Iam being redirected by scour virus when I click on a links on IE

[manickr]

So often when i search in google and click on the links, i am being redirected to different websites and some time it says scour.com or somehting like that. I am running Windows 7 professional SP1 on a 64 bit laptop. Please help me to remove ths scour virus.

Thanks

Raj

[aliB]

hi

Before we begin, I would like to make a few things clear so that we can fix your problem as efficiently as possible:

• Be sure to follow all my instructions carefully! If there is anything you don''t understand, don't hesitate to ask.
  
• Please do not do anything or perform other steps unless I have asked you to do so.
  
• Please make sure you post all logs I ask you to, and make sure that the entire log gets posted.
  

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
  
• Select All Users
  
• Under the Custom Scan box paste this in
  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  services.*
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  qmgr.dll
  /md5stop
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
  CREATERESTOREPOINT
  
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Post both logs
    

THEN

Download aswMBR.exe ( 4.8mb ) to your desktop.

Double click the aswMBR.exe to run it Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

Things I would like to see in your reply:

• aswMBR log
  
• OTL.txt and Extras.txt
  

[Maurice Naggar]

This is Closed due to no response.

[Maurice Naggar]

Re-opened per member request.

[aliB]

post the logs please.

[manickr]

I am working on this and will post the log within next 2 hours.

Thanks

[manickr]

Attached are OTX and extras logs.

Extras.Txt

OTL.Txt

[manickr]

ASWMBR log is attached

aswMBR.txt

[aliB]

hi

• Download RogueKiller and save it on your desktop.
  
• Quit all programs
  
• Start RogueKiller.exe.
  
• Wait until Prescan has finished ...
  
• Click on Scan
  

• Wait for the end of the scan.
  
• The report has been created on the desktop.
  
• Click on the Delete button.
  

• The report has been created on the desktop.
  

• Next click on the ShortcutsFix
  
  
• The report has been created on the desktop.
  

Please post: All RKreport.txt text files located on your desktop.

THEN

please download Listparts64

Run the tool, click Scan and post the log (Result.txt) it makes.

[manickr]

RK reports attached per your instruction.

RKreport1.txt

RKreport2.txt

RKreport3.txt

[manickr]

Here is the results file from LISTPART64.exe

Result.txt

[aliB]

are you still getting redirected ?

from now on post the log files do NOT attach them.

[manickr]

Yes, I am still getting redirected. In fact, just before i replied to you, i just tested it and it took me to the site which i was not intended to go. Attached is the link if you want to see it.

http://63.209.69.107/search/web/hard+disc+for+sony+laptops/a22/46938-12111/v5. Per your request, I will post the log file and wil not attach it.

Thanks for your help.

[aliB]

hi

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1

Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
  
• Accept the disclaimer and allow to update if it asks
  
  
  
• When finished, it shall produce a log for you.
  
• Please include the C:\ComboFix.txt in your next reply.
  

Notes:

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

[manickr]

Hello:

I ran combofix oer your instruction and after 10 minutes or so, my screen timed out and locked out. Then i tried to log back and i was not able to log in. I restarted the machine and started in the safe mode and i was able to log in. As soon as i logged in using safe mode, combofix window popped out and it created a log file after few minutes. When this process was complete, I rebooted the machine and tried to log back in normally. When i enter the password, it says, " the request is not supported". At this stage i am not able to log in to my system. Please help.

[aliB]

hi

Boot into safe mode

In safe Mode do the following

• Click on Start menu and click All Programs
  
• Click on Accessories and right click on Command Prompt and select ‘Run as Administrator’
  
• Then type the command mentioned below to disable the password.
  
• To disable the Windows 7 administrator account:
  net user administrator /active:no
  

Reboot again into normal mode and see if you can access the desktop

[manickr]

Hello:

Right after I posted my previous message aboit login issue, i tried to reboot the computer one time after hard powering it off. When it came on, it asked me if i want to go back to earlier restore point and i said yes. Now i am able to log in. But i am not sure if this casued everything to be undone.I apologise for this step before your instruction.Just for your information, combofix did show me that it is creating a restore point. Please let me know where should i start again? For your information, below is the log file from combofix,

ComboFix 12-08-22.03 - rmanickam 08/23/2012 15:03:47.1.8 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16265.13085 [GMT -4:00]

Running from: c:\users\rmanickam.HERSEYMETERS\Desktop\ComboFix.exe

AV: Symantec Endpoint Protection *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

SP: Symantec Endpoint Protection *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\rmanickam.HERSEYMETERS\AppData\Roaming\asfis.dll

c:\windows\SysWow64\instsrv.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-07-23 to 2012-08-23 )))))))))))))))))))))))))))))))

.

.

2012-08-23 19:19 . 2012-08-23 19:19 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-08-23 19:19 . 2012-08-23 19:19 -------- d-----w- c:\users\rmanickam\AppData\Local\temp

2012-08-23 19:19 . 2012-08-23 19:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-23 19:19 . 2012-08-23 19:19 -------- d-----w- c:\users\administrator\AppData\Local\temp

2012-08-21 13:23 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6249EE3-9344-4EA6-9238-5FCD13400770}\mpengine.dll

2012-08-16 19:07 . 2012-08-16 19:07 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-16 13:13 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys

2012-08-16 13:11 . 2012-06-29 03:56 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-16 01:33 . 2012-08-16 01:34 -------- d-----w- c:\program files (x86)\SmartDraw 2012

2012-08-14 14:01 . 2012-06-05 07:37 256904 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys

2012-08-10 15:14 . 2012-08-10 15:23 -------- d-----w- c:\users\rmanickam.HERSEYMETERS\AppData\Roaming\SPE

2012-08-06 20:42 . 2009-09-24 16:55 26824 ----a-w- c:\windows\system32\novamnk6.dll

2012-08-06 20:42 . 2009-09-24 16:55 19656 ----a-w- c:\windows\system32\novamik6.dll

2012-08-06 20:42 . 2012-08-06 20:42 -------- d-----w- c:\program files\Softland

2012-08-06 20:42 . 2012-08-06 20:42 -------- d-----w- c:\program files (x86)\SmartDraw PDF Export

2012-08-06 18:01 . 2012-08-06 18:15 -------- d-----w- c:\users\rmanickam.HERSEYMETERS\AppData\Roaming\SmartDraw

2012-08-05 22:35 . 2012-08-05 22:35 -------- d-----w- c:\users\rmanickam.HERSEYMETERS\AppData\Local\Octoshape

2012-08-05 22:35 . 2012-08-05 22:35 -------- d-----w- c:\users\rmanickam.HERSEYMETERS\AppData\Roaming\Octoshape

2012-08-03 16:07 . 2012-08-03 16:07 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll

2012-08-03 16:07 . 2012-08-03 16:07 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll

2012-08-03 15:13 . 2012-08-03 15:13 -------- d-----w- c:\users\rmanickam.HERSEYMETERS\AppData\Local\HorizonWimba

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-16 13:08 . 2011-06-28 00:23 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-15 02:40 . 2012-04-05 19:35 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 02:40 . 2011-07-13 23:59 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-03 17:46 . 2011-06-27 19:18 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-09 05:43 . 2012-07-11 13:13 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 12:49 . 2012-06-06 12:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX

2012-06-06 06:06 . 2012-07-11 13:13 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-11 13:13 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-11 13:12 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-11 13:13 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-11 13:13 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-11 13:12 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-19 13:08 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-19 13:08 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-19 13:08 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-19 13:08 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-19 13:08 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-19 13:08 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-19 13:08 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 19:19 . 2012-06-19 13:07 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 19:15 . 2012-06-19 13:07 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-11 13:13 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-11 13:13 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:48 . 2012-07-11 13:13 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:45 . 2012-07-11 13:13 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-11 13:13 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-11 13:13 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-11 13:13 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-11 13:13 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-11 13:13 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-05-31 16:25 . 2011-06-27 19:02 279656 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2011-05-03 487424]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2012-07-27 1261512]

"Octoshape Streaming Services"="c:\users\rmanickam.HERSEYMETERS\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2011-03-24 107800]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-25 6595928]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]

"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2010-12-03 112152]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-03-12 462993]

"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]

"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-04-29 50472]

"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]

"Client Access Service"="c:\program files (x86)\IBM\Client Access\cwbsvstr.exe" [2007-03-09 24627]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2010-01-25 115560]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Reader Application Helper"="c:\program files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe" [2012-01-31 892928]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-2-8 1136928]

Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2010-8-24 1549680]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

"DisableCAD"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

R2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]

R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-10-28 1035680]

R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-10-28 36768]

R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

R2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 517488]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 136176]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]

R2 impi_smpd;Intel® MPI Library Process Manager, Intel;c:\program files\IntelMPI\x64\smpd-intel-4.0.3.009-x64.exe [2011-10-11 1611168]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-09-22 165032]

R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]

R2 MDXComManagerR1000;Moldex3D Remote Computing Server R10;c:\moldex3d\R10.0\Bin\BatchJobManager\MDXComManagerR1000.exe [2011-06-02 712704]

R2 MDXComManagerR11;Moldex3D Remote Computing Server R11;c:\moldex3d\R11.0\Bin\MDXComManagerR11.exe [2011-12-20 1046528]

R2 MDXParallelServiceR10SP2;Moldex3D Parallel Service R10 SP2;c:\program files\MPICH2\R10SP2\x64\MDXParallelServiceR10SP2.exe [2011-05-20 336384]

R2 MDXParallelServiceR11;Moldex3D Parallel Service R11;c:\program files\IntelMPI\x64\MDXParallelServiceR11.exe [2011-12-07 262144]

R2 Moldex3D-LM Service;Moldex3D-LM Service;c:\moldex3d\Moldex3DLMSR\MDX3DLMService.exe [2011-11-02 755712]

R2 mpich2_smpd_MdxR10;MPICH2 Process Manager for Moldex3D R10, Argonne National Lab;c:\program files\MPICH2\R10SP2\x64\smpd-1.2.1-x64.exe [2010-05-13 573440]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-07 2009704]

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

R2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]

R2 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2009-09-17 369952]

R2 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2009-09-17 292128]

R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-03 378472]

R2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-03 2656280]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]

R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-06-16 349736]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-06-16 39464]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 172960]

R3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2010-08-24 38440]

R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2010-10-28 315568]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-08 138912]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-06-29 1431888]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 136176]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-03 113120]

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]

R3 NtrigDigitizerUSBLowerFilter;N-Trig DuoSense Control Interface Filter Driver;c:\windows\system32\DRIVERS\NtrigDigitizerUSBLowerFilter.sys [2011-01-22 13776]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-02-07 173160]

R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\DRIVERS\O2MDFw7x64.sys [2011-01-03 72808]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

R3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-28 1255736]

R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]

R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-02-04 25960]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]

S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]

S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]

S3 O2MDRRDR;O2MDRRDR;c:\windows\system32\DRIVERS\O2MDRw7x64.sys [2011-01-03 74984]

S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2011-01-04 75240]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 02:40]

.

2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 02:52]

.

2012-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-14 02:52]

.

2012-08-23 c:\windows\Tasks\SDMsgUpdate (TE).job

- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-08-16 18:22]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]

@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"

[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]

2010-10-16 21:17 138608 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]

@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"

[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]

2010-10-16 21:17 138608 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-01-05 592240]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-07 525312]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-14 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-14 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-14 418328]

"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-02-03 312936]

"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-23 1934608]

"NtrigApplet"="c:\program files\N-trig\DuoSense Control Apps\NtrigApplet.exe" [2011-06-16 2575872]

"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]

"combofix"="c:\combofix\CF1011.3XE" [2010-11-20 345088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"combofix"="c:\combofix\CF1011.3XE" [2010-11-20 345088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.yahoo.com/

mLocal Page = c:\windows\system32\blank.htm

TCP: DhcpNameServer = 10.50.0.1 192.168.1.1

FF - ProfilePath - c:\users\rmanickam.HERSEYMETERS\AppData\Roaming\Mozilla\Firefox\Profiles\e9vx3ueb.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=mkg030&p=

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mkg030&p=

FF - prefs.js: network.proxy.type - 0

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

SafeBoot-08706233.sys

SafeBoot-Symantec Antvirus

Toolbar-Locked - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]

"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,

bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

c:\program files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

.

**************************************************************************

.

Completion time: 2012-08-23 17:11:50 - machine was rebooted

ComboFix-quarantined-files.txt 2012-08-23 21:11

.

Pre-Run: 115,349,528,576 bytes free

Post-Run: 116,581,793,792 bytes free

.

- - End Of File - - 3A571F8BC706884D90618D9CC58789B2

[aliB]

hi

Step 1

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

Step 2

ESET Online Scanner

1. Click on the following link to open ESET OnlineScan in a new window.
   ESET OnlineScan
   
2. Click the button.
   
3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
   
   1. 
      
   2. Click on to download the ESET Smart Installer. Save it to your desktop.
      
   3. Double click on the icon on your desktop.
      
   4. Check
      
   5. Click the button.
      
   6. Accept any security warnings from your browser.
      
   7. Check
      
   8. Push the Start button.
      
   9. ESET will then download updates for itself, install itself, and begin
      scanning your computer. Please be patient as this can take some time.
      
   10. When the scan completes, push
       
   11. Push , and save the file to your desktop using a unique name, such as
       ESETScan. Include the contents of this report in your next reply.
       
   12. Push the button.
       
   13. Push
       
       

[manickr]

Here is the log from MBAM: Even though MB finds no threats, i just saw symantec auto protection popinig out ad saying there are lot of trojans and it is quarantining them. I am not able to past the pic and i can attach the lsit of trojans if you want me to. I will do the second step in my next reply.

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.23.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

rmanickam :: ENG-RAJ [administrator]

Protection: Enabled

8/23/2012 6:15:52 PM

mbam-log-2012-08-23 (18-15-52).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 267054

Time elapsed: 5 minute(s), 52 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[aliB]

attach a list along with the eset log please.

[manickr]

Here is the log from eset scan:

C:\Qoobox\Quarantine\C\Users\rmanickam.HERSEYMETERS\AppData\Roaming\asfis.dll.vir a variant of Win32/Medfos.BT trojan cleaned by deleting - quarantined

C:\Users\rmanickam.HERSEYMETERS\AppData\Local\{76409225-D456-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined

C:\Users\rmanickam.HERSEYMETERS\AppData\Roaming\asfis.dll a variant of Win32/Medfos.BT trojan cleaned by deleting (after the next restart) - quarantined

C:\Users\rmanickam.HERSEYMETERS\Desktop\RK_Quarantine\asfis.dll.vir a variant of Win32/Medfos.BT trojan cleaned by deleting - quarantined

[manickr]

Its almost midnight for me. I will check your next instruction tomorrow before noon time. Thanks.

[aliB]

hi

are you still getting redirected ?

Download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application
  
  
• Then click on Change parameters.
  
  
• Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  
• Click the Start Scan button.
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
• If malicious objects are found, they will show in the Scan results and offer three (3) options.
  
• Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  
• Get the report by selecting Reports
  
  
• Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  

Please copy and paste its contents on your next reply.

[manickr]

TDSSKILLER LOG is below:

09:35:36.0119 10896 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

09:35:36.0362 10896 ============================================================

09:35:36.0363 10896 Current date / time: 2012/08/24 09:35:36.0362

09:35:36.0363 10896 SystemInfo:

09:35:36.0363 10896

09:35:36.0363 10896 OS Version: 6.1.7601 ServicePack: 1.0

09:35:36.0363 10896 Product type: Workstation

09:35:36.0363 10896 ComputerName: ENG-RAJ

09:35:36.0363 10896 UserName: rmanickam

09:35:36.0363 10896 Windows directory: C:\Windows

09:35:36.0363 10896 System windows directory: C:\Windows

09:35:36.0363 10896 Running under WOW64

09:35:36.0363 10896 Processor architecture: Intel x64

09:35:36.0363 10896 Number of processors: 8

09:35:36.0363 10896 Page size: 0x1000

09:35:36.0363 10896 Boot type: Normal boot

09:35:36.0363 10896 ============================================================

09:35:37.0030 10896 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:35:37.0042 10896 ============================================================

09:35:37.0042 10896 \Device\Harddisk0\DR0:

09:35:37.0042 10896 MBR partitions:

09:35:37.0042 10896 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000

09:35:37.0042 10896 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18C000, BlocksNum 0x3A1F8000

09:35:37.0042 10896 ============================================================

09:35:37.0070 10896 C: <-> \Device\Harddisk0\DR0\Partition2

09:35:37.0070 10896 ============================================================

09:35:37.0070 10896 Initialize success

09:35:37.0070 10896 ============================================================

09:36:37.0602 8844 ============================================================

09:36:37.0602 8844 Scan started

09:36:37.0602 8844 Mode: Manual; SigCheck; TDLFS;

09:36:37.0602 8844 ============================================================

09:36:37.0793 8844 ================ Scan system memory ========================

09:36:37.0793 8844 System memory - ok

09:36:37.0793 8844 ================ Scan services =============================

09:36:37.0941 8844 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

09:36:38.0040 8844 1394ohci - ok

09:36:38.0101 8844 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys

09:36:38.0118 8844 Acceler - ok

09:36:38.0249 8844 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

09:36:38.0264 8844 ACPI - ok

09:36:38.0335 8844 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

09:36:38.0387 8844 AcpiPmi - ok

09:36:38.0544 8844 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

09:36:38.0566 8844 AdobeARMservice - ok

09:36:38.0694 8844 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

09:36:38.0742 8844 AdobeFlashPlayerUpdateSvc - ok

09:36:38.0794 8844 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

09:36:38.0822 8844 adp94xx - ok

09:36:38.0881 8844 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

09:36:38.0906 8844 adpahci - ok

09:36:38.0918 8844 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

09:36:38.0938 8844 adpu320 - ok

09:36:38.0955 8844 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

09:36:39.0044 8844 AeLookupSvc - ok

09:36:39.0164 8844 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe

09:36:39.0233 8844 AESTFilters - ok

09:36:39.0298 8844 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

09:36:39.0387 8844 AFD - ok

09:36:39.0444 8844 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

09:36:39.0466 8844 agp440 - ok

09:36:39.0480 8844 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

09:36:39.0525 8844 ALG - ok

09:36:39.0572 8844 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

09:36:39.0588 8844 aliide - ok

09:36:39.0592 8844 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

09:36:39.0609 8844 amdide - ok

09:36:39.0661 8844 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

09:36:39.0706 8844 AmdK8 - ok

09:36:39.0731 8844 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

09:36:39.0814 8844 AmdPPM - ok

09:36:39.0859 8844 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

09:36:39.0878 8844 amdsata - ok

09:36:39.0936 8844 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

09:36:39.0956 8844 amdsbs - ok

09:36:39.0964 8844 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

09:36:39.0976 8844 amdxata - ok

09:36:40.0045 8844 [ CA5F1BD1261BC771D30096BBCFD625A0 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys

09:36:40.0065 8844 ApfiltrService - ok

09:36:40.0135 8844 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

09:36:40.0165 8844 AppID - ok

09:36:40.0180 8844 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

09:36:40.0229 8844 AppIDSvc - ok

09:36:40.0264 8844 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

09:36:40.0333 8844 Appinfo - ok

09:36:40.0388 8844 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

09:36:40.0465 8844 AppMgmt - ok

09:36:40.0519 8844 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys

09:36:40.0544 8844 arc - ok

09:36:40.0550 8844 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

09:36:40.0567 8844 arcsas - ok

09:36:40.0607 8844 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

09:36:40.0665 8844 AsyncMac - ok

09:36:40.0715 8844 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

09:36:40.0731 8844 atapi - ok

09:36:40.0799 8844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

09:36:40.0877 8844 AudioEndpointBuilder - ok

09:36:40.0893 8844 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

09:36:40.0935 8844 AudioSrv - ok

09:36:41.0039 8844 [ 721409129AB3503B6C96404FE8D8CDF0 ] Automatic LiveUpdate Scheduler C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe

09:36:41.0073 8844 Automatic LiveUpdate Scheduler - ok

09:36:41.0153 8844 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

09:36:41.0243 8844 AxInstSV - ok

09:36:41.0304 8844 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

09:36:41.0383 8844 b06bdrv - ok

09:36:41.0450 8844 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

09:36:41.0499 8844 b57nd60a - ok

09:36:41.0680 8844 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe

09:36:41.0707 8844 BBSvc - ok

09:36:42.0457 8844 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe

09:36:42.0484 8844 BBUpdate - ok

09:36:42.0533 8844 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

09:36:42.0611 8844 BDESVC - ok

09:36:42.0618 8844 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

09:36:42.0672 8844 Beep - ok

09:36:42.0726 8844 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

09:36:42.0761 8844 BFE - ok

09:36:42.0813 8844 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

09:36:42.0876 8844 BITS - ok

09:36:42.0919 8844 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

09:36:42.0958 8844 blbdrive - ok

09:36:43.0003 8844 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

09:36:43.0034 8844 bowser - ok

09:36:43.0081 8844 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:36:43.0124 8844 BrFiltLo - ok

09:36:43.0151 8844 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:36:43.0171 8844 BrFiltUp - ok

09:36:43.0261 8844 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

09:36:43.0328 8844 Browser - ok

09:36:43.0391 8844 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

09:36:43.0517 8844 Brserid - ok

09:36:43.0532 8844 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

09:36:43.0576 8844 BrSerWdm - ok

09:36:43.0605 8844 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

09:36:43.0648 8844 BrUsbMdm - ok

09:36:43.0651 8844 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

09:36:43.0675 8844 BrUsbSer - ok

09:36:43.0724 8844 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

09:36:43.0790 8844 BthEnum - ok

09:36:43.0805 8844 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

09:36:43.0849 8844 BTHMODEM - ok

09:36:43.0885 8844 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

09:36:43.0930 8844 BthPan - ok

09:36:43.0985 8844 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

09:36:44.0065 8844 BTHPORT - ok

09:36:44.0121 8844 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

09:36:44.0183 8844 bthserv - ok

09:36:44.0226 8844 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

09:36:44.0274 8844 BTHUSB - ok

09:36:44.0338 8844 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys

09:36:44.0362 8844 BTWAMPFL - ok

09:36:44.0418 8844 [ 7CF028CE78696882B327FF13D2DFA534 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

09:36:44.0438 8844 btwaudio - ok

09:36:44.0497 8844 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys

09:36:44.0520 8844 btwavdt - ok

09:36:44.0601 8844 [ CC9DAE7759AC2C0D19111C0D38DDD232 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

09:36:44.0627 8844 btwdins - ok

09:36:44.0643 8844 [ 9AD0FA253ED531D39FB2D74FE12A5FA9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

09:36:44.0661 8844 btwl2cap - ok

09:36:44.0712 8844 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

09:36:44.0730 8844 btwrchid - ok

09:36:44.0796 8844 [ 260A069F403DA226D18C058AD14FD3A3 ] ccEvtMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

09:36:44.0810 8844 ccEvtMgr - ok

09:36:44.0820 8844 [ 260A069F403DA226D18C058AD14FD3A3 ] ccSetMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

09:36:44.0833 8844 ccSetMgr - ok

09:36:44.0884 8844 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

09:36:44.0941 8844 cdfs - ok

09:36:44.0988 8844 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

09:36:45.0038 8844 cdrom - ok

09:36:45.0091 8844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

09:36:45.0148 8844 CertPropSvc - ok

09:36:45.0192 8844 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys

09:36:45.0213 8844 circlass - ok

09:36:45.0269 8844 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

09:36:45.0292 8844 CLFS - ok

09:36:45.0342 8844 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:36:45.0370 8844 clr_optimization_v2.0.50727_32 - ok

09:36:45.0402 8844 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:36:45.0422 8844 clr_optimization_v2.0.50727_64 - ok

09:36:45.0537 8844 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:36:45.0558 8844 clr_optimization_v4.0.30319_32 - ok

09:36:45.0585 8844 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:36:45.0600 8844 clr_optimization_v4.0.30319_64 - ok

09:36:45.0649 8844 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

09:36:45.0688 8844 CmBatt - ok

09:36:45.0725 8844 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

09:36:45.0739 8844 cmdide - ok

09:36:45.0796 8844 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

09:36:45.0820 8844 CNG - ok

09:36:45.0868 8844 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

09:36:45.0878 8844 Compbatt - ok

09:36:45.0944 8844 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

09:36:45.0991 8844 CompositeBus - ok

09:36:46.0002 8844 COMSysApp - ok

09:36:46.0041 8844 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

09:36:46.0066 8844 crcdisk - ok

09:36:46.0143 8844 [ 6E163FAAF624A03A88DFD92E607DE6E5 ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe

09:36:46.0170 8844 Credential Vault Host Control Service - ok

09:36:46.0179 8844 [ 8884B4D345DDB029F43AD2E7ADD54A30 ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe

09:36:46.0188 8844 Credential Vault Host Storage - ok

09:36:46.0246 8844 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

09:36:46.0318 8844 CryptSvc - ok

09:36:46.0366 8844 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys

09:36:46.0437 8844 CSC - ok

09:36:46.0457 8844 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll

09:36:46.0507 8844 CscService - ok

09:36:46.0556 8844 [ 8CE04A5BDD2CE6E62CE02A1C27093104 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys

09:36:46.0621 8844 CtClsFlt - ok

09:36:46.0758 8844 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

09:36:46.0789 8844 cvhsvc - ok

09:36:46.0845 8844 [ A84CAAE89B487931200B969D94018AFA ] cvusbdrv C:\Windows\system32\Drivers\cvusbdrv.sys

09:36:46.0859 8844 cvusbdrv - ok

09:36:46.0931 8844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

09:36:46.0992 8844 DcomLaunch - ok

09:36:47.0049 8844 [ 230BFB96A86AB29DA6DEB234F8985D34 ] dcpsysmgrsvc c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe

09:36:47.0072 8844 dcpsysmgrsvc - ok

09:36:47.0095 8844 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

09:36:47.0131 8844 defragsvc - ok

09:36:47.0186 8844 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

09:36:47.0245 8844 DfsC - ok

09:36:47.0334 8844 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

09:36:47.0371 8844 Dhcp - ok

09:36:47.0386 8844 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

09:36:47.0415 8844 discache - ok

09:36:47.0484 8844 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys

09:36:47.0502 8844 Disk - ok

09:36:47.0519 8844 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

09:36:47.0588 8844 Dnscache - ok

09:36:47.0637 8844 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

09:36:47.0697 8844 dot3svc - ok

09:36:47.0724 8844 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

09:36:47.0778 8844 DPS - ok

09:36:47.0830 8844 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

09:36:47.0902 8844 drmkaud - ok

09:36:47.0958 8844 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

09:36:47.0985 8844 DXGKrnl - ok

09:36:48.0042 8844 [ 60633132A929C09FE78FAB16541F9E71 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys

09:36:48.0061 8844 e1cexpress - ok

09:36:48.0119 8844 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

09:36:48.0178 8844 EapHost - ok

09:36:48.0266 8844 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

09:36:48.0342 8844 ebdrv - ok

09:36:48.0443 8844 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

09:36:48.0458 8844 eeCtrl - ok

09:36:48.0515 8844 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

09:36:48.0543 8844 EFS - ok

09:36:48.0574 8844 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

09:36:48.0678 8844 ehRecvr - ok

09:36:48.0708 8844 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

09:36:48.0792 8844 ehSched - ok

09:36:48.0845 8844 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

09:36:48.0876 8844 elxstor - ok

09:36:48.0944 8844 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

09:36:48.0959 8844 EraserUtilRebootDrv - ok

09:36:49.0005 8844 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

09:36:49.0049 8844 ErrDev - ok

09:36:49.0094 8844 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

09:36:49.0155 8844 EventSystem - ok

09:36:49.0240 8844 [ 5C08B9A2BAAEC1F33C2D50FD166DEEBB ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

09:36:49.0291 8844 EvtEng - ok

09:36:49.0307 8844 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

09:36:49.0341 8844 exfat - ok

09:36:49.0357 8844 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

09:36:49.0410 8844 fastfat - ok

09:36:49.0464 8844 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

09:36:49.0544 8844 Fax - ok

09:36:49.0587 8844 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys

09:36:49.0632 8844 fdc - ok

09:36:49.0665 8844 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

09:36:49.0696 8844 fdPHost - ok

09:36:49.0709 8844 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

09:36:49.0740 8844 FDResPub - ok

09:36:49.0798 8844 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

09:36:49.0813 8844 FileInfo - ok

09:36:49.0817 8844 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

09:36:49.0871 8844 Filetrace - ok

09:36:49.0930 8844 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

09:36:49.0977 8844 FLEXnet Licensing Service - ok

09:36:50.0022 8844 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

09:36:50.0071 8844 FLEXnet Licensing Service 64 - ok

09:36:50.0116 8844 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

09:36:50.0131 8844 flpydisk - ok

09:36:50.0181 8844 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

09:36:50.0204 8844 FltMgr - ok

09:36:50.0239 8844 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll

09:36:50.0322 8844 FontCache - ok

09:36:50.0413 8844 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:36:50.0433 8844 FontCache3.0.0.0 - ok

09:36:50.0445 8844 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

09:36:50.0460 8844 FsDepends - ok

09:36:50.0518 8844 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

09:36:50.0533 8844 Fs_Rec - ok

09:36:50.0606 8844 [ 281A153B01D414F894506026C08A6ADB ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys

09:36:50.0626 8844 FTDIBUS - ok

09:36:50.0684 8844 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

09:36:50.0703 8844 fvevol - ok

09:36:50.0758 8844 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

09:36:50.0779 8844 gagp30kx - ok

09:36:50.0844 8844 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

09:36:50.0926 8844 gpsvc - ok

09:36:51.0026 8844 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:36:51.0052 8844 gupdate - ok

09:36:51.0056 8844 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:36:51.0073 8844 gupdatem - ok

09:36:51.0139 8844 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

09:36:51.0168 8844 gusvc - ok

09:36:51.0227 8844 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

09:36:51.0256 8844 hcw85cir - ok

09:36:51.0317 8844 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

09:36:51.0360 8844 HDAudBus - ok

09:36:51.0385 8844 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

09:36:51.0427 8844 HidBatt - ok

09:36:51.0454 8844 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

09:36:51.0503 8844 HidBth - ok

09:36:51.0537 8844 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

09:36:51.0576 8844 HidIr - ok

09:36:51.0614 8844 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

09:36:51.0647 8844 hidserv - ok

09:36:51.0702 8844 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

09:36:51.0719 8844 HidUsb - ok

09:36:51.0757 8844 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

09:36:51.0829 8844 hkmsvc - ok

09:36:51.0876 8844 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

09:36:51.0903 8844 HomeGroupListener - ok

09:36:51.0943 8844 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

09:36:51.0979 8844 HomeGroupProvider - ok

09:36:52.0019 8844 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

09:36:52.0040 8844 HpSAMD - ok

09:36:52.0114 8844 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

09:36:52.0175 8844 HTTP - ok

09:36:52.0211 8844 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

09:36:52.0226 8844 hwpolicy - ok

09:36:52.0298 8844 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

09:36:52.0317 8844 i8042prt - ok

09:36:52.0347 8844 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

09:36:52.0366 8844 iaStor - ok

09:36:52.0950 8844 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

09:36:52.0966 8844 IAStorDataMgrSvc - ok

09:36:53.0016 8844 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

09:36:53.0039 8844 iaStorV - ok

09:36:53.0100 8844 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:36:53.0146 8844 idsvc - ok

09:36:53.0352 8844 [ 8CB8667F5A3B5515F2585F3254F3AAF7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

09:36:53.0580 8844 igfx - ok

09:36:53.0612 8844 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

09:36:53.0629 8844 iirsp - ok

09:36:53.0698 8844 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

09:36:53.0740 8844 IKEEXT - ok

09:36:53.0877 8844 [ 54513301C76D3C0220B74C7D6E7B4B0A ] impi_smpd C:\Program Files\IntelMPI\x64\smpd-intel-4.0.3.009-x64.exe

09:36:53.0927 8844 impi_smpd - ok

09:36:53.0946 8844 [ 28D387EEFAD7CC3A0BEB9C3262E83ADD ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe

09:36:53.0970 8844 Intel® PROSet Monitoring Service - ok

09:36:54.0015 8844 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

09:36:54.0029 8844 intelide - ok

09:36:54.0045 8844 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

09:36:54.0077 8844 intelppm - ok

09:36:54.0118 8844 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

09:36:54.0150 8844 IPBusEnum - ok

09:36:54.0189 8844 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:36:54.0243 8844 IpFilterDriver - ok

09:36:54.0304 8844 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

09:36:54.0339 8844 iphlpsvc - ok

09:36:54.0380 8844 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

09:36:54.0431 8844 IPMIDRV - ok

09:36:54.0463 8844 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

09:36:54.0520 8844 IPNAT - ok

09:36:54.0556 8844 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

09:36:54.0575 8844 IRENUM - ok

09:36:54.0639 8844 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

09:36:54.0656 8844 isapnp - ok

09:36:54.0697 8844 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

09:36:54.0719 8844 iScsiPrt - ok

09:36:54.0823 8844 [ 3B794CA0DE73790420DEBA3C759F1502 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

09:36:54.0855 8844 jhi_service - ok

09:36:54.0903 8844 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys

09:36:54.0917 8844 kbdclass - ok

09:36:54.0959 8844 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys

09:36:54.0999 8844 kbdhid - ok

09:36:55.0028 8844 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

09:36:55.0043 8844 KeyIso - ok

09:36:55.0055 8844 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

09:36:55.0066 8844 KSecDD - ok

09:36:55.0080 8844 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

09:36:55.0092 8844 KSecPkg - ok

09:36:55.0101 8844 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

09:36:55.0154 8844 ksthunk - ok

09:36:55.0190 8844 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

09:36:55.0259 8844 KtmRm - ok

09:36:55.0313 8844 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

09:36:55.0370 8844 LanmanServer - ok

09:36:55.0406 8844 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

09:36:55.0460 8844 LanmanWorkstation - ok

09:36:55.0533 8844 [ 36375738DC0B3CD1F764268008E74FDF ] LiveUpdate C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE

09:36:55.0580 8844 LiveUpdate - ok

09:36:55.0630 8844 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

09:36:55.0678 8844 lltdio - ok

09:36:55.0719 8844 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

09:36:55.0783 8844 lltdsvc - ok

09:36:55.0819 8844 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

09:36:55.0846 8844 lmhosts - ok

09:36:55.0950 8844 [ DB083F1D27BA8A59CABB00F0A0FB6F84 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

09:36:55.0974 8844 LMS - ok

09:36:56.0024 8844 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

09:36:56.0045 8844 LSI_FC - ok

09:36:56.0057 8844 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

09:36:56.0075 8844 LSI_SAS - ok

09:36:56.0084 8844 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:36:56.0100 8844 LSI_SAS2 - ok

09:36:56.0107 8844 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:36:56.0125 8844 LSI_SCSI - ok

09:36:56.0133 8844 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

09:36:56.0192 8844 luafv - ok

09:36:56.0256 8844 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

09:36:56.0269 8844 MBAMProtector - ok

09:36:56.0357 8844 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

09:36:56.0389 8844 MBAMService - ok

09:36:56.0434 8844 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

09:36:56.0454 8844 Mcx2Svc - ok

09:36:56.0572 8844 MDXComManagerR1000 - ok

09:36:56.0685 8844 MDXComManagerR11 - ok

09:36:56.0773 8844 [ AFA5A02F612DF40F48307ECFAA2BC019 ] MDXParallelServiceR10SP2 C:\Program Files\MPICH2\R10SP2\x64\MDXParallelServiceR10SP2.exe

09:36:56.0823 8844 MDXParallelServiceR10SP2 ( UnsignedFile.Multi.Generic ) - warning

09:36:56.0823 8844 MDXParallelServiceR10SP2 - detected UnsignedFile.Multi.Generic (1)

09:36:56.0877 8844 [ 338D4C7870EE189A6BBB96202DDA14AF ] MDXParallelServiceR11 C:\Program Files\IntelMPI\x64\MDXParallelServiceR11.exe

09:36:56.0921 8844 MDXParallelServiceR11 ( UnsignedFile.Multi.Generic ) - warning

09:36:56.0921 8844 MDXParallelServiceR11 - detected UnsignedFile.Multi.Generic (1)

09:36:56.0950 8844 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

09:36:56.0964 8844 megasas - ok

09:36:56.0979 8844 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

09:36:57.0000 8844 MegaSR - ok

09:36:57.0055 8844 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

09:36:57.0070 8844 MEIx64 - ok

09:36:57.0149 8844 Microsoft SharePoint Workspace Audit Service - ok

09:36:57.0166 8844 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

09:36:57.0224 8844 MMCSS - ok

09:36:57.0227 8844 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

09:36:57.0261 8844 Modem - ok

09:36:57.0360 8844 [ 42FD754C9ED621CD010AFBD8E767FFE4 ] Moldex3D-LM Service C:\Moldex3D\Moldex3DLMSR\MDX3DLMService.exe

09:36:57.0411 8844 Moldex3D-LM Service ( UnsignedFile.Multi.Generic ) - warning

09:36:57.0411 8844 Moldex3D-LM Service - detected UnsignedFile.Multi.Generic (1)

09:36:57.0444 8844 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

09:36:57.0486 8844 monitor - ok

09:36:57.0529 8844 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

09:36:57.0542 8844 mouclass - ok

09:36:57.0599 8844 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

09:36:57.0639 8844 mouhid - ok

09:36:57.0673 8844 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

09:36:57.0689 8844 mountmgr - ok

09:36:57.0771 8844 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

09:36:57.0824 8844 MozillaMaintenance - ok

09:36:57.0901 8844 [ 8A410F87B43D1A84768CD12A3E05C96D ] mpich2_smpd_MdxR10 C:\Program Files\MPICH2\R10SP2\x64\smpd-1.2.1-x64.exe

09:36:57.0941 8844 mpich2_smpd_MdxR10 ( UnsignedFile.Multi.Generic ) - warning

09:36:57.0941 8844 mpich2_smpd_MdxR10 - detected UnsignedFile.Multi.Generic (1)

09:36:57.0966 8844 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

09:36:57.0988 8844 mpio - ok

09:36:58.0004 8844 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

09:36:58.0052 8844 mpsdrv - ok

09:36:58.0101 8844 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

09:36:58.0181 8844 MpsSvc - ok

09:36:58.0210 8844 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

09:36:58.0251 8844 MRxDAV - ok

09:36:58.0286 8844 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

09:36:58.0355 8844 mrxsmb - ok

09:36:58.0400 8844 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:36:58.0417 8844 mrxsmb10 - ok

09:36:58.0436 8844 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:36:58.0470 8844 mrxsmb20 - ok

09:36:58.0504 8844 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

09:36:58.0521 8844 msahci - ok

09:36:58.0568 8844 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

09:36:58.0593 8844 msdsm - ok

09:36:58.0602 8844 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

09:36:58.0620 8844 MSDTC - ok

09:36:58.0672 8844 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

09:36:58.0705 8844 Msfs - ok

09:36:58.0750 8844 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

09:36:58.0809 8844 mshidkmdf - ok

09:36:58.0831 8844 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

09:36:58.0843 8844 msisadrv - ok

09:36:58.0866 8844 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

09:36:58.0921 8844 MSiSCSI - ok

09:36:58.0923 8844 msiserver - ok

09:36:58.0958 8844 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

09:36:58.0989 8844 MSKSSRV - ok

09:36:59.0028 8844 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

09:36:59.0084 8844 MSPCLOCK - ok

09:36:59.0102 8844 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

09:36:59.0130 8844 MSPQM - ok

09:36:59.0171 8844 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

09:36:59.0192 8844 MsRPC - ok

09:36:59.0243 8844 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

09:36:59.0255 8844 mssmbios - ok

09:36:59.0258 8844 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

09:36:59.0287 8844 MSTEE - ok

09:36:59.0299 8844 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

09:36:59.0340 8844 MTConfig - ok

09:36:59.0381 8844 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

09:36:59.0396 8844 Mup - ok

09:36:59.0443 8844 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

09:36:59.0499 8844 napagent - ok

09:36:59.0555 8844 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

09:36:59.0576 8844 NativeWifiP - ok

09:36:59.0668 8844 [ 149A9AD81BB327E892FA1ACB77722442 ] NAVENG C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120823.004\ENG64.SYS

09:36:59.0684 8844 NAVENG - ok

09:36:59.0739 8844 [ 4AF8750E71B549FEC5F6D1D01398CA69 ] NAVEX15 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120823.004\EX64.SYS

09:36:59.0770 8844 NAVEX15 - ok

09:36:59.0811 8844 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys

09:36:59.0846 8844 NDIS - ok

09:36:59.0905 8844 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

09:36:59.0958 8844 NdisCap - ok

09:36:59.0992 8844 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

09:37:00.0047 8844 NdisTapi - ok

09:37:00.0085 8844 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

09:37:00.0115 8844 Ndisuio - ok

09:37:00.0164 8844 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

09:37:00.0221 8844 NdisWan - ok

09:37:00.0259 8844 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

09:37:00.0315 8844 NDProxy - ok

09:37:00.0365 8844 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

09:37:00.0392 8844 NetBIOS - ok

09:37:00.0436 8844 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

09:37:00.0492 8844 NetBT - ok

09:37:00.0496 8844 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

09:37:00.0509 8844 Netlogon - ok

09:37:00.0551 8844 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

09:37:00.0611 8844 Netman - ok

09:37:00.0645 8844 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

09:37:00.0718 8844 netprofm - ok

09:37:00.0752 8844 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:37:00.0772 8844 NetTcpPortSharing - ok

09:37:00.0946 8844 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys

09:37:01.0156 8844 NETwNs64 - ok

09:37:01.0208 8844 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

09:37:01.0229 8844 nfrd960 - ok

09:37:01.0287 8844 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

09:37:01.0347 8844 NlaSvc - ok

09:37:01.0370 8844 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

09:37:01.0397 8844 Npfs - ok

09:37:01.0418 8844 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

09:37:01.0445 8844 nsi - ok

09:37:01.0454 8844 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

09:37:01.0480 8844 nsiproxy - ok

09:37:01.0556 8844 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

09:37:01.0603 8844 Ntfs - ok

09:37:01.0657 8844 [ 88EBCF7A02955D1808D906137751EB1E ] NtrigDigitizerUSBLowerFilter C:\Windows\system32\DRIVERS\NtrigDigitizerUSBLowerFilter.sys

09:37:01.0669 8844 NtrigDigitizerUSBLowerFilter - ok

09:37:01.0687 8844 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

09:37:01.0736 8844 Null - ok

09:37:01.0783 8844 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

09:37:01.0809 8844 nusb3hub - ok

09:37:01.0856 8844 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys

09:37:01.0881 8844 nusb3xhc - ok

09:37:01.0932 8844 [ F12E3EA0386EBC284C893611107C6A96 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys

09:37:01.0954 8844 NVHDA - ok

09:37:02.0192 8844 [ 0C24C7403DBBAD616FEFA479C3D66DD2 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

09:37:02.0388 8844 nvlddmkm - ok

09:37:02.0400 8844 [ D607B05EBB6D65A22AAB9014DAFA06E4 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys

09:37:02.0409 8844 nvpciflt - ok

09:37:02.0468 8844 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

09:37:02.0493 8844 nvraid - ok

09:37:02.0501 8844 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

09:37:02.0520 8844 nvstor - ok

09:37:02.0542 8844 [ CEA337A460199E88A9469EE6CEA6E662 ] NVSvc C:\Windows\system32\nvvsvc.exe

09:37:02.0578 8844 NVSvc - ok

09:37:02.0669 8844 [ 2414291E43E300B9ACADDA7668488A0B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

09:37:02.0725 8844 nvUpdatusService - ok

09:37:02.0777 8844 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

09:37:02.0797 8844 nv_agp - ok

09:37:02.0816 8844 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe

09:37:02.0834 8844 O2FLASH - ok

09:37:02.0841 8844 [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR C:\Windows\system32\DRIVERS\O2MDFw7x64.sys

09:37:02.0856 8844 O2MDFRDR - ok

09:37:02.0866 8844 [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR C:\Windows\system32\DRIVERS\O2MDRw7x64.sys

09:37:02.0876 8844 O2MDRRDR - ok

09:37:02.0882 8844 [ 61B2ACA7F48738AFC883C05FA136A468 ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjw7x64.sys

09:37:02.0891 8844 O2SDJRDR - ok

09:37:02.0933 8844 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

09:37:03.0453 8844 ohci1394 - ok

09:37:03.0553 8844 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:37:03.0606 8844 ose - ok

09:37:03.0713 8844 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:37:03.0841 8844 osppsvc - ok

09:37:03.0869 8844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

09:37:03.0942 8844 p2pimsvc - ok

09:37:03.0959 8844 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

09:37:03.0980 8844 p2psvc - ok

09:37:04.0071 8844 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

09:37:04.0092 8844 Parport - ok

09:37:04.0132 8844 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

09:37:04.0150 8844 partmgr - ok

09:37:04.0203 8844 [ 363B3F857ABEE85767E01E3044C539CD ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys

09:37:04.0214 8844 PBADRV - ok

09:37:04.0226 8844 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

09:37:04.0262 8844 PcaSvc - ok

09:37:04.0299 8844 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

09:37:04.0318 8844 pci - ok

09:37:04.0373 8844 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

09:37:04.0390 8844 pciide - ok

09:37:04.0406 8844 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

09:37:04.0426 8844 pcmcia - ok

09:37:04.0432 8844 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

09:37:04.0443 8844 pcw - ok

09:37:04.0462 8844 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

09:37:04.0498 8844 PEAUTH - ok

09:37:04.0578 8844 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

09:37:04.0664 8844 PeerDistSvc - ok

09:37:04.0759 8844 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

09:37:04.0805 8844 PerfHost - ok

09:37:04.0857 8844 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

09:37:04.0917 8844 pla - ok

09:37:04.0974 8844 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

09:37:05.0008 8844 PlugPlay - ok

09:37:05.0026 8844 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

09:37:05.0069 8844 PNRPAutoReg - ok

09:37:05.0096 8844 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

09:37:05.0113 8844 PNRPsvc - ok

09:37:05.0162 8844 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

09:37:05.0218 8844 PolicyAgent - ok

09:37:05.0257 8844 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

09:37:05.0307 8844 Power - ok

09:37:05.0354 8844 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

09:37:05.0406 8844 PptpMiniport - ok

09:37:05.0433 8844 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

09:37:05.0474 8844 Processor - ok

09:37:05.0514 8844 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

09:37:05.0582 8844 ProfSvc - ok

09:37:05.0594 8844 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

09:37:05.0605 8844 ProtectedStorage - ok

09:37:05.0666 8844 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

09:37:05.0720 8844 Psched - ok

09:37:05.0764 8844 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

09:37:05.0776 8844 PxHlpa64 - ok

09:37:05.0851 8844 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

09:37:05.0900 8844 ql2300 - ok

09:37:05.0910 8844 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

09:37:05.0927 8844 ql40xx - ok

09:37:05.0948 8844 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

09:37:05.0969 8844 QWAVE - ok

09:37:05.0979 8844 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

09:37:06.0025 8844 QWAVEdrv - ok

09:37:06.0046 8844 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

09:37:06.0103 8844 RasAcd - ok

09:37:06.0149 8844 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

09:37:06.0180 8844 RasAgileVpn - ok

09:37:06.0190 8844 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

09:37:06.0243 8844 RasAuto - ok

09:37:06.0274 8844 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

09:37:06.0304 8844 Rasl2tp - ok

09:37:06.0360 8844 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

09:37:06.0400 8844 RasMan - ok

09:37:06.0412 8844 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

09:37:06.0440 8844 RasPppoe - ok

09:37:06.0446 8844 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

09:37:06.0505 8844 RasSstp - ok

09:37:06.0538 8844 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

09:37:06.0577 8844 rdbss - ok

09:37:06.0584 8844 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

09:37:06.0622 8844 rdpbus - ok

09:37:06.0659 8844 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

09:37:06.0689 8844 RDPCDD - ok

09:37:06.0734 8844 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

09:37:06.0773 8844 RDPDR - ok

09:37:06.0785 8844 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

09:37:06.0810 8844 RDPENCDD - ok

09:37:06.0814 8844 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

09:37:06.0840 8844 RDPREFMP - ok

09:37:06.0865 8844 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

09:37:06.0939 8844 RDPWD - ok

09:37:07.0008 8844 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

09:37:07.0024 8844 rdyboost - ok

09:37:07.0103 8844 [ F90CC59135F2945A6EBB1670A7BBD8B3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

09:37:07.0124 8844 RegSrvc - ok

09:37:07.0142 8844 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

09:37:07.0202 8844 RemoteAccess - ok

09:37:07.0233 8844 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

09:37:07.0268 8844 RemoteRegistry - ok

09:37:07.0325 8844 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

09:37:07.0372 8844 RFCOMM - ok

09:37:07.0475 8844 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe

09:37:07.0524 8844 RoxMediaDB12OEM - ok

09:37:07.0546 8844 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe

09:37:07.0566 8844 RoxWatch12 - ok

09:37:07.0587 8844 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

09:37:07.0640 8844 RpcEptMapper - ok

09:37:07.0669 8844 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

09:37:07.0706 8844 RpcLocator - ok

09:37:07.0749 8844 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

09:37:07.0780 8844 RpcSs - ok

09:37:07.0838 8844 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

09:37:07.0874 8844 rspndr - ok

09:37:07.0915 8844 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

09:37:07.0943 8844 s3cap - ok

09:37:07.0950 8844 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

09:37:07.0962 8844 SamSs - ok

09:37:07.0969 8844 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

09:37:07.0986 8844 sbp2port - ok

09:37:08.0008 8844 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

09:37:08.0041 8844 SCardSvr - ok

09:37:08.0088 8844 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

09:37:08.0142 8844 scfilter - ok

09:37:08.0181 8844 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

09:37:08.0264 8844 Schedule - ok

09:37:08.0299 8844 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

09:37:08.0326 8844 SCPolicySvc - ok

09:37:08.0338 8844 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

09:37:08.0362 8844 SDRSVC - ok

09:37:08.0413 8844 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

09:37:08.0476 8844 secdrv - ok

09:37:08.0507 8844 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

09:37:08.0542 8844 seclogon - ok

09:37:08.0623 8844 [ F3D951071C624137430FE65A67541EF9 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe

09:37:08.0734 8844 SecureStorageService ( UnsignedFile.Multi.Generic ) - warning

09:37:08.0734 8844 SecureStorageService - detected UnsignedFile.Multi.Generic (1)

09:37:08.0759 8844 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

09:37:08.0820 8844 SENS - ok

09:37:08.0844 8844 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

09:37:08.0907 8844 SensrSvc - ok

09:37:08.0975 8844 [ 255476B54C82A89416EFDF09FD62F107 ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys

09:37:08.0989 8844 Sentinel64 - ok

09:37:09.0025 8844 [ 1BA2C677C6146A8B3ADEA7B69D2EED56 ] SentinelKeysServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe

09:37:09.0046 8844 SentinelKeysServer - ok

09:37:09.0118 8844 [ D1A2BA8BF092DDF18F3D3DB1D5AC7803 ] SentinelProtectionServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

09:37:09.0149 8844 SentinelProtectionServer - ok

09:37:09.0163 8844 [ E80B91AEC007711B1EEC9C83487754E2 ] SentinelSecurityRuntime C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe

09:37:09.0178 8844 SentinelSecurityRuntime - ok

09:37:09.0226 8844 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

09:37:09.0265 8844 Serenum - ok

09:37:09.0305 8844 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

09:37:09.0324 8844 Serial - ok

09:37:09.0389 8844 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

09:37:09.0430 8844 sermouse - ok

09:37:09.0469 8844 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

09:37:09.0534 8844 SessionEnv - ok

09:37:09.0606 8844 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

09:37:09.0668 8844 sffdisk - ok

09:37:09.0672 8844 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

09:37:09.0715 8844 sffp_mmc - ok

09:37:09.0718 8844 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

09:37:09.0744 8844 sffp_sd - ok

09:37:09.0784 8844 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

09:37:09.0801 8844 sfloppy - ok

09:37:09.0865 8844 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

09:37:09.0883 8844 Sftfs - ok

09:37:09.0985 8844 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

09:37:10.0015 8844 sftlist - ok

09:37:10.0030 8844 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

09:37:10.0042 8844 Sftplay - ok

09:37:10.0048 8844 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

09:37:10.0057 8844 Sftredir - ok

09:37:10.0068 8844 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

09:37:10.0079 8844 Sftvol - ok

09:37:10.0095 8844 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

09:37:10.0121 8844 sftvsa - ok

09:37:10.0173 8844 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

09:37:10.0242 8844 SharedAccess - ok

09:37:10.0306 8844 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

09:37:10.0366 8844 ShellHWDetection - ok

09:37:10.0408 8844 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:37:10.0429 8844 SiSRaid2 - ok

09:37:10.0436 8844 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

09:37:10.0453 8844 SiSRaid4 - ok

09:37:10.0522 8844 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

09:37:10.0611 8844 SkypeUpdate - ok

09:37:10.0653 8844 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

09:37:10.0719 8844 Smb - ok

09:37:10.0813 8844 [ 26EB194D1FB2870E0453A99B84889F8D ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

09:37:10.0925 8844 SmcService - ok

09:37:10.0981 8844 [ C2E9B4E50CF3A15255B45A7C7A0A881E ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE

09:37:11.0008 8844 SNAC - ok

09:37:11.0060 8844 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

09:37:11.0101 8844 SNMPTRAP - ok

09:37:11.0159 8844 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe

09:37:11.0196 8844 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - warning

09:37:11.0196 8844 Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic (1)

09:37:11.0222 8844 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

09:37:11.0233 8844 spldr - ok

09:37:11.0260 8844 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

09:37:11.0330 8844 Spooler - ok

09:37:11.0418 8844 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

09:37:11.0490 8844 sppsvc - ok

09:37:11.0512 8844 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

09:37:11.0547 8844 sppuinotify - ok

09:37:11.0609 8844 [ B531FC8918DCDAAE638511A123C3465E ] SRTSP C:\Windows\system32\Drivers\SRTSP64.SYS

09:37:11.0632 8844 SRTSP - ok

09:37:11.0648 8844 [ 2BD3A73D0601320B72486FC3EBC2544F ] SRTSPL C:\Windows\system32\Drivers\SRTSPL64.SYS

09:37:11.0679 8844 SRTSPL - ok

09:37:11.0688 8844 [ 529B337C1AEEB289F0B502EB0EE6A8F5 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX64.SYS

09:37:11.0702 8844 SRTSPX - ok

09:37:11.0726 8844 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

09:37:11.0802 8844 srv - ok

09:37:11.0826 8844 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

09:37:11.0862 8844 srv2 - ok

09:37:11.0900 8844 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

09:37:11.0945 8844 srvnet - ok

09:37:11.0983 8844 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

09:37:12.0018 8844 SSDPSRV - ok

09:37:12.0030 8844 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

09:37:12.0059 8844 SstpSvc - ok

09:37:12.0158 8844 [ 46B72C1C296C1E985D031D98F0FFA5E5 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe

09:37:12.0178 8844 STacSV - ok

09:37:12.0223 8844 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys

09:37:12.0233 8844 stdcfltn - ok

09:37:12.0302 8844 [ D914873C89A3DD4FFF110C23BA872C59 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

09:37:12.0343 8844 Stereo Service - ok

09:37:12.0364 8844 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

09:37:12.0379 8844 stexstor - ok

09:37:12.0401 8844 [ 501B376781EB6E46AAE43946E3DD7D84 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys

09:37:12.0447 8844 STHDA - ok

09:37:12.0488 8844 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

09:37:12.0528 8844 StillCam - ok

09:37:12.0575 8844 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

09:37:12.0627 8844 stisvc - ok

09:37:12.0675 8844 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe

09:37:12.0697 8844 stllssvr - ok

09:37:12.0737 8844 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

09:37:12.0751 8844 storflt - ok

09:37:12.0764 8844 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll

09:37:12.0833 8844 StorSvc - ok

09:37:12.0847 8844 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

09:37:12.0862 8844 storvsc - ok

09:37:12.0912 8844 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

09:37:12.0930 8844 swenum - ok

09:37:12.0959 8844 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

09:37:13.0022 8844 swprv - ok

09:37:13.0077 8844 [ F3A4EAD0B3946E439F0397F7A4D09952 ] Symantec AntiVirus C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

09:37:13.0114 8844 Symantec AntiVirus - ok

09:37:13.0175 8844 [ 7E4D281982E19ABD06728C7EE9AC40A8 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

09:37:13.0193 8844 SymEvent - ok

09:37:13.0965 8844 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

09:37:14.0060 8844 SysMain - ok

09:37:14.0105 8844 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

09:37:14.0126 8844 TabletInputService - ok

09:37:14.0172 8844 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

09:37:14.0234 8844 TapiSrv - ok

09:37:14.0265 8844 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

09:37:14.0297 8844 TBS - ok

09:37:14.0359 8844 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

09:37:14.0428 8844 Tcpip - ok

09:37:14.0499 8844 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

09:37:14.0530 8844 TCPIP6 - ok

09:37:14.0590 8844 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

09:37:14.0649 8844 tcpipreg - ok

09:37:14.0713 8844 [ E42D560E2163480E7B586B14ABEB3386 ] tcsd_win32.exe C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe

09:37:14.0798 8844 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning

09:37:14.0798 8844 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1)

09:37:14.0881 8844 [ 347D6407C90C0B6AC82F8249EBA9A482 ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe

09:37:14.0970 8844 TdmService - ok

09:37:14.0989 8844 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

09:37:15.0024 8844 TDPIPE - ok

09:37:15.0070 8844 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

09:37:15.0112 8844 TDTCP - ok

09:37:15.0158 8844 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

09:37:15.0191 8844 tdx - ok

09:37:15.0333 8844 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

09:37:15.0383 8844 TeamViewer7 - ok

09:37:15.0442 8844 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

09:37:15.0456 8844 TermDD - ok

09:37:15.0511 8844 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

09:37:15.0570 8844 TermService - ok

09:37:15.0588 8844 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

09:37:15.0630 8844 Themes - ok

09:37:15.0670 8844 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

09:37:15.0704 8844 THREADORDER - ok

09:37:15.0717 8844 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

09:37:15.0777 8844 TrkWks - ok

09:37:15.0855 8844 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

09:37:15.0910 8844 TrustedInstaller - ok

09:37:15.0947 8844 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

09:37:16.0003 8844 tssecsrv - ok

09:37:16.0066 8844 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

09:37:16.0135 8844 TsUsbFlt - ok

09:37:16.0200 8844 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

09:37:16.0259 8844 tunnel - ok

09:37:16.0288 8844 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

09:37:16.0309 8844 uagp35 - ok

09:37:16.0362 8844 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

09:37:16.0402 8844 udfs - ok

09:37:16.0416 8844 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

09:37:16.0432 8844 UI0Detect - ok

09:37:16.0481 8844 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

09:37:16.0504 8844 uliagpkx - ok

09:37:16.0559 8844 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

09:37:16.0590 8844 umbus - ok

09:37:16.0621 8844 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

09:37:16.0664 8844 UmPass - ok

09:37:16.0699 8844 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll

09:37:16.0742 8844 UmRdpService - ok

09:37:16.0848 8844 [ 07AE0C9F64C4D83ABAA816EE23548D6D ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

09:37:16.0889 8844 UNS - ok

09:37:16.0907 8844 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

09:37:16.0968 8844 upnphost - ok

09:37:17.0012 8844 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

09:37:17.0053 8844 usbccgp - ok

09:37:17.0102 8844 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

09:37:17.0124 8844 usbcir - ok

09:37:17.0131 8844 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

09:37:17.0167 8844 usbehci - ok

09:37:17.0207 8844 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

09:37:17.0227 8844 usbhub - ok

09:37:17.0241 8844 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

09:37:17.0279 8844 usbohci - ok

09:37:17.0311 8844 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

09:37:17.0355 8844 usbprint - ok

09:37:17.0379 8844 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:37:17.0447 8844 USBSTOR - ok

09:37:17.0462 8844 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

09:37:17.0506 8844 usbuhci - ok

09:37:17.0561 8844 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

09:37:17.0584 8844 usbvideo - ok

09:37:17.0609 8844 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

09:37:17.0661 8844 UxSms - ok

09:37:17.0684 8844 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

09:37:17.0701 8844 VaultSvc - ok

09:37:17.0744 8844 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

09:37:17.0758 8844 vdrvroot - ok

09:37:17.0814 8844 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

09:37:17.0856 8844 vds - ok

09:37:17.0906 8844 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

09:37:17.0927 8844 vga - ok

09:37:17.0937 8844 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

09:37:17.0987 8844 VgaSave - ok

09:37:18.0024 8844 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

09:37:18.0046 8844 vhdmp - ok

09:37:18.0096 8844 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

09:37:18.0112 8844 viaide - ok

09:37:18.0155 8844 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys

09:37:18.0170 8844 vmbus - ok

09:37:18.0179 8844 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

09:37:18.0223 8844 VMBusHID - ok

09:37:18.0254 8844 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

09:37:18.0270 8844 volmgr - ok

09:37:18.0316 8844 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

09:37:18.0335 8844 volmgrx - ok

09:37:18.0384 8844 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

09:37:18.0406 8844 volsnap - ok

09:37:18.0461 8844 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys

09:37:18.0477 8844 vpcbus - ok

09:37:18.0524 8844 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys

09:37:18.0538 8844 vpcnfltr - ok

09:37:18.0548 8844 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys

09:37:18.0587 8844 vpcusb - ok

09:37:18.0635 8844 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys

09:37:18.0649 8844 vpcvmm - ok

09:37:18.0707 8844 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

09:37:18.0730 8844 vsmraid - ok

09:37:18.0772 8844 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

09:37:18.0848 8844 VSS - ok

09:37:18.0859 8844 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

09:37:18.0895 8844 vwifibus - ok

09:37:18.0930 8844 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

09:37:18.0976 8844 vwififlt - ok

09:37:19.0016 8844 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

09:37:19.0063 8844 vwifimp - ok

09:37:19.0100 8844 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

09:37:19.0142 8844 W32Time - ok

09:37:19.0156 8844 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

09:37:19.0175 8844 WacomPen - ok

09:37:19.0239 8844 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

09:37:19.0303 8844 WANARP - ok

09:37:19.0347 8844 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

09:37:19.0380 8844 Wanarpv6 - ok

09:37:19.0441 8844 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

09:37:19.0496 8844 WatAdminSvc - ok

09:37:19.0567 8844 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

09:37:19.0660 8844 wbengine - ok

09:37:19.0686 8844 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

09:37:19.0710 8844 WbioSrvc - ok

09:37:19.0756 8844 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

09:37:19.0803 8844 wcncsvc - ok

09:37:19.0829 8844 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

09:37:19.0864 8844 WcsPlugInService - ok

09:37:19.0884 8844 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

09:37:19.0899 8844 Wd - ok

09:37:19.0955 8844 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys

09:37:19.0979 8844 WDC_SAM - ok

09:37:20.0000 8844 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

09:37:20.0021 8844 Wdf01000 - ok

09:37:20.0039 8844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

09:37:20.0242 8844 WdiServiceHost - ok

09:37:20.0244 8844 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

09:37:20.0261 8844 WdiSystemHost - ok

09:37:20.0310 8844 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

09:37:20.0375 8844 WebClient - ok

09:37:20.0401 8844 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

09:37:20.0463 8844 Wecsvc - ok

09:37:20.0491 8844 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

09:37:20.0549 8844 wercplsupport - ok

09:37:20.0593 8844 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

09:37:20.0629 8844 WerSvc - ok

09:37:20.0702 8844 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

09:37:20.0731 8844 WfpLwf - ok

09:37:20.0739 8844 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

09:37:20.0755 8844 WIMMount - ok

09:37:20.0766 8844 WinDefend - ok

09:37:20.0769 8844 WinHttpAutoProxySvc - ok

09:37:20.0811 8844 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

09:37:20.0866 8844 Winmgmt - ok

09:37:20.0935 8844 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

09:37:21.0010 8844 WinRM - ok

09:37:21.0081 8844 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUsb.sys

09:37:21.0097 8844 WinUSB - ok

09:37:21.0131 8844 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

09:37:21.0182 8844 Wlansvc - ok

09:37:21.0241 8844 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:37:21.0260 8844 wlcrasvc - ok

09:37:21.0331 8844 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:37:21.0396 8844 wlidsvc - ok

09:37:21.0453 8844 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

09:37:21.0468 8844 WmiAcpi - ok

09:37:21.0489 8844 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

09:37:21.0543 8844 wmiApSrv - ok

09:37:21.0575 8844 WMPNetworkSvc - ok

09:37:21.0640 8844 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

09:37:21.0669 8844 WPCSvc - ok

09:37:21.0716 8844 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

09:37:21.0740 8844 WPDBusEnum - ok

09:37:21.0761 8844 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

09:37:21.0817 8844 ws2ifsl - ok

09:37:21.0846 8844 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

09:37:21.0888 8844 wscsvc - ok

09:37:21.0940 8844 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

09:37:21.0981 8844 WSDPrintDevice - ok

09:37:21.0983 8844 WSearch - ok

09:37:22.0051 8844 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

09:37:22.0120 8844 wuauserv - ok

09:37:22.0161 8844 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

09:37:22.0191 8844 WudfPf - ok

09:37:22.0207 8844 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

09:37:22.0235 8844 WUDFRd - ok

09:37:22.0280 8844 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

09:37:22.0306 8844 wudfsvc - ok

09:37:22.0330 8844 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

09:37:22.0351 8844 WwanSvc - ok

09:37:22.0403 8844 [ 21B9155492D21782A023C1768D624FD6 ] ZooService C:\PROGRA~2\ZOO4~1.0\ZOOSER~1.EXE

09:37:22.0419 8844 ZooService ( UnsignedFile.Multi.Generic ) - warning

09:37:22.0419 8844 ZooService - detected UnsignedFile.Multi.Generic (1)

09:37:22.0443 8844 ================ Scan global ===============================

09:37:22.0473 8844 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

09:37:22.0514 8844 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

09:37:22.0523 8844 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

09:37:22.0530 8844 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

09:37:22.0539 8844 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

09:37:22.0543 8844 [Global] - ok

09:37:22.0544 8844 ================ Scan MBR ==================================

09:37:22.0550 8844 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

09:37:22.0835 8844 \Device\Harddisk0\DR0 - ok

09:37:22.0836 8844 ================ Scan VBR ==================================

09:37:22.0839 8844 [ FD25CA69F425815D4C99318E5F78D8BB ] \Device\Harddisk0\DR0\Partition1

09:37:22.0841 8844 \Device\Harddisk0\DR0\Partition1 - ok

09:37:22.0868 8844 [ 04E40B7754B3875E0EFE40ED1AFF951F ] \Device\Harddisk0\DR0\Partition2

09:37:22.0871 8844 \Device\Harddisk0\DR0\Partition2 - ok

09:37:22.0871 8844 ============================================================

09:37:22.0871 8844 Scan finished

09:37:22.0871 8844 ============================================================

09:37:22.0877 7024 Detected object count: 8

09:37:22.0877 7024 Actual detected object count: 8

09:38:33.0888 7024 MDXParallelServiceR10SP2 ( UnsignedFile.Multi.Generic ) - skipped by user

09:38:33.0888 7024 MDXParallelServiceR10SP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:38:33.0888 7024 MDXParallelServiceR11 ( UnsignedFile.Multi.Generic ) - skipped by user

09:38:33.0888 7024 MDXParallelServiceR11 ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:38:33.0889 7024 Moldex3D-LM Service ( UnsignedFile.Multi.Generic ) - skipped by user

09:38:33.0889 7024 Moldex3D-LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:38:33.0890 7024 mpich2_smpd_MdxR10 ( UnsignedFile.Multi.Generic ) - skipped by user

09:38:33.0890 7024 mpich2_smpd_MdxR10 ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:38:33.0891 7024 SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user

09:38:33.0891 7024 SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:38:33.0892 7024 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - skipped by user

09:38:33.0892 7024 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:38:33.0892 7024 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user

09:38:33.0892 7024 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:38:33.0893 7024 ZooService ( UnsignedFile.Multi.Generic ) - skipped by user

09:38:33.0893 7024 ZooService ( UnsignedFile.Multi.Generic ) - User select action: Ski

[aliB]

are you still getting redirected ?