Jump to content

Recommended Posts

I've removed what I was able to manually and from different sets of instructions I've found on the web, however I believe the infection is still there as some websites open with no problems and others I can't get to open. The problem seems to be random as well.

Any and all assistance would be appreaciated.

Thanks,

Darien

Requested log files:

DDS Log:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by chrissy at 8:34:32 on 2012-05-06

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2496 [GMT -5:00]

.

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Windows\PixArt\PAP7501\GUCI_AVS.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe

C:\Program Files\BUFFALO\Device server\Connect.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe

C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe

C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe

C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe

C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe

C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe

C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://asus.msn.com

uInternet Settings,ProxyOverride = *.local;192.168.*.*

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: MRI_DISABLED - No File

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

BHO: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - No File

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [Google Update] "C:\Users\chrissy\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun: [Mobile Connectivity Suite] "C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions

mRun: [iXL_MiddleWare] C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

StartupFolder: C:\Users\chrissy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BESTBU~1.LNK - C:\Program Files (x86)\Best Buy Software Installer\Best Buy Software Installer.exe

StartupFolder: C:\Users\chrissy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NETWOR~1.LNK - C:\Program Files (x86)\BUFFALO\Device server\Connect.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MRI_DI~1\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

Trusted Zone: pbskids.org

DPF: ActiveGS.cab - hxxp://activegs.freetoolsassociation.com/ActiveGS.cab

DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab

TCP: DhcpNameServer = 192.168.11.1

TCP: Interfaces\{05F67C82-00B4-4D9A-9EF3-BC19332973E0} : NameServer = 206.230.105.4,206.230.105.5

TCP: Interfaces\{05F67C82-00B4-4D9A-9EF3-BC19332973E0} : DhcpNameServer = 192.168.11.1

TCP: Interfaces\{05F67C82-00B4-4D9A-9EF3-BC19332973E0}\2456C6B696E6F5E4B2F5444344735303 : DhcpNameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{05F67C82-00B4-4D9A-9EF3-BC19332973E0}\46C696E6B6 : NameServer = 206.230.105.4,206.230.105.5

TCP: Interfaces\{05F67C82-00B4-4D9A-9EF3-BC19332973E0}\46C696E6B6 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{EFE48AC0-FFEB-4FAE-92E7-D4A693271A24} : DhcpNameServer = 168.94.0.15 168.94.0.14

TCP: Interfaces\{F93B70BE-C7B7-4F2B-94EA-535E85284ED4} : DhcpNameServer = 8.8.8.8 8.8.4.4

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: MRI_DISABLED - No File

BHO-X64: AcroIEHelperStub - No File

BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll

BHO-X64: Symantec NCO BHO - No File

BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

BHO-X64: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - No File

BHO-X64: NetAssistantBHO - No File

TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"

mRun-x64: [Mobile Connectivity Suite] "C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions

mRun-x64: [iXL_MiddleWare] C:\Program Files (x86)\Fisher-Price\iXL\iXL.Middleware.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120413.001\BHDrvx64.sys [2012-4-19 1160824]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120505.001\IDSviA64.sys [2012-5-5 488568]

R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS [?]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1207010.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1207010.003\SYMNETS.SYS [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccsvchst.exe [2012-4-3 130008]

R2 sxuptp;SXUPTP Driver;C:\Windows\system32\DRIVERS\sxuptp.sys --> C:\Windows\system32\DRIVERS\sxuptp.sys [?]

R3 easytether;easytether;C:\Windows\system32\DRIVERS\easytthr.sys --> C:\Windows\system32\DRIVERS\easytthr.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-2-13 138360]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]

R3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam;C:\Windows\system32\DRIVERS\GUCI_AVS.sys --> C:\Windows\system32\DRIVERS\GUCI_AVS.sys [?]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 FlyUsb;FLY Fusion;C:\Windows\system32\DRIVERS\FlyUsb.sys --> C:\Windows\system32\DRIVERS\FlyUsb.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-8-5 704864]

S3 HTCAND64;HTC Device Driver;C:\Windows\system32\Drivers\ANDROIDUSB.sys --> C:\Windows\system32\Drivers\ANDROIDUSB.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 SQTECH913D;913D Camera;C:\Windows\system32\Drivers\Capt913D.sys --> C:\Windows\system32\Drivers\Capt913D.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-05-06 03:21:12 -------- d-----w- C:\Users\chrissy\AppData\Roaming\Malwarebytes

2012-05-03 03:32:05 -------- d-----w- C:\Users\chrissy\AppData\Roaming\Motorola

2012-05-03 03:31:45 -------- d-----w- C:\Program Files\Motorola Inc

2012-04-27 20:21:16 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-04-27 20:21:16 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-04-27 04:22:08 -------- d-----w- C:\Windows\System32\SPReview

2012-04-27 04:20:21 -------- d-----w- C:\Windows\System32\EventProviders

2012-04-27 03:40:18 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services

2012-04-27 03:39:45 -------- d-----w- C:\Windows\PCHEALTH

2012-04-27 03:32:32 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2012-04-27 03:31:50 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2012-04-20 21:33:04 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-04-20 21:33:04 -------- d-----w- C:\ProgramData\Malwarebytes

2012-04-20 21:33:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-04-14 21:33:53 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-04-14 21:33:52 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-04-14 21:33:52 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-04-14 21:26:17 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2012-04-14 21:26:17 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-04-14 21:26:17 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-04-14 21:26:15 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-04-14 21:26:15 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-04-14 21:26:15 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-04-14 21:26:15 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-04-09 21:37:08 -------- d-----w- C:\Program Files\Paint.NET

2012-04-09 21:36:42 -------- d-----w- C:\Users\chrissy\AppData\Local\Paint.NET

2012-04-09 21:31:02 87552 ----a-w- C:\Windows\System32\custmon64i.dll

2012-04-09 21:30:59 -------- d-----w- C:\Program1

2012-04-09 21:30:56 -------- d-----w- C:\Users\chrissy\AppData\Local\Babylon

2012-04-09 21:30:54 -------- d-----w- C:\Program Files (x86)\FoxTabPDFCreator

2012-04-09 21:30:53 -------- d-----w- C:\Users\chrissy\AppData\Roaming\Babylon

2012-04-09 21:30:53 -------- d-----w- C:\ProgramData\Babylon

.

==================== Find3M ====================

.

2012-04-27 04:36:41 175616 ----a-w- C:\Windows\System32\msclmd.dll

2012-04-27 04:36:41 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll

2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll

2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-02-15 16:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2012-02-15 16:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll

2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2009-04-08 18:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll

2008-08-12 05:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll

.

============= FINISH: 8:35:08.88 ===============

Attach Log:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 3/20/2010 7:16:23 AM

System Uptime: 5/6/2012 8:18:43 AM (0 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K60IJ

Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz | Socket 478 | 1584/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 451 GiB total, 377.873 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP104: 4/26/2012 11:21:58 PM - Windows 7 Service Pack 1

RP105: 4/27/2012 3:22:40 PM - Windows Update

RP106: 4/28/2012 1:13:22 PM - Windows Update

RP107: 4/30/2012 4:51:23 PM - Windows Update

RP108: 4/30/2012 5:07:30 PM - Removed ShellShock:Nam'67

RP109: 4/30/2012 5:08:26 PM - Removed Passport A+

.

==== Installed Programs ======================

.

913D Camera

Acrobat.com

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Reader 9.2 MUI

Alcor Micro USB Card Reader

Apple Application Support

Apple Software Update

ASUS AI Recovery

ASUS AP Bank

ASUS CopyProtect

ASUS Data Security Manager

ASUS FancyStart

ASUS LifeFrame3

ASUS Live Update

ASUS MultiFrame

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS USB2.0 UVC VGA WebCam

ASUS Virtual Camera

ASUS_Screensaver

ATK Package

AviSynth 2.5

AVS Cover Editor 2.0.1.3

AVS Disc Creator 5

AVS Update Manager 1.0

AVS Video Converter 8

AVS4YOU Software Navigator 1.4

Best Buy pc app

Compatibility Pack for the 2007 Office system

ControlDeck

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

DVD Shrink 3.2

Fisher-Price iXL - Disney Princess

Fisher-Price iXL - Kai-lan

Fisher-Price iXL Computer Software

Free DVD ISO Maker version 1.2

Freeze.com NetAssistant

Geek Squad 24 Hour Computer Support

Google Chrome

HTC Driver Installer

HTC Sync

Intel® Control Center

Intel® Graphics Media Accelerator Driver

InterActual Player

Junk Mail filter update

Languages of the World

LeapFrog Connect

LeapFrog Tag Plugin

Logitech Harmony Remote Software

Logitech Harmony Remote Software 7

Magic ISO Maker v5.5 (build 0281)

Malwarebytes Anti-Malware version 1.61.0.1400

Microsoft Choice Guard

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Live Add-in 1.4

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

MotoHelper 2.1.32 Driver 5.4.0

MotoHelper MergeModules

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Norton Internet Security

Photo Viewer S2.5

Platform

Remote Control USB Driver

Roxio Burn

Roxio Roxio Burn

Roxio Update Manager

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)

VIA Platform Device Manager

Videora Android Converter 6

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

WinFlash

WinZip 15.0

Wireless Console 3

Yahoo! Software Update

YouTube Downloader App 3.00

.

==== End Of File ===========================

Link to post
Share on other sites

Welcome to the forum....what seems to be your concerns?

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options, they're not all bad!)

Post back the report.

MrC

Link to post
Share on other sites

MrC, Thanks for the help, here is the requested log file.

RogueKiller V7.4.3 [05/04/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: chrissy [Admin rights]

Mode: Scan -- Date: 05/06/2012 13:25:30

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 7 ¤¤¤

[sUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND

[sUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{05F67C82-00B4-4D9A-9EF3-BC19332973E0} : NameServer (206.230.105.4,206.230.105.5) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{05F67C82-00B4-4D9A-9EF3-BC19332973E0} : NameServer (206.230.105.4,206.230.105.5) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++

--- User ---

[MBR] ecfb9639bd329c89520bd3e1a1fe21e2

[bSP] 430eaf6ed8558d670d2c84579f07828f : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14997 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30716280 | Size: 461940 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

OK, please tell me what your concerns are now regarding the computer.

Lets check for rootkits.....

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg

------------------------

Click the Start Scan button.

tdss_3.jpg

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

tdss_4.jpg

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

tdss_5.jpg

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose delete.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

Link to post
Share on other sites

The primary concern was IE search page redirects and pages not loading. However that all seems to be good now. I haven't encountered the page redirects. I've scanned using the TDSSKiller and below is the log. Thanks again for the assist.

20:07:30.0116 4364 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

20:07:30.0708 4364 ============================================================

20:07:30.0708 4364 Current date / time: 2012/05/07 20:07:30.0708

20:07:30.0708 4364 SystemInfo:

20:07:30.0708 4364

20:07:30.0708 4364 OS Version: 6.1.7601 ServicePack: 1.0

20:07:30.0708 4364 Product type: Workstation

20:07:30.0708 4364 ComputerName: OWNER-PC

20:07:30.0708 4364 UserName: chrissy

20:07:30.0708 4364 Windows directory: C:\Windows

20:07:30.0708 4364 System windows directory: C:\Windows

20:07:30.0708 4364 Running under WOW64

20:07:30.0708 4364 Processor architecture: Intel x64

20:07:30.0708 4364 Number of processors: 2

20:07:30.0708 4364 Page size: 0x1000

20:07:30.0708 4364 Boot type: Normal boot

20:07:30.0708 4364 ============================================================

20:07:31.0660 4364 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:07:31.0676 4364 ============================================================

20:07:31.0676 4364 \Device\Harddisk0\DR0:

20:07:31.0676 4364 MBR partitions:

20:07:31.0676 4364 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0x3863A6B8

20:07:31.0676 4364 ============================================================

20:07:31.0722 4364 C: <-> \Device\Harddisk0\DR0\Partition0

20:07:31.0722 4364 ============================================================

20:07:31.0722 4364 Initialize success

20:07:31.0722 4364 ============================================================

20:08:12.0017 4160 ============================================================

20:08:12.0017 4160 Scan started

20:08:12.0017 4160 Mode: Manual; SigCheck; TDLFS;

20:08:12.0017 4160 ============================================================

20:08:12.0673 4160 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

20:08:12.0875 4160 1394ohci - ok

20:08:12.0953 4160 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

20:08:13.0016 4160 ACPI - ok

20:08:13.0078 4160 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

20:08:13.0156 4160 AcpiPmi - ok

20:08:13.0250 4160 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

20:08:13.0343 4160 adp94xx - ok

20:08:13.0406 4160 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

20:08:13.0484 4160 adpahci - ok

20:08:13.0515 4160 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

20:08:13.0546 4160 adpu320 - ok

20:08:13.0702 4160 ADSMService (c0bf554d2277f7a4c735d475ade2e3b2) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

20:08:13.0765 4160 ADSMService ( UnsignedFile.Multi.Generic ) - warning

20:08:13.0765 4160 ADSMService - detected UnsignedFile.Multi.Generic (1)

20:08:13.0796 4160 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

20:08:13.0967 4160 AeLookupSvc - ok

20:08:14.0014 4160 AFBAgent (2d00d3dadc1d3326ba788eb071f2726e) C:\Windows\system32\FBAgent.exe

20:08:14.0077 4160 AFBAgent - ok

20:08:14.0186 4160 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

20:08:14.0311 4160 AFD - ok

20:08:14.0373 4160 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

20:08:14.0420 4160 agp440 - ok

20:08:14.0467 4160 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

20:08:14.0513 4160 ALG - ok

20:08:14.0591 4160 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

20:08:14.0638 4160 aliide - ok

20:08:14.0654 4160 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

20:08:14.0701 4160 amdide - ok

20:08:14.0732 4160 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

20:08:14.0825 4160 AmdK8 - ok

20:08:14.0841 4160 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

20:08:14.0903 4160 AmdPPM - ok

20:08:14.0935 4160 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

20:08:14.0981 4160 amdsata - ok

20:08:15.0028 4160 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

20:08:15.0059 4160 amdsbs - ok

20:08:15.0106 4160 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

20:08:15.0169 4160 amdxata - ok

20:08:15.0247 4160 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

20:08:15.0449 4160 AppID - ok

20:08:15.0481 4160 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

20:08:15.0590 4160 AppIDSvc - ok

20:08:15.0668 4160 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

20:08:15.0746 4160 Appinfo - ok

20:08:15.0886 4160 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:08:15.0964 4160 Apple Mobile Device - ok

20:08:15.0995 4160 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

20:08:16.0042 4160 arc - ok

20:08:16.0073 4160 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

20:08:16.0105 4160 arcsas - ok

20:08:16.0151 4160 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys

20:08:16.0167 4160 AsDsm - ok

20:08:16.0245 4160 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

20:08:16.0261 4160 ASLDRService - ok

20:08:16.0276 4160 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

20:08:16.0292 4160 ASMMAP64 - ok

20:08:16.0323 4160 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

20:08:16.0432 4160 AsyncMac - ok

20:08:16.0479 4160 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

20:08:16.0541 4160 atapi - ok

20:08:16.0651 4160 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys

20:08:16.0775 4160 athr - ok

20:08:16.0869 4160 ATKGFNEXSrv (63f1212ffe13e62ca1e8d8ee19abd9a7) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

20:08:16.0885 4160 ATKGFNEXSrv - ok

20:08:17.0056 4160 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

20:08:17.0165 4160 AudioEndpointBuilder - ok

20:08:17.0181 4160 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

20:08:17.0243 4160 AudioSrv - ok

20:08:17.0399 4160 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

20:08:17.0524 4160 AxInstSV - ok

20:08:17.0618 4160 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

20:08:17.0743 4160 b06bdrv - ok

20:08:17.0805 4160 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

20:08:17.0883 4160 b57nd60a - ok

20:08:17.0930 4160 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

20:08:18.0008 4160 BDESVC - ok

20:08:18.0039 4160 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

20:08:18.0164 4160 Beep - ok

20:08:18.0273 4160 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

20:08:18.0382 4160 BFE - ok

20:08:18.0632 4160 BHDrvx64 (5b1fe9d351c284701c8051da2aa81df6) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120413.001\BHDrvx64.sys

20:08:18.0710 4160 BHDrvx64 - ok

20:08:18.0867 4160 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

20:08:19.0007 4160 BITS - ok

20:08:19.0054 4160 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

20:08:19.0101 4160 blbdrive - ok

20:08:19.0210 4160 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

20:08:19.0257 4160 Bonjour Service - ok

20:08:19.0319 4160 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

20:08:19.0397 4160 bowser - ok

20:08:19.0428 4160 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

20:08:19.0538 4160 BrFiltLo - ok

20:08:19.0538 4160 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

20:08:19.0584 4160 BrFiltUp - ok

20:08:19.0647 4160 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

20:08:19.0772 4160 Browser - ok

20:08:19.0803 4160 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

20:08:19.0865 4160 Brserid - ok

20:08:19.0865 4160 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

20:08:19.0912 4160 BrSerWdm - ok

20:08:19.0928 4160 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

20:08:19.0990 4160 BrUsbMdm - ok

20:08:19.0990 4160 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

20:08:20.0052 4160 BrUsbSer - ok

20:08:20.0068 4160 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

20:08:20.0115 4160 BTHMODEM - ok

20:08:20.0162 4160 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

20:08:20.0255 4160 bthserv - ok

20:08:20.0302 4160 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

20:08:20.0396 4160 cdfs - ok

20:08:20.0474 4160 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

20:08:20.0567 4160 cdrom - ok

20:08:20.0630 4160 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

20:08:20.0739 4160 CertPropSvc - ok

20:08:20.0770 4160 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

20:08:20.0833 4160 circlass - ok

20:08:20.0880 4160 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

20:08:20.0927 4160 CLFS - ok

20:08:20.0974 4160 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:08:21.0021 4160 clr_optimization_v2.0.50727_32 - ok

20:08:21.0067 4160 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

20:08:21.0114 4160 clr_optimization_v2.0.50727_64 - ok

20:08:21.0208 4160 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

20:08:21.0270 4160 clr_optimization_v4.0.30319_32 - ok

20:08:21.0333 4160 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

20:08:21.0364 4160 clr_optimization_v4.0.30319_64 - ok

20:08:21.0395 4160 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

20:08:21.0457 4160 CmBatt - ok

20:08:21.0489 4160 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

20:08:21.0535 4160 cmdide - ok

20:08:21.0613 4160 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

20:08:21.0707 4160 CNG - ok

20:08:21.0769 4160 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

20:08:21.0785 4160 Compbatt - ok

20:08:21.0863 4160 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

20:08:21.0925 4160 CompositeBus - ok

20:08:21.0957 4160 COMSysApp - ok

20:08:21.0972 4160 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

20:08:22.0019 4160 crcdisk - ok

20:08:22.0097 4160 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

20:08:22.0159 4160 CryptSvc - ok

20:08:22.0237 4160 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

20:08:22.0347 4160 DcomLaunch - ok

20:08:22.0393 4160 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

20:08:22.0518 4160 defragsvc - ok

20:08:22.0565 4160 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

20:08:22.0659 4160 DfsC - ok

20:08:22.0721 4160 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

20:08:22.0815 4160 Dhcp - ok

20:08:22.0846 4160 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

20:08:22.0924 4160 discache - ok

20:08:22.0971 4160 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

20:08:22.0986 4160 Disk - ok

20:08:23.0064 4160 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

20:08:23.0158 4160 Dnscache - ok

20:08:23.0236 4160 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

20:08:23.0329 4160 dot3svc - ok

20:08:23.0392 4160 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

20:08:23.0470 4160 DPS - ok

20:08:23.0501 4160 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

20:08:23.0548 4160 drmkaud - ok

20:08:23.0657 4160 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

20:08:23.0735 4160 DXGKrnl - ok

20:08:23.0782 4160 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

20:08:23.0860 4160 EapHost - ok

20:08:23.0907 4160 easytether (1d69a83033930c20583d608c622ca56b) C:\Windows\system32\DRIVERS\easytthr.sys

20:08:23.0922 4160 easytether - ok

20:08:24.0125 4160 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

20:08:24.0297 4160 ebdrv - ok

20:08:24.0421 4160 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

20:08:24.0468 4160 eeCtrl - ok

20:08:24.0577 4160 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

20:08:24.0687 4160 EFS - ok

20:08:24.0796 4160 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

20:08:24.0889 4160 ehRecvr - ok

20:08:24.0936 4160 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

20:08:24.0999 4160 ehSched - ok

20:08:25.0092 4160 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

20:08:25.0139 4160 elxstor - ok

20:08:25.0264 4160 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

20:08:25.0279 4160 EraserUtilRebootDrv - ok

20:08:25.0326 4160 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

20:08:25.0373 4160 ErrDev - ok

20:08:25.0435 4160 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys

20:08:25.0482 4160 ETD - ok

20:08:25.0529 4160 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

20:08:25.0623 4160 EventSystem - ok

20:08:25.0654 4160 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

20:08:25.0763 4160 exfat - ok

20:08:25.0794 4160 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

20:08:25.0872 4160 fastfat - ok

20:08:25.0966 4160 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

20:08:26.0106 4160 Fax - ok

20:08:26.0137 4160 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

20:08:26.0169 4160 fdc - ok

20:08:26.0231 4160 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

20:08:26.0293 4160 fdPHost - ok

20:08:26.0309 4160 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

20:08:26.0387 4160 FDResPub - ok

20:08:26.0434 4160 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

20:08:26.0449 4160 FileInfo - ok

20:08:26.0481 4160 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

20:08:26.0574 4160 Filetrace - ok

20:08:26.0590 4160 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

20:08:26.0621 4160 flpydisk - ok

20:08:26.0699 4160 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

20:08:26.0746 4160 FltMgr - ok

20:08:26.0793 4160 FlyUsb (6cd6bb45bd3e0eef6ce496bf52854ff1) C:\Windows\system32\DRIVERS\FlyUsb.sys

20:08:26.0886 4160 FlyUsb - ok

20:08:27.0011 4160 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

20:08:27.0151 4160 FontCache - ok

20:08:27.0229 4160 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:08:27.0261 4160 FontCache3.0.0.0 - ok

20:08:27.0276 4160 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

20:08:27.0307 4160 FsDepends - ok

20:08:27.0339 4160 fssfltr (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys

20:08:27.0370 4160 fssfltr - ok

20:08:27.0463 4160 fsssvc (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

20:08:27.0541 4160 fsssvc - ok

20:08:27.0604 4160 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

20:08:27.0635 4160 Fs_Rec - ok

20:08:27.0713 4160 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

20:08:27.0791 4160 fvevol - ok

20:08:27.0822 4160 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

20:08:27.0838 4160 gagp30kx - ok

20:08:27.0931 4160 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

20:08:27.0963 4160 GEARAspiWDM - ok

20:08:28.0056 4160 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

20:08:28.0212 4160 gpsvc - ok

20:08:28.0306 4160 GUCI_AVS (5f1cf2ae2c2e14b0266e70c4960998c6) C:\Windows\system32\DRIVERS\GUCI_AVS.sys

20:08:28.0384 4160 GUCI_AVS - ok

20:08:28.0399 4160 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

20:08:28.0477 4160 hcw85cir - ok

20:08:28.0555 4160 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

20:08:28.0649 4160 HdAudAddService - ok

20:08:28.0727 4160 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

20:08:28.0821 4160 HDAudBus - ok

20:08:28.0867 4160 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

20:08:28.0914 4160 HidBatt - ok

20:08:28.0930 4160 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

20:08:28.0961 4160 HidBth - ok

20:08:28.0961 4160 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

20:08:29.0023 4160 HidIr - ok

20:08:29.0070 4160 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

20:08:29.0148 4160 hidserv - ok

20:08:29.0211 4160 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

20:08:29.0257 4160 HidUsb - ok

20:08:29.0320 4160 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

20:08:29.0398 4160 hkmsvc - ok

20:08:29.0445 4160 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

20:08:29.0538 4160 HomeGroupListener - ok

20:08:29.0601 4160 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

20:08:29.0647 4160 HomeGroupProvider - ok

20:08:29.0694 4160 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

20:08:29.0757 4160 HpSAMD - ok

20:08:29.0788 4160 HTCAND64 (cf44b25ae808765d7308f412ad492ddb) C:\Windows\system32\Drivers\ANDROIDUSB.sys

20:08:29.0850 4160 HTCAND64 - ok

20:08:29.0991 4160 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

20:08:30.0084 4160 HTTP - ok

20:08:30.0147 4160 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

20:08:30.0193 4160 hwpolicy - ok

20:08:30.0256 4160 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

20:08:30.0303 4160 i8042prt - ok

20:08:30.0427 4160 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys

20:08:30.0459 4160 iaStor - ok

20:08:30.0537 4160 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

20:08:30.0583 4160 iaStorV - ok

20:08:30.0724 4160 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

20:08:30.0802 4160 idsvc - ok

20:08:30.0989 4160 IDSVia64 (4e9e0e5a3b0efeb27491c26be1d97fda) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120507.001\IDSvia64.sys

20:08:31.0036 4160 IDSVia64 - ok

20:08:32.0081 4160 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

20:08:32.0502 4160 igfx - ok

20:08:32.0611 4160 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

20:08:32.0643 4160 iirsp - ok

20:08:32.0736 4160 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

20:08:32.0861 4160 IKEEXT - ok

20:08:32.0908 4160 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

20:08:32.0939 4160 intelide - ok

20:08:32.0970 4160 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

20:08:33.0017 4160 intelppm - ok

20:08:33.0048 4160 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

20:08:33.0126 4160 IPBusEnum - ok

20:08:33.0173 4160 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:08:33.0282 4160 IpFilterDriver - ok

20:08:33.0345 4160 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

20:08:33.0454 4160 iphlpsvc - ok

20:08:33.0501 4160 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

20:08:33.0547 4160 IPMIDRV - ok

20:08:33.0594 4160 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

20:08:33.0657 4160 IPNAT - ok

20:08:33.0797 4160 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

20:08:33.0891 4160 iPod Service - ok

20:08:33.0922 4160 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

20:08:34.0015 4160 IRENUM - ok

20:08:34.0062 4160 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

20:08:34.0093 4160 isapnp - ok

20:08:34.0140 4160 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

20:08:34.0203 4160 iScsiPrt - ok

20:08:34.0249 4160 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

20:08:34.0296 4160 kbdclass - ok

20:08:34.0359 4160 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

20:08:34.0421 4160 kbdhid - ok

20:08:34.0468 4160 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

20:08:34.0483 4160 kbfiltr - ok

20:08:34.0530 4160 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

20:08:34.0561 4160 KeyIso - ok

20:08:34.0608 4160 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

20:08:34.0639 4160 KSecDD - ok

20:08:34.0702 4160 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

20:08:34.0733 4160 KSecPkg - ok

20:08:34.0764 4160 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

20:08:34.0858 4160 ksthunk - ok

20:08:34.0889 4160 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

20:08:35.0029 4160 KtmRm - ok

20:08:35.0076 4160 L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys

20:08:35.0139 4160 L1E - ok

20:08:35.0217 4160 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

20:08:35.0326 4160 LanmanServer - ok

20:08:35.0373 4160 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

20:08:35.0466 4160 LanmanWorkstation - ok

20:08:35.0856 4160 LeapFrog Connect Device Service (24a7d535bd9e58e5bc1ac52ef7e2ec8e) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

20:08:36.0090 4160 LeapFrog Connect Device Service - ok

20:08:36.0730 4160 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

20:08:36.0808 4160 lltdio - ok

20:08:36.0855 4160 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

20:08:36.0979 4160 lltdsvc - ok

20:08:36.0995 4160 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

20:08:37.0057 4160 lmhosts - ok

20:08:37.0120 4160 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

20:08:37.0151 4160 LSI_FC - ok

20:08:37.0167 4160 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

20:08:37.0213 4160 LSI_SAS - ok

20:08:37.0229 4160 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

20:08:37.0245 4160 LSI_SAS2 - ok

20:08:37.0260 4160 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

20:08:37.0291 4160 LSI_SCSI - ok

20:08:37.0323 4160 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

20:08:37.0385 4160 luafv - ok

20:08:37.0432 4160 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys

20:08:37.0447 4160 lullaby - ok

20:08:37.0494 4160 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

20:08:37.0541 4160 Mcx2Svc - ok

20:08:37.0650 4160 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

20:08:37.0681 4160 MDM - ok

20:08:37.0713 4160 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

20:08:37.0728 4160 megasas - ok

20:08:37.0775 4160 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

20:08:37.0822 4160 MegaSR - ok

20:08:37.0900 4160 Microsoft SharePoint Workspace Audit Service - ok

20:08:37.0947 4160 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

20:08:38.0025 4160 MMCSS - ok

20:08:38.0071 4160 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

20:08:38.0134 4160 Modem - ok

20:08:38.0165 4160 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

20:08:38.0196 4160 monitor - ok

20:08:38.0290 4160 MotoHelper (9dfd34e6841c460b5d992a1c5327ae69) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

20:08:38.0321 4160 MotoHelper - ok

20:08:38.0383 4160 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

20:08:38.0415 4160 mouclass - ok

20:08:38.0446 4160 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

20:08:38.0493 4160 mouhid - ok

20:08:38.0539 4160 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

20:08:38.0555 4160 mountmgr - ok

20:08:38.0617 4160 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

20:08:38.0649 4160 mpio - ok

20:08:38.0664 4160 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

20:08:38.0742 4160 mpsdrv - ok

20:08:38.0836 4160 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

20:08:38.0945 4160 MpsSvc - ok

20:08:39.0007 4160 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

20:08:39.0070 4160 MRxDAV - ok

20:08:39.0132 4160 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

20:08:39.0210 4160 mrxsmb - ok

20:08:39.0273 4160 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:08:39.0366 4160 mrxsmb10 - ok

20:08:39.0413 4160 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:08:39.0444 4160 mrxsmb20 - ok

20:08:39.0491 4160 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

20:08:39.0522 4160 msahci - ok

20:08:39.0569 4160 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

20:08:39.0600 4160 msdsm - ok

20:08:39.0631 4160 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

20:08:39.0678 4160 MSDTC - ok

20:08:39.0725 4160 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

20:08:39.0803 4160 Msfs - ok

20:08:39.0803 4160 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

20:08:39.0881 4160 mshidkmdf - ok

20:08:39.0912 4160 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

20:08:39.0943 4160 msisadrv - ok

20:08:39.0975 4160 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

20:08:40.0068 4160 MSiSCSI - ok

20:08:40.0068 4160 msiserver - ok

20:08:40.0115 4160 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

20:08:40.0177 4160 MSKSSRV - ok

20:08:40.0193 4160 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

20:08:40.0255 4160 MSPCLOCK - ok

20:08:40.0271 4160 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

20:08:40.0349 4160 MSPQM - ok

20:08:40.0411 4160 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

20:08:40.0474 4160 MsRPC - ok

20:08:40.0536 4160 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

20:08:40.0567 4160 mssmbios - ok

20:08:40.0614 4160 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

20:08:40.0692 4160 MSTEE - ok

20:08:40.0692 4160 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

20:08:40.0723 4160 MTConfig - ok

20:08:40.0755 4160 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys

20:08:40.0770 4160 MTsensor - ok

20:08:40.0786 4160 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

20:08:40.0817 4160 Mup - ok

20:08:40.0895 4160 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

20:08:40.0989 4160 napagent - ok

20:08:41.0051 4160 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

20:08:41.0129 4160 NativeWifiP - ok

20:08:41.0285 4160 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120506.006\ENG64.SYS

20:08:41.0316 4160 NAVENG - ok

20:08:41.0457 4160 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120506.006\EX64.SYS

20:08:41.0597 4160 NAVEX15 - ok

20:08:41.0847 4160 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

20:08:41.0940 4160 NDIS - ok

20:08:42.0003 4160 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

20:08:42.0065 4160 NdisCap - ok

20:08:42.0096 4160 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

20:08:42.0143 4160 NdisTapi - ok

20:08:42.0205 4160 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

20:08:42.0299 4160 Ndisuio - ok

20:08:42.0346 4160 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

20:08:42.0408 4160 NdisWan - ok

20:08:42.0471 4160 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

20:08:42.0517 4160 NDProxy - ok

20:08:42.0549 4160 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

20:08:42.0627 4160 NetBIOS - ok

20:08:42.0673 4160 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

20:08:42.0767 4160 NetBT - ok

20:08:42.0814 4160 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

20:08:42.0845 4160 Netlogon - ok

20:08:42.0907 4160 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

20:08:43.0017 4160 Netman - ok

20:08:43.0048 4160 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

20:08:43.0157 4160 netprofm - ok

20:08:43.0219 4160 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:08:43.0251 4160 NetTcpPortSharing - ok

20:08:43.0282 4160 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

20:08:43.0313 4160 nfrd960 - ok

20:08:43.0453 4160 NIS (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe

20:08:43.0485 4160 NIS - ok

20:08:43.0563 4160 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

20:08:43.0641 4160 NlaSvc - ok

20:08:43.0687 4160 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

20:08:43.0750 4160 Npfs - ok

20:08:43.0781 4160 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

20:08:43.0859 4160 nsi - ok

20:08:43.0875 4160 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

20:08:43.0968 4160 nsiproxy - ok

20:08:44.0109 4160 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

20:08:44.0233 4160 Ntfs - ok

20:08:44.0343 4160 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

20:08:44.0436 4160 Null - ok

20:08:44.0499 4160 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

20:08:44.0561 4160 nvraid - ok

20:08:44.0608 4160 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

20:08:44.0655 4160 nvstor - ok

20:08:44.0686 4160 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

20:08:44.0717 4160 nv_agp - ok

20:08:44.0779 4160 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

20:08:44.0826 4160 ohci1394 - ok

20:08:44.0935 4160 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:08:44.0967 4160 ose - ok

20:08:45.0357 4160 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

20:08:45.0591 4160 osppsvc - ok

20:08:45.0715 4160 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

20:08:45.0809 4160 p2pimsvc - ok

20:08:45.0840 4160 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

20:08:45.0903 4160 p2psvc - ok

20:08:45.0949 4160 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

20:08:45.0981 4160 Parport - ok

20:08:46.0027 4160 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

20:08:46.0059 4160 partmgr - ok

20:08:46.0105 4160 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

20:08:46.0152 4160 PcaSvc - ok

20:08:46.0215 4160 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

20:08:46.0246 4160 pci - ok

20:08:46.0261 4160 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

20:08:46.0293 4160 pciide - ok

20:08:46.0339 4160 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

20:08:46.0402 4160 pcmcia - ok

20:08:46.0417 4160 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

20:08:46.0449 4160 pcw - ok

20:08:46.0495 4160 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

20:08:46.0620 4160 PEAUTH - ok

20:08:46.0698 4160 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

20:08:46.0761 4160 PerfHost - ok

20:08:46.0901 4160 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

20:08:47.0010 4160 pla - ok

20:08:47.0088 4160 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

20:08:47.0244 4160 PlugPlay - ok

20:08:47.0275 4160 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

20:08:47.0338 4160 PNRPAutoReg - ok

20:08:47.0369 4160 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

20:08:47.0416 4160 PNRPsvc - ok

20:08:47.0478 4160 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

20:08:47.0587 4160 PolicyAgent - ok

20:08:47.0634 4160 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

20:08:47.0728 4160 Power - ok

20:08:47.0821 4160 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

20:08:47.0915 4160 PptpMiniport - ok

20:08:47.0946 4160 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

20:08:48.0009 4160 Processor - ok

20:08:48.0071 4160 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

20:08:48.0165 4160 ProfSvc - ok

20:08:48.0243 4160 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

20:08:48.0274 4160 ProtectedStorage - ok

20:08:48.0336 4160 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

20:08:48.0430 4160 Psched - ok

20:08:48.0477 4160 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

20:08:48.0492 4160 PxHlpa64 - ok

20:08:48.0601 4160 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

20:08:48.0711 4160 ql2300 - ok

20:08:48.0835 4160 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

20:08:48.0867 4160 ql40xx - ok

20:08:48.0898 4160 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

20:08:48.0976 4160 QWAVE - ok

20:08:48.0991 4160 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

20:08:49.0038 4160 QWAVEdrv - ok

20:08:49.0054 4160 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

20:08:49.0116 4160 RasAcd - ok

20:08:49.0179 4160 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

20:08:49.0225 4160 RasAgileVpn - ok

20:08:49.0257 4160 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

20:08:49.0335 4160 RasAuto - ok

20:08:49.0397 4160 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

20:08:49.0475 4160 Rasl2tp - ok

20:08:49.0537 4160 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

20:08:49.0647 4160 RasMan - ok

20:08:49.0693 4160 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

20:08:49.0787 4160 RasPppoe - ok

20:08:49.0803 4160 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

20:08:49.0881 4160 RasSstp - ok

20:08:49.0943 4160 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

20:08:50.0037 4160 rdbss - ok

20:08:50.0083 4160 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

20:08:50.0115 4160 rdpbus - ok

20:08:50.0130 4160 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

20:08:50.0193 4160 RDPCDD - ok

20:08:50.0224 4160 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

20:08:50.0317 4160 RDPENCDD - ok

20:08:50.0349 4160 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

20:08:50.0411 4160 RDPREFMP - ok

20:08:50.0473 4160 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

20:08:50.0567 4160 RDPWD - ok

20:08:50.0629 4160 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

20:08:50.0692 4160 rdyboost - ok

20:08:50.0739 4160 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

20:08:50.0848 4160 RemoteAccess - ok

20:08:50.0879 4160 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

20:08:51.0004 4160 RemoteRegistry - ok

20:08:51.0019 4160 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

20:08:51.0113 4160 RpcEptMapper - ok

20:08:51.0144 4160 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

20:08:51.0175 4160 RpcLocator - ok

20:08:51.0238 4160 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

20:08:51.0316 4160 RpcSs - ok

20:08:51.0331 4160 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

20:08:51.0441 4160 rspndr - ok

20:08:51.0487 4160 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

20:08:51.0519 4160 SamSs - ok

20:08:51.0565 4160 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

20:08:51.0612 4160 sbp2port - ok

20:08:51.0659 4160 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

20:08:51.0799 4160 SCardSvr - ok

20:08:51.0862 4160 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

20:08:51.0955 4160 scfilter - ok

20:08:52.0049 4160 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

20:08:52.0174 4160 Schedule - ok

20:08:52.0221 4160 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

20:08:52.0299 4160 SCPolicySvc - ok

20:08:52.0361 4160 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

20:08:52.0439 4160 SDRSVC - ok

20:08:52.0517 4160 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

20:08:52.0611 4160 secdrv - ok

20:08:52.0642 4160 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

20:08:52.0767 4160 seclogon - ok

20:08:52.0798 4160 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

20:08:52.0891 4160 SENS - ok

20:08:52.0907 4160 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

20:08:52.0969 4160 SensrSvc - ok

20:08:53.0001 4160 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

20:08:53.0047 4160 Serenum - ok

20:08:53.0079 4160 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

20:08:53.0125 4160 Serial - ok

20:08:53.0203 4160 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

20:08:53.0250 4160 sermouse - ok

20:08:53.0313 4160 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

20:08:53.0406 4160 SessionEnv - ok

20:08:53.0453 4160 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

20:08:53.0500 4160 sffdisk - ok

20:08:53.0531 4160 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

20:08:53.0578 4160 sffp_mmc - ok

20:08:53.0593 4160 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

20:08:53.0640 4160 sffp_sd - ok

20:08:53.0671 4160 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

20:08:53.0718 4160 sfloppy - ok

20:08:53.0796 4160 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

20:08:53.0890 4160 SharedAccess - ok

20:08:53.0968 4160 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

20:08:54.0061 4160 ShellHWDetection - ok

20:08:54.0093 4160 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

20:08:54.0155 4160 SiSGbeLH - ok

20:08:54.0186 4160 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

20:08:54.0217 4160 SiSRaid2 - ok

20:08:54.0233 4160 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

20:08:54.0249 4160 SiSRaid4 - ok

20:08:54.0264 4160 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

20:08:54.0327 4160 Smb - ok

20:08:54.0389 4160 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

20:08:54.0420 4160 SNMPTRAP - ok

20:08:54.0451 4160 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

20:08:54.0467 4160 spldr - ok

20:08:54.0545 4160 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

20:08:54.0639 4160 Spooler - ok

20:08:54.0873 4160 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

20:08:55.0075 4160 sppsvc - ok

20:08:55.0185 4160 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

20:08:55.0294 4160 sppuinotify - ok

20:08:55.0387 4160 SQTECH913D (a0712c312fff234801693722f65f9436) C:\Windows\system32\Drivers\Capt913D.sys

20:08:55.0434 4160 SQTECH913D - ok

20:08:55.0590 4160 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1207010.003\SRTSP64.SYS

20:08:55.0668 4160 SRTSP - ok

20:08:55.0699 4160 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS

20:08:55.0715 4160 SRTSPX - ok

20:08:55.0777 4160 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

20:08:55.0871 4160 srv - ok

20:08:55.0902 4160 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

20:08:55.0949 4160 srv2 - ok

20:08:55.0980 4160 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

20:08:56.0027 4160 srvnet - ok

20:08:56.0058 4160 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

20:08:56.0167 4160 SSDPSRV - ok

20:08:56.0199 4160 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

20:08:56.0261 4160 SstpSvc - ok

20:08:56.0277 4160 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

20:08:56.0308 4160 stexstor - ok

20:08:56.0401 4160 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

20:08:56.0495 4160 stisvc - ok

20:08:56.0526 4160 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

20:08:56.0557 4160 swenum - ok

20:08:56.0620 4160 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

20:08:56.0729 4160 swprv - ok

20:08:56.0807 4160 sxuptp (e77f28dabc4aded088606e6cb0c0ee70) C:\Windows\system32\DRIVERS\sxuptp.sys

20:08:56.0869 4160 sxuptp - ok

20:08:56.0994 4160 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS

20:08:57.0025 4160 SymDS - ok

20:08:57.0119 4160 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS

20:08:57.0213 4160 SymEFA - ok

20:08:57.0275 4160 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

20:08:57.0307 4160 SymEvent - ok

20:08:57.0338 4160 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS

20:08:57.0370 4160 SymIRON - ok

20:08:57.0416 4160 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS

20:08:57.0463 4160 SymNetS - ok

20:08:57.0604 4160 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

20:08:57.0728 4160 SysMain - ok

20:08:57.0853 4160 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

20:08:57.0916 4160 TabletInputService - ok

20:08:57.0947 4160 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

20:08:58.0056 4160 TapiSrv - ok

20:08:58.0087 4160 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

20:08:58.0181 4160 TBS - ok

20:08:58.0384 4160 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

20:08:58.0524 4160 Tcpip - ok

20:08:58.0774 4160 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

20:08:58.0852 4160 TCPIP6 - ok

20:08:58.0961 4160 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

20:08:59.0054 4160 tcpipreg - ok

20:08:59.0101 4160 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

20:08:59.0148 4160 TDPIPE - ok

20:08:59.0210 4160 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

20:08:59.0273 4160 TDTCP - ok

20:08:59.0320 4160 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

20:08:59.0382 4160 tdx - ok

20:08:59.0444 4160 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

20:08:59.0460 4160 TermDD - ok

20:08:59.0522 4160 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

20:08:59.0600 4160 TermService - ok

20:08:59.0632 4160 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

20:08:59.0710 4160 Themes - ok

20:08:59.0741 4160 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

20:08:59.0819 4160 THREADORDER - ok

20:08:59.0881 4160 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

20:08:59.0975 4160 TrkWks - ok

20:09:00.0068 4160 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

20:09:00.0162 4160 TrustedInstaller - ok

20:09:00.0209 4160 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

20:09:00.0302 4160 tssecsrv - ok

20:09:00.0380 4160 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

20:09:00.0443 4160 TsUsbFlt - ok

20:09:00.0521 4160 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

20:09:00.0583 4160 tunnel - ok

20:09:00.0614 4160 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

20:09:00.0646 4160 uagp35 - ok

20:09:00.0708 4160 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

20:09:00.0802 4160 udfs - ok

20:09:00.0833 4160 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

20:09:00.0880 4160 UI0Detect - ok

20:09:00.0926 4160 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

20:09:00.0958 4160 uliagpkx - ok

20:09:01.0020 4160 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

20:09:01.0067 4160 umbus - ok

20:09:01.0082 4160 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

20:09:01.0129 4160 UmPass - ok

20:09:01.0176 4160 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

20:09:01.0301 4160 upnphost - ok

20:09:01.0363 4160 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

20:09:01.0410 4160 USBAAPL64 - ok

20:09:01.0457 4160 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

20:09:01.0519 4160 usbccgp - ok

20:09:01.0582 4160 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

20:09:01.0628 4160 usbcir - ok

20:09:01.0675 4160 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

20:09:01.0706 4160 usbehci - ok

20:09:01.0753 4160 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

20:09:01.0816 4160 usbhub - ok

20:09:01.0878 4160 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

20:09:01.0940 4160 usbohci - ok

20:09:01.0987 4160 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

20:09:02.0050 4160 usbprint - ok

20:09:02.0096 4160 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

20:09:02.0159 4160 usbscan - ok

20:09:02.0206 4160 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS

20:09:02.0284 4160 USBSTOR - ok

20:09:02.0347 4160 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

20:09:02.0378 4160 usbuhci - ok

20:09:02.0472 4160 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

20:09:02.0534 4160 usbvideo - ok

20:09:02.0550 4160 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

20:09:02.0628 4160 UxSms - ok

20:09:02.0659 4160 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

20:09:02.0690 4160 VaultSvc - ok

20:09:02.0784 4160 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

20:09:02.0815 4160 vdrvroot - ok

20:09:02.0924 4160 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

20:09:03.0065 4160 vds - ok

20:09:03.0111 4160 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

20:09:03.0127 4160 vga - ok

20:09:03.0143 4160 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

20:09:03.0221 4160 VgaSave - ok

20:09:03.0267 4160 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

20:09:03.0314 4160 vhdmp - ok

20:09:03.0424 4160 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys

20:09:03.0502 4160 VIAHdAudAddService - ok

20:09:03.0549 4160 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

20:09:03.0580 4160 viaide - ok

20:09:03.0627 4160 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

20:09:03.0658 4160 volmgr - ok

20:09:03.0736 4160 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

20:09:03.0783 4160 volmgrx - ok

20:09:03.0861 4160 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

20:09:03.0924 4160 volsnap - ok

20:09:03.0986 4160 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

20:09:04.0033 4160 vsmraid - ok

20:09:04.0173 4160 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

20:09:04.0329 4160 VSS - ok

20:09:04.0438 4160 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

20:09:04.0485 4160 vwifibus - ok

20:09:04.0516 4160 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

20:09:04.0563 4160 vwififlt - ok

20:09:04.0610 4160 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

20:09:04.0641 4160 vwifimp - ok

20:09:04.0688 4160 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

20:09:04.0782 4160 W32Time - ok

20:09:04.0813 4160 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

20:09:04.0828 4160 WacomPen - ok

20:09:04.0906 4160 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

20:09:04.0969 4160 WANARP - ok

20:09:04.0984 4160 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

20:09:05.0047 4160 Wanarpv6 - ok

20:09:05.0156 4160 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

20:09:05.0250 4160 WatAdminSvc - ok

20:09:05.0390 4160 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

20:09:05.0530 4160 wbengine - ok

20:09:05.0640 4160 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

20:09:05.0702 4160 WbioSrvc - ok

20:09:05.0764 4160 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

20:09:05.0858 4160 wcncsvc - ok

20:09:05.0889 4160 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

20:09:06.0014 4160 WcsPlugInService - ok

20:09:06.0061 4160 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

20:09:06.0092 4160 Wd - ok

20:09:06.0154 4160 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

20:09:06.0217 4160 Wdf01000 - ok

20:09:06.0232 4160 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

20:09:06.0357 4160 WdiServiceHost - ok

20:09:06.0373 4160 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

20:09:06.0404 4160 WdiSystemHost - ok

20:09:06.0466 4160 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

20:09:06.0544 4160 WebClient - ok

20:09:06.0576 4160 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

20:09:06.0685 4160 Wecsvc - ok

20:09:06.0716 4160 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

20:09:06.0794 4160 wercplsupport - ok

20:09:06.0841 4160 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

20:09:06.0919 4160 WerSvc - ok

20:09:07.0012 4160 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

20:09:07.0090 4160 WfpLwf - ok

20:09:07.0122 4160 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

20:09:07.0153 4160 WimFltr - ok

20:09:07.0168 4160 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

20:09:07.0184 4160 WIMMount - ok

20:09:07.0215 4160 WinDefend - ok

20:09:07.0231 4160 WinHttpAutoProxySvc - ok

20:09:07.0309 4160 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

20:09:07.0402 4160 Winmgmt - ok

20:09:07.0574 4160 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

20:09:07.0746 4160 WinRM - ok

20:09:07.0917 4160 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

20:09:07.0964 4160 WinUsb - ok

20:09:08.0058 4160 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

20:09:08.0151 4160 Wlansvc - ok

20:09:08.0401 4160 wlidsvc (e23a257a54fa12c2aef8ad51e6556357) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

20:09:08.0526 4160 wlidsvc - ok

20:09:08.0650 4160 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

20:09:08.0697 4160 WmiAcpi - ok

20:09:08.0760 4160 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

20:09:08.0822 4160 wmiApSrv - ok

20:09:08.0853 4160 WMPNetworkSvc - ok

20:09:08.0884 4160 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

20:09:08.0931 4160 WPCSvc - ok

20:09:08.0994 4160 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

20:09:09.0072 4160 WPDBusEnum - ok

20:09:09.0103 4160 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

20:09:09.0181 4160 ws2ifsl - ok

20:09:09.0212 4160 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

20:09:09.0259 4160 wscsvc - ok

20:09:09.0259 4160 WSearch - ok

20:09:09.0446 4160 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

20:09:09.0618 4160 wuauserv - ok

20:09:09.0774 4160 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

20:09:09.0867 4160 WudfPf - ok

20:09:09.0914 4160 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

20:09:09.0992 4160 WUDFRd - ok

20:09:10.0039 4160 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

20:09:10.0101 4160 wudfsvc - ok

20:09:10.0132 4160 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

20:09:10.0210 4160 WwanSvc - ok

20:09:10.0335 4160 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

20:09:10.0366 4160 YahooAUService - ok

20:09:10.0429 4160 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

20:09:10.0647 4160 \Device\Harddisk0\DR0 - ok

20:09:10.0647 4160 Boot (0x1200) (7f8ff8bdc03f807b515c146a81878ce5) \Device\Harddisk0\DR0\Partition0

20:09:10.0647 4160 \Device\Harddisk0\DR0\Partition0 - ok

20:09:10.0647 4160 ============================================================

20:09:10.0647 4160 Scan finished

20:09:10.0647 4160 ============================================================

20:09:10.0678 2596 Detected object count: 1

20:09:10.0678 2596 Actual detected object count: 1

20:11:43.0726 2596 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user

20:11:43.0726 2596 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

That scan was clean......

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:

If you get the message Illegal operation attempted on registry key that has been marked for deletion. after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.