:42:13.0950 6960 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

14:42:14.0066 6960 AeLookupSvc - ok

14:42:14.0187 6960 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe

14:42:14.0252 6960 AESTFilters - ok

14:42:14.0377 6960 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

14:42:14.0450 6960 AFD - ok

14:42:14.0536 6960 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

14:42:14.0557 6960 agp440 - ok

14:42:14.0584 6960 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

14:42:14.0657 6960 ALG - ok

14:42:14.0762 6960 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

14:42:14.0779 6960 aliide - ok

14:42:14.0797 6960 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

14:42:14.0813 6960 amdide - ok

14:42:14.0839 6960 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

14:42:14.0909 6960 AmdK8 - ok

14:42:14.0930 6960 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

14:42:14.0988 6960 AmdPPM - ok

14:42:15.0106 6960 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

14:42:15.0129 6960 amdsata - ok

14:42:15.0155 6960 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

14:42:15.0179 6960 amdsbs - ok

14:42:15.0201 6960 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

14:42:15.0218 6960 amdxata - ok

14:42:15.0259 6960 AmUStor (2ebbb690068ee790c77ee4ae41ed777c) C:\Windows\system32\drivers\AmUStor.SYS

14:42:15.0311 6960 AmUStor - ok

14:42:15.0422 6960 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

14:42:15.0571 6960 AppID - ok

14:42:15.0649 6960 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

14:42:15.0742 6960 AppIDSvc - ok

14:42:15.0820 6960 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

14:42:15.0883 6960 Appinfo - ok

14:42:15.0992 6960 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

14:42:16.0008 6960 Apple Mobile Device - ok

14:42:16.0113 6960 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

14:42:16.0127 6960 arc - ok

14:42:16.0159 6960 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

14:42:16.0173 6960 arcsas - ok

14:42:16.0200 6960 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

14:42:16.0279 6960 AsyncMac - ok

14:42:16.0348 6960 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

14:42:16.0365 6960 atapi - ok

14:42:16.0469 6960 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

14:42:16.0572 6960 AudioEndpointBuilder - ok

14:42:16.0582 6960 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

14:42:16.0626 6960 AudioSrv - ok

14:42:16.0698 6960 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

14:42:16.0801 6960 AxInstSV - ok

14:42:16.0898 6960 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

14:42:16.0970 6960 b06bdrv - ok

14:42:17.0057 6960 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

14:42:17.0115 6960 b57nd60a - ok

14:42:17.0222 6960 BCM43XX (810be94a9e42309b3f74217ac28bc6ac) C:\Windows\system32\DRIVERS\bcmwl664.sys

14:42:17.0312 6960 BCM43XX - ok

14:42:17.0373 6960 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

14:42:17.0410 6960 BDESVC - ok

14:42:17.0452 6960 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

14:42:17.0520 6960 Beep - ok

14:42:17.0592 6960 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

14:42:17.0683 6960 BFE - ok

14:42:17.0980 6960 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120317.002\BHDrvx64.sys

14:42:18.0021 6960 BHDrvx64 - ok

14:42:18.0115 6960 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

14:42:18.0221 6960 BITS - ok

14:42:18.0331 6960 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

14:42:18.0371 6960 blbdrive - ok

14:42:18.0482 6960 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

14:42:18.0506 6960 Bonjour Service - ok

14:42:18.0607 6960 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

14:42:18.0642 6960 bowser - ok

14:42:18.0673 6960 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

14:42:18.0750 6960 BrFiltLo - ok

14:42:18.0769 6960 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

14:42:18.0786 6960 BrFiltUp - ok

14:42:18.0884 6960 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

14:42:18.0970 6960 Browser - ok

14:42:19.0017 6960 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

14:42:19.0055 6960 Brserid - ok

14:42:19.0091 6960 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

14:42:19.0127 6960 BrSerWdm - ok

14:42:19.0209 6960 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

14:42:19.0255 6960 BrUsbMdm - ok

14:42:19.0281 6960 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

14:42:19.0314 6960 BrUsbSer - ok

14:42:19.0392 6960 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

14:42:19.0462 6960 BthEnum - ok

14:42:19.0545 6960 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

14:42:19.0590 6960 BTHMODEM - ok

14:42:19.0634 6960 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

14:42:19.0681 6960 BthPan - ok

14:42:19.0753 6960 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

14:42:19.0828 6960 BTHPORT - ok

14:42:19.0902 6960 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

14:42:19.0972 6960 bthserv - ok

14:42:20.0048 6960 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

14:42:20.0092 6960 BTHUSB - ok

14:42:20.0131 6960 btwaudio (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys

14:42:20.0149 6960 btwaudio - ok

14:42:20.0178 6960 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys

14:42:20.0190 6960 btwavdt - ok

14:42:20.0266 6960 btwdins (10ffb5fa51d5713d872b41a59dfc2213) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

14:42:20.0307 6960 btwdins - ok

14:42:20.0370 6960 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys

14:42:20.0384 6960 btwl2cap - ok

14:42:20.0403 6960 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys

14:42:20.0416 6960 btwrchid - ok

14:42:20.0450 6960 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

14:42:20.0532 6960 cdfs - ok

14:42:20.0609 6960 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

14:42:20.0649 6960 cdrom - ok

14:42:20.0752 6960 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

14:42:20.0833 6960 CertPropSvc - ok

14:42:20.0892 6960 CinemaNow Service (2c24db5f78f0aca759803001e6b4f320) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe

14:42:20.0908 6960 CinemaNow Service - ok

14:42:20.0959 6960 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

14:42:21.0006 6960 circlass - ok

14:42:21.0072 6960 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

14:42:21.0087 6960 CLFS - ok

14:42:21.0134 6960 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

14:42:21.0150 6960 clr_optimization_v2.0.50727_32 - ok

14:42:21.0197 6960 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

14:42:21.0228 6960 clr_optimization_v2.0.50727_64 - ok

14:42:21.0321 6960 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

14:42:21.0337 6960 clr_optimization_v4.0.30319_32 - ok

14:42:21.0384 6960 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

14:42:21.0399 6960 clr_optimization_v4.0.30319_64 - ok

14:42:21.0446 6960 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

14:42:21.0477 6960 CmBatt - ok

14:42:21.0524 6960 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

14:42:21.0540 6960 cmdide - ok

14:42:21.0602 6960 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

14:42:21.0633 6960 CNG - ok

14:42:21.0727 6960 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

14:42:21.0743 6960 Compbatt - ok

14:42:21.0805 6960 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

14:42:21.0852 6960 CompositeBus - ok

14:42:21.0883 6960 COMSysApp - ok

14:42:21.0899 6960 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

14:42:21.0914 6960 crcdisk - ok

14:42:22.0023 6960 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

14:42:22.0086 6960 CryptSvc - ok

14:42:22.0164 6960 dc3d (15c2afd86d8a58354fc100434c78b621) C:\Windows\system32\DRIVERS\dc3d.sys

14:42:22.0226 6960 dc3d - ok

14:42:22.0289 6960 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

14:42:22.0367 6960 DcomLaunch - ok

14:42:22.0429 6960 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

14:42:22.0507 6960 defragsvc - ok

14:42:22.0569 6960 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

14:42:22.0663 6960 DfsC - ok

14:42:22.0725 6960 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

14:42:22.0788 6960 Dhcp - ok

14:42:22.0835 6960 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

14:42:22.0913 6960 discache - ok

14:42:23.0006 6960 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

14:42:23.0037 6960 Disk - ok

14:42:23.0115 6960 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

14:42:23.0178 6960 Dnscache - ok

14:42:23.0225 6960 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

14:42:23.0287 6960 dot3svc - ok

14:42:23.0334 6960 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

14:42:23.0412 6960 DPS - ok

14:42:23.0490 6960 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

14:42:23.0521 6960 drmkaud - ok

14:42:23.0583 6960 DVMIO (a298aea9fca253e7eff040a08c7c6376) C:\Windows\system32\DRIVERS\dvmio.sys

14:42:23.0599 6960 DVMIO - ok

14:42:23.0677 6960 DvmMDES (b66b5b27c8c9881f90435a1f7fe370c3) C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe

14:42:23.0693 6960 DvmMDES - ok

14:42:23.0786 6960 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

14:42:23.0817 6960 DXGKrnl - ok

14:42:23.0895 6960 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

14:42:23.0958 6960 EapHost - ok

14:42:24.0051 6960 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

14:42:24.0145 6960 ebdrv - ok

14:42:24.0223 6960 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

14:42:24.0254 6960 eeCtrl - ok

14:42:24.0348 6960 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

14:42:24.0395 6960 EFS - ok

14:42:24.0473 6960 EgisTec Service (b15b00955c4a4413b1cb3f056d65148d) C:\Program Files (x86)\Hewlett-Packard\HP SimplePass Identity Protection\EgisService.exe

14:42:24.0504 6960 EgisTec Service - ok

14:42:24.0597 6960 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

14:42:24.0691 6960 ehRecvr - ok

14:42:24.0709 6960 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

14:42:24.0743 6960 ehSched - ok

14:42:24.0841 6960 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

14:42:24.0893 6960 elxstor - ok

14:42:24.0998 6960 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

14:42:25.0013 6960 EraserUtilRebootDrv - ok

14:42:25.0061 6960 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

14:42:25.0106 6960 ErrDev - ok

14:42:25.0195 6960 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

14:42:25.0280 6960 EventSystem - ok

14:42:25.0329 6960 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

14:42:25.0433 6960 exfat - ok

14:42:25.0450 6960 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

14:42:25.0513 6960 fastfat - ok

14:42:25.0585 6960 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

14:42:25.0656 6960 Fax - ok

14:42:25.0730 6960 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

14:42:25.0773 6960 fdc - ok

14:42:25.0809 6960 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

14:42:25.0881 6960 fdPHost - ok

14:42:25.0910 6960 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

14:42:25.0989 6960 FDResPub - ok

14:42:26.0017 6960 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

14:42:26.0028 6960 FileInfo - ok

14:42:26.0042 6960 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

14:42:26.0122 6960 Filetrace - ok

14:42:26.0198 6960 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

14:42:26.0223 6960 flpydisk - ok

14:42:26.0280 6960 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

14:42:26.0308 6960 FltMgr - ok

14:42:26.0383 6960 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

14:42:26.0460 6960 FontCache - ok

14:42:26.0568 6960 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

14:42:26.0583 6960 FontCache3.0.0.0 - ok

14:42:26.0630 6960 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

14:42:26.0646 6960 FsDepends - ok

14:42:26.0661 6960 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

14:42:26.0677 6960 Fs_Rec - ok

14:42:26.0739 6960 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

14:42:26.0771 6960 fvevol - ok

14:42:26.0802 6960 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

14:42:26.0833 6960 gagp30kx - ok

14:42:26.0864 6960 GEARAspiWDM (af4dee5531395dee72b35b36c9671fd0) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

14:42:26.0880 6960 GEARAspiWDM - ok

14:42:26.0942 6960 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

14:42:27.0020 6960 gpsvc - ok

14:42:27.0098 6960 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

14:42:27.0129 6960 hcw85cir - ok

14:42:27.0207 6960 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

14:42:27.0239 6960 HdAudAddService - ok

14:42:27.0301 6960 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

14:42:27.0348 6960 HDAudBus - ok

14:42:27.0441 6960 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

14:42:27.0457 6960 HECIx64 - ok

14:42:27.0473 6960 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

14:42:27.0519 6960 HidBatt - ok

14:42:27.0551 6960 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

14:42:27.0597 6960 HidBth - ok

14:42:27.0629 6960 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

14:42:27.0675 6960 HidIr - ok

14:42:27.0722 6960 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

14:42:27.0800 6960 hidserv - ok

14:42:27.0909 6960 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

14:42:27.0941 6960 HidUsb - ok

14:42:27.0987 6960 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

14:42:28.0065 6960 hkmsvc - ok

14:42:28.0097 6960 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

14:42:28.0175 6960 HomeGroupListener - ok

14:42:28.0237 6960 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

14:42:28.0284 6960 HomeGroupProvider - ok

14:42:28.0409 6960 HP Support Assistant Service (170233b8d743efe35f462a5d516b93e3) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

14:42:28.0424 6960 HP Support Assistant Service - ok

14:42:28.0471 6960 HP Wireless Assistant Service (a2de0a67c77ebc6dfad3d55232790add) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

14:42:28.0487 6960 HP Wireless Assistant Service - ok

14:42:28.0549 6960 HPDrvMntSvc.exe (c958976c7daaf47084a33ebbc6e28b84) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

14:42:28.0565 6960 HPDrvMntSvc.exe - ok

14:42:28.0658 6960 hpdskflt (0ac88fbe4bf315f5f8fd862426c11540) C:\Windows\system32\DRIVERS\hpdskflt.sys

14:42:28.0658 6960 hpdskflt - ok

14:42:28.0767 6960 hpqwmiex (09fbd4c4db2fd84b9ab1c5bfdcc95559) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

14:42:28.0799 6960 hpqwmiex - ok

14:42:28.0908 6960 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

14:42:28.0923 6960 HpSAMD - ok

14:42:28.0955 6960 hpsrv (778ce2c015dec896c5c9323342bd71d4) C:\Windows\system32\Hpservice.exe

14:42:28.0970 6960 hpsrv - ok

14:42:29.0064 6960 HPWMISVC (b6492d01712a22ff3fea25a999dbd321) C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

14:42:29.0079 6960 HPWMISVC ( UnsignedFile.Multi.Generic ) - warning

14:42:29.0079 6960 HPWMISVC - detected UnsignedFile.Multi.Generic (1)

14:42:29.0220 6960 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

14:42:29.0313 6960 HTTP - ok

14:42:29.0345 6960 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

14:42:29.0360 6960 hwpolicy - ok

14:42:29.0469 6960 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

14:42:29.0485 6960 i8042prt - ok

14:42:29.0532 6960 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys

14:42:29.0547 6960 iaStor - ok

14:42:29.0625 6960 IAStorDataMgrSvc (48362e5db5cb2c000c514ee1f3890acd) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

14:42:29.0625 6960 IAStorDataMgrSvc - ok

14:42:29.0750 6960 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

14:42:29.0781 6960 iaStorV - ok

14:42:29.0859 6960 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

14:42:29.0906 6960 idsvc - ok

14:42:30.0171 6960 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120330.002\IDSvia64.sys

14:42:30.0187 6960 IDSVia64 - ok

14:42:30.0437 6960 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

14:42:30.0717 6960 igfx - ok

14:42:30.0811 6960 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

14:42:30.0827 6960 iirsp - ok

14:42:30.0889 6960 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

14:42:30.0967 6960 IKEEXT - ok

14:42:31.0092 6960 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys

14:42:31.0154 6960 Impcd - ok

14:42:31.0217 6960 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys

14:42:31.0279 6960 IntcDAud - ok

14:42:31.0357 6960 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

14:42:31.0373 6960 intelide - ok

14:42:31.0451 6960 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

14:42:31.0482 6960 intelppm - ok

14:42:31.0544 6960 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

14:42:31.0622 6960 IPBusEnum - ok

14:42:31.0653 6960 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

14:42:31.0747 6960 IpFilterDriver - ok

14:42:31.0794 6960 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

14:42:31.0856 6960 iphlpsvc - ok

14:42:31.0950 6960 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

14:42:31.0981 6960 IPMIDRV - ok

14:42:32.0028 6960 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

14:42:32.0090 6960 IPNAT - ok

14:42:32.0231 6960 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe

14:42:32.0277 6960 iPod Service - ok

14:42:32.0355 6960 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

14:42:32.0465 6960 IRENUM - ok

14:42:32.0543 6960 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

14:42:32.0558 6960 isapnp - ok

14:42:32.0652 6960 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

14:42:32.0683 6960 iScsiPrt - ok

14:42:32.0745 6960 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

14:42:32.0761 6960 kbdclass - ok

14:42:32.0808 6960 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

14:42:32.0839 6960 kbdhid - ok

14:42:32.0886 6960 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:42:32.0901 6960 KeyIso - ok

14:42:32.0964 6960 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

14:42:32.0995 6960 KSecDD - ok

14:42:33.0042 6960 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

14:42:33.0057 6960 KSecPkg - ok

14:42:33.0104 6960 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

14:42:33.0167 6960 ksthunk - ok

14:42:33.0198 6960 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

14:42:33.0291 6960 KtmRm - ok

14:42:33.0385 6960 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

14:42:33.0463 6960 LanmanServer - ok

14:42:33.0541 6960 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

14:42:33.0603 6960 LanmanWorkstation - ok

14:42:33.0666 6960 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

14:42:33.0728 6960 lltdio - ok

14:42:33.0744 6960 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

14:42:33.0822 6960 lltdsvc - ok

14:42:33.0853 6960 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

14:42:33.0900 6960 lmhosts - ok

14:42:33.0978 6960 LMS (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

14:42:33.0993 6960 LMS - ok

14:42:34.0040 6960 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

14:42:34.0056 6960 LSI_FC - ok

14:42:34.0087 6960 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

14:42:34.0103 6960 LSI_SAS - ok

14:42:34.0118 6960 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

14:42:34.0134 6960 LSI_SAS2 - ok

14:42:34.0165 6960 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

14:42:34.0181 6960 LSI_SCSI - ok

14:42:34.0196 6960 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

14:42:34.0259 6960 luafv - ok

14:42:34.0321 6960 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

14:42:34.0352 6960 Mcx2Svc - ok

14:42:34.0415 6960 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

14:42:34.0430 6960 megasas - ok

14:42:34.0461 6960 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

14:42:34.0477 6960 MegaSR - ok

14:42:34.0493 6960 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:42:34.0555 6960 MMCSS - ok

14:42:34.0586 6960 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

14:42:34.0664 6960 Modem - ok

14:42:34.0727 6960 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

14:42:34.0773 6960 monitor - ok

14:42:34.0883 6960 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

14:42:34.0898 6960 mouclass - ok

14:42:34.0929 6960 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

14:42:34.0976 6960 mouhid - ok

14:42:35.0023 6960 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

14:42:35.0039 6960 mountmgr - ok

14:42:35.0085 6960 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

14:42:35.0117 6960 mpio - ok

14:42:35.0132 6960 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

14:42:35.0179 6960 mpsdrv - ok

14:42:35.0226 6960 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

14:42:35.0319 6960 MpsSvc - ok

14:42:35.0413 6960 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

14:42:35.0475 6960 MRxDAV - ok

14:42:35.0522 6960 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

14:42:35.0600 6960 mrxsmb - ok

14:42:35.0647 6960 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

14:42:35.0694 6960 mrxsmb10 - ok

14:42:35.0725 6960 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

14:42:35.0756 6960 mrxsmb20 - ok

14:42:35.0850 6960 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

14:42:35.0865 6960 msahci - ok

14:42:35.0928 6960 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

14:42:35.0943 6960 msdsm - ok

14:42:35.0975 6960 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

14:42:36.0021 6960 MSDTC - ok

14:42:36.0053 6960 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

14:42:36.0115 6960 Msfs - ok

14:42:36.0131 6960 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

14:42:36.0177 6960 mshidkmdf - ok

14:42:36.0193 6960 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

14:42:36.0193 6960 msisadrv - ok

14:42:36.0271 6960 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

14:42:36.0349 6960 MSiSCSI - ok

14:42:36.0349 6960 msiserver - ok

14:42:36.0412 6960 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

14:42:36.0458 6960 MSKSSRV - ok

14:42:36.0474 6960 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

14:42:36.0568 6960 MSPCLOCK - ok

14:42:36.0599 6960 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

14:42:36.0661 6960 MSPQM - ok

14:42:36.0770 6960 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

14:42:36.0786 6960 MsRPC - ok

14:42:36.0848 6960 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

14:42:36.0864 6960 mssmbios - ok

14:42:36.0880 6960 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

14:42:36.0973 6960 MSTEE - ok

14:42:37.0004 6960 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

14:42:37.0036 6960 MTConfig - ok

14:42:37.0067 6960 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

14:42:37.0082 6960 Mup - ok

14:42:37.0207 6960 N360 (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe

14:42:37.0223 6960 N360 - ok

14:42:37.0332 6960 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

14:42:37.0410 6960 napagent - ok

14:42:37.0504 6960 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

14:42:37.0566 6960 NativeWifiP - ok

14:42:37.0816 6960 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120402.002\ENG64.SYS

14:42:37.0831 6960 NAVENG - ok

14:42:37.0940 6960 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120402.002\EX64.SYS

14:42:37.0987 6960 NAVEX15 - ok

14:42:38.0096 6960 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

14:42:38.0143 6960 NDIS - ok

14:42:38.0174 6960 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

14:42:38.0237 6960 NdisCap - ok

14:42:38.0284 6960 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

14:42:38.0330 6960 NdisTapi - ok

14:42:38.0440 6960 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

14:42:38.0518 6960 Ndisuio - ok

14:42:38.0564 6960 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

14:42:38.0642 6960 NdisWan - ok

14:42:38.0720 6960 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

14:42:38.0767 6960 NDProxy - ok

14:42:38.0798 6960 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

14:42:38.0845 6960 NetBIOS - ok

14:42:38.0923 6960 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

14:42:39.0001 6960 NetBT - ok

14:42:39.0079 6960 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:42:39.0110 6960 Netlogon - ok

14:42:39.0157 6960 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

14:42:39.0235 6960 Netman - ok

14:42:39.0266 6960 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

14:42:39.0329 6960 netprofm - ok

14:42:39.0391 6960 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

14:42:39.0438 6960 NetTcpPortSharing - ok

14:42:39.0610 6960 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

14:42:39.0703 6960 netw5v64 - ok

14:42:39.0797 6960 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

14:42:39.0812 6960 nfrd960 - ok

14:42:39.0875 6960 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

14:42:39.0968 6960 NlaSvc - ok

14:42:39.0984 6960 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

14:42:40.0015 6960 Npfs - ok

14:42:40.0046 6960 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

14:42:40.0109 6960 nsi - ok

14:42:40.0140 6960 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

14:42:40.0171 6960 nsiproxy - ok

14:42:40.0249 6960 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

14:42:40.0327 6960 Ntfs - ok

14:42:40.0405 6960 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

14:42:40.0483 6960 Null - ok

14:42:40.0577 6960 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

14:42:40.0592 6960 nvraid - ok

14:42:40.0608 6960 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

14:42:40.0624 6960 nvstor - ok

14:42:40.0655 6960 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

14:42:40.0670 6960 nv_agp - ok

14:42:40.0717 6960 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

14:42:40.0764 6960 ohci1394 - ok

14:42:40.0826 6960 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

14:42:40.0858 6960 ose - ok

14:42:41.0014 6960 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

14:42:41.0138 6960 osppsvc - ok

14:42:41.0232 6960 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:42:41.0279 6960 p2pimsvc - ok

14:42:41.0310 6960 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

14:42:41.0341 6960 p2psvc - ok

14:42:41.0372 6960 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

14:42:41.0388 6960 Parport - ok

14:42:41.0435 6960 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

14:42:41.0466 6960 partmgr - ok

14:42:41.0528 6960 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

14:42:41.0575 6960 PcaSvc - ok

14:42:41.0622 6960 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

14:42:41.0653 6960 pci - ok

14:42:41.0669 6960 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

14:42:41.0684 6960 pciide - ok

14:42:41.0716 6960 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

14:42:41.0747 6960 pcmcia - ok

14:42:41.0778 6960 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

14:42:41.0794 6960 pcw - ok

14:42:41.0856 6960 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

14:42:41.0934 6960 PEAUTH - ok

14:42:41.0996 6960 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

14:42:42.0028 6960 PerfHost - ok

14:42:42.0168 6960 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

14:42:42.0262 6960 pla - ok

14:42:42.0355 6960 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

14:42:42.0433 6960 PlugPlay - ok

14:42:42.0449 6960 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

14:42:42.0496 6960 PNRPAutoReg - ok

14:42:42.0527 6960 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

14:42:42.0542 6960 PNRPsvc - ok

14:42:42.0589 6960 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

14:42:42.0667 6960 PolicyAgent - ok

14:42:42.0761 6960 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

14:42:42.0839 6960 Power - ok

14:42:42.0917 6960 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

14:42:42.0979 6960 PptpMiniport - ok

14:42:43.0010 6960 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

14:42:43.0057 6960 Processor - ok

14:42:43.0088 6960 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

14:42:43.0151 6960 ProfSvc - ok

14:42:43.0244 6960 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:42:43.0260 6960 ProtectedStorage - ok

14:42:43.0322 6960 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

14:42:43.0354 6960 Psched - ok

14:42:43.0432 6960 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

14:42:43.0432 6960 PxHlpa64 - ok

14:42:43.0510 6960 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

14:42:43.0572 6960 ql2300 - ok

14:42:43.0650 6960 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

14:42:43.0666 6960 ql40xx - ok

14:42:43.0697 6960 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

14:42:43.0728 6960 QWAVE - ok

14:42:43.0744 6960 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

14:42:43.0790 6960 QWAVEdrv - ok

14:42:43.0806 6960 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

14:42:43.0868 6960 RasAcd - ok

14:42:43.0900 6960 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

14:42:43.0931 6960 RasAgileVpn - ok

14:42:44.0009 6960 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

14:42:44.0071 6960 RasAuto - ok

14:42:44.0149 6960 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

14:42:44.0212 6960 Rasl2tp - ok

14:42:44.0243 6960 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

14:42:44.0290 6960 RasMan - ok

14:42:44.0321 6960 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

14:42:44.0383 6960 RasPppoe - ok

14:42:44.0477 6960 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

14:42:44.0555 6960 RasSstp - ok

14:42:44.0602 6960 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

14:42:44.0664 6960 rdbss - ok

14:42:44.0695 6960 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

14:42:44.0726 6960 rdpbus - ok

14:42:44.0758 6960 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

14:42:44.0789 6960 RDPCDD - ok

14:42:44.0867 6960 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

14:42:44.0929 6960 RDPENCDD - ok

14:42:44.0945 6960 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

14:42:44.0976 6960 RDPREFMP - ok

14:42:45.0023 6960 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

14:42:45.0085 6960 RDPWD - ok

14:42:45.0148 6960 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

14:42:45.0179 6960 rdyboost - ok

14:42:45.0194 6960 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

14:42:45.0241 6960 RemoteAccess - ok

14:42:45.0304 6960 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

14:42:45.0382 6960 RemoteRegistry - ok

14:42:45.0428 6960 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

14:42:45.0475 6960 RFCOMM - ok

14:42:45.0491 6960 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

14:42:45.0553 6960 RpcEptMapper - ok

14:42:45.0600 6960 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

14:42:45.0631 6960 RpcLocator - ok

14:42:45.0740 6960 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

14:42:45.0818 6960 RpcSs - ok

14:42:45.0870 6960 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

14:42:45.0938 6960 rspndr - ok

14:42:46.0023 6960 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys

14:42:46.0040 6960 RTL8167 - ok

14:42:46.0088 6960 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:42:46.0113 6960 SamSs - ok

14:42:46.0171 6960 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

14:42:46.0191 6960 sbp2port - ok

14:42:46.0234 6960 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

14:42:46.0304 6960 SCardSvr - ok

14:42:46.0372 6960 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

14:42:46.0453 6960 scfilter - ok

14:42:46.0557 6960 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

14:42:46.0663 6960 Schedule - ok

14:42:46.0770 6960 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

14:42:46.0820 6960 SCPolicySvc - ok

14:42:46.0897 6960 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

14:42:46.0915 6960 sdbus - ok

14:42:46.0960 6960 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

14:42:47.0041 6960 SDRSVC - ok

14:42:47.0113 6960 SeaPort (ab4a13f99be22a75046f770c23177d99) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

14:42:47.0133 6960 SeaPort - ok

14:42:47.0215 6960 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

14:42:47.0295 6960 secdrv - ok

14:42:47.0329 6960 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

14:42:47.0388 6960 seclogon - ok

14:42:47.0424 6960 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

14:42:47.0464 6960 SENS - ok

14:42:47.0480 6960 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

14:42:47.0527 6960 SensrSvc - ok

14:42:47.0542 6960 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

14:42:47.0557 6960 Serenum - ok

14:42:47.0626 6960 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

14:42:47.0654 6960 Serial - ok

14:42:47.0685 6960 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

14:42:47.0716 6960 sermouse - ok

14:42:47.0779 6960 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

14:42:47.0841 6960 SessionEnv - ok

14:42:47.0888 6960 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

14:42:47.0950 6960 sffdisk - ok

14:42:47.0966 6960 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

14:42:47.0997 6960 sffp_mmc - ok

14:42:48.0075 6960 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

14:42:48.0122 6960 sffp_sd - ok

14:42:48.0153 6960 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

14:42:48.0184 6960 sfloppy - ok

14:42:48.0215 6960 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

14:42:48.0309 6960 SharedAccess - ok

14:42:48.0356 6960 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

14:42:48.0449 6960 ShellHWDetection - ok

14:42:48.0543 6960 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

14:42:48.0574 6960 SiSRaid2 - ok

14:42:48.0605 6960 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

14:42:48.0637 6960 SiSRaid4 - ok

14:42:48.0652 6960 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

14:42:48.0730 6960 Smb - ok

14:42:48.0761 6960 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

14:42:48.0777 6960 SNMPTRAP - ok

14:42:48.0808 6960 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

14:42:48.0808 6960 spldr - ok

14:42:48.0902 6960 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

14:42:48.0964 6960 Spooler - ok

14:42:49.0058 6960 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

14:42:49.0167 6960 sppsvc - ok

14:42:49.0245 6960 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

14:42:49.0307 6960 sppuinotify - ok

14:42:49.0448 6960 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS

14:42:49.0479 6960 SRTSP - ok

14:42:49.0557 6960 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS

14:42:49.0573 6960 SRTSPX - ok

14:42:49.0635 6960 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

14:42:49.0697 6960 srv - ok

14:42:49.0791 6960 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

14:42:49.0822 6960 srv2 - ok

14:42:49.0853 6960 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS

14:42:49.0885 6960 SrvHsfHDA - ok

14:42:49.0931 6960 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

14:42:49.0994 6960 SrvHsfV92 - ok

14:42:50.0103 6960 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

14:42:50.0134 6960 SrvHsfWinac - ok

14:42:50.0181 6960 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

14:42:50.0212 6960 srvnet - ok

14:42:50.0259 6960 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

14:42:50.0353 6960 SSDPSRV - ok

14:42:50.0415 6960 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

14:42:50.0477 6960 SstpSvc - ok

14:42:50.0587 6960 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe

14:42:50.0665 6960 STacSV - ok

14:42:50.0696 6960 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

14:42:50.0727 6960 stexstor - ok

14:42:50.0852 6960 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys

14:42:50.0883 6960 STHDA - ok

14:42:50.0945 6960 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

14:42:50.0961 6960 stisvc - ok

14:42:51.0070 6960 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

14:42:51.0086 6960 swenum - ok

14:42:51.0226 6960 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

14:42:51.0273 6960 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

14:42:51.0273 6960 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

14:42:51.0367 6960 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

14:42:51.0445 6960 swprv - ok

14:42:51.0632 6960 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS

14:42:51.0647 6960 SymDS - ok

14:42:51.0725 6960 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS

14:42:51.0757 6960 SymEFA - ok

14:42:51.0866 6960 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

14:42:51.0881 6960 SymEvent - ok

14:42:52.0022 6960 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS

14:42:52.0069 6960 SymIRON - ok

14:42:52.0115 6960 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS

14:42:52.0147 6960 SymNetS - ok

14:42:52.0193 6960 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys

14:42:52.0240 6960 SynTP - ok

14:42:52.0349 6960 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

14:42:52.0443 6960 SysMain - ok

14:42:52.0474 6960 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

14:42:52.0505 6960 TabletInputService - ok

14:42:52.0568 6960 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

14:42:52.0646 6960 TapiSrv - ok

14:42:52.0693 6960 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

14:42:52.0739 6960 TBS - ok

14:42:52.0833 6960 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

14:42:52.0880 6960 Tcpip - ok

14:42:52.0973 6960 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

14:42:53.0020 6960 TCPIP6 - ok

14:42:53.0051 6960 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

14:42:53.0129 6960 tcpipreg - ok

14:42:53.0176 6960 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

14:42:53.0207 6960 TDPIPE - ok

14:42:53.0254 6960 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

14:42:53.0285 6960 TDTCP - ok

14:42:53.0332 6960 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

14:42:53.0379 6960 tdx - ok

14:42:53.0473 6960 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

14:42:53.0488 6960 TermDD - ok

14:42:53.0504 6960 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

14:42:53.0566 6960 TermService - ok

14:42:53.0597 6960 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

14:42:53.0629 6960 Themes - ok

14:42:53.0675 6960 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

14:42:53.0722 6960 THREADORDER - ok

14:42:53.0769 6960 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

14:42:53.0816 6960 TrkWks - ok

14:42:53.0878 6960 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

14:42:53.0909 6960 TrustedInstaller - ok

14:42:53.0972 6960 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

14:42:54.0034 6960 tssecsrv - ok

14:42:54.0097 6960 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

14:42:54.0128 6960 TsUsbFlt - ok

14:42:54.0237 6960 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

14:42:54.0315 6960 tunnel - ok

14:42:54.0331 6960 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

14:42:54.0346 6960 uagp35 - ok

14:42:54.0393 6960 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

14:42:54.0455 6960 udfs - ok

14:42:54.0502 6960 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

14:42:54.0518 6960 UI0Detect - ok

14:42:54.0674 6960 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

14:42:54.0705 6960 uliagpkx - ok

14:42:54.0752 6960 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

14:42:54.0783 6960 umbus - ok

14:42:54.0845 6960 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

14:42:54.0892 6960 UmPass - ok

14:42:55.0033 6960 UNS (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

14:42:55.0095 6960 UNS - ok

14:42:55.0189 6960 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

14:42:55.0267 6960 upnphost - ok

14:42:55.0345 6960 USB28xxBGA (5f8b92c514b2189829988019923b182f) C:\Windows\system32\DRIVERS\emBDA64.sys

14:42:55.0423 6960 USB28xxBGA - ok

14:42:55.0532 6960 USB28xxOEM (44f21cdc25f1f5986d5a703bbb37b172) C:\Windows\system32\DRIVERS\emOEM64.sys

14:42:55.0579 6960 USB28xxOEM - ok

14:42:55.0641 6960 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

14:42:55.0703 6960 USBAAPL64 - ok

14:42:55.0750 6960 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

14:42:55.0781 6960 usbccgp - ok

14:42:55.0891 6960 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

14:42:55.0922 6960 usbcir - ok

14:42:55.0937 6960 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

14:42:55.0969 6960 usbehci - ok

14:42:56.0015 6960 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

14:42:56.0062 6960 usbhub - ok

14:42:56.0093 6960 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

14:42:56.0140 6960 usbohci - ok

14:42:56.0171 6960 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

14:42:56.0203 6960 usbprint - ok

14:42:56.0281 6960 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

14:42:56.0327 6960 usbscan - ok

14:42:56.0374 6960 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

14:42:56.0452 6960 USBSTOR - ok

14:42:56.0515 6960 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

14:42:56.0546 6960 usbuhci - ok

14:42:56.0671 6960 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

14:42:56.0702 6960 usbvideo - ok

14:42:56.0733 6960 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

14:42:56.0811 6960 UxSms - ok

14:42:56.0842 6960 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

14:42:56.0858 6960 VaultSvc - ok

14:42:56.0920 6960 vcsFPService (2662f24c7aee2a32cebdec907a5366f1) C:\Windows\system32\vcsFPService.exe

14:42:56.0967 6960 vcsFPService - ok

14:42:57.0076 6960 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

14:42:57.0092 6960 vdrvroot - ok

14:42:57.0154 6960 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

14:42:57.0217 6960 vds - ok

14:42:57.0248 6960 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

14:42:57.0263 6960 vga - ok

14:42:57.0279 6960 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

14:42:57.0341 6960 VgaSave - ok

14:42:57.0451 6960 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

14:42:57.0466 6960 vhdmp - ok

14:42:57.0529 6960 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

14:42:57.0544 6960 viaide - ok

14:42:57.0575 6960 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

14:42:57.0591 6960 volmgr - ok

14:42:57.0653 6960 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

14:42:57.0669 6960 volmgrx - ok

14:42:57.0731 6960 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

14:42:57.0747 6960 volsnap - ok

14:42:57.0794 6960 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

14:42:57.0825 6960 vsmraid - ok

14:42:57.0950 6960 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

14:42:58.0043 6960 VSS - ok

14:42:58.0075 6960 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

14:42:58.0121 6960 vwifibus - ok

14:42:58.0199 6960 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

14:42:58.0231 6960 vwififlt - ok

14:42:58.0262 6960 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

14:42:58.0309 6960 W32Time - ok

14:42:58.0340 6960 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

14:42:58.0355 6960 WacomPen - ok

14:42:58.0418 6960 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:42:58.0480 6960 WANARP - ok

14:42:58.0480 6960 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

14:42:58.0511 6960 Wanarpv6 - ok

14:42:58.0605 6960 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

14:42:58.0667 6960 WatAdminSvc - ok

14:42:58.0792 6960 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

14:42:58.0886 6960 wbengine - ok

14:42:58.0950 6960 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

14:42:58.0984 6960 WbioSrvc - ok

14:42:59.0029 6960 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

14:42:59.0071 6960 wcncsvc - ok

14:42:59.0101 6960 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

14:42:59.0151 6960 WcsPlugInService - ok

14:42:59.0171 6960 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

14:42:59.0182 6960 Wd - ok

14:42:59.0214 6960 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

14:42:59.0238 6960 Wdf01000 - ok

14:42:59.0300 6960 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:42:59.0394 6960 WdiServiceHost - ok

14:42:59.0399 6960 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

14:42:59.0445 6960 WdiSystemHost - ok

14:42:59.0483 6960 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

14:42:59.0530 6960 WebClient - ok

14:42:59.0571 6960 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

14:42:59.0645 6960 Wecsvc - ok

14:42:59.0697 6960 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

14:42:59.0759 6960 wercplsupport - ok

14:42:59.0795 6960 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

14:42:59.0836 6960 WerSvc - ok

14:42:59.0886 6960 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

14:42:59.0936 6960 WfpLwf - ok

14:42:59.0951 6960 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

14:42:59.0967 6960 WIMMount - ok

14:42:59.0983 6960 WinDefend - ok

14:42:59.0983 6960 WinHttpAutoProxySvc - ok

14:43:00.0045 6960 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

14:43:00.0107 6960 Winmgmt - ok

14:43:00.0232 6960 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

14:43:00.0310 6960 WinRM - ok

14:43:00.0451 6960 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys

14:43:00.0497 6960 WinUSB - ok

14:43:00.0544 6960 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

14:43:00.0591 6960 Wlansvc - ok

14:43:00.0700 6960 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

14:43:00.0716 6960 wlcrasvc - ok

14:43:00.0872 6960 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

14:43:00.0950 6960 wlidsvc - ok

14:43:01.0043 6960 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

14:43:01.0075 6960 WmiAcpi - ok

14:43:01.0137 6960 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

14:43:01.0184 6960 wmiApSrv - ok

14:43:01.0215 6960 WMPNetworkSvc - ok

14:43:01.0231 6960 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

14:43:01.0309 6960 WPCSvc - ok

14:43:01.0402 6960 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

14:43:01.0418 6960 WPDBusEnum - ok

14:43:01.0449 6960 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

14:43:01.0543 6960 ws2ifsl - ok

14:43:01.0574 6960 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

14:43:01.0605 6960 wscsvc - ok

14:43:01.0667 6960 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys

14:43:01.0714 6960 WSDPrintDevice - ok

14:43:01.0730 6960 WSearch - ok

14:43:01.0808 6960 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

14:43:01.0886 6960 wuauserv - ok

14:43:01.0979 6960 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

14:43:02.0057 6960 WudfPf - ok

14:43:02.0089 6960 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

14:43:02.0135 6960 WUDFRd - ok

14:43:02.0182 6960 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

14:43:02.0213 6960 wudfsvc - ok

14:43:02.0245 6960 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

14:43:02.0276 6960 WwanSvc - ok

14:43:02.0338 6960 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

14:43:02.0354 6960 yukonw7 - ok

14:43:02.0385 6960 MBR (0x1B8) (14f805a6a3c9f9682974eec8426e7418) \Device\Harddisk0\DR0

14:43:02.0447 6960 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

14:43:02.0447 6960 \Device\Harddisk0\DR0 - detected TDSS File System (1)

14:43:02.0479 6960 Boot (0x1200) (c3c5d7162cb9931e147f977736426ce4) \Device\Harddisk0\DR0\Partition0

14:43:02.0479 6960 \Device\Harddisk0\DR0\Partition0 - ok

14:43:02.0494 6960 Boot (0x1200) (02fe196921a42cbf066530155025dc49) \Device\Harddisk0\DR0\Partition1

14:43:02.0494 6960 \Device\Harddisk0\DR0\Partition1 - ok

14:43:02.0525 6960 Boot (0x1200) (f49f0702dd44480fba1865bf61cc5e72) \Device\Harddisk0\DR0\Partition2

14:43:02.0525 6960 \Device\Harddisk0\DR0\Partition2 - ok

14:43:02.0541 6960 Boot (0x1200) (580bda76ead5a172abc5dc541b1b8d90) \Device\Harddisk0\DR0\Partition3

14:43:02.0541 6960 \Device\Harddisk0\DR0\Partition3 - ok

14:43:02.0541 6960 ============================================================

14:43:02.0541 6960 Scan finished

14:43:02.0541 6960 ============================================================

14:43:02.0557 2624 Detected object count: 3

14:43:02.0557 2624 Actual detected object count: 3

14:43:15.0775 2624 C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - copied to quarantine

14:43:15.0777 2624 HKLM\SYSTEM\ControlSet001\services\HPWMISVC - will be deleted on reboot

14:43:15.0796 2624 HKLM\SYSTEM\ControlSet002\services\HPWMISVC - will be deleted on reboot

14:43:15.0950 2624 C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - will be deleted on reboot

14:43:15.0950 2624 HPWMISVC ( UnsignedFile.Multi.Generic ) - User select action: Delete

14:43:16.0066 2624 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - copied to quarantine

14:43:16.0067 2624 HKLM\SYSTEM\ControlSet001\services\SwitchBoard - will be deleted on reboot

14:43:16.0084 2624 HKLM\SYSTEM\ControlSet002\services\SwitchBoard - will be deleted on reboot

14:43:16.0090 2624 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - will be deleted on reboot

14:43:16.0090 2624 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Delete

14:43:16.0137 2624 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

14:43:16.0157 2624 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

14:43:16.0169 2624 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

14:43:16.0179 2624 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

14:43:16.0181 2624 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

14:43:16.0184 2624 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

14:43:16.0186 2624 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

14:43:16.0189 2624 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

14:43:16.0193 2624 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

14:43:16.0196 2624 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

14:43:16.0197 2624 \Device\Harddisk0\DR0\TDLFS - deleted

14:43:16.0197 2624 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

14:43:26.0360 3244 Deinitialize success

Link to post
Share on other sites

13:38:40.0323 4668 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

13:38:40.0323 4668 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

You were only suppose to delete those 2

Run a new MBAM and we'll see if the infection is gone

Link to post
Share on other sites

It seems to be gone.

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.02.09

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Alyssa Rasmus :: ALYSSARASMUS-PC [administrator]

4/3/2012 1:51:21 PM

mbam-log-2012-04-03 (13-51-21).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 195365

Time elapsed: 5 minute(s), 24 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Link to post
Share on other sites

Good job thumbup.gif

The following will implement some cleanup procedures as well as reset System Restore points:

For XP:

  • Click START run
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

For Vista / Windows 7

  • Click START Search
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

Here's my usual all clean post

To be on the safe side, I would also change all my passwords.

This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.

Log looks good :D

  • Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week
    (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.
    Without a firewall your computer is succeptible to being hacked and taken over.
    I am very serious about this and see it happen almost every day with my clients.
    Simply using a Firewall in its default configuration can lower your risk greatly.

  • Securing Your Web Browser
    This paper will help you configure your web browser for safer internet surfing.
  • Using a secure browser plugin M86 SecureBrowsing makes it safe to search, surf and socialize online. This free browser plug-in displays security icons next to links on search engines and social networking sites like Facebook, Twitter and LinkedIn, so you'll know which pages are safe and which ones to avoid.
    •Free browser plug-in for Internet Explorer and Firefox
    •Real-time safety ratings
    •Ideal for Facebook, Twitter and LinkedIn
  • JAVA Click this link and click on the Free JAVA Download
  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.
    This will ensure your computer has always the latest security updates available installed on your computer.
    If there are new updates to install, install them immediately, reboot your computer, and revisit the site
    until there are no more critical updates.

Only run one Anti-Virus and Firewall program.

I would suggest you read:

PC Safety and Security--What Do I Need?.

How to Prevent Malware:

The full version of Malwarebytes' Anti-Malware could have helped protect your computer against this threat.

We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention

Save yourself the hassle and get protected.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.