Google Chrome Outgoing Process

sichter88 · August 6, 2012

Hi I am having a problem with outgoing processes from Google Chrome.

This the log from Malwarebyes.

2012/08/06 07:54:49 +1000 SICHTER-PC (null) MESSAGE Executing scheduled update: Daily

2012/08/06 07:55:03 +1000 SICHTER-PC (null) MESSAGE Scheduled update executed successfully: database updated from version v2012.08.05.02 to version v2012.08.05.08

2012/08/06 08:08:08 +1000 SICHTER-PC SICHTER MESSAGE Starting protection

2012/08/06 08:08:10 +1000 SICHTER-PC SICHTER MESSAGE Protection started successfully

2012/08/06 08:08:13 +1000 SICHTER-PC SICHTER MESSAGE Starting IP protection

2012/08/06 08:08:13 +1000 SICHTER-PC SICHTER MESSAGE IP Protection started successfully

2012/08/06 08:08:13 +1000 SICHTER-PC SICHTER MESSAGE Starting database refresh

2012/08/06 08:08:13 +1000 SICHTER-PC SICHTER MESSAGE Stopping IP protection

2012/08/06 08:09:16 +1000 SICHTER-PC SICHTER MESSAGE IP Protection stopped

2012/08/06 08:09:17 +1000 SICHTER-PC SICHTER MESSAGE Database refreshed successfully

2012/08/06 08:09:17 +1000 SICHTER-PC SICHTER MESSAGE Starting IP protection

2012/08/06 08:09:18 +1000 SICHTER-PC SICHTER MESSAGE IP Protection started successfully

2012/08/06 08:12:14 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49419, Process: chrome.exe)

2012/08/06 08:12:14 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49420, Process: chrome.exe)

2012/08/06 08:15:03 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49590, Process: chrome.exe)

2012/08/06 08:15:03 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49591, Process: chrome.exe)

2012/08/06 08:15:03 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49592, Process: chrome.exe)

2012/08/06 08:20:15 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49837, Process: chrome.exe)

2012/08/06 08:20:40 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49865, Process: chrome.exe)

2012/08/06 08:20:48 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49872, Process: chrome.exe)

2012/08/06 08:21:20 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49915, Process: chrome.exe)

2012/08/06 08:21:28 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49918, Process: chrome.exe)

2012/08/06 08:21:44 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49929, Process: chrome.exe)

2012/08/06 08:21:44 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49943, Process: chrome.exe)

2012/08/06 08:21:52 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49945, Process: chrome.exe)

2012/08/06 08:21:52 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 49951, Process: chrome.exe)

2012/08/06 08:22:24 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50047, Process: chrome.exe)

2012/08/06 08:22:48 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50079, Process: chrome.exe)

2012/08/06 08:23:37 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50179, Process: chrome.exe)

2012/08/06 08:23:53 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50197, Process: chrome.exe)

2012/08/06 08:24:01 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50206, Process: chrome.exe)

2012/08/06 08:24:50 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50304, Process: chrome.exe)

2012/08/06 08:24:58 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50380, Process: chrome.exe)

2012/08/06 08:25:14 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50414, Process: chrome.exe)

2012/08/06 08:25:14 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50443, Process: chrome.exe)

2012/08/06 08:26:10 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50551, Process: chrome.exe)

2012/08/06 08:26:10 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50562, Process: chrome.exe)

2012/08/06 08:36:59 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50784, Process: chrome.exe)

2012/08/06 08:37:31 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50800, Process: chrome.exe)

2012/08/06 08:37:39 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50822, Process: chrome.exe)

2012/08/06 08:37:55 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50828, Process: chrome.exe)

2012/08/06 08:38:03 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50835, Process: chrome.exe)

2012/08/06 08:38:19 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50852, Process: chrome.exe)

2012/08/06 08:38:27 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 50857, Process: chrome.exe)

2012/08/06 08:44:04 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51022, Process: chrome.exe)

2012/08/06 08:44:04 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51023, Process: chrome.exe)

2012/08/06 08:44:04 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51024, Process: chrome.exe)

2012/08/06 08:44:04 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51058, Process: chrome.exe)

2012/08/06 08:44:04 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51059, Process: chrome.exe)

2012/08/06 08:44:04 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51084, Process: chrome.exe)

2012/08/06 08:44:04 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51133, Process: chrome.exe)

2012/08/06 08:44:37 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51158, Process: chrome.exe)

2012/08/06 08:44:45 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51180, Process: chrome.exe)

2012/08/06 08:44:53 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51187, Process: chrome.exe)

2012/08/06 08:44:53 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51189, Process: chrome.exe)

2012/08/06 08:45:01 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51193, Process: chrome.exe)

2012/08/06 08:45:01 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51197, Process: chrome.exe)

2012/08/06 08:45:01 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51201, Process: chrome.exe)

2012/08/06 08:45:09 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51207, Process: chrome.exe)

2012/08/06 08:45:25 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51224, Process: chrome.exe)

2012/08/06 08:45:25 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51225, Process: chrome.exe)

2012/08/06 08:45:25 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51226, Process: chrome.exe)

2012/08/06 08:45:33 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51267, Process: chrome.exe)

2012/08/06 08:45:33 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51278, Process: chrome.exe)

2012/08/06 08:45:33 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51280, Process: chrome.exe)

2012/08/06 08:47:01 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51294, Process: chrome.exe)

2012/08/06 08:47:01 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51295, Process: chrome.exe)

2012/08/06 08:47:01 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51296, Process: chrome.exe)

2012/08/06 08:47:01 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51321, Process: chrome.exe)

2012/08/06 08:50:30 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51388, Process: chrome.exe)

2012/08/06 08:50:30 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51397, Process: chrome.exe)

2012/08/06 08:50:38 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51401, Process: chrome.exe)

2012/08/06 08:50:38 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51407, Process: chrome.exe)

2012/08/06 08:52:38 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51529, Process: chrome.exe)

2012/08/06 08:52:38 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51530, Process: chrome.exe)

2012/08/06 08:52:38 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51531, Process: chrome.exe)

2012/08/06 08:52:38 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51558, Process: chrome.exe)

2012/08/06 08:52:38 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51559, Process: chrome.exe)

2012/08/06 08:52:46 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51575, Process: chrome.exe)

2012/08/06 08:53:42 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51616, Process: chrome.exe)

2012/08/06 08:53:42 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51617, Process: chrome.exe)

2012/08/06 08:53:42 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51618, Process: chrome.exe)

2012/08/06 08:53:42 +1000 SICHTER-PC SICHTER IP-BLOCK 80.87.199.15 (Type: outgoing, Port: 51628, Process: chrome.exe)

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by SICHTER at 8:17:31 on 2012-08-06

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3562.1958 [GMT 10:00]

.

AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\Windows\system32\viakaraokesrv.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\GIGABYTE\ET6\GUI.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\vVX1000.exe

C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Users\SICHTER\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Users\SICHTER\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\SICHTER\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\6.2.1.5\coIEPlg.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\6.2.1.5\ips\IPSBHO.DLL

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~1\office14\URLREDIR.DLL

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\6.2.1.5\coIEPlg.dll

uRun: [Google Update] "c:\users\sichter\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [DAEMON Tools Lite] "e:\program files\daemon tools lite\DTLite.exe" -autorun

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [VX1000] c:\windows\vVX1000.exe

mRun: [HDAudDeck] c:\program files\via\viaudioi\vdeck\VDeck.exe -r

mRun: [uSB3MON] "c:\program files\intel\intel® usb 3.0 extensible host controller driver\application\iusb3mon.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRunOnce: [EasyTuneVI] c:\program files\gigabyte\et6\ETCall.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{7481CCAE-AB12-40E8-BAF9-8574DE8DC5C1} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C53066B0-5FAE-40FF-A5D5-411D0290FE0E} : DhcpNameServer = 10.4.182.20 10.4.81.103

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2012-6-19 13592]

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0602010.005\SymDS.sys [2012-6-19 340088]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0602010.005\SymEFA.sys [2012-6-19 905336]

R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2012-6-19 19056]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\bashdefs\20120711.002\BHDrvx86.sys [2012-7-13 821920]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\0602010.005\ccSetx86.sys [2012-6-19 132744]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-6-19 242240]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\ipsdefs\20120803.002\IDSvix86.sys [2012-8-4 382624]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0602010.005\Ironx86.sys [2012-6-19 149624]

R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\n360\0602010.005\symnets.sys [2012-6-19 318584]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-4-4 63928]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\intel\icls client\HeciServer.exe [2011-12-8 423136]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files\intel\intel® management engine components\dal\Jhi_service.exe [2012-6-19 161560]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-5 655944]

R2 N360;Norton 360;c:\program files\norton 360\engine\6.2.1.5\ccSvcHst.exe [2012-6-19 138232]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-6-20 1262400]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-5-15 382272]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2012-6-19 363800]

R2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\ViakaraokeSrv.exe [2012-6-19 27760]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-7-22 106656]

R3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2012-6-19 24944]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2012-6-19 348440]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2012-6-19 791832]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2012-6-19 88176]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-5 22344]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-8-6 40776]

R3 MEI;Intel® Management Engine Interface ;c:\windows\system32\drivers\HECI.sys [2012-6-19 46080]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2012-6-20 148800]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-6-19 1822832]

R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-14 17920]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]

S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 etdrv;etdrv;c:\windows\etdrv.sys [2012-6-20 17488]

S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files\intel\intel® integrated clock controller service\ICCProxy.exe [2012-6-19 160256]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2012-3-26 18432]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-6-20 52224]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-6-19 1343400]

.

=============== Created Last 30 ================

.

2012-08-05 22:14:23 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-08-05 08:28:53 -------- d-----w- c:\users\sichter\appdata\roaming\Malwarebytes

2012-08-05 08:28:48 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-05 08:28:48 -------- d-----w- c:\programdata\Malwarebytes

2012-08-05 08:28:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-05 08:12:52 -------- d-----w- c:\program files\CCleaner

2012-07-22 11:59:31 -------- d-----r- c:\program files\Skype

2012-07-19 06:55:41 -------- d-----w- c:\users\sichter\appdata\local\WinZip

2012-07-11 11:02:31 2345984 ----a-w- c:\windows\system32\win32k.sys

.

==================== Find3M ====================

.

2012-08-05 22:08:19 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys

2012-08-05 22:08:06 17488 ----a-w- c:\windows\gdrv.sys

2012-06-27 08:40:40 59 ----a-w- c:\windows\wpd99.drv

2012-06-27 07:02:40 36864 ----a-w- c:\windows\system32\pdf995mon.dll

2012-06-27 07:02:40 1667072 ----a-w- c:\windows\system32\pdfmona.dll

2012-06-21 07:02:44 152576 ----a-w- c:\windows\system32\msclmd.dll

2012-06-19 21:43:34 17488 ----a-w- c:\windows\etdrv.sys

2012-06-19 03:29:34 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-06-19 02:19:16 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll

2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 08:33:25 1800192 ----a-w- c:\windows\system32\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-02 08:16:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-06-02 05:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 05:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll

2012-05-24 21:18:40 4472832 ----a-w- c:\windows\system32\GPhotos.scr

2012-05-15 09:28:49 645440 ----a-w- c:\windows\system32\nvvsvc.exe

2012-05-15 09:28:49 62272 ----a-w- c:\windows\system32\nvshext.dll

2012-05-15 09:28:49 2621723 ----a-w- c:\windows\system32\nvcoproc.bin

2012-05-15 09:28:49 108352 ----a-w- c:\windows\system32\nvmctray.dll

2012-05-15 09:28:48 3931456 ----a-w- c:\windows\system32\nvcpl.dll

2012-05-15 09:27:28 2759488 ----a-w- c:\windows\system32\nvsvc.dll

2012-05-14 16:21:50 423744 ----a-w- c:\windows\system32\nvStreaming.exe

.

============= FINISH: 8:17:57.46 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 19/06/12 11:11:40 AM

System Uptime: 06/08/12 7:52:14 AM (1 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | H77M-D3H

Processor: Intel® Core™ i5-3550 CPU @ 3.30GHz | Intel® Core™ i5-3550 CPU @ 3.30GHz | 3701/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 50 GiB total, 26.148 GiB free.

E: is FIXED (NTFS) - 416 GiB total, 407.627 GiB free.

F: is FIXED (NTFS) - 298 GiB total, 219.748 GiB free.

G: is CDROM ()

H: is CDROM ()

Z: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP51: 04/08/12 8:23:11 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Adobe Reader X (10.1.3)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver

BankLink BNotes

BankLink Books 2012

Bonjour

CCleaner

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Easy Tune 6 B12.0402.1

Google Chrome

HP Deskjet 3050 J610 series Basic Device Software

HP Deskjet 3050 J610 series Help

HP Update

Intel® Management Engine Components

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® Trusted Connect Service Client

iTunes

Java Auto Updater

Java™ 7 Update 5

JavaFX 2.1.1

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft Corporation

Microsoft LifeCam

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Norton 360

NVIDIA 3D Vision Controller Driver 301.42

NVIDIA 3D Vision Driver 301.42

NVIDIA Control Panel 301.42

NVIDIA Display Control Panel

NVIDIA Graphics Driver 301.42

NVIDIA HD Audio Driver 1.3.16.0

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.0213

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 1.8.15

NVIDIA Update Components

ON_OFF Charge B11.1102.1

Pdf995

Picasa 3

Platform

SanDisk_Button_Manager.exe

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition

Sid Meier's Civilization V

Skype™ 5.10

Steam

TP-LINK Wireless Client Utility

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

VIA Platform Device Manager

Vuze

Windows 7 Codec Pack 4.0.3

WinZip 16.5

.

==== Event Viewer Messages From Past Week ========

.

02/08/12 6:46:50 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer BECC-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7481CCAE-AB12-40E8-BAF9-8574DE8DC5. The master browser is stopping or an election is being forced.

02/08/12 6:46:23 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

.

==== End Of File ===========================

Maniac · August 6, 2012

Hello sichter88! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Step 1

Please uninstall this application: Vuze

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

TDSSKiller log
Malwarebytes' Anti-Malware log
a new fresh DDS log

sichter88 · August 6, 2012

Hi, thankyou for the instructions.

Only 2 'suspicious' threats were found and nothing was found by malawarebytes. I am still getting the message that outgoing ip process was blocked chrome.exe.

21:15:18.0786 5564 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

21:15:19.0574 5564 ============================================================

21:15:19.0574 5564 Current date / time: 2012/08/06 21:15:19.0574

21:15:19.0574 5564 SystemInfo:

21:15:19.0574 5564

21:15:19.0574 5564 OS Version: 6.1.7601 ServicePack: 1.0

21:15:19.0574 5564 Product type: Workstation

21:15:19.0574 5564 ComputerName: SICHTER-PC

21:15:19.0574 5564 UserName: SICHTER

21:15:19.0575 5564 Windows directory: C:\Windows

21:15:19.0575 5564 System windows directory: C:\Windows

21:15:19.0575 5564 Processor architecture: Intel x86

21:15:19.0575 5564 Number of processors: 4

21:15:19.0575 5564 Page size: 0x1000

21:15:19.0575 5564 Boot type: Normal boot

21:15:19.0575 5564 ============================================================

21:15:20.0238 5564 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

21:15:20.0258 5564 Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050

21:15:20.0260 5564 ============================================================

21:15:20.0260 5564 \Device\Harddisk1\DR1:

21:15:20.0260 5564 MBR partitions:

21:15:20.0260 5564 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6338000

21:15:20.0260 5564 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x6338800, BlocksNum 0x3404C800

21:15:20.0260 5564 \Device\Harddisk0\DR0:

21:15:20.0261 5564 MBR partitions:

21:15:20.0261 5564 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D000

21:15:20.0261 5564 ============================================================

21:15:20.0303 5564 C: <-> \Device\Harddisk1\DR1\Partition0

21:15:20.0334 5564 E: <-> \Device\Harddisk1\DR1\Partition1

21:15:20.0342 5564 F: <-> \Device\Harddisk0\DR0\Partition0

21:15:20.0342 5564 ============================================================

21:15:20.0342 5564 Initialize success

21:15:20.0342 5564 ============================================================

21:15:24.0091 4340 ============================================================

21:15:24.0091 4340 Scan started

21:15:24.0091 4340 Mode: Manual; SigCheck; TDLFS;

21:15:24.0091 4340 ============================================================

21:15:24.0350 4340 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys

21:15:24.0434 4340 1394ohci - ok

21:15:24.0451 4340 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys

21:15:24.0460 4340 ACPI - ok

21:15:24.0476 4340 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys

21:15:24.0523 4340 AcpiPmi - ok

21:15:24.0571 4340 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

21:15:24.0583 4340 AdobeARMservice - ok

21:15:24.0621 4340 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

21:15:24.0638 4340 adp94xx - ok

21:15:24.0655 4340 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

21:15:24.0663 4340 adpahci - ok

21:15:24.0673 4340 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

21:15:24.0680 4340 adpu320 - ok

21:15:24.0694 4340 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll

21:15:24.0718 4340 AeLookupSvc - ok

21:15:24.0767 4340 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys

21:15:24.0803 4340 AFD - ok

21:15:24.0830 4340 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys

21:15:24.0844 4340 agp440 - ok

21:15:24.0861 4340 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

21:15:24.0875 4340 aic78xx - ok

21:15:24.0937 4340 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe

21:15:24.0993 4340 ALG - ok

21:15:25.0021 4340 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys

21:15:25.0030 4340 aliide - ok

21:15:25.0047 4340 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys

21:15:25.0056 4340 amdagp - ok

21:15:25.0073 4340 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys

21:15:25.0082 4340 amdide - ok

21:15:25.0106 4340 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

21:15:25.0154 4340 AmdK8 - ok

21:15:25.0159 4340 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

21:15:25.0174 4340 AmdPPM - ok

21:15:25.0212 4340 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys

21:15:25.0226 4340 amdsata - ok

21:15:25.0249 4340 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

21:15:25.0264 4340 amdsbs - ok

21:15:25.0274 4340 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys

21:15:25.0282 4340 amdxata - ok

21:15:25.0313 4340 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys

21:15:25.0395 4340 AppID - ok

21:15:25.0418 4340 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll

21:15:25.0438 4340 AppIDSvc - ok

21:15:25.0472 4340 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll

21:15:25.0508 4340 Appinfo - ok

21:15:25.0578 4340 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:15:25.0591 4340 Apple Mobile Device - ok

21:15:25.0638 4340 AppleCharger (f5f0f78286a849bc0e45e0e99065b04f) C:\Windows\system32\DRIVERS\AppleCharger.sys

21:15:25.0656 4340 AppleCharger - ok

21:15:25.0668 4340 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe

21:15:25.0679 4340 AppleChargerSrv - ok

21:15:25.0714 4340 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll

21:15:25.0747 4340 AppMgmt - ok

21:15:25.0771 4340 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

21:15:25.0783 4340 arc - ok

21:15:25.0803 4340 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

21:15:25.0814 4340 arcsas - ok

21:15:25.0831 4340 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

21:15:25.0906 4340 AsyncMac - ok

21:15:25.0928 4340 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys

21:15:25.0935 4340 atapi - ok

21:15:25.0998 4340 athr (5f1c1dc2ff06c766e59e2d599d53afe6) C:\Windows\system32\DRIVERS\athr.sys

21:15:26.0045 4340 athr - ok

21:15:26.0142 4340 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

21:15:26.0173 4340 AudioEndpointBuilder - ok

21:15:26.0177 4340 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

21:15:26.0200 4340 Audiosrv - ok

21:15:26.0243 4340 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll

21:15:26.0293 4340 AxInstSV - ok

21:15:26.0349 4340 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

21:15:26.0377 4340 b06bdrv - ok

21:15:26.0404 4340 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

21:15:26.0424 4340 b57nd60x - ok

21:15:26.0460 4340 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll

21:15:26.0501 4340 BDESVC - ok

21:15:26.0512 4340 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

21:15:26.0559 4340 Beep - ok

21:15:26.0606 4340 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll

21:15:26.0640 4340 BFE - ok

21:15:26.0868 4340 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120711.002\BHDrvx86.sys

21:15:26.0892 4340 BHDrvx86 - ok

21:15:26.0990 4340 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll

21:15:27.0033 4340 BITS - ok

21:15:27.0070 4340 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

21:15:27.0095 4340 blbdrive - ok

21:15:27.0151 4340 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

21:15:27.0168 4340 Bonjour Service - ok

21:15:27.0200 4340 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys

21:15:27.0224 4340 bowser - ok

21:15:27.0233 4340 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

21:15:27.0280 4340 BrFiltLo - ok

21:15:27.0291 4340 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

21:15:27.0319 4340 BrFiltUp - ok

21:15:27.0352 4340 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll

21:15:27.0391 4340 Browser - ok

21:15:27.0427 4340 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

21:15:27.0452 4340 Brserid - ok

21:15:27.0458 4340 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

21:15:27.0484 4340 BrSerWdm - ok

21:15:27.0518 4340 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

21:15:27.0544 4340 BrUsbMdm - ok

21:15:27.0548 4340 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

21:15:27.0564 4340 BrUsbSer - ok

21:15:27.0569 4340 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

21:15:27.0589 4340 BTHMODEM - ok

21:15:27.0615 4340 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll

21:15:27.0645 4340 bthserv - ok

21:15:27.0697 4340 ccSet_N360 (599e7f6259a127c174c49938d2aa6a60) C:\Windows\system32\drivers\N360\0602010.005\ccSetx86.sys

21:15:27.0707 4340 ccSet_N360 - ok

21:15:27.0733 4340 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

21:15:27.0755 4340 cdfs - ok

21:15:27.0793 4340 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys

21:15:27.0820 4340 cdrom - ok

21:15:27.0853 4340 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

21:15:27.0885 4340 CertPropSvc - ok

21:15:27.0911 4340 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

21:15:27.0923 4340 circlass - ok

21:15:27.0952 4340 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

21:15:27.0962 4340 CLFS - ok

21:15:28.0020 4340 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:15:28.0033 4340 clr_optimization_v2.0.50727_32 - ok

21:15:28.0335 4340 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:15:28.0350 4340 clr_optimization_v4.0.30319_32 - ok

21:15:28.0369 4340 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

21:15:28.0386 4340 CmBatt - ok

21:15:28.0409 4340 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys

21:15:28.0417 4340 cmdide - ok

21:15:28.0456 4340 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys

21:15:28.0481 4340 CNG - ok

21:15:28.0505 4340 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

21:15:28.0511 4340 Compbatt - ok

21:15:28.0533 4340 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys

21:15:28.0541 4340 CompositeBus - ok

21:15:28.0551 4340 COMSysApp - ok

21:15:28.0561 4340 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

21:15:28.0567 4340 crcdisk - ok

21:15:28.0600 4340 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll

21:15:28.0634 4340 CryptSvc - ok

21:15:28.0671 4340 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys

21:15:28.0705 4340 CSC - ok

21:15:28.0734 4340 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll

21:15:28.0762 4340 CscService - ok

21:15:28.0793 4340 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

21:15:28.0854 4340 DcomLaunch - ok

21:15:28.0877 4340 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll

21:15:28.0921 4340 defragsvc - ok

21:15:28.0977 4340 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys

21:15:29.0009 4340 DfsC - ok

21:15:29.0070 4340 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll

21:15:29.0110 4340 Dhcp - ok

21:15:29.0133 4340 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

21:15:29.0169 4340 discache - ok

21:15:29.0196 4340 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

21:15:29.0202 4340 Disk - ok

21:15:29.0217 4340 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll

21:15:29.0243 4340 Dnscache - ok

21:15:29.0273 4340 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll

21:15:29.0318 4340 dot3svc - ok

21:15:29.0341 4340 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll

21:15:29.0383 4340 DPS - ok

21:15:29.0405 4340 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

21:15:29.0430 4340 drmkaud - ok

21:15:29.0463 4340 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

21:15:29.0473 4340 dtsoftbus01 - ok

21:15:29.0515 4340 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys

21:15:29.0531 4340 DXGKrnl - ok

21:15:29.0552 4340 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll

21:15:29.0568 4340 EapHost - ok

21:15:29.0679 4340 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

21:15:29.0712 4340 ebdrv - ok

21:15:29.0770 4340 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

21:15:29.0785 4340 eeCtrl - ok

21:15:29.0855 4340 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe

21:15:29.0881 4340 EFS - ok

21:15:29.0932 4340 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe

21:15:29.0974 4340 ehRecvr - ok

21:15:29.0997 4340 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe

21:15:30.0031 4340 ehSched - ok

21:15:30.0114 4340 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

21:15:30.0134 4340 elxstor - ok

21:15:30.0186 4340 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

21:15:30.0197 4340 EraserUtilRebootDrv - ok

21:15:30.0221 4340 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys

21:15:30.0241 4340 ErrDev - ok

21:15:30.0281 4340 etdrv (3af0ae042afe486b22644cd3fbebf2e2) C:\Windows\etdrv.sys

21:15:30.0291 4340 etdrv - ok

21:15:30.0326 4340 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll

21:15:30.0367 4340 EventSystem - ok

21:15:30.0386 4340 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

21:15:30.0428 4340 exfat - ok

21:15:30.0437 4340 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

21:15:30.0462 4340 fastfat - ok

21:15:30.0507 4340 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe

21:15:30.0546 4340 Fax - ok

21:15:30.0560 4340 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

21:15:30.0576 4340 fdc - ok

21:15:30.0596 4340 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll

21:15:30.0628 4340 fdPHost - ok

21:15:30.0640 4340 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll

21:15:30.0672 4340 FDResPub - ok

21:15:30.0685 4340 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

21:15:30.0693 4340 FileInfo - ok

21:15:30.0699 4340 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

21:15:30.0715 4340 Filetrace - ok

21:15:30.0718 4340 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

21:15:30.0735 4340 flpydisk - ok

21:15:30.0775 4340 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

21:15:30.0791 4340 FltMgr - ok

21:15:30.0829 4340 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll

21:15:30.0853 4340 FontCache - ok

21:15:30.0921 4340 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

21:15:30.0931 4340 FontCache3.0.0.0 - ok

21:15:30.0956 4340 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

21:15:30.0968 4340 FsDepends - ok

21:15:30.0988 4340 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys

21:15:30.0999 4340 Fs_Rec - ok

21:15:31.0029 4340 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys

21:15:31.0042 4340 fvevol - ok

21:15:31.0063 4340 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

21:15:31.0070 4340 gagp30kx - ok

21:15:31.0083 4340 gdrv (d556cb79967e92b5cc69686d16c1d846) C:\Windows\gdrv.sys

21:15:31.0090 4340 gdrv - ok

21:15:31.0124 4340 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:15:31.0135 4340 GEARAspiWDM - ok

21:15:31.0157 4340 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll

21:15:31.0187 4340 gpsvc - ok

21:15:31.0225 4340 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

21:15:31.0239 4340 gusvc - ok

21:15:31.0261 4340 GVTDrv (689a8eef2a2d62b28a0a578a6196531c) C:\Windows\system32\Drivers\GVTDrv.sys

21:15:31.0272 4340 GVTDrv - ok

21:15:31.0297 4340 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

21:15:31.0348 4340 hcw85cir - ok

21:15:31.0391 4340 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys

21:15:31.0415 4340 HdAudAddService - ok

21:15:31.0456 4340 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys

21:15:31.0486 4340 HDAudBus - ok

21:15:31.0507 4340 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

21:15:31.0519 4340 HidBatt - ok

21:15:31.0523 4340 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

21:15:31.0548 4340 HidBth - ok

21:15:31.0553 4340 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

21:15:31.0575 4340 HidIr - ok

21:15:31.0597 4340 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll

21:15:31.0630 4340 hidserv - ok

21:15:31.0651 4340 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys

21:15:31.0661 4340 HidUsb - ok

21:15:31.0678 4340 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll

21:15:31.0714 4340 hkmsvc - ok

21:15:31.0742 4340 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll

21:15:31.0781 4340 HomeGroupListener - ok

21:15:31.0800 4340 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll

21:15:31.0835 4340 HomeGroupProvider - ok

21:15:31.0860 4340 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys

21:15:31.0871 4340 HpSAMD - ok

21:15:31.0918 4340 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys

21:15:31.0942 4340 HTTP - ok

21:15:31.0950 4340 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys

21:15:31.0956 4340 hwpolicy - ok

21:15:31.0984 4340 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys

21:15:32.0005 4340 i8042prt - ok

21:15:32.0030 4340 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys

21:15:32.0047 4340 iaStorV - ok

21:15:32.0106 4340 ICCS (33d4d4a24791587e83f7ee05a446fb7e) C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

21:15:32.0114 4340 ICCS ( UnsignedFile.Multi.Generic ) - warning

21:15:32.0114 4340 ICCS - detected UnsignedFile.Multi.Generic (1)

21:15:32.0147 4340 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

21:15:32.0174 4340 IDriverT ( UnsignedFile.Multi.Generic ) - warning

21:15:32.0174 4340 IDriverT - detected UnsignedFile.Multi.Generic (1)

21:15:32.0265 4340 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

21:15:32.0287 4340 idsvc - ok

21:15:32.0406 4340 IDSVix86 (6262c22a913bd255a0795d070b82aa47) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120803.002\IDSvix86.sys

21:15:32.0421 4340 IDSVix86 - ok

21:15:32.0489 4340 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

21:15:32.0499 4340 iirsp - ok

21:15:32.0557 4340 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll

21:15:32.0593 4340 IKEEXT - ok

21:15:32.0668 4340 Intel® Capability Licensing Service Interface (28b3162ec8d01114313d7f447d8e157e) C:\Program Files\Intel\iCLS Client\HeciServer.exe

21:15:32.0685 4340 Intel® Capability Licensing Service Interface - ok

21:15:32.0699 4340 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys

21:15:32.0706 4340 intelide - ok

21:15:32.0736 4340 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

21:15:32.0758 4340 intelppm - ok

21:15:32.0799 4340 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll

21:15:32.0839 4340 IPBusEnum - ok

21:15:32.0855 4340 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:15:32.0891 4340 IpFilterDriver - ok

21:15:32.0931 4340 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll

21:15:32.0964 4340 iphlpsvc - ok

21:15:32.0988 4340 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys

21:15:33.0011 4340 IPMIDRV - ok

21:15:33.0032 4340 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

21:15:33.0067 4340 IPNAT - ok

21:15:33.0114 4340 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe

21:15:33.0128 4340 iPod Service - ok

21:15:33.0147 4340 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

21:15:33.0204 4340 IRENUM - ok

21:15:33.0236 4340 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys

21:15:33.0249 4340 isapnp - ok

21:15:33.0264 4340 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys

21:15:33.0281 4340 iScsiPrt - ok

21:15:33.0314 4340 iusb3hcs (df93e36d3dabdd53a6394806ad1b9807) C:\Windows\system32\DRIVERS\iusb3hcs.sys

21:15:33.0325 4340 iusb3hcs - ok

21:15:33.0352 4340 iusb3hub (725d1248f64d56e61453f4fcdfa6a0b6) C:\Windows\system32\DRIVERS\iusb3hub.sys

21:15:33.0369 4340 iusb3hub - ok

21:15:33.0412 4340 iusb3xhc (5c0c8d16027229bd7fc9465124bfec9d) C:\Windows\system32\DRIVERS\iusb3xhc.sys

21:15:33.0432 4340 iusb3xhc - ok

21:15:33.0493 4340 jhi_service (166fc0b36842135bc2d3c32df70ed0d6) C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

21:15:33.0508 4340 jhi_service - ok

21:15:33.0617 4340 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys

21:15:33.0631 4340 kbdclass - ok

21:15:33.0669 4340 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys

21:15:33.0690 4340 kbdhid - ok

21:15:33.0716 4340 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:15:33.0729 4340 KeyIso - ok

21:15:33.0745 4340 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys

21:15:33.0756 4340 KSecDD - ok

21:15:33.0777 4340 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys

21:15:33.0790 4340 KSecPkg - ok

21:15:33.0818 4340 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll

21:15:33.0850 4340 KtmRm - ok

21:15:33.0880 4340 L1C (25046613dfa30a7361996f15901ca0de) C:\Windows\system32\DRIVERS\L1C62x86.sys

21:15:33.0890 4340 L1C - ok

21:15:33.0934 4340 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll

21:15:33.0974 4340 LanmanServer - ok

21:15:33.0990 4340 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll

21:15:34.0015 4340 LanmanWorkstation - ok

21:15:34.0057 4340 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

21:15:34.0094 4340 lltdio - ok

21:15:34.0117 4340 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll

21:15:34.0136 4340 lltdsvc - ok

21:15:34.0144 4340 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll

21:15:34.0165 4340 lmhosts - ok

21:15:34.0234 4340 LMS (c56e64ba70dc822b84d100a6f8d690d3) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

21:15:34.0248 4340 LMS - ok

21:15:34.0280 4340 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

21:15:34.0289 4340 LSI_FC - ok

21:15:34.0476 4340 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

21:15:34.0489 4340 LSI_SAS - ok

21:15:34.0505 4340 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

21:15:34.0516 4340 LSI_SAS2 - ok

21:15:34.0532 4340 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

21:15:34.0542 4340 LSI_SCSI - ok

21:15:34.0559 4340 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

21:15:34.0594 4340 luafv - ok

21:15:34.0605 4340 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys

21:15:34.0612 4340 MBAMProtector - ok

21:15:34.0652 4340 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

21:15:34.0666 4340 MBAMService - ok

21:15:34.0699 4340 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll

21:15:34.0716 4340 Mcx2Svc - ok

21:15:34.0749 4340 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

21:15:34.0760 4340 megasas - ok

21:15:34.0780 4340 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

21:15:34.0792 4340 MegaSR - ok

21:15:34.0810 4340 MEI (240d715cfe4fb8f4cda76f6863e62334) C:\Windows\system32\DRIVERS\HECI.sys

21:15:34.0843 4340 MEI - ok

21:15:34.0860 4340 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

21:15:34.0899 4340 MMCSS - ok

21:15:34.0920 4340 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

21:15:34.0935 4340 Modem - ok

21:15:34.0959 4340 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

21:15:34.0974 4340 monitor - ok

21:15:34.0999 4340 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys

21:15:35.0015 4340 mouclass - ok

21:15:35.0033 4340 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

21:15:35.0053 4340 mouhid - ok

21:15:35.0083 4340 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys

21:15:35.0090 4340 mountmgr - ok

21:15:35.0108 4340 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys

21:15:35.0114 4340 mpio - ok

21:15:35.0123 4340 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

21:15:35.0137 4340 mpsdrv - ok

21:15:35.0176 4340 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll

21:15:35.0207 4340 MpsSvc - ok

21:15:35.0216 4340 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys

21:15:35.0232 4340 MRxDAV - ok

21:15:35.0266 4340 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys

21:15:35.0299 4340 mrxsmb - ok

21:15:35.0323 4340 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:15:35.0336 4340 mrxsmb10 - ok

21:15:35.0345 4340 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:15:35.0368 4340 mrxsmb20 - ok

21:15:35.0390 4340 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys

21:15:35.0403 4340 msahci - ok

21:15:35.0463 4340 MSCamSvc (d98350792a7ce82e7459a7c36481beda) C:\Program Files\Microsoft LifeCam\MSCamS32.exe

21:15:35.0476 4340 MSCamSvc - ok

21:15:35.0507 4340 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys

21:15:35.0522 4340 msdsm - ok

21:15:35.0546 4340 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe

21:15:35.0572 4340 MSDTC - ok

21:15:35.0593 4340 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

21:15:35.0613 4340 Msfs - ok

21:15:35.0620 4340 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

21:15:35.0678 4340 mshidkmdf - ok

21:15:35.0698 4340 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys

21:15:35.0704 4340 msisadrv - ok

21:15:35.0735 4340 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll

21:15:35.0762 4340 MSiSCSI - ok

21:15:35.0763 4340 msiserver - ok

21:15:35.0792 4340 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

21:15:35.0830 4340 MSKSSRV - ok

21:15:35.0843 4340 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

21:15:35.0858 4340 MSPCLOCK - ok

21:15:35.0877 4340 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

21:15:35.0921 4340 MSPQM - ok

21:15:35.0944 4340 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

21:15:35.0952 4340 MsRPC - ok

21:15:35.0974 4340 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys

21:15:35.0981 4340 mssmbios - ok

21:15:35.0995 4340 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

21:15:36.0010 4340 MSTEE - ok

21:15:36.0025 4340 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

21:15:36.0041 4340 MTConfig - ok

21:15:36.0056 4340 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

21:15:36.0070 4340 Mup - ok

21:15:36.0110 4340 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

21:15:36.0124 4340 N360 - ok

21:15:36.0155 4340 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll

21:15:36.0193 4340 napagent - ok

21:15:36.0222 4340 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

21:15:36.0235 4340 NativeWifiP - ok

21:15:36.0340 4340 NAVENG (f11033730b38260b6892e837c457fb4b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120805.009\NAVENG.SYS

21:15:36.0352 4340 NAVENG - ok

21:15:36.0415 4340 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120805.009\NAVEX15.SYS

21:15:36.0436 4340 NAVEX15 - ok

21:15:36.0545 4340 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys

21:15:36.0561 4340 NDIS - ok

21:15:36.0586 4340 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

21:15:36.0606 4340 NdisCap - ok

21:15:36.0631 4340 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

21:15:36.0666 4340 NdisTapi - ok

21:15:36.0686 4340 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys

21:15:36.0726 4340 Ndisuio - ok

21:15:36.0743 4340 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys

21:15:36.0759 4340 NdisWan - ok

21:15:36.0788 4340 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys

21:15:36.0815 4340 NDProxy - ok

21:15:36.0838 4340 Netaapl (1352e1648213551923a0a822e441553c) C:\Windows\system32\DRIVERS\netaapl.sys

21:15:36.0872 4340 Netaapl - ok

21:15:36.0902 4340 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

21:15:36.0944 4340 NetBIOS - ok

21:15:36.0969 4340 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys

21:15:36.0999 4340 NetBT - ok

21:15:37.0026 4340 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:15:37.0033 4340 Netlogon - ok

21:15:37.0068 4340 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll

21:15:37.0085 4340 Netman - ok

21:15:37.0104 4340 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll

21:15:37.0122 4340 netprofm - ok

21:15:37.0184 4340 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:15:37.0197 4340 NetTcpPortSharing - ok

21:15:37.0227 4340 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

21:15:37.0235 4340 nfrd960 - ok

21:15:37.0265 4340 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll

21:15:37.0294 4340 NlaSvc - ok

21:15:37.0303 4340 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

21:15:37.0330 4340 Npfs - ok

21:15:37.0353 4340 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll

21:15:37.0379 4340 nsi - ok

21:15:37.0386 4340 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

21:15:37.0419 4340 nsiproxy - ok

21:15:37.0474 4340 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys

21:15:37.0492 4340 Ntfs - ok

21:15:37.0502 4340 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

21:15:37.0517 4340 Null - ok

21:15:37.0558 4340 NVHDA (a0a9e53b4aac3c6534a063aba69bc19f) C:\Windows\system32\drivers\nvhda32v.sys

21:15:37.0572 4340 NVHDA - ok

21:15:37.0885 4340 nvlddmkm (afb33a823aabc112fc7bd62afbcdb0cd) C:\Windows\system32\DRIVERS\nvlddmkm.sys

21:15:37.0982 4340 nvlddmkm - ok

21:15:38.0066 4340 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys

21:15:38.0081 4340 nvraid - ok

21:15:38.0132 4340 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys

21:15:38.0146 4340 nvstor - ok

21:15:38.0196 4340 nvsvc (782945716ad010ac3d41758e8e52c735) C:\Windows\system32\nvvsvc.exe

21:15:38.0210 4340 nvsvc - ok

21:15:38.0297 4340 nvUpdatusService (a974e5c310b9b00894070ceb055d467f) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

21:15:38.0329 4340 nvUpdatusService - ok

21:15:38.0419 4340 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys

21:15:38.0426 4340 nv_agp - ok

21:15:38.0449 4340 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys

21:15:38.0465 4340 ohci1394 - ok

21:15:38.0503 4340 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:15:38.0516 4340 ose - ok

21:15:38.0698 4340 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

21:15:38.0800 4340 osppsvc - ok

21:15:38.0868 4340 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

21:15:38.0903 4340 p2pimsvc - ok

21:15:38.0923 4340 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll

21:15:38.0948 4340 p2psvc - ok

21:15:38.0977 4340 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

21:15:38.0988 4340 Parport - ok

21:15:39.0010 4340 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys

21:15:39.0019 4340 partmgr - ok

21:15:39.0027 4340 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

21:15:39.0051 4340 Parvdm - ok

21:15:39.0074 4340 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll

21:15:39.0093 4340 PcaSvc - ok

21:15:39.0118 4340 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys

21:15:39.0127 4340 pci - ok

21:15:39.0144 4340 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys

21:15:39.0151 4340 pciide - ok

21:15:39.0175 4340 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

21:15:39.0183 4340 pcmcia - ok

21:15:39.0195 4340 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

21:15:39.0201 4340 pcw - ok

21:15:39.0230 4340 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

21:15:39.0249 4340 PEAUTH - ok

21:15:39.0291 4340 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll

21:15:39.0313 4340 PeerDistSvc - ok

21:15:39.0375 4340 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll

21:15:39.0413 4340 pla - ok

21:15:39.0503 4340 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll

21:15:39.0547 4340 PlugPlay - ok

21:15:39.0567 4340 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll

21:15:39.0596 4340 PNRPAutoReg - ok

21:15:39.0617 4340 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

21:15:39.0631 4340 PNRPsvc - ok

21:15:39.0665 4340 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll

21:15:39.0697 4340 PolicyAgent - ok

21:15:39.0726 4340 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll

21:15:39.0754 4340 Power - ok

21:15:39.0810 4340 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

21:15:39.0854 4340 PptpMiniport - ok

21:15:39.0869 4340 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

21:15:39.0888 4340 Processor - ok

21:15:39.0932 4340 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll

21:15:39.0966 4340 ProfSvc - ok

21:15:39.0986 4340 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:15:40.0002 4340 ProtectedStorage - ok

21:15:40.0028 4340 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

21:15:40.0053 4340 Psched - ok

21:15:40.0112 4340 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

21:15:40.0132 4340 ql2300 - ok

21:15:40.0216 4340 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

21:15:40.0231 4340 ql40xx - ok

21:15:40.0254 4340 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll

21:15:40.0288 4340 QWAVE - ok

21:15:40.0309 4340 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

21:15:40.0336 4340 QWAVEdrv - ok

21:15:40.0349 4340 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

21:15:40.0373 4340 RasAcd - ok

21:15:40.0406 4340 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

21:15:40.0449 4340 RasAgileVpn - ok

21:15:40.0464 4340 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll

21:15:40.0480 4340 RasAuto - ok

21:15:40.0506 4340 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

21:15:40.0543 4340 Rasl2tp - ok

21:15:40.0568 4340 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll

21:15:40.0585 4340 RasMan - ok

21:15:40.0597 4340 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

21:15:40.0613 4340 RasPppoe - ok

21:15:40.0628 4340 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

21:15:40.0655 4340 RasSstp - ok

21:15:40.0683 4340 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys

21:15:40.0698 4340 rdbss - ok

21:15:40.0707 4340 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

21:15:40.0716 4340 rdpbus - ok

21:15:40.0738 4340 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys

21:15:40.0775 4340 RDPCDD - ok

21:15:40.0804 4340 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys

21:15:40.0823 4340 RDPDR - ok

21:15:40.0856 4340 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

21:15:40.0895 4340 RDPENCDD - ok

21:15:40.0901 4340 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

21:15:40.0924 4340 RDPREFMP - ok

21:15:40.0951 4340 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys

21:15:40.0987 4340 RDPWD - ok

21:15:41.0018 4340 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys

21:15:41.0028 4340 rdyboost - ok

21:15:41.0048 4340 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll

21:15:41.0072 4340 RemoteAccess - ok

21:15:41.0094 4340 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll

21:15:41.0110 4340 RemoteRegistry - ok

21:15:41.0130 4340 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll

21:15:41.0146 4340 RpcEptMapper - ok

21:15:41.0157 4340 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe

21:15:41.0179 4340 RpcLocator - ok

21:15:41.0206 4340 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

21:15:41.0224 4340 RpcSs - ok

21:15:41.0258 4340 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

21:15:41.0299 4340 rspndr - ok

21:15:41.0319 4340 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys

21:15:41.0344 4340 s3cap - ok

21:15:41.0365 4340 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:15:41.0380 4340 SamSs - ok

21:15:41.0395 4340 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys

21:15:41.0409 4340 sbp2port - ok

21:15:41.0432 4340 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll

21:15:41.0447 4340 SCardSvr - ok

21:15:41.0473 4340 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys

21:15:41.0499 4340 scfilter - ok

21:15:41.0538 4340 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll

21:15:41.0564 4340 Schedule - ok

21:15:41.0588 4340 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

21:15:41.0603 4340 SCPolicySvc - ok

21:15:41.0615 4340 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll

21:15:41.0632 4340 SDRSVC - ok

21:15:41.0666 4340 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

21:15:41.0701 4340 secdrv - ok

21:15:41.0720 4340 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll

21:15:41.0749 4340 seclogon - ok

21:15:41.0765 4340 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll

21:15:41.0797 4340 SENS - ok

21:15:41.0818 4340 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll

21:15:41.0841 4340 SensrSvc - ok

21:15:41.0892 4340 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

21:15:41.0915 4340 Serenum - ok

21:15:41.0941 4340 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

21:15:41.0956 4340 Serial - ok

21:15:41.0987 4340 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

21:15:42.0015 4340 sermouse - ok

21:15:42.0046 4340 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll

21:15:42.0076 4340 SessionEnv - ok

21:15:42.0099 4340 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

21:15:42.0127 4340 sffdisk - ok

21:15:42.0130 4340 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

21:15:42.0144 4340 sffp_mmc - ok

21:15:42.0158 4340 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys

21:15:42.0179 4340 sffp_sd - ok

21:15:42.0203 4340 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

21:15:42.0224 4340 sfloppy - ok

21:15:42.0258 4340 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll

21:15:42.0304 4340 SharedAccess - ok

21:15:42.0335 4340 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll

21:15:42.0356 4340 ShellHWDetection - ok

21:15:42.0377 4340 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys

21:15:42.0386 4340 sisagp - ok

21:15:42.0418 4340 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

21:15:42.0426 4340 SiSRaid2 - ok

21:15:42.0435 4340 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

21:15:42.0443 4340 SiSRaid4 - ok

21:15:42.0483 4340 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files\Skype\Updater\Updater.exe

21:15:42.0490 4340 SkypeUpdate - ok

21:15:42.0507 4340 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

21:15:42.0524 4340 Smb - ok

21:15:42.0549 4340 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe

21:15:42.0564 4340 SNMPTRAP - ok

21:15:42.0575 4340 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

21:15:42.0585 4340 spldr - ok

21:15:42.0634 4340 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe

21:15:42.0676 4340 Spooler - ok

21:15:42.0780 4340 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe

21:15:42.0827 4340 sppsvc - ok

21:15:42.0919 4340 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll

21:15:42.0945 4340 sppuinotify - ok

21:15:43.0016 4340 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\Windows\System32\Drivers\N360\0602010.005\SRTSP.SYS

21:15:43.0034 4340 SRTSP - ok

21:15:43.0054 4340 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\Windows\system32\drivers\N360\0602010.005\SRTSPX.SYS

21:15:43.0059 4340 SRTSPX - ok

21:15:43.0082 4340 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys

21:15:43.0114 4340 srv - ok

21:15:43.0135 4340 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys

21:15:43.0152 4340 srv2 - ok

21:15:43.0164 4340 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys

21:15:43.0184 4340 srvnet - ok

21:15:43.0201 4340 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll

21:15:43.0218 4340 SSDPSRV - ok

21:15:43.0230 4340 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll

21:15:43.0260 4340 SstpSvc - ok

21:15:43.0293 4340 Steam Client Service - ok

21:15:43.0360 4340 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

21:15:43.0373 4340 Stereo Service - ok

21:15:43.0398 4340 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

21:15:43.0405 4340 stexstor - ok

21:15:43.0417 4340 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys

21:15:43.0431 4340 StillCam - ok

21:15:43.0459 4340 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll

21:15:43.0471 4340 StiSvc - ok

21:15:43.0489 4340 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys

21:15:43.0496 4340 storflt - ok

21:15:43.0514 4340 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll

21:15:43.0531 4340 StorSvc - ok

21:15:43.0543 4340 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys

21:15:43.0549 4340 storvsc - ok

21:15:43.0556 4340 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys

21:15:43.0563 4340 swenum - ok

21:15:43.0591 4340 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll

21:15:43.0619 4340 swprv - ok

21:15:43.0677 4340 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\N360\0602010.005\SYMDS.SYS

21:15:43.0693 4340 SymDS - ok

21:15:43.0723 4340 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\Windows\system32\drivers\N360\0602010.005\SYMEFA.SYS

21:15:43.0739 4340 SymEFA - ok

21:15:43.0761 4340 SymEvent (74e2521e96176a4449570e50be91954d) C:\Windows\system32\Drivers\SYMEVENT.SYS

21:15:43.0767 4340 SymEvent - ok

21:15:43.0788 4340 SYMFW - ok

21:15:43.0800 4340 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\Windows\system32\drivers\N360\0602010.005\Ironx86.SYS

21:15:43.0806 4340 SymIRON - ok

21:15:43.0808 4340 SYMNDISV - ok

21:15:43.0845 4340 SymNetS (3ee215d6fe821e3edf0f7134d9ae905a) C:\Windows\system32\drivers\N360\0602010.005\SYMNETS.SYS

21:15:43.0860 4340 SymNetS - ok

21:15:43.0916 4340 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll

21:15:43.0949 4340 SysMain - ok

21:15:43.0971 4340 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll

21:15:43.0991 4340 TabletInputService - ok

21:15:44.0013 4340 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll

21:15:44.0029 4340 TapiSrv - ok

21:15:44.0052 4340 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll

21:15:44.0082 4340 TBS - ok

21:15:44.0151 4340 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys

21:15:44.0175 4340 Tcpip - ok

21:15:44.0277 4340 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys

21:15:44.0298 4340 TCPIP6 - ok

21:15:44.0359 4340 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys

21:15:44.0375 4340 tcpipreg - ok

21:15:44.0397 4340 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys

21:15:44.0414 4340 TDPIPE - ok

21:15:44.0421 4340 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys

21:15:44.0441 4340 TDTCP - ok

21:15:44.0484 4340 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys

21:15:44.0525 4340 tdx - ok

21:15:44.0545 4340 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys

21:15:44.0551 4340 TermDD - ok

21:15:44.0587 4340 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll

21:15:44.0625 4340 TermService - ok

21:15:44.0644 4340 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll

21:15:44.0662 4340 Themes - ok

21:15:44.0681 4340 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

21:15:44.0712 4340 THREADORDER - ok

21:15:44.0730 4340 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll

21:15:44.0756 4340 TrkWks - ok

21:15:44.0808 4340 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe

21:15:44.0843 4340 TrustedInstaller - ok

21:15:44.0859 4340 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys

21:15:44.0879 4340 tssecsrv - ok

21:15:44.0921 4340 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys

21:15:44.0948 4340 TsUsbFlt - ok

21:15:44.0999 4340 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys

21:15:45.0037 4340 tunnel - ok

21:15:45.0058 4340 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

21:15:45.0065 4340 uagp35 - ok

21:15:45.0094 4340 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys

21:15:45.0118 4340 udfs - ok

21:15:45.0138 4340 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe

21:15:45.0160 4340 UI0Detect - ok

21:15:45.0197 4340 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys

21:15:45.0210 4340 uliagpkx - ok

21:15:45.0226 4340 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys

21:15:45.0242 4340 umbus - ok

21:15:45.0263 4340 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

21:15:45.0286 4340 UmPass - ok

21:15:45.0314 4340 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll

21:15:45.0342 4340 UmRdpService - ok

21:15:45.0428 4340 UNS (0f9e1bc7e2bea1a4108ec9736cf0c2d9) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

21:15:45.0444 4340 UNS - ok

21:15:45.0472 4340 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll

21:15:45.0498 4340 upnphost - ok

21:15:45.0528 4340 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys

21:15:45.0543 4340 USBAAPL - ok

21:15:45.0566 4340 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys

21:15:45.0575 4340 usbaudio - ok

21:15:45.0589 4340 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys

21:15:45.0611 4340 usbccgp - ok

21:15:45.0628 4340 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys

21:15:45.0637 4340 usbcir - ok

21:15:45.0654 4340 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys

21:15:45.0661 4340 usbehci - ok

21:15:45.0689 4340 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys

21:15:45.0705 4340 usbhub - ok

21:15:45.0715 4340 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys

21:15:45.0731 4340 usbohci - ok

21:15:45.0750 4340 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

21:15:45.0759 4340 usbprint - ok

21:15:45.0771 4340 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:15:45.0804 4340 USBSTOR - ok

21:15:45.0816 4340 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys

21:15:45.0838 4340 usbuhci - ok

21:15:45.0857 4340 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll

21:15:45.0884 4340 UxSms - ok

21:15:45.0907 4340 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

21:15:45.0915 4340 VaultSvc - ok

21:15:45.0938 4340 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys

21:15:45.0945 4340 vdrvroot - ok

21:15:45.0982 4340 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe

21:15:46.0010 4340 vds - ok

21:15:46.0041 4340 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

21:15:46.0062 4340 vga - ok

21:15:46.0072 4340 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

21:15:46.0094 4340 VgaSave - ok

21:15:46.0110 4340 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys

21:15:46.0117 4340 vhdmp - ok

21:15:46.0171 4340 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys

21:15:46.0184 4340 viaagp - ok

21:15:46.0200 4340 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

21:15:46.0215 4340 ViaC7 - ok

21:15:46.0293 4340 VIAHdAudAddService (0047faa46d655fe2cb3191f4183a9010) C:\Windows\system32\drivers\viahduaa.sys

21:15:46.0316 4340 VIAHdAudAddService - ok

21:15:46.0391 4340 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys

21:15:46.0404 4340 viaide - ok

21:15:46.0429 4340 VIAKaraokeService (65de19339d794d652119973c28512031) C:\Windows\system32\viakaraokesrv.exe

21:15:46.0437 4340 VIAKaraokeService - ok

21:15:46.0450 4340 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys

21:15:46.0460 4340 vmbus - ok

21:15:46.0481 4340 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys

21:15:46.0499 4340 VMBusHID - ok

21:15:46.0518 4340 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys

21:15:46.0526 4340 volmgr - ok

21:15:46.0557 4340 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

21:15:46.0567 4340 volmgrx - ok

21:15:46.0592 4340 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys

21:15:46.0601 4340 volsnap - ok

21:15:46.0627 4340 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

21:15:46.0635 4340 vsmraid - ok

21:15:46.0678 4340 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe

21:15:46.0710 4340 VSS - ok

21:15:46.0720 4340 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys

21:15:46.0740 4340 vwifibus - ok

21:15:46.0754 4340 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys

21:15:46.0780 4340 vwififlt - ok

21:15:46.0856 4340 VX1000 (d22c6b9c2f840d403fd387ad207a4b16) C:\Windows\system32\DRIVERS\VX1000.sys

21:15:46.0878 4340 VX1000 - ok

21:15:46.0953 4340 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll

21:15:46.0973 4340 W32Time - ok

21:15:47.0001 4340 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

21:15:47.0034 4340 WacomPen - ok

21:15:47.0061 4340 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

21:15:47.0083 4340 WANARP - ok

21:15:47.0085 4340 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

21:15:47.0100 4340 Wanarpv6 - ok

21:15:47.0166 4340 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe

21:15:47.0185 4340 WatAdminSvc - ok

21:15:47.0294 4340 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe

21:15:47.0331 4340 wbengine - ok

21:15:47.0353 4340 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll

21:15:47.0372 4340 WbioSrvc - ok

21:15:47.0395 4340 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll

21:15:47.0406 4340 wcncsvc - ok

21:15:47.0413 4340 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll

21:15:47.0453 4340 WcsPlugInService - ok

21:15:47.0485 4340 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

21:15:47.0498 4340 Wd - ok

21:15:47.0522 4340 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

21:15:47.0532 4340 Wdf01000 - ok

21:15:47.0540 4340 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

21:15:47.0579 4340 WdiServiceHost - ok

21:15:47.0581 4340 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

21:15:47.0591 4340 WdiSystemHost - ok

21:15:47.0619 4340 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll

21:15:47.0636 4340 WebClient - ok

21:15:47.0664 4340 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll

21:15:47.0681 4340 Wecsvc - ok

21:15:47.0691 4340 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll

21:15:47.0714 4340 wercplsupport - ok

21:15:47.0735 4340 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll

21:15:47.0750 4340 WerSvc - ok

21:15:47.0767 4340 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

21:15:47.0782 4340 WfpLwf - ok

21:15:47.0802 4340 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

21:15:47.0809 4340 WIMMount - ok

21:15:47.0867 4340 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll

21:15:47.0889 4340 WinDefend - ok

21:15:47.0891 4340 WinHttpAutoProxySvc - ok

21:15:47.0937 4340 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll

21:15:47.0962 4340 Winmgmt - ok

21:15:48.0018 4340 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll

21:15:48.0049 4340 WinRM - ok

21:15:48.0108 4340 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys

21:15:48.0133 4340 WinUsb - ok

21:15:48.0176 4340 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll

21:15:48.0202 4340 Wlansvc - ok

21:15:48.0214 4340 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys

21:15:48.0221 4340 WmiAcpi - ok

21:15:48.0268 4340 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe

21:15:48.0301 4340 wmiApSrv - ok

21:15:48.0390 4340 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe

21:15:48.0438 4340 WMPNetworkSvc - ok

21:15:48.0501 4340 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll

21:15:48.0536 4340 WPCSvc - ok

21:15:48.0562 4340 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll

21:15:48.0600 4340 WPDBusEnum - ok

21:15:48.0626 4340 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

21:15:48.0665 4340 ws2ifsl - ok

21:15:48.0686 4340 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll

21:15:48.0698 4340 wscsvc - ok

21:15:48.0757 4340 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys

21:15:48.0771 4340 WSDPrintDevice - ok

21:15:48.0774 4340 WSearch - ok

21:15:48.0867 4340 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll

21:15:48.0890 4340 wuauserv - ok

21:15:48.0982 4340 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys

21:15:49.0007 4340 WudfPf - ok

21:15:49.0027 4340 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys

21:15:49.0050 4340 WUDFRd - ok

21:15:49.0073 4340 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll

21:15:49.0112 4340 wudfsvc - ok

21:15:49.0140 4340 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll

21:15:49.0172 4340 WwanSvc - ok

21:15:49.0206 4340 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1

21:15:49.0491 4340 \Device\Harddisk1\DR1 - ok

21:15:49.0502 4340 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

21:15:49.0564 4340 \Device\Harddisk0\DR0 - ok

21:15:49.0567 4340 Boot (0x1200) (2c892d82631932fa26e4ef695b49ba5b) \Device\Harddisk1\DR1\Partition0

21:15:49.0569 4340 \Device\Harddisk1\DR1\Partition0 - ok

21:15:49.0615 4340 Boot (0x1200) (28322ec8c026af6aabf3d03b1f4ea458) \Device\Harddisk1\DR1\Partition1

21:15:49.0617 4340 \Device\Harddisk1\DR1\Partition1 - ok

21:15:49.0639 4340 Boot (0x1200) (edb22453a29b9f68aed8721256e5525a) \Device\Harddisk0\DR0\Partition0

21:15:49.0641 4340 \Device\Harddisk0\DR0\Partition0 - ok

21:15:49.0642 4340 ============================================================

21:15:49.0642 4340 Scan finished

21:15:49.0642 4340 ============================================================

21:15:49.0650 5864 Detected object count: 2

21:15:49.0650 5864 Actual detected object count: 2

21:15:51.0824 5864 ICCS ( UnsignedFile.Multi.Generic ) - skipped by user

21:15:51.0824 5864 ICCS ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:15:51.0825 5864 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

21:15:51.0825 5864 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

Maniac · August 6, 2012

I want to see the log file from Malwarebytes' Anti-Malware.

sichter88 · August 6, 2012

Malwarebytes Anti-Malware (PRO) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.06.06

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

SICHTER :: SICHTER-PC [administrator]

Protection: Enabled

06/08/12 9:10:28 PM

mbam-log-2012-08-06 (21-10-28).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 206770

Time elapsed: 3 minute(s), 26 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

sichter88 · August 7, 2012

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1

Run by SICHTER at 8:17:31 on 2012-08-06

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3562.1958 [GMT 10:00]

.

AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\Windows\system32\viakaraokesrv.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\GIGABYTE\ET6\GUI.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\vVX1000.exe

C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Users\SICHTER\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Users\SICHTER\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\SICHTER\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\6.2.1.5\coIEPlg.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\6.2.1.5\ips\IPSBHO.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~1\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll